When Robert Morris unleashed the first self-propagating worm on the Internet in 1988, the state of the art in network security was callback modems, authentication servers such as Kerberos and challenge-response protocols. Technologies such as firewalls, IDS and commercial anti-virus software were still years away.

Experts estimate that within a day, Morris' Internet Worm infected approximately 6,000 machines—a huge percentage of the computers connected to the Internet at the time—and cost users as much as $10 million in downtime and cleanup. By contrast, last year's Code Red worm, a direct descendant of Morris' creation, infected more than 500,000 servers and caused $2.6 billion in damages, according to Computer Economics Inc., in Carlsbad, Calif.

As Internet use has exploded over the past several years—with thousands of users joining the network every day—security vendors have scrambled to keep up. They have made tremendous advances in many areas: We now have intrusion detection system software capable of recognizing and repelling new attacks before they hit a network, cloaking software that can make a given PC invisible to outside attackers and military-grade encryption products available for free.

[ Read more ]