Hacker attacks target Windows NT computers

Microsoft downplays connection to Gates' testimony

March 4, 1998

Web posted at: 9:31 p.m. EST (0231 GMT)

SEATTLE (CNN) -- Hacker attacks caused thousands of computers that use a type of Microsoft operating system to crash this week, and the company is offering its customers a "patch" to prevent further such incursions.

Among those victimized by the attacks were NASA, the Massachusetts Institute of Technology, the U.S. Navy and the University of California at Berkeley. There were no reports that any data was lost or stolen.

The attacks began Monday night, targeted at computers with Internet access that use Windows NT, a popular operating system for large computers and networks. They continued Tuesday and Wednesday.

On Tuesday, Microsoft Chairman Bill Gates appeared before a congressional committee to defend his company against charges that it has created an unfair monopoly in the software industry. Company officials downplayed any possible connection between the attack and Gates' testimony.

"All the major operating systems are attacked from time to time over the course of the year," said Ed Muth, Microsoft's security manager.

The hackers apparently preyed on the computer systems by sending a barrage of invalid data to them via the Internet. The computers then devoted more and more of their memory and processing power to the invalid data until they crashed, said Craig Huckabee, research associate at the University of Wisconsin's computer lab, where more than 160 computers were hit.

"It seems to be a prank sort of thing," he said. "It could be just to draw attention to Windows NT or some of the failures in Microsoft products. I don't know."

Users of the computers were confronted with the so-called "blue screen of death," which appears with an error message when Windows crashes. The only solution was to restart the computer.

Individual users -- those not hooked up to a network -- were probably immune from the attack because they were insulated by their Internet service provider, Muth said. He also said the attack only affected computers directly connected to the Internet.

"All of the systems that have more sensitive data are typically insulated form the Internet by proxy servers or firewalls," he said. "It would be very bad data processing practice not to do that."

To fight any future similar attacks, Microsoft is urging its customers to download a software "patch" that would prevent computers from reacting to the flawed data. That patch has been available since January.

Reuters contributed to this report.