Rhode Island pulls plug on its Web sites overnight

Rhode Island pulls plug on its Web sites overnight

Fear and uncertainty of what the Code Red worm might do to their systems prompted Rhode Island officials to shut down all state Web sites for 12 hours Tuesday night.

The virus, which reappeared at 8 p.m. EDT yesterday, attacks only computers running Microsoft Windows NT 4.0 or 2000 and Internet Information Server versions 4.0 or 5.0.

Rhode Island technical personnel installed patches provided by Microsoft Corp., but officials still believed there was enough risk to validate shuttering all state sites until 7 a.m. today. In all, more than 60 sites went blank overnight.

'The impression we got from our sources didn't give us enough confidence not to shut down our Web servers,' said Howard Boksenbaum, state chief technology officer. 'Our Web servers perform other functions, and we didn't want the worm to bring those functions down, too. We just didn't want to take any chances.'

Other states, such as Michigan and West Virginia, kept technical staff on standby in addition to installing the patch. But neither state's systems shops considered shutting down Web sites.

'We made sure our computers were protected as best we could,' said George Boersma, Michigan chief information officer. 'We spent a lot of time and effort over the past few weeks making sure we were prepared.'

Rhode Island, Michigan and West Virginia did not report any Code Red problems.

Boksenbaum added that this was the first time Rhode Island had shut down its sites, having never considered doing so before.

The last time any state turned off its Web sites was for the year 2000 rollover, said Thom Rubel, program director for state information technology at the National Governors Association.

'We don't have a lot of resources and don't have the staff to rebuild our sites if something happens,' Boksenbaum said. 'We would rather have been down for 12 hours than been down for who knows how long. We were conservative and cautious.'

inside gcn

  • security compliance

    Security fundamentals: Policy compliance

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group