STRATEGIC PARTNERS
January 26, 2003
CHARLOTTE, N.C. -- At least one bank's ATM system was affected by a fast-spreading computer worm that dramatically slowed Internet traffic around the world on Jan. 25, and blocked financial and telephone services across North America.
And it was a big one. In published reports, Bank of America confirmed that many of its customers could not use the bank's 13,000 ATMs.
BofA spokeswoman Lisa Gagnon said that many, if not a majority, of its ATMs were back online by mid-afternoon and that the automated banking network would recover by late Jan. 25.
"We have been impacted, and for a while customers could not use ATMs and customer services could not access customer information," Gagnon said. She said that the worm did not cause any damage to customer information, but slowed down or blocked access to it, making transactions difficult.
Other banks also struggled with the effects of the worm, said Suzanne Gorman, chairman of the Financial Services Information Sharing and Analysis Center, which represents some of the nation's largest financial services companies.
"There were a lot of our members affected by this," said Gorman, who declined to give more details.
The FBI was searching for the origin of the attack, which experts variously dubbed "Sapphire," "SQL Slammer" or "SQ Hell." Some security researchers noted that software unleashed in Jan. 25's attack bore striking resemblance to blueprints for computer code published weeks ago on a Chinese hacking Web site by a person who calls himself Lion. An FBI spokesman said he couldn't confirm that.
The attack also resembled the Code Red virus that struck the Internet during the summer of 2001.
The SQL Slammer attacked computer servers run on Microsoft Windows 2000 SQL software.
The attack could easily have been prevented, according to security specialists. The worm exploited a weakness in Microsoft servers that was discovered six months ago, when the company issued a free patch that would have closed the door on the worm.
