03 May 2004
Did Sasser worm strand 300,000 train travellers? Sophos reports
According to Australian media reports, the new Sasser internet worm may be
being blamed for 300,000 train travellers being stranded in Sydney
yesterday.
A failure of Sydney's train radio network left many railway
stations closed, with only 20% of trains running.
RailCorp apologised for the inconvenience to customers,
explaining that it could have been the Sasser worm which disrupted
communications between train drives and signal boxes.
"It could very well be a matter related to a virus getting into
the system," said Vince Graham, CEO of RailCorp, "There's no
evidence that hacking is an issue here, the viral infection could
very well have been introduced by our own people not taking
sufficient care."
"It's hard to know whether the Sasser worm was responsible for
the disruption to the Australian railway system this weekend," said
Graham Cluley, senior technology consultant for Sophos. "What is
clear is that all companies should put measures in place to
properly secure their systems from Sasser and other malicious
attacks."
About Sophos
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.