The Big Lessons of a Little Worm
While the chaos caused by the Slammer worm on Saturday, Jan. 25 has subsided, the tiny program that gummed up the Internet leaves some painful insights into the immense damage a voracious invader can inflict -- not only on its direct targets but to secondary ones as well. Above all, Slammer, which infected the ubiquitous Microsoft database software used to manage corporate information, was a further demonstration of just how vulnerable the Internet remains.
In this case, not using Microsoft software or products that rely on Redmond's databases was no guarantee. On the North American Network Operators list-serv, a bulletin board for network engineers, a slew of frustrated posts complained that, even after the switches and routers that serve as network traffic cops were reprogrammed to ignore Slammer, the sheer volume of worm traffic continued to bury networks. Unlike a virus, a worm doesn't require e-mail to replicate and transmit itself into other systems.
Telephone service, ATM networks, and crucial communications linkages that depend on the Net were knocked out. And while that was bad enough, things might easily have been much worse. "If it had been Monday morning, you would have had not just the tech industry buzzing -- I think you would have been talking about serious collateral damage," says Tom Ohlsson, vice-president for network-monitoring services provider Matrix NetSystems in Austin, Tex.
[ Read more ]
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.