Return to Transcripts main page
Live From...
Worm Warfare
Aired January 27, 2003 - 13:35 ET
THIS IS A RUSH TRANSCRIPT. THIS COPY MAY NOT BE IN ITS FINAL FORM AND MAY BE UPDATED.
THIS IS A RUSH TRANSCRIPT. THIS COPY MAY NOT BE IN ITS FINAL FORM AND MAY BE UPDATED.
KYRA PHILLIPS, CNN ANCHOR: Attack of the worm. Some limited problems today, but not like Saturday, when a worm crippled tens of thousands of computers around the world and brought the Internet to a crawl.
Joining us now Chris Rouland of Internet Security Systems.
Chris, what happened? What went wrong?
CHRIS ROULAND, INTERNET SECURITY SYSTEMS: Well, Saturday night, about midnight EST, we saw a massive attack against the Internet take place. It began around 12:00. By 12:30 in the morning we saw millions of attacks an hour, accelerating up to billions an hour. At one, if you plugged a computer into the Internet that was vulnerable, within three minutes it would actually be infected with this worm.
PHILLIPS: So is it too farfetched to say, could terrorism be a factor here?
ROULAND: That's not too far fetched to say. However, generally when we refer to cyberterrorism, we refer to an attack against the infrastructure that actually coupled by a physical attack to make that attack more enhanced.
Now we are trying to trace the origins of this worm, and initial analysis does appear to match up with some other exploits of code that have been released from China in the past. A Chinese hacking group took massive activity against the United States when the P3 aircraft was hit by their MiG last April.
PHILLIPS: So, what is being done to prevent cyberterrorism? What's intact right now that wasn't intact, say, year or two ago?
ROULAND: There's not necessarily anything globally deployed technology in place to prevent cyberterorism. But we've got very effective communications both for government and private industry today that allow us to communicate what we're actually seeing out there on the Internet.
Adn in this case, for this attack, we're able to quickly identify the type of attack that was going on, how to mitigate it, and communicate it through the appropriate channels now, the Department of Homeland Security, to make sure that everyone was aware globally of how to deal with this threat.
PHILLIPS: And, Chris, South Korea was believed to be hit the hardest. Considering what's taking place with North Korea right now, is there any significance to this, do you think?
ROULAND: Technically no, because the war was very fast but it was not very smart. It had no specific targeting information. The reason South Korea was knocked off the Internet, was because South Korea deploys almost no security software for their computers, so they were immediately compromised soon as the worm hit that geographic region.
PHILLIPS: Finally, quickly, Chris, anyone that may be having problems now, what do we need to do to protect ourselves?
ROULAND: Internet providers have largely mitigated the threat and isolated it. Now the issue is small to medium size businesses and large corporations cleaning up their own internal networks and making sure they can stay online to avoid the business continuity challenges they had over the weekend.
PHILLIPS: Chris Rouland, thank you so much.
ROULAND: Thank you.
TO ORDER A VIDEO OF THIS TRANSCRIPT, PLEASE CALL 800-CNN-NEWS OR USE OUR SECURE ONLINE ORDER FORM LOCATED AT www.fdch.com
Aired January 27, 2003 - 13:35 ET
THIS IS A RUSH TRANSCRIPT. THIS COPY MAY NOT BE IN ITS FINAL FORM AND MAY BE UPDATED.
KYRA PHILLIPS, CNN ANCHOR: Attack of the worm. Some limited problems today, but not like Saturday, when a worm crippled tens of thousands of computers around the world and brought the Internet to a crawl.
Joining us now Chris Rouland of Internet Security Systems.
Chris, what happened? What went wrong?
CHRIS ROULAND, INTERNET SECURITY SYSTEMS: Well, Saturday night, about midnight EST, we saw a massive attack against the Internet take place. It began around 12:00. By 12:30 in the morning we saw millions of attacks an hour, accelerating up to billions an hour. At one, if you plugged a computer into the Internet that was vulnerable, within three minutes it would actually be infected with this worm.
PHILLIPS: So is it too farfetched to say, could terrorism be a factor here?
ROULAND: That's not too far fetched to say. However, generally when we refer to cyberterrorism, we refer to an attack against the infrastructure that actually coupled by a physical attack to make that attack more enhanced.
Now we are trying to trace the origins of this worm, and initial analysis does appear to match up with some other exploits of code that have been released from China in the past. A Chinese hacking group took massive activity against the United States when the P3 aircraft was hit by their MiG last April.
PHILLIPS: So, what is being done to prevent cyberterrorism? What's intact right now that wasn't intact, say, year or two ago?
ROULAND: There's not necessarily anything globally deployed technology in place to prevent cyberterorism. But we've got very effective communications both for government and private industry today that allow us to communicate what we're actually seeing out there on the Internet.
Adn in this case, for this attack, we're able to quickly identify the type of attack that was going on, how to mitigate it, and communicate it through the appropriate channels now, the Department of Homeland Security, to make sure that everyone was aware globally of how to deal with this threat.
PHILLIPS: And, Chris, South Korea was believed to be hit the hardest. Considering what's taking place with North Korea right now, is there any significance to this, do you think?
ROULAND: Technically no, because the war was very fast but it was not very smart. It had no specific targeting information. The reason South Korea was knocked off the Internet, was because South Korea deploys almost no security software for their computers, so they were immediately compromised soon as the worm hit that geographic region.
PHILLIPS: Finally, quickly, Chris, anyone that may be having problems now, what do we need to do to protect ourselves?
ROULAND: Internet providers have largely mitigated the threat and isolated it. Now the issue is small to medium size businesses and large corporations cleaning up their own internal networks and making sure they can stay online to avoid the business continuity challenges they had over the weekend.
PHILLIPS: Chris Rouland, thank you so much.
ROULAND: Thank you.
TO ORDER A VIDEO OF THIS TRANSCRIPT, PLEASE CALL 800-CNN-NEWS OR USE OUR SECURE ONLINE ORDER FORM LOCATED AT www.fdch.com
