[Pakistan] Govt moves to check attack on websites

["Irfan Khan" <khania2@super.net.pk>]

Govt moves to check attack on websites

By Ahmad Fraz Khan


LAHORE, May 1: The Federal Ministry of Science and Technology on 
Thursday went into a frantic damage control exercise to contain 
effects of the virus attack on government websites and subsequent 
plunge of the internet industry into crisis.

A source in ministry, privy to the situation, claimed that the 
government had decided to purchase more routers to spread the load, 
acquire additional bandwidth, developing alternative routes for data 
downloading, quarantining government websites on a separate ISP and 
handing over the maintenance of the ITI to the IBM.

He claimed that the internet industry in Pakistan started receding 
into crisis when Indian hackers allegedly developed a virus in 
December last that crippled all government websites. The hackers had 
been threatening the Pakistan government for long but it was not 
taken seriously by the government until it spotted the first attack 
on Dec 20 , 2002. Since then, the virus has multiplied itself as it 
was designed to do and has crippled the internet industry in Pakistan 
along with all official sites, he claimed.

An ISP owner from the city said that the Indian hacker had developed 
a virus with the name of "yaha" and unleashed it on the Pakistani 
websites by the end of the last year.

The worm, "W32.yaha.K@mm" terminates some anti-virus and fireball 
processes. It uses its own SMTP engines to email itself to all 
contacts in the Windows Address Book, MSN messenger, NET messenger, 
Yahoo pager and all files whose extension contains the letters HT. 
The email messages randomly choose the subject line, message and 
attachment names. Once virus infects a computer, it gives remote 
control leverage to the sender, which, in turn, uses it to bug other 
computers.

According to another ISP owner, it has infected millions of computers 
by now. In addition to hitting PCs, it has also affected the central 
internet system being run by the government.

Explaining the damage, he said, all 223 mega bites currently being 
purchased by the government converge on one central router. When the 
attack started, the central router got overloaded. To make the matter 
worse, the government also decided to block all pornographic sites 
and doubly overloaded the router. Since all the ISPs were getting 
supply from the same source, all the downstream activity got chocked. 
The attack was targeted on the government sites which were hosted by 
the COMSATS which was also on the same route, it was natural for 
others to get affected, he claimed.

About the government move to contain the ill-affects, the source in 
the ministry said that it had already ordered four routers to divide 
the load. It has also purchased another router to spread the load and 
widen its options. It has also decided to move all government 
websites to NTC -- the National Telecom Company, he said.

The government has given the maintenance to the IBM company to 
promote efficient handling of the entire system and save it from 
future attacks. The official Information Technology Infrastructure 
(ITI) has cost the government millions of dollars and it must be 
protected not only to save business but also national pride, he 
insisted. It will take another three months to completely control the 
damage done by the 'Yaha' virus if another attack, as feared by many, 
does not materialise, he claimed.

At present, out of 200 licensees, 65 Internet Service Providers 
(ISPs) are in the business, claims another owner.

For the last six months, he said, almost three companies are opting 
out of business every month because of this crisis. The threat 
assessment of the virus is the highest by any standards. By now, it 
has affected over 35 per cent revenue of the ISPs and damage to PCs 
could not be ascertained at this stage, he said. 

source: http://www.dawn.com/2003/05/02/nat18.htm