Government moves to check attack on websites
LAHORE- The Federal Ministry of Science and Technology on May 01, 2003 went into a frantic damage control exercise to contain effects of the virus attack on government websites and subsequent plunge of the internet industry into crisis.
A source in ministry, privy to the situation, claimed that the government had decided to purchase more routers to spread the load, acquire additional bandwidth, developing alternative routes for data downloading, quarantining government websites on a separate ISP and handing over the maintenance of the ITI to the IBM.
He claimed that the internet industry in Pakistan started receding into crisis when Indian hackers allegedly developed a virus in December last that crippled all government websites. The hackers had been threatening the Pakistan government for long but it was not taken seriously by the government until it spotted the first attack on Dec 20, 2002. Since then, the virus has multiplied itself as it was designed to do and has crippled the internet industry in Pakistan along with all official sites, he claimed.
An ISP owner from the city said that the Indian hacker had developed a virus with the name of “yaha” and unleashed it on the Pakistani websites by the end of the last year.
The worm, “W32.yaha.K@mm” terminates some anti-virus and fireball processes. It uses its own SMTP engines to email itself to all contacts in the Windows Address Book, MSN messenger, NET messenger, Yahoo pager and all files whose extension contains the letters HT. The email messages randomly choose the subject line, message and attachment names. Once virus infects a computer, it gives remote control leverage to the sender, which, in turn, uses it to bug other computers.
According to another ISP owner, it has infected millions of computers by now. In addition to hitting PCs, it has also affected the central internet system being run by the government.
Explaining the damage, he said, all 223 mega bites currently being purchased by the government converge on one central router. When the attack started, the central router got overloaded. To make the matter worse, the government also decided to block all pornographic sites and doubly overloaded the router. Since all the ISPs were getting supply from the same source, all the downstream activity got chocked. The attack was targeted on the government sites which were hosted by the COMSATS which was also on the same route, it was natural for others to get affected, he claimed.
About the government move to contain the ill-affects, the source in the ministry said that it had already ordered four routers to divide the load. It has also purchased another router to spread the load and widen its options. It has also decided to move all government websites to NTC — the National Telecom Company, he said.
The government has given the maintenance to the IBM Company to promote efficient handling of the entire system and save it from future attacks. The official Information Technology Infrastructure (ITI) has cost the government millions of dollars and it must be protected not only to save business but also national pride, he insisted. It will take another three months to completely control the damage done by the ‘Yaha’ virus if another attack, as feared by many, does not materialise, he claimed.
At present, out of 200 licensees, 65 Internet Service Providers (ISPs) are in the business, claims another owner.
For the last six months, he said, almost three companies are opting out of business every month because of this crisis. The threat assessment of the virus is the highest by any standards. By now, it has affected over 35 per cent revenue of the ISPs and damage to PCs could not be ascertained at this stage, he said.