Worms and Viruses: In the news

"Up to 3,000 campus computers were infected with three waves of hacker attacks last week -- 2,800 systems with the MS Blaster Worm alone -- and the numbers continue to climb with the appearance yesterday of a new virus..."

(August 21, 2003)

"A new computer virus has struck 600 to 800 campus computers over the span of several weeks. Commonly known as Gaobot, Agobot or Phatbot, the virus has grown through several methods..."

(April 26 2004)

The academic year 2003-2004 saw numerous Stanford's campus computers infected by the MS Blaster Worm and the Gaobot worm, not only causing widespread loss of data, but also resulting in many computers compromised by hackers, who could steal valuable personal information and passwords.

The first incident, concerning the MS Blaster Worm, in Summer 2003, exploited a "RPC buffer overflow" vulnerability in computers running Microsoft Windows NT, 2000 and XP. Even though the vulnerability was first idendified by Microsoft in mid-July, and patches were released at the same time, many campus computers were still affected, allowing hackers to take control of many computers. The seriousness of the hacker attacks over the summer prompted Residential Computing (ResComp) to take the drastic measure of forcing each incoming and returning student in the fall to run a series of checks to ensure that their computers are free of viruses before enabling their internet connections.

Updating Windows regularly is one of the ways of keeping your computer safe

Even after students were exposed to the vulnerabilities of their computers at the start of the year through the stringent ResComp requirements, many of them were still hit by the Gaobot worm, which preyed on users with weak passwords, or those who did not set an Administrator password when they installed their Windows operating systems. Furthermore, many did not run WindowsUpdate regularly, or did not see a need to install a critical update when it is released by Microsoft.

With hackers and virus writers becoming more sophisticated, and campus computer users continuing to be ignorant or lazy about protecting themselves from viruses and worms, it is certain that Stanford will continue to be affected by computer security issues in the future.