Having already done $2 billion in damage, the final cost of the Code Red worm could eventually top Love Bug's $8.7 billion price tag--and the worm hasn't even lived up to its doomsday prophecies due to a minor flaw in its programming. Code Red II has hit AT&T, FedEx and Hotmail, as well as its share of government offices.
In this News Focus we cover how this expensive security threat hit the Internet, how it leaves infected computers vulnerable to further attacks, and how you can shut the back door. If you don't, your could find yourself in the same boat as the government officials whose virus-infected computers circulated their secret documents.
Obviously, maintaining the "patch and pray" status quo isn't adequately protecting the enterprise; Code Red took control of more than 400,000 Web servers. Regardless of whether Code Red III turns out to be a bona fide variant, there is no room for complacency. Lax security measures have proven to be the hacker's best friend. And tomorrow's worldwide worm is certain to be more efficient, more lethal, and, ultimately, more expensive for all of us.
You can blame Microsoft all you want for buggy software, and the Redmond giant can blame panicky users and the FBI, but complaints don't patch holes. If Code Red has taught us anything, it's that even flawed attacks cost a fortune--and next time, we probably won't be so fortunate.
Read our ZDNet News Focus on Code Red.