Australia slammed by Code Red

"It appears Code Red is on the rampage…there has been an increase to the rolling seven-day attack [of all malicious] incidents," Janteknology’s Glenn Miller told ZDNet.

According to statistics which Miller sourced from security monitoring company securityfocus.com, Australia has seen the greatest increase in its rolling seven-day incident numbers, with 64,000 incidents reported here by 1 p.m Thursday, double yesterday’s 30,000-plus figure, according to Miller. And the number one attack type is the ASAPI Buffer Overflow, which is what the Code Red exploits.

"A reasonable percentage of that will be attributable to Code Red," Miller said. "Either that or there’s a hell of a massive movement of malicious code out there…and that doesn’t make sense."

Janteknology itself has been the target of 52 probes in the past 24 hours, all of which have been Code Red probes, the company says. On average, the company experiences some four or five probes a day -- none of which have been Code Red in the past few days -- and is now getting four or five Code Red probes an hour.

"Australian organisations could well be the least protected in the world, in light of the reported surge in local attacks, compared with the US and Europe--which are holding steady--and Africa and South America, which have seen a reduction in attacks," Janteknology said in a statement.

Symantec said it couldn’t confirm Janteknology’s findings. "There’s speculation that there’s another variant out there," Symantec representative David Banes said. "Or it could be existing copies [of the worm] that haven’t been cleaned up."