'Sasser' Worm Disrupts Asian Computer Networks

The fast-spreading "Sasser" worm ravaged 1,600 computers in Taiwan's postal service and infected hundreds more in Hong Kong, but the virus-like global attack might have been temporarily delayed Tuesday in other parts of Asia as companies and homes left their computers switched off during long holidays.

Sasser (search) — which also struck large U.S., German and British firms — infects computers by exploiting a flaw in Microsoft Corp.'s Windows operating system. Once inside, the worm scans the Internet for others to attack, causing some computers to continually crash and reboot.

So far, Taiwan has reported the most damage in Asia. The worm snarled the postal service's computer system Monday, forcing about 430 — or one-third — of the branch offices to shift to manual service.

The island's postal service — which also offers banking services — said the worm hit 1,600, or 12 percent, of its computers, disrupting postal account transfers, remittances and withdrawals. But automated teller machines worked normally, and there was no danger of private information being leaked in the attack, the company's Web site said.

By Tuesday, the state-run firm said that service has returned to normal.

Sasser spreads faster than most viruses because it does not require users to click on an e-mail attachment to activate it. But there have been no reports of Sasser causing any permanent damage to files or machines.

In Hong Kong, Sasser wormed its way into two government departments, said Amy Tam, spokeswoman of the Information Technology Services Department. Tam, who declined to identify the infected departments, said the virus has been contained.

Computer systems at some public hospitals in Hong Kong were also affected, but most have recovered, Hospital Authority Connie Lau said. Patients' records and other data were not affected, she added.

Roy Ko, head of the government-funded Hong Kong Computer Emergency Response Team Coordination Center (search), said his center received 389 reports of infection between Saturday and Tuesday morning.

Individual users were worse hit than companies, which constitute about a third of the infections reported, Ko said.

Several major computer-using nations — like Japan, Thailand and India — reported little or no damage as people celebrated national holidays and left their computers off.

Japan's National Police Agency posted a warning on its Web site, expressing concern that Sasser might spread after the "golden week" holiday, which began last Saturday and ends Wednesday.

The agency urged computer users to install antivirus software and take other precautions. Computer software companies, such as Symantec, Trend Micro and Network Associates, also issued a warning.

Thailand and India were also celebrating a national holiday — the Buddha's birth — so the extent of any attack was not clear.

"We have received reports from some of our customer companies that they have been hit by the Sasser worm. But we don't know the intensity and spread of the attack in the country," said Niraj Kaushik, country manager for Trend Micro India (search), a subsidiary of the Tokyo-based antivirus company Trend Micro.

In Singapore, Charles Cousins, managing director of Sophos Antivirus Asia, doubted that Sasser would hit corporations as hard as the Blaster virus did last August.

Both viruses infect computers by e-mail, and Cousins said last year's experience with Blaster has made companies more cautious.

He added, "Sasser will be very frustrating for home users but unless corporations are very, very lax, it will not have an effect on them."