[LINK] Web meltdown a non-event

Bernard Robertson-Dunn brd at iimetro.com.au
Mon Jul 9 17:14:59 AEST 2012

Web meltdown a non-event
Andrew Colley
Australian IT
July 09, 2012 4:34PM

Australian ISPs appear to have contained the impact of a computer virus 
that was expected to cause internet blackouts for thousands of customers 
earlier this afternoon. The blackout was expected to hit around 7500 
infected computers in Australian just after 2pm AEST when FBI-operated 
servers keeping them online were switched off.

However, the chaos anticipated at ISP service desks hasn't manifested 
and, at worst, the switch-off appears to have caused little more than 
modest increases in calls to ISPs.

iiNet chief technical officer John Lindsay said that just after 2pm he 
was alerted to a modest increase in waiting times on the ISPs customer 
help line. "That would suggest a few people have noticed they have a 
problem and called the helpdesk but we're not in the middle of a 
helpdesk meltdown or anything like that," Mr Lindsay said.

Telstra which estimated that around 2500 of the infected computers 
belonged to its customers has temporarily re-directed traffic from the 
machines to keep them online and buy more time for customers to solve 
the problem.

An Optus spokeswoman said that the carrier had noticed "nothing major" 
in its call centres by 4.15pm today.

The Australian Communications and Media Authority (ACMA) estimated that 
7500 Australian computers were still infected with or impacted by the 
virus just before the servers were shutdown in the US at midnight 
Washington time.

They were among an estimated 280,000 around the world yet to have 
removed the virus devised by an Estonian crime gang as part of an 
advertising scam over a year ago.

The virus, called "DNSChanger", hobbles computer internet connections in 
such a way that that rely on special servers the FBI set up late last 
year to keep them online.

The virus let the gang take control of websites the computers visited to 
inflate traffic to certain websites in support of the scam. Shutting 
down the servers instantly would have left the potentially millions of 
computers stranded.

Australian ISPs have been preparing for the shutdown for months and 
contacting customers whose computers showed signs that they were using 
the FBI's temporary servers.

The ACMA has been campaigning since March to warn internet users to 
check for the virus.

Information collected from the FBI servers indicated that most were 
connecting from home homes rather than businesses, ACMA's e-security 
chief Bruce Matthews said.

"We suspect that most of the infections are on home networks largely 
because of more effective control of corporate networks," Mr Matthews said.

Last week Optus said it had been warning customers to check their 
computers for the virus but didn't expect its impact on them to be 

According to the FBI, the number of computers that probably are infected 
worldwide is more than 277,000 worldwide, down from about 360,000 in 
April. About 64,000 still-infected computers are probably in the US.

In March, the ACMA set up websites that would allow Australian internet 
users to test whether they had the virus. It is urging Australians to 
visit dns-ok.gov.au.


Bernard Robertson-Dunn
Canberra Australia
email:   brd at iimetro.com.au
website: www.drbrd.com

More information about the Link mailing list