Computer Defenders Quickly Blocked Worm
Posted on: Thursday, 18 August 2005, 18:00 CDT
Aug. 18--The latest worm that bit into computers nationwide this week -- shutting down CNN, the New York Times, Caterpillar and 12,000 government computers in San Diego County -- caused barely a ripple in the Sacramento region. That's because of heightened security against viruses, say state and local technology experts, although many warn that the speedy worm demonstrated the need for quick response.
From UC Davis to California's state computer network, it appeared that most businesses and government agencies in the region eluded the virus, known as Zotob.
It was unleashed by unidentified hackers earlier this week, following Microsoft's announcement that its Windows 2000 operating system had an internal flaw. Although the company sent out an alert on Aug. 9 and issued a software patch to fix the hole, not everyone was able to protect their computers in time.
But in this region, reports of problems were limited. Tim Burke, CEO of Quest Technology, an information technology firm that provides computer network security and technical support services to about 300 clients in Sacramento, said he received no reports of computer problems. He said the past few years of worm attacks, and the resulting awareness of them, were key factors in reducing Zotob's effectiveness.
"If this had happened a year ago, it would've been very detrimental," he said.
Among the state's vast network of computers, only one department -- the state Franchise Tax Board -- reported a significant infection, said information security officer Debra Reiger. She said the state's tax board had dozens of computers infected out of several thousand.
By contrast, San Diego County government had one of the more widespread infections, with 12,000 computers, all running Windows 2000, being hit by Zotob on Tuesday, forcing a countywide shutdown of its computer network.
Sacramento County government did not have any reported infections, said IT division chief Alan Routhier. One of the key differences between the two counties is that Sacramento has far fewer machines running Windows 2000; just several hundred of 8,000 desktops countywide.
Furthermore, Routhier said the county took extra steps several years ago to beef up its computer security, including extra layers of intrusion software to detect problems.
"People who do the patching are notified within hours," Routhier said, describing the county's response to warning announcements made by Microsoft. "We're generally pretty good getting the patches on as soon as we can."
Although large businesses and government agencies that oversee hundreds or thousands of computers generally have software that can automate the patching process, it's not as simple as instantly applying a patch as soon as it becomes available.
Patches, while they may fix a particular computer flaw, also can introduce new problems. For that reason, computer system administrators might have to spend several days testing the patch before applying it, Routhier said.
Reiger said this was the case with the Franchise Tax Board. Technicians took time to test the patch and by Tuesday, had applied it to all the high-priority, high-risk computers. But the worm infected the few machines that hadn't been patched by that afternoon.
The computers were shut down and the worm was deleted without any state data being compromised, Reiger said.
Bob Ono, an IT officer for the University of California, Davis, said the worm had little effect on the campus' computer network, but he said it's an increasing challenge to fix networks before a hacker writes and releases the next computer virus.
"The gap between patch and exploit is diminishing," he said. "There isn't the luxury of time to apply it a week later; we have to test the patches and apply them immediately."
Although the impact of Zotob wasn't as severe as with other massive computer worms, its quick appearance following Microsoft's announcement of an internal flaw is still a reminder to be vigilant.
As Sacramento County's Routhier noted, "We learned from this one we just have to be faster."
-----
To see more of The Sacramento Bee, or to subscribe to the newspaper, go to http://www.sacbee.com.
Copyright (c) 2005, The Sacramento Bee, Calif.
Distributed by Knight Ridder/Tribune Business News.
For information on republishing this content, contact us at (800) 661-2511 (U.S.), (213) 237-4914 (worldwide), fax (213) 237-6515, or e-mail reprints@krtinfo.com.
TWX, NYT, CAT, MSFT,
Source: The Sacramento Bee
Related Articles
- Hughes Launches Inter-Government Crisis Network
- Helix Electric Awarded Electrical Contracting Work for Sacramento Regional County Sanitation District
- First State Bank & Trust Selects AT&T for Network Services
- Continuous Computing(R) Joins With Texas Instruments DSP Third Party Network; DSP Alliance Signals Importance of Advanced Multimedia Solutions in Next-Generation Networks
- State's County Colleges See STARS
- Southeast European States Agree to Develop Regional Transport Network
- Government Shared Network Gets Nod
- CityLink Hopes to Be Backbone for Government Shared Network
- Clark County School District Selects Extreme Networks for 289 School Network
- Alcatel's IP Service Router Selected By Shandong Netcom to Power e-Government Backbone Network in China
 |
 |
User Comments (0)
RSS Feeds