Leave your feedback Share Copy URL https://www.pbs.org/newshour/science/science-july-dec01-computer-virus_09-19 Email Facebook Twitter LinkedIn Pinterest Tumblr Share on Facebook Share on Twitter Computer Worm Infects Internet Science Sep 19, 2001 5:45 PM EDT A computer worm called Nimda has spread rapidly across the Internet to corporate networks and personal computers running Microsoft’s Windows operating system. The worm spreads by e-mail and by visiting certain sites on the Internet. The worm, whose name comes from admin spelled backwards, first appeared in the United States Tuesday. It spread to Asia overnight, and thousands of European businesses opened business Wednesday with infected computer systems. Worms are programs that replicate themselves from system to system without the use of a host file. By contrast, viruses require the spreading of an infected host file. The attack could prove to be more widespread and damaging than the Code Red infections of July and August because Nimda appears to have been designed to spread quickly among PCs connected to a single network, security experts said. In addition to the flood of junk messages slowing down Internet access around infected computers, it can overwrite critical Microsoft Windows system files, requiring a costly and time-consuming repair. Code Red caused an estimated $2.6 billion in damage. Some Internet security experts had warned of increased virus activity after last week’s attacks on the World Trade Center and Pentagon, but Attorney General John Ashcroft has said there is no evidence linking the worm to last week’s attacks. Once Nimda infects one computer on a company network, it travels across the network to attack others. Together, this can cause an entire corporate network to be infected if even a single worker visits an infected Web site. Nimda has its own e-mail engine and will try to send itself out using addresses stored in e-mail programs. The sender address may be a well-known address. Researchers said they weren’t sure how the address is generated. The attachment may be named “README.EXE.” Web browser patches are available at http://www.microsoft.com/security. The Internet portal Yahoo! was one of the firms infected by the Nimda, company spokesman Kevin Timmons confirmed. The company’s private corporate network was infected, but not the public Web site. Around the world, major sporting sites in Norway were knocked offline Tuesday night. In Japan, Tsuru Credit Union spokesman Takao Ide said the bank shut down its Web site after finding it infected with the program. The Swedish government was forced to quarantine some government computers after they were infected. A free press is a cornerstone of a healthy democracy. Support trusted journalism and civil dialogue. Donate now
A computer worm called Nimda has spread rapidly across the Internet to corporate networks and personal computers running Microsoft’s Windows operating system. The worm spreads by e-mail and by visiting certain sites on the Internet. The worm, whose name comes from admin spelled backwards, first appeared in the United States Tuesday. It spread to Asia overnight, and thousands of European businesses opened business Wednesday with infected computer systems. Worms are programs that replicate themselves from system to system without the use of a host file. By contrast, viruses require the spreading of an infected host file. The attack could prove to be more widespread and damaging than the Code Red infections of July and August because Nimda appears to have been designed to spread quickly among PCs connected to a single network, security experts said. In addition to the flood of junk messages slowing down Internet access around infected computers, it can overwrite critical Microsoft Windows system files, requiring a costly and time-consuming repair. Code Red caused an estimated $2.6 billion in damage. Some Internet security experts had warned of increased virus activity after last week’s attacks on the World Trade Center and Pentagon, but Attorney General John Ashcroft has said there is no evidence linking the worm to last week’s attacks. Once Nimda infects one computer on a company network, it travels across the network to attack others. Together, this can cause an entire corporate network to be infected if even a single worker visits an infected Web site. Nimda has its own e-mail engine and will try to send itself out using addresses stored in e-mail programs. The sender address may be a well-known address. Researchers said they weren’t sure how the address is generated. The attachment may be named “README.EXE.” Web browser patches are available at http://www.microsoft.com/security. The Internet portal Yahoo! was one of the firms infected by the Nimda, company spokesman Kevin Timmons confirmed. The company’s private corporate network was infected, but not the public Web site. Around the world, major sporting sites in Norway were knocked offline Tuesday night. In Japan, Tsuru Credit Union spokesman Takao Ide said the bank shut down its Web site after finding it infected with the program. The Swedish government was forced to quarantine some government computers after they were infected. A free press is a cornerstone of a healthy democracy. Support trusted journalism and civil dialogue. Donate now