午夜福利1000集合

US government warns of imminent net attack

The combination of a widespread Windows bug, new hacker tools and increased probing may mean a major attack is about to happen

US government computer experts have warned that hackers may be preparing a large-scale coordinated attack. This could involve the release of a virulent type of internet worm or use thousands of enslaved personal computers to bring down websites.

The rare global alert was prompted by the coming together of three factors; the revelation of a serious bug in Windows, the world鈥檚 most common operating system, the development of tools to exploit that bug, and a recent rise in computer probing that could identify vulnerable machines.

The National Infrastructure Protection Center (NIPC), part of the US Department of Homeland Security, issued a statement warning that these factors point towards a serious potential threat.

鈥淏ecause of the significant percentage of internet-connected computers running Windows operating systems and using high speed connections, the potential exists for a worm or virus to propagate rapidly,鈥 the NIPC warning says.

Remote probes

Windows users were advised to patch their computers if they have not already done so. Hackers were said to be remotely probing thousands of machines in succession to locate those remaining at risk.

The NIPC alert said an 鈥渋ncrease in scanning for vulnerable computers over the past several days reinforces the urgency for updating affected systems,鈥 says.

An additional warning from the US government-backed Computer Emergency Response Team (CERT), said hackers had created automated tools to exploit the bug.

鈥淢ultiple exploits for this vulnerability have been publicly released, and there is active development of improved and automated exploit tools,鈥 the CERT warning says. No worm has yet been identified but, because the bug can be exploited using ordinary internet traffic rather than email, any worm could propagate very quickly.

The software bug in question, revealed on 16 July, affects all of the most recent versions of Microsoft鈥檚 Windows operating system. It could be exploited to take complete control of a vulnerable machine. Microsoft released a software patch to fix the bug on the same day, but many computers are thought to remain at risk.

National Infrastructure Protection Board http://www.nipc.gov/

More from New Scientist

Explore the latest news, articles and features