X

Worm woes boost traffic to security sites

The dreaded Code Red is having a predictable upside for some technology companies: As panic over the worm mounts, traffic to major security sites surges.

2 min read
The dreaded Code Red worm is having a predictable upside for some technology companies: As panic over the worm mounted, traffic to major security sites surged.

Ratings from Nielsen/NetRatings show that traffic to the sites for antivirus software makers McAfee and Symantec rose sharply during the past four weeks, when the first round of Code Red began attacking servers.

Traffic to McAfee.com skyrocketed 125 percent in the past four weeks, and the number of visitors jumped 37 percent in one two-week period. An estimated 1.1 million visitors checked out the site during the week ended July 29, compared with 839,000 the preceding week.

Symantec.com traffic surged 122 percent in the past four weeks, and the number of site visitors jumped 56 percent in one two-week period. More than 1.2 million unique visitors logged onto Symantec.com during the week ended July 29, compared with 808,000 visitors the preceding week.

Although small spikes to security sites during worm outbreaks are common, the big boosts are surprising: Relatively few consumers are at risk in the Code Red outbreak or need to download security patches from such sites.

Code Red mainly attacks networked corporate computers running on Windows NT and Windows 2000 systems and using Microsoft's Internet Information Server (IIS) Web server software. Few home PC users with dial-up Internet connections are in danger.

The worm remains active between the first of the month and the 28th, when it goes into hibernation. While the worm does not reactivate itself automatically, any computer vandal sending a copy of the worm once the active period begins--most recently at midnight GMT Aug. 1, or 5 p.m. PDT July 31--would start a new round of infections. On the 20th of the month, the worm is programmed to switch to attack mode and barrage an Internet address originally associated with the White House Web site with large packets of data.

The sites got additional boosts from the SirCam e-mail worm, which debuted two weeks ago and has been a much bigger headache than Code Red for home PC users. The worm wreaks havoc by scouring hard drives for documents to send to strangers.

Thirty percent of Symantec.com's audience accessed the page featuring security updates about SirCam and an automated tool for removing the worm. Nearly 17 percent of McAfee's audience visited its SirCam help center.