-There is a great increase in the level of [malicious] incidents globally, with the last 24-hour period seeing a big spike in activity," Glenn Miller, MD of security software specialist Janteknology, told ZDNet Australia. -There's a high likelihood this could be down to the Code Blue worm," he said, pointing out that a large proportion of these incidents are hitting port 80 - the server vulnerability targeted by Code Red.
China, which was reporting less than 30,000 incidents early last week, is currently recording about 272,000 incidents and the total number of malicious attacks in Australia has moved into the amber zone, according to Miller -- up to 32,734 from just 7000 at the beginning of last week.
According to Miller, Code Blue - a variant of the recent Code Red - is -an attack waiting to happen" and is more dangerous than its red counterpart as it actually attacks the server it infects, rather than just using an infected server to propagate itself. The longer it is on a server, the more internal system resources it takes over, eventually crashing the system. -Like a cancer it eats away at system resources ultimately killing it," Miller said.
-Vigilance is just as much a requirement today as when the whole [Code Red] thing was going through hysteria," he added.
Due to the publicity received by Code Red, there are fewer unprotected servers out there to be infiltrated by Code Blue, however, there are still a large number of attacks coming from the unprotected servers of telcoms providers and ISPs in Asian countries, including Australia, Miller said.
-We've got our fair share of telcos and ISPs still running unprotected servers," Miller said. -They're the keeper of our communication capabilities - if they can't get it right how can we protect ourselves."
With free patches available to download from the Internet, service providers in particular are being apathetic and negligent, according to Miller.
-If anyone gets hurt because of Code Blue, this time I've got no sympathy," Miller said. -It'll take a mass attack incorporating a good deal of damage before some people get the message."
