The Code Red worm is not just another computer worm. So far it
has nibbled its way into 250,000 computers around the world,
and a computer systems protection company predicts that
another two million potential targets may be vulnerable to its
The computer worm harms business computers, often servers,
that run on Windows NT and 2000, but does not affect home
computers that run on Windows 95 or Windows 98.
The Sense Institute, which is assisting US federal
investigators to neutralize the virus, says that Code Red has
already reached peak levels and has been dropping off. "Like a
disease, the breaking point is already behind us, but to
uproot it completely we still have a long way to go," say
The worm knows no borders, and could spread further,
contaminating computers outside of the U.S. as well, since
many computer users in other countries have not downloaded the
appropriate anti-virus program.
Michael Arbashlo, director of research at an economic
consulting company in California, estimates that cleanup
expenses could come to $740 million, and losses resulting from
missed work hours as a result of the virus are expected to
reach $450 million.
Checking systems for the devastating worm is no simple matter.
Information technologies specialists do not come cheap, but
many companies have been forced to use them despite their high
fees, paying up to $300 per hour to check their servers.
The consulting company estimates that six million servers are
still exposed to the worm.
* * *
Code Red is not the only one making a name for itself in U.S.
computers. Another virus, known as Sircam, has wreaked havoc
at a Ukrainian news site. The virus has been flooding the site
with secret documents from Ukrainian president Leonid Kochman
and sending intriguing classified files, all via e- mail.
The Ukrainian president is the model of secrecy. He shrouds
himself in mystery, carefully concealing all of his daily
movements, but Sircam has managed to undermine his strict
measures, and President Kochman's schedule at ceremonies to
mark the tenth anniversary of Ukrainian independence have been
publicized all over the Net.
His officials are currently investigating whether there was a
breach of security, and whether additional viruses have
contaminated any other computers in his bureau.
Sircam is a virus rather than a worm, in that it cannot
propagate itself but relies on the host system to do so. We
still get this virus in our e- mail several times a week. If
you simply delete it without opening it, no harm is done.
If you get any e-mail containing a file with a name that ends
with the letters "EXE", "BAT", "PIF", "COM", even if it is
from a trusted correspondent, simply delete it right away. It
does not matter what is in the name before those last three
letters. If those are the last three letters and you are not
expecting the file, just delete it first and ask questions
afterwards. If you do not click on the suspect file to open
it, it cannot harm your computer.