Network worms and viruses have existed for well over 20 years. One of the first and famous worm programs to impact the Internet was the Morris Worm in November of 1988. This worm exploited vulnerabilities in the finger and sendmail programs. At that time the Internet consisted of approximately 60,000 hosts. This worm infected approximately 10% of the hosts and caused significant outages and slowdowns of mail servers across the net. In July of 2001 a new worm infection appeared that would significantly raise awareness of the threat posed by these malicious software programs along with the dramatic landscape change of the Internet.
An estimated 650 million hosts are today connected to the Internet hence a fundamental shift in the potential number of participants to propagate a worm. CodeRed spread quickly and became the most widespread and damaging worm to hit the Internet since the Morris Worm. An estimated total of 360,000 hosts were infected within a period of 14 hours. Two months after CodeRed another large-scale worm named NIMDA (ADMIN spelled backwards) impacted the Internet. More recently, the Internet saw the appearance of a new type of worm that infected the Internet at such a high rate that it was classified as a flash worm. The fast scanning rate of SQL Slammer in January 2003 was achieved because of its small size (single packet of 376 byte) as well as the fact that the worm was not TCP but UDP based (connectionless). SQL Slammer reached its full scanning rate of 55 million scans/sec within 3 minutes of the start of the infection and infected the majority of vulnerable hosts on the Internet within 10 minutes of the start of the infection with an estimated 250,000 - 300,000 infected hosts overall. Summer 2003 witnessed the infamous Blaster and January 2004 was the turn of MyDoom to impact Internet users.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.