RealNews

Dawn of the Superworm

Experts warn that the Slammer worm is a harbinger of worse strains to come. The attack came swiftly and without warning. At 12:30 a.m. eastern standard time, January 25, a single packet of data containing the Slammer worm began spreading across the Internet. Within 10 minutes the worm reached 90 percent of the Net and infected more than 75,000 machines. At its peak 30 minutes later, it disrupted one out of five data packets. The result: service blackouts, canceled flights, and disabled ATMs. Next time around, we might not be so lucky. Slammer (also called Sapphire or SQL Hell) was a piece of code about the length of the first paragraph of this story. It created havoc but destroyed no data, and network managers could easily stop it by blocking a port or turning off an infected server, say security experts. Like Nimda and Code Red before it, Slammer was probably just an experiment rather than a deliberate attempt to hobble the Internet, says Ryan McGee, product marketing director at McAfee Security in Santa Clara, California. Nevertheless, all three experiments were “successes.” And that success is likely to encourage cyberterrorists to build new “superworms” that blend the most potent features of proven worms, and to then use them against specific targets or even as weapons of cyberwar, analysts say. Full Story

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.