Experts Warn Nimda Worm on the Wiggle

Internet security experts are warning computer users with Windows that they are vulnerable to a destructive new Internet worm, the Information Technology Association of America said Sept. 18.

The worm, known as W32.Nimda, clogs parts of the Internet, slows or stops Internet traffic for some users and may damage files on infected computers, ITAA said.

A worm is a program that replicates itself over a computer network and performs malicious acts, such as slowing down operations, by using up resources or shutting down a system.

The Nimda worm spreads in a variety of ways, including by e-mail, by network shares or through servers running Microsoft Internet Information Server. The e-mail worm is activated when a user opens an attachment with "readme.exe."

Nimda is "admin" spelled backwards, which is short for systems administrator.

Attorney General John Ashcroft said Sept. 18 that the worm, which appeared exactly one week after the terrorist attacks on New York and Washington, does not appear to have any connection to those events.

No information was available yet regarding the extent of damage caused by the worm to either U.S. businesses or government. The worm is so new and traveling so fast that Internet security companies have not yet been able to compile how many sites it has infected, said Allen Schoenberg, corporate affairs manager at Internet Security Systems Inc. of Atlanta.

For preventive measures, ITAA suggests users go www.cert.org/advisories/CA-2001-26.html.