Homeland Security

DATE=01/26/03

TYPE=CORRESPONDENT REPORT

TITLE=INTERNET ATTACK (L-O)

NUMBER=2-298819

BYLINE=STEVE HERMAN

DATELINE=TOKYO

CONTENT=

VOICED AT:

INTRO: Asia is hit hard by a weekend attack on the Internet. Security experts say the so-called software worm affected millions of people, some of them not even directly connected to the Internet. Steve Herman reports from Tokyo.

TEXT: Internet traffic is slowly regaining speed in Asia and elsewhere, a day after the worst assault on the World Wide Web in more than a year.

The so-called "slammer" attack exploits a known vulnerability in a Microsoft program. The "worm" quickly reproduces itself and creates massive amounts of Internet traffic that clogs networks.

Reports from around the world say that the attack knocked out trans-Atlantic telephone calls, and automated bank teller machines and airline reservation systems in North America.

Reports say the problem was especially bad in South Korea, one of the world's most wired countries with more than 10-million broadband users. Officials there say it was the worst telecommunications breakdown in the country's history.

South Korea's Information and Communication Minister, Lee Sang-chul, told reporters that the ministry will prepare countermeasures to head off similar incidents.

South Korean police say they will cooperate with counterparts in other countries to try to find the source of the attack.

The U-S Federal Bureau of Investigation says it is investigating, but gave no indication that it had any suspects. Some media reports say the F-B-I's National Infrastructure Protection Center had captured the malicious worm and were looking at its code for hints about its origin.

The attack focused on Microsoft's S-Q-L Server 2000 database software and was first noticed in North America late Friday. Within hours, South Korea, Australia, Japan, Hong Kong and India were reporting Internet outages or slow service.

The incident was similar to the "Code Red" virus that affected several-hundred-thousand computers in July of 2001, and the worst since the Nimda virus struck in mid-September 2001.

/// REST OPT /// Cyber-security experts stress that most home and business Internet computers are not vulnerable to the computer worm, but the worm will slow down Internet browsing.

Experts say the attack would have been worse if it had happened during a workday and not the weekend. Some experts are theorizing that the weekend "slammer" was a test run - a way to gauge how devastating the worm would be if it were launched during the workweek. (SIGNED)

NEB/HK/SH/MH/RAE