Skip to main content /COMMUNITY /US

On The Scene

Daniel Sieberg: 'Code Red' worm inches along

Daniel Sieberg is the Sci-Tech Editor for He is a recipient of the Rafe Mair Award for Excellence in Journalism, and a former reporter for The Vancouver Sun. Sieberg joined the chat room from CNN Center in Atlanta, Georgia.

CNN: Welcome to Newsroom, Daniel Sieberg.

SIEBERG: Hello everyone. Happy to be here.

CNN: What's the latest update on the impact of the "Code Red" worm?

SIEBERG: Computer experts and the government have confirmed that tens of thousands of computers have felt the impact of "Code Red" as of noon EDT today. That doesn't mean that the performance of the Internet will be slowed or degraded as yet. It's still too early to tell.

Critics want software makers, like Microsoft, to protect consumers from computer bugs. CNN's David George reports (August 1)

Play video
(QuickTime, Real or Windows Media)

Despite minimal reported damage, officials warn that danger from the computer virus is far from over. CNN's James Hattori reports (July 31)

Play video
(QuickTime, Real or Windows Media)
In-Focus: 'Code Red': Will the patch work?  

'Code Red' latest in series of nasty Net bugs  
On the Scene: Sieberg: 'Braced for worst, hoping for best'  

Message board: 'Code Red' worm  

CHAT PARTICIPANT: How far will the hackers go with virus making? Do they have their limits?

SIEBERG: There really are no limits with computer programming. Some hackers are more ethical, while some are only interested in causing damage or chaos. In this case, the worm isn't particularly destructive, but it could cause outages and slowdowns on the Web, a hassle to all users.

CHAT PARTICIPANT: Daniel, please tell me, if this is a network server "virus," why does anybody need a patch for this? How will it harm anybody's hard drive?

SIEBERG: Most PC users do not need to be concerned about this worm infecting their computer. It only applies to computers running Microsoft Windows 2000 or NT operating systems in conjunction with Microsoft's IIS server software. That is mostly applicable to businesses and governments. The patch is only necessary if you using that particular setup.

CHAT PARTICIPANT: Doesn't the excess publicity give the worm generators just what they want?

SIEBERG: Well, it's a fine line. If we didn't report on viruses or worms, then people may be infected without knowing it. In this case, it's still difficult to tell if the warnings forced network administrators to patch their systems before it hit.

CHAT PARTICIPANT: What sort of problems are the affected computers experiencing?

SIEBERG: As I mentioned, it's important to remember that home users won't see an e-mail or an attachment with this worm. It isn't expected to delete anything on hard drives. It seeks out computers to infect and thus slows down the Internet, degrading performance for everyone who is online. That could hamper e-commerce, general Web surfers and other communications.

CHAT PARTICIPANT: Who created the "Code Red" worm? Do the authorities know?

SIEBERG: No one knows at this point. Because it spread so quickly and with such force the first time, back in late July, it is still being investigated.

CHAT PARTICIPANT: Why doesn't Microsoft make operating systems safer?

SIEBERG: Any company that creates software attempts to test it out under all conditions. But it's nearly impossible to have perfect code. Microsoft is an easy and regular target for many hackers, but that's also because they have a major share of the operating system market.

CHAT PARTICIPANT: What is the difference between a worm and a virus ?

SIEBERG: A virus often manifests itself as an attachment, showing up in your inbox. It needs a user to click on the attachment to then send itself out through e-mail. But a worm doesn't need you to click on it or even know it's there. It sends itself out automatically through the Internet, looking for a particular vulnerability.

CHAT PARTICIPANT: Are they using this type (worm) rather than a virus because it is more difficult to find the culprits?

SIEBERG: It's always tough to guess the motivations behind a certain worm or virus. In this case, we'll have to wait and see what the authorities can discover when they complete their investigation.

CHAT PARTICIPANT: It sounds as if the majority of the Internet community was prepared thanks to advance warning and have installed the patch. The worm is spreading but losing steam as it travels the globe. What can be done to further enhance advance warnings?

SIEBERG: This worm was unique in that people were aware of when it was expected to spread. In most cases, viruses tend to sneak up on the average user, and people end up having to be reactive rather than proactive. Computer experts always suggest that people keep their anti-virus software updated, and this applies to major corporations as well. It's a matter of staying as vigilant as possible.

CHAT PARTICIPANT: What is the functionality that IIS has that allows this security breach?

SIEBERG: It's technically called a buffer run overflow. It's actually not that rare, and has occurred in other cases. It essentially infiltrates the system through this glitch.

CHAT PARTICIPANT: Is banking online at risk?

SIEBERG: Well, if your bank's Web site is using this particular piece of software, then their site may be inaccessible at times. However, it's worth noting that many people may not see any impact of this worm. It really depends on how it plays out during the rest of the day and the rest of the week. And it depends on how many network administrators correctly installed the Microsoft patch.

CHAT PARTICIPANT: Is it better that users not use the Internet at a certain time today?

SIEBERG: That shouldn't matter. People should use the Internet as they normally would. If there is a connectivity problem, then perhaps try again later.

CHAT PARTICIPANT: Does "Code Red" pose a threat to Linux? Do you think there will ever be one geared at Linux boxes?

SIEBERG: My understanding is that it only poses a threat to Windows 2000 and NT operating systems, so Linux should be safe in this case. There have been instances of viruses that target Linux, but certainly fewer. That's partly because Linux has a smaller market share, and partly because many hackers see Linux as a great alternative to Microsoft because it is open source, meaning the code to its design can be shared.

CNN: Do you have any final thoughts for us today?

SIEBERG: "Code Red" will certainly not be the last worm or virus that targets the Internet, so computer experts say that if you're concerned about any issues such as this, check out Internet advisories or security companies online. We'll have to see how "Code Red" continues to play out.

CNN: Thank you for joining us today Daniel Sieberg.

SIEBERG: My pleasure. Thanks for the great questions!

Daniel Sieberg typed for himself in the chat room. This is an edited transcript of the interview which took place on Wednesday, August 1, 2001.

• Riptech
• Microsoft Security Patch
• Code Red technical data
• National Infrastructure Protection Center
• Spread of the Code Red worm, July 19-20 (UC San Diego)

Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.


Back to the top