Weapons Of Mass Web Disruption

Once again thousands – perhaps hundreds of thousands – of computers around the world have been infected with a "virus." As usual, the victims are Microsoft customers.

In this case, the culprit is a worm (technically not a virus, but close enough) called "LovSan" or "Mblaster." The "M" that it blasts stands for Microsoft.

It mainly goes after PCs with a full time connection to the Internet. In today's connected world, that's a lot of computers. Big companies and universities have long had full-time connections, but so do a growing number of consumers who use a broadband service such as a cable modem or a DSL connection. Dial-up users are less vulnerable, but not necessarily completely out of the woods.

Unlike so-called "e-mail" viruses, you don't have to do anything to be infected; the worm itself probes the Internet, looking for vulnerable computers to attack.

The good news is that there is something you can do right away to protect yourself. Microsoft operates a Web site that scans your computer and provides all of the latest fixes. If you go there, only download the "critical" fixes, don't worry about the others right now.

If that site doesn't work or is too slow, or if you think you may have already been infected, go to the page on my my PCAnswer.com site that provides links to fixes from Microsoft and some anti-virus companies.

Like many other worms, this one is clearly aimed at Microsoft. Not only does it go after Microsoft operating systems, but part of its payload is a scheduled attack on Microsoft's own windowsupdate.com Web site that has the very fixes that would protect people from this and other hacker attacks.

It's no accident that Microsoft is the target. For one thing, Microsoft is – by an order of magnitude – the biggest target out there. Virus and worm writers want to have as much impact on the world as possible and there is no question that attacking Microsoft customers will have a bigger impact than going after those of Apple, Sun or any of the many companies that distribute versions of Unix or Linux operating systems.

But there is another other reason that Microsoft operating systems and application programs are so often affected: they are vulnerable.

Last year, Microsoft chairman Bill Gates admitted that his company had not been doing enough to protect its customers and ordered employees to make security their number-one priority. The company has invested millions of dollars to this effort, but it hasn't been enough. Part of the problem has to do with the very architecture of Microsoft software, which is designed to be open to Internet access. Microsoft does this for a number of reasons, including, ironically, assuring itself the ability to protect its customers through automatic updates. The same architecture that makes it possible for Microsoft to automatically fix problems with Windows (including vulnerabilities) also makes it more vulnerable to attack.

It would be as if you left a key under your doormat so that the police or fire department could gain access to your home to protect you in an emergency. Trouble is, savvy burglars would know how to find that key as well.

I'm not suggesting that users try to disable the automatic update procedures or that they refrain from going to windowsupdate.com to update their software. The process of keeping up to date is not the problem. I am, however, suggesting that Microsoft take a long hard look at its system architecture to find a more balanced approach. I understand and appreciate the company's desire to make systems that are integrated and globally accessible, but the price for such accessibility should never be diminished security.

It is no accident that computer security, including protection from hackers and viruses, is now under the jurisdiction of the Department of Homeland Security. This is truly a homeland security issue. Computers and the Internet are part of our national infrastructure, and while it's unlikely, though not impossible, that anyone would die as a result of a hack attack, it could seriously disrupt commerce and communications. WMD has a new meaning. Hack attacks, worms and viruses are Weapons of Mass Disruption.

Bill Gates told us that security is his number one priority. Now it's up to him and his employees to make good on that promise.

By Larry Magid