Bracing For AttackBracing For Attack

Security experts and the Homeland Security Department have warned that increased hacker activity surrounding a flaw discovered in many versions of the Microsoft Windows operating system may be the beginning of broad attacks against corporate networks and may even spawn a worm that could rival the impact of Code Red or SQL Slammer. Last week, the Homeland Security Department issued an advisory that said hackers have successfully tested exploits, tools used to attack vulnerable systems. The department also reported an increase in widespread scanning by potential attackers seeking vulnerable systems.

The Windows flaw was identified in the Microsoft Security Bulletin MS03-026 on July 16 and affects Windows NT 4.0, 2000, XP, and Windows Server 2003. Experts say millions of systems remain unpatched and vulnerable to attack. "We're predicting an en masse attack," says Russ Cooper, surgeon general for security-services provider TruSecure Corp. and editor of the security mailing list NTBugtraq. "It's just a matter of when."