States are reeling from Nimda infections

States are reeling from Nimda infections

Many states are cleaning up damage from the latest computer worm, Nimda. Some officials said Nimda was much worse than the Code Red worm they dealt with in July.

Connecticut, Idaho, Mississippi, Montana, Ohio, North Carolina and Rhode Island reported infections as early as Tuesday that forced IT managers to shut down networks and Internet and e-mail access for at least part of the next two days.

The worm affects platforms running any Microsoft Windows operating system. Code Red attacked only servers running Microsoft's Internet Information Server software.

The CERT Coordination Center has said Nimda (admin spelled backwards) spreads from client to client via e-mail, network sharing or browsing of compromised Web sites, and it can exploit back doors left by Code Red. Nimda modifies Web documents and certain executable files on the systems it infects. It replicates itself to fill all available disk space.

That renders the infected systems useless, Rhode Island chief technology officer Howard Boksenbaum said.

Mississippi state workers had no e-mail or Internet access for almost 24 hours. Rhode Island took its systems down for about three hours yesterday, and two sites still are not back up.

'We started to see an unusually high amount of traffic on the Web, and we knew something was wrong,' said Jimmy Webster, network manager for Mississippi. 'We needed time to clean and patch the systems. So much of what we do is Internet-based, we didn't want to continually infect our systems or others.'

Webster said he installed a filter in front of the state's firewall on a Series 7500 router from Cisco Systems Inc. of San Jose, Calif., as the main defense against the worm. He then used vendor-supplied patches to cleanse PCs and servers.

Rhode Island officials took similar actions, Boksenbaum said.

'We installed the patch and had e-mail back up by 4 p.m. Wednesday,' he said. 'But we have massive infections on desktop PCs, and [they are] infecting other PCs. We have technical people going desk to desk cleaning them up.'


  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected