by Kurt Channing
It’s been a few weeks since the Code Red server worm (and its client-side relative, the Sircam email worm) began making the rounds, and eventually the news. It must be a slow summer for news. A couple of interesting things have come out of this.
First of all, as Cringely points out in a column well worth reading, this isn’t an “internet” or “email” virus — this is a Microsoft problem. More accurately, an MSTD. I’ll leave the Microsoft-bashing to Cringely (the column reveals some pretty nefarious, if alleged, tactics) and focus instead on the real enemy.
Origins of the worm are murky at best. The critter, which spreads itself by sniffing out faulty MS web servers, seems to like defacing web sites with an idiotic message — “hacked by Chinese!!!” or something like that. Is it really the Chinese? Doubtful. So far, the worm has caused little direct damage, though it has managed to clog up entire portions of the internet as it finds fetid little fertile pools of vulnerable IIS servers and chews up bandwidth in an orgy of reproduction. Every once in a while, all the worms are supposed to line up and directly attack some target, but these tactics have not been too effective. You’d think the Chinese would be a little more successful at this. As much as I’d like to think international intrigue and high-tech Cold War hijinks are behind this, it seems less and less likely as the Code Red worm bungles its way through yet another attack.
So who’s to blame? As some famous detective somewhere said, look who stands to profit, and you will find your suspects. And who has profited from this? Not Microsoft. I’m sure they’d love to charge for the antidote to this awful plague, but as things stand, they’re giving the patch away (and have been for a month prior to the attack). They probably think, rightly, that the Justice Department wouldn’t look kindly on the practice.
Is it a renegade hackers’ group? Not likely. Nobody serious is going to fess up to this one — exploiting Microsoft security is like shooting fish in an ice chest.
Who stands to profit? Who has already profited from this near-newsworthy item? Pepsi Cola, that’s who. My guess is sales of their Code Red Mountain Dew were lagging, despite its high sugar and caffeine content and robot cherry flavor. Now Code Red is everywhere! Free publicity by the SUV-load! Hell, the 7-11s are already offering the swill as a frozen concoction. I’m just waiting for some clerk to put two and two together and begin jamming gummi worms into the angry red slurry…