That’s about how long it takes for an unprotected computer connected to the Internet to contract the Blaster worm, said Oliver Friedrichs, senior director of Symantec Security Response. The software development company in California specializes in security issues worldwide.
Blaster hit the MU campus hard this week, crippling network services for about an hour Monday evening.
Now, Information Access and Technology Services, which oversees computers on campus, is in a holding pattern — waiting for the Blaster worm to re-appear sometime after midnight tonight. That’s when the worm is programmed to strike various Microsoft-related Web sites, including the site that holds one of the most important remedies to the bug: www.microsoft.com/security.
“The total effect of the Blaster worm (on the MU campus) is still yet to be determined,” said Todd Krupa, IATS communications officer. “Mostly, that’s because part of it engages on Saturday. We really don’t know what’s going to happen.”
Blaster is a worm and, as such, relies on networked computers to spread rapidly. MU’s massive computer network has an estimated 12,000 to 15,000 machines, making it prime tunneling ground for a worm.
This is an especially vulnerable time for MU’s network, Krupa said, because of the sheer volume of unprotected machines being taken online as new students arrive at the university.
“We have a bunch of machines that are going to come on campus that we don’t really have any control over from a support perspective,” he said. “But we are making progress, and we still have time.”
Protecting your computer from worms and their nasty cousins — viruses — is not difficult, Krupa said, but is important to do. The most important thing users can do is to keep their systems current, he said.
“When you get the notice that says there’s an update, do it,” he said. “This could have been avoided if people would keep their machines up to date.”
The worm works by exploiting a section of broken code within the Windows operating system. Microsoft has released a fix, called a patch in computer lingo, that resolves the problem. But, for computers without that patch, the likelihood of catching the worm is high.
“If you just remove the virus without fixing the root problem, the chances are good that it would come back and hit you again,” said Symantec’s Friedrichs.
The second thing users can do is run personal firewall software along with an anti-virus program. Such software is commonly available in person or online from computer vendors, and the programs often come bundled together.
The combination does two things, Friedrichs said: First, the firewall can be set to shut off traffic containing a virus or worm, and, second, the program can alert you to its presence if you catch one.
Finally, if a machine contracts a bug, the best thing to do is simply take it off the network until the necessary repairs can be made.
“If something seems wrong, it probably is,” Krupa said. “If you see that, disconnect yourself from the network and see if you can get some tech support. An infected machine can’t hurt anyone else if it’s isolated.”
Although MU’s network is now mostly functioning, Krupa said, the threat remains.
“This is a constant battle,” he said of the Blaster worm. “It’s going to continue for a while.”