The Big Lessons of a Little Worm
While the chaos caused by the Slammer worm on Saturday, Jan. 25 has subsided, the tiny program that gummed up the Internet leaves some painful insights into the immense damage a voracious invader can inflict -- not only on its direct targets but to secondary ones as well. Above all, Slammer, which infected the ubiquitous Microsoft database software used to manage corporate information, was a further demonstration of just how vulnerable the Internet remains.
In this case, not using Microsoft software or products that rely on Redmond's databases was no guarantee. On the North American Network Operators list-serv, a bulletin board for network engineers, a slew of frustrated posts complained that, even after the switches and routers that serve as network traffic cops were reprogrammed to ignore Slammer, the sheer volume of worm traffic continued to bury networks. Unlike a virus, a worm doesn't require e-mail to replicate and transmit itself into other systems.
Telephone service, ATM networks, and crucial communications linkages that depend on the Net were knocked out. And while that was bad enough, things might easily have been much worse. "If it had been Monday morning, you would have had not just the tech industry buzzing -- I think you would have been talking about serious collateral damage," says Tom Ohlsson, vice-president for network-monitoring services provider Matrix NetSystems in Austin, Tex.
[ Read more ]
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.