The worm was first identified in early July but has been lying dormant since its initial attack on 19th July. It is expected to resurface on 1st August in a more aggressive form, although it is not likely to cause any actual harm to files or hardware. At a press conference held yesterday, Director of the FBI National Infrastructure Protection Center (NPIC) Ronald Dick said:
“There is reason for concern that mass traffic associated with the worm’s propagation could degrade the overall functioning of the internet and impact ordinary users.”
Earlier this month the US government White House web site was targeted by the worm in an attempt to so overwhelm it with data that it would be forced to shut down. That denial of service attack was defended by changing the location of the web site to another IP (Internet Protocol) address.
However, it is not yet known whether the new variant of the worm will be able to detect such a change and adapt its attack accordingly. Another attack is programmed to be launched from infected computers on 19th August, although security experts do not appear to know which web sites will be victimised this time.
The worm takes advantage of a security hole present in systems operating Windows NT, Windows 2000 or Microsoft’s Internet Information Server (IIS) software and the company has produced a patch to rectify this vulnerability. If a computer is infected then it may be cured by rebooting the machine.