Sign Up: Free Daily Tech E-letter  
Technology Home
Washtech
Tech Policy
Government IT
Markets
Columnists
   -Filter
   -Ask the Computer Guy
   -.com
   -Fast Forward
   -The Download
   -Web Watch
   -@Work
Personal Tech
Special Reports
Jobs

Advertisement
Company Postings
Get Quotes
Press Releases
Tech Almanac

WWW.Danger.Net

Advertisement


_____About Filter_____
Filter looks at the day's top technology news through snapshots and analysis of what the world's media outlets are covering. Washingtonpost.com's new Mon.-Fri. feature is penned by technology reporter Cynthia L. Webb. If a technology story breaks, a company falters or triumphs, or there's a new trend in technology, Filter wants you to know about it.

_____Filter Archive_____
Microsoft's Momentary Reprieve (washingtonpost.com, Jun 28, 2004)
AOL Orders the Spam Special (washingtonpost.com, Jun 24, 2004)
SBC Bets $6 Billion Against Cable (washingtonpost.com, Jun 23, 2004)
Google Loses an Underwriter (washingtonpost.com, Jun 22, 2004)
Search Rivals Gun Their Engines (washingtonpost.com, Jun 21, 2004)
More Past Issues
__ Filter E-mail Reminder __
TechNews.com Daily E-letter Sign-up for our daily e-letter for one-click access to Filter and other TechNews.com features.
Subscribe


E-Mail This Article
Print This Article
Permission to Republish
By Robert MacMillan
washingtonpost.com Staff Writer
Friday, June 25, 2004; 9:40 AM

It looks like the Internet is turning into a world wide minefield this morning.

Internet security companies and cybersecurity experts in the federal government are warning computer users to guard against a new online attack that can affect PCs running the Windows operating system. What makes this latest threat particularly scary is that computers can be affected just by visiting a Web site that has been compromised by hackers.

"The virus-like infection tries to implant hacker software onto the computers of all Web site visitors. Industry experts and the Homeland Security Department were studying the infection to determine how it spreads across Web sites and find adequate defenses against it," reported the Associated Press in a story that was picked up by most of the general-interest news Web sites this morning. The AP also cited an alert issued last night by government cybersecurity experts: "Users should be aware that any Web site, even those that may be trusted by the user, may be affected by this activity and thus contain potentially malicious code."

Kudos to the AP for taking a realistic approach to the story. The news service quoted cybersecurity expert Marcus Sachs as saying that the incident is significant but "has no impact on the operation of the Internet." (Which you, Filter reader, could probably ascertain if you're able to read this column on your computer.) Nevertheless, the AP story falls into a familiar refrain that plagues many cybersecurity accounts: It's a really, really, really serious problem and your computer will be fried if you don't do something about it, but relax. The AP, for instance, followed that calming news from Sachs with this: "Experts urgently recommended consumers and corporate employees to update the antivirus software on their computers, since the latest versions can immunize visitors to infected Web sites."
The Associated Press via washingtonpost.com: Experts Study Developing Internet Attack (Registration required)

Hit the Panic Button

CNET's News.com painted its picture in somewhat darker tones, citing nervous cybersecurity experts: "The researchers believe that online organized crime groups are breaking into Web servers and surreptitiously inserting code that takes advantage of two flaws in Internet Explorer that Microsoft has not yet fixed. Those flaws allow the Web server to install a program that takes control of the user's computer. The extent of the attacks is unknown, but the security community has seen numerous cases of personal computers infected when the user merely visits a Web site. 'It is not epidemic, but it is being seen,' said Alfred Huger, senior director of engineering for security company Symantec. 'Do we think it is serious? Yeah. It's a concern and it's insidious.'"
CNET's News.com: Corporate Web Servers Infecting Visitors' PCs

IDG News Service gives readers a few understandable details about how this latest online threat works: "Examining firewall logs and other data points on those networks, NetSec found that when users visit certain popular Web sites -- including an online auction, a search engine and a comparison shopping site -- they unwittingly download a piece of malicious JavaScript code attached to an image or graphics file on the site," IDG reported. Does the auction site start with an "e," end with a "y" and have a big "B" and a little "a" in it? Not that we'd ever spread baseless allegations...
IDG News Service via InfoWorld: New Attack Hitting Web Users Through Major Sites

Get Out of the Cyberspace!

So which sites should we avoid? News.com delivers a most perplexing answer: "The Internet Storm Center, which monitors Net threats, confirmed that the list of infected sites included some large Web properties. 'We won't list the sites that are reported to be infected in order to prevent further abuse, but the list is long and includes businesses that we presume would normally be keeping their sites fully patched,' the group stated on its Web site." Well thanks, guys, might as well keep us on our toes today...

Best quote of the days goes hands down to Brent Houlihan, chief technology officer of NetSec, who delivered this beaut to News.com: "I told my wife, unless it is absolutely necessary and unless you are going to a site like our banking site, stay off the Internet right now."

Now for the most important question: Where's Microsoft and what's it doing to fix this? The Internet Storm Center "pointed out that the malicious program uploaded to a victim's computer is not currently detected as a virus by most antivirus software. With no patch from Microsoft, that leaves Internet Explorer users vulnerable. A representative of the software giant was not immediately available for comment on when a patch might be available," News.com reported.

If you're a non-techie and you've made it this far into the soup, you're probably asking yourself, "Why anybody would waste their time injecting poisonous code into pictures on Web sites?" Thank heaven there's eWeek with an explanation: "Compromised PCs often are used by attackers to launch large-scale [denial-of-service] attacks against one or more targets. And they also are valued by spammers who like to install software that enables them to send large volumes of spam messages from the machines. Using dozens or hundreds of compromised PCs makes it virtually impossible for investigators to track attacks or spam back to the original source." See? It's all about the money. It goes to show that even socially maladjusted hackers and spammers share some common goals with the rest of us.
eWeek: Web Graphics Exploit Marching Across Internet

CONTINUED
1 2     Next >
Print This Article


TechNews.com Home

© 2004 Washingtonpost.Newsweek Interactive

Company Postings: Quick Quotes | Tech Almanac
About TechNews.com | Advertising | Contact TechNews.com | Privacy
My Profile | Rights & Permissions | Subscribe to print edition | Syndication