Officials urge quick patch on e-mail security hole
SAN DIEGO — The race is on to patch a security hole on millions of e-mail computer servers. The concern: The flaw could be exploited by hackers to potentially disrupt America's infrastructure as war looms with Iraq. The hole was found by security firm Internet Security Systems (ISS) in December. Though no attacks have occurred, a hacker could tap into the Internet's most widely used e-mail-server program, Sendmail, and block, steal or erase e-mail. Government officials worry that a cyberterrorist could gain control of tens of thousands of computers and launch waves of frivolous e-mail, which could slow networks or render them useless. That could disrupt business communications at a time when companies are increasingly supplying the military. "There are a lot of interdependencies when you go to war, and the Internet is what ties a lot of this together," says Marcus Sachs, communications infrastructure director for the White House Office of Cyberspace Security. "We need to get everyone as ready as the Defense Department to defend our critical networks." ISS has worked with the Department of Homeland Security to coordinate a plan to widely implement an available patch. Computer security officials attending a security conference here hope that will be a model for handling other future threats. While the Defense Department and other key government agencies are protected, it could take months to patch computers in companies and academia. They could be used to launch a worm that locates vulnerable Sendmail machines. Last Friday, the Department of Homeland Security notified federal agencies about the Sendmail flaw to give them a head start in making fixes. Monday, ISS publicly announced it and released the patch. With the flaw in the open, the challenge now is to get Sendmail computers patched worldwide. ISS estimates Sendmail runs on at least 2 million computers. They are the hefty Unix and Linux computer servers, as well as other computers at key locations that direct Internet traffic. "This one (vulnerability) stands out because Sendmail is ... installed on some of our most powerful machines," says Alan Paller, director of research for the SANS Institute, a cybersecurity think tank. In the past, companies have been slow to patch holes. The Code Red virus that caused billions of dollars of damage in 2001 exploited a flaw even though a patch had been available for months. More recently, the SQL Slammer worm briefly knocked out some airline reservation systems and bank ATMs. It exploited a known hole in Microsoft's SQL server database software for which Microsoft issued a patch six months earlier. SQL Slammer also infected more than 200,000 computers worldwide — within 10 minutes. Previously, experts had only theorized about a fast-spreading virus that could knock down the Internet in 15 minutes. Slammer is viewed as the first of a so-called Warhol virus, named for artist Andy Warhol. He coined the phrase "15 minutes of fame." Computer security experts worry a hacker could devise a Slammerlike virus and spread it through Sendmail. The way to reduce that risk is to patch as many machines as fast as possible. "The U.S. is an excellent target for a mass cyberattack," says Stephen Northcutt, a SANS Institute instructor. "It's an inexpensive way for a poor nation to carry the fight to U.S. soil."
Reproduced from an article published by USA Today
© USA Today
The original article can be viewed here:
http://www.usatoday.com/
Permalink Bookmark Digg this story
