Skip to main content /WORLD /WORLD


Subscribe to one of our news e-mail lists.
Enter your address:

CNN Mobile

CNN Websites



CNN International



China's networks hit by Code Red II

By CNN's Rose Tang in Hong Kong

BEIJING, China (CNN) -- The Chinese government says the Code Red II Internet worm has caused the most widespread computer disruption yet recorded on the country's networks, hitting more than 20 provinces and cities.

Several government ministries and agencies, and many Internet Service Providers have come under attack from Code Red and its spin-offs Code II and III, China's state media reported.

China's National Internet Emergency Center says Code II infection is "very severe" and has "seriously threatened" Internet services across the country, the state-run Beijing Morning Post newspaper said.

"Code Red II is like an air-borne plague, its damaging effect has far exceeded CIH," the center was quoted as saying, referring to a virus attack earlier in the year.

Up to 80 per cent of infected enterprises belong to computer information firms with the majority of them located in Beijing, according to a survey by anti-virus firm Beijing Rising.

"Servers were frozen after they were bombarded with numerous data requests from a remote source," a computer technician from the anti-virus firm told CNN.

"Previously we had at least a couple days to prepare for a worm attack after it had an outbreak overseas, but this time we were caught off guard as Code Red II comes so fast," she said.

Earlier this week, China's Public Security Ministry, which fights computer virus infections, issued a countrywide warning urging all enterprises and government agencies to put in place emergency measures to defend against the Code Red worm.

Red worms

Security experts have said Chinese-language versions of Microsoft operating systems were immune to the Code Red worm outbreak.

However, Code Red II and Code III, discovered recently, are different worms and are not variants of Code Red.

The worms attack servers that run on Microsoft's Window NT and 2000 operating systems as well as its IIS server software then spread to other PCs.

Beijing Rising told CNN it's not difficult to defend against any of the worms -- one only has to download the patch from Microsoft's website

The worms have been attacking computers in China since Monday, according to a Beijing manager from Network Associates, a California-based computer security company.

"It's very serious," he told CNN, adding that many large banks, financial institutions and manufacturers throughout the country have been attacked.

Offices of Network Associate and Beijing Rising have been flooded with telephone calls from computer operators all over the country.

The manager, who declined to give his name, said recent attacks such as Sircam and HappyTime have been by worms that crawl into servers via the Internet or deficiencies in the server's defense.

Computer worms differ from viruses, which paralyze a computer by attaching themselves to a computer file or document.

"We still don't know the origin of Code Red yet, but I think it's from China because the worm usually scans the server for Chinese-language programs before an attack," the manager said.

"Chinese hackers launched massive assaults on U.S. websites over the U.S. spy plane incident. This time Code Red attacked the White House website first, he added.

"Chinese hackers are capable enough to create something like Code Red," he said.

• Beijing Rising
• Network Associates
• Symantec

Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.



Back to the top