KL’s Airport Gets Infected

image

If there’s one place you hope you won’t get infected by a computer virus, it’s an airport.

It’s not just that the virus may fiddle with your departure times; it’s the wider possibility that the virus may have infected more sensitive parts of the airport: ticketing, say, or—heaven forbid—flight control.

Kuala Lumpur International Airport—Malaysia’s main international airport—was on Friday infected by the W32.Downadup worm, which exploits a vulnerability in Windows Microsoft patched back in October. The worm, according to Symantec, does a number of things, creating an http server on the compromised computer, deletes restore points, downloads other file and then starts spreading itself to other computers.

image

Enlargement of the photo above. The notification says Symantec Antivirus has found the worm, but has not been able to clean or quarantine the file.

KL airport clearly isn’t keeping a tight rein on its security. The virus alert pictured above is at least 12 hours old and the vulnerability it exploits had been patched up a month before. Says Graham Cluley of UK-based security software company Sophos: “What’s disturbing to me is that over a month later, the airport hasn’t applied what was declared to be an extremely critical patch, and one which is being exploited by malware in the wild.”

What’s more worrying is that this isn’t the first time. It’s the first time I’ve noticed an infection on their departures/arrivals board, but one traveller spotted something similar a year and a half ago, with a Symantec Antivirus message popping up on one of the monitors. I saw a Symantec Antivirus message on one monitor that said it had “encountered a problem and needs to close”, suggesting that the worm had succeeded in disabling the airport’s own antivirus defences:

image

So how serious is all this? Cluely says: “Well, it’s obviously a nuisance to many people, and maybe could cause some disruption.. but I think this is just the most “visible” sign of what may be a more widespread infection inside the airport.  I would be more concerned if ticketing and other computer systems were affected by the same attack.”

He points to computer viruses affecting other airports in recent years: In 2003, Continental Airlines checkin desks were knocked out by the Slammer worm. A year later, Sasser was blamed for leaving 300,000 Australian commuters stranded, and BA flights were also delayed.

For me, the bottom line about airports and air travel is confidence. As a traveler I need to feel confident that the people deciding which planes I fly and when are on top of basic security issues. And that doesn’t mean just frisking me at the gate. It also means keeping the computer systems that run the airport safe. This is probably just sloppy computer habits but what if it wasn’t? What if it was a worm preparing for a much more targeted threat, aimed specifically at air traffic?

(I’ve asked KL International Airport and Symantec for comment.)

Opera Offers Support for BitTorrent

Opera has today launched a ‘technical preview’ version of its browser that includes support for BitTorrent, the protocol for distributing files via peer-to-peer that utilises both downstream and upstream bandwidth and spreads the load among different servers. As far as I know this is the first mainstream program that offers inbuilt support for what could become an increasingly controversial medium (please correct me if I’m wrong, but I know of no Firefox plugin for BitTorrent files).

The press release explains as follows:

Oslo, Norway – July 7, 2005: Opera Software today launched a technical preview (TP) of the Opera browser for Windows, Linux and Mac that includes support for BitTorrent. Integrating this popular file-downloading technology in the Opera browser offers the end user a faster download process by utilizing full bandwidth and reducing the chance of in-transfer delay when multiple users download the same file.

Its BitTorrent Resource page explains that Opera treats BitTorrent as just another protocol, like FTP and HTTP. This is not Opera turning browser users into BitTorrent hosts:

By offering BitTorrent in a technical preview of its browser, Opera seeks to broaden the appeal of downloading legal torrent files. Opera does not encourage the use of BitTorrent, FTP and HTTP protocols for downloading illegal, copyright infringing material.

I must confess I haven’t used BitTorrent a lot, but it clearly is popular and has huge potential. Part of the reason I haven’t used it too much is that the software I’ve used, tho simple, isn’t quite as intuitive as one would like, so the idea that the browser might make it as easy as downloading an ordinary file might propel usage into the mainstream.