Does the killer worm really exist?
Although worms can create media furor and disrupt business, to date they have adhered to a strange dichotomy: A given worm may spread rapidly or deliver a destructive payload -- but no worm has accomplished both tasks with equal aplomb.
SQL Slammer and SoBig.F, for example, tunneled voraciously through the Internet. On the other hand, the Magistr worm had a highly destructive payload but operated in a much smaller sphere. Luckily for enterprises and consumers alike, the two capabilities were not melded in a killer worm that could speedily traverse the Internet, destroying data as it spread.
Still, the threat appears to be reaching new heights. August 2003 was the worst-ever month for worm and virus attacks, thanks largely to the fast-replicating SoBig.F worm (though the Blaster worm also played a part). During the month, nearly 77 percent of all attacks were credited to SoBig.F, based on the number of infections confirmed through antivirus developer Central Command's Emergency Virus Response Team. According to Steve Sundermeier, vice president of products and services at Central Command, SoBig.F at its peak represented more than 72 percent of all e-mails sent.
[ Read more ]