Larger text
Smaller text
Print
E-mail
Attack of Lovesan worm waning
Use anti-virus software and keep it updated. Your computer is only as protected as you make it by purchasing anti-virus software and updating it yearly (about $30 to $40) online. If you currently have anti-virus software loaded on your computer, but it's not updated, go to the Web site for the vendor to purchase the update.
Trend Micro, which sells anti-virus software to consumers and businesses, also offers a free anti-virus scanner at www.trendmicro.com. However, company officials say free anti-virus scanners are not as good as anti-virus programs that are loaded onto your hard drive because the free programs will not continuously check your computer for viruses.
Use firewall software. Computer security experts say firewall software, which keeps hackers out of your computer systems, is just as important as anti-virus software. Some anti-virus programs come with firewalls while others are purchased separately. Sundermeier said users can also find firewall programs on www.download.com.
What to do if you've been infected by the "LovSan" worm:
Go to www.microsoft.com for the appropriate patch.
Trend Micro's free anti-virus scanner, HouseCall, (www.trendmicro.com) will determine if your system has been infected and will download the patch. Joe Hartman, director of North American Research for Trend Micro, said no information is collected from computers using the HouseCall scanner.
Central Command's site, www.centralcommand.com, also has details on how to detect and fix the problem.
"We're not getting nearly as many calls as we did (Tuesday)," said Jon Rosenson, strategic initiatives director for Pittsburgh-based Stargate.net Inc. "I even had neighbors stopping by my house with their computers asking me to help them remove the virus."
MSBlast, also called Lovesan, installs itself on computers by taking advantage of a vulnerability in more recent editions of Microsoft's Windows NT and Windows XP operating systems. In addition to immediately beginning to look for other vulnerable machines to attack and causing Internet traffic to slow, the virus forces computers running on Windows XP to shut down and restart.
The virus started to spread early Monday and was also designed to flood Microsoft's Internet site in an attempt to bring the site down, further slowing net traffic.
Rosenson said Stargate.net's customer support center received a third more calls Tuesday than the 500 calls it receives on a normal day. The company sent a message to subscribers urging them to patch their computers at Microsoft's site and be patient as the company dealt with the overflow of use on its network.
"I had heard the attacks on (Microsoft's Web site) weren't supposed to start until Saturday, but for whatever reason, they started yesterday, and that was causing problems with our equipment," he said. "The main problems were Tuesday morning and early in the afternoon."
Patrick McMahon, a spokesman for PNC Financial Services, said "a handful" of the bank's 700 branches had their computer systems taken off-line briefly Tuesday morning to make sure they had the appropriate protections in place. McMahon said transactions were handled manually, preventing a disruption of service.
By yesterday afternoon, the virus had infected more than 200,000 computers worldwide, but computer security experts said the spread of the virus had slowed by 40 percent as more people became aware of ways to fix and prevent the virus. Still, the MSBlast worm marked a new era in computer viruses that had many information-technology professionals on edge.
Previous viruses that wreaked widespread havoc generally required a computer user to take a specific action -- such as opening an attachment to an email message -- for the virus to take root. MSBlast, however, was able to infect computers with no user action.
"My job is not going to be fun from here on out," said Timothy Perrotta, the information systems manager for Shaler Township. "It's the start of a trend where people can get viruses just by going on the Internet."
Shaler was not infected -- this time. Because the township's computer systems handle a whole host of sensitive information -- everything from police records to tax receipts -- Perrotta said more than half his time on the job is spent making sure Shaler's network is equipped with the latest software and security patches to prevent viruses.
Microsoft has know about the problem for more than a month, and many large corporations had downloaded the patch that fixes the Windows vulnerability soon after it was released on July 16. But many home computer users and smaller companies without a dedicated technology staff had not taken the necessary steps to protect their machines.
Both Microsoft and the Computer Emergency Response Team (CERT) Coordination Center at Carnegie Mellon University's Software Engineering Institute issued directions for users whose computers were infected. Art Manion, an Internet security analyst at Pittsburgh-based CERT, said the virus seems to have been written to target home users.
"I suspect that the emphasis in the virus is on Windows XP because a home user with a new machine is more likely to have Windows XP as opposed to Windows 2000," Manion said. "It will certainly peter out at some point, but on the other side of the coin if you buy a new computer with Windows XP or buy it off the shelf, install it and connect immediately to the Internet, you're going to be vulnerable.
"I think this thing will linger for awhile."
More Business headlines
- Cream of mushroom soup made on North Side recalled
- Giant Eagle spreads wings with Robinson megastore
- Tech industry gaining ground in region
- Potential Hilton buyers name hotel manager
- Kellogg pulls immunity claim
- Cisco Systems says net income dropped 19 percent
- GMAC Financial Services says loss narrowed in third quarter
- GM Opel decision fuels wrath
