“Gah!” Owen Maresh almost choked when the Priority 1 alert popped up on his panel of screens just after midnight on Saturday, January 25. Sitting inside Akamai’s Network Operations Control Center, the command room for 15,000 high-speed servers stationed around the globe, he had a God’s-eye view of the Internet, monitoring its health in real time. His job was to watch for trouble spots and keep Akamai’s servers – and the sites of its clients like Ticketmaster and MSNBC – open for business. This was big trouble. Maresh had spent two years in front of the console, but, he says, “I had never seen anything like that.” Fifty-five million meaningless database server requests were traversing the globe – and one of Akamai’s Hong Kong locations was caught in the crossfire. Maresh was the first person on earth to spot the Internet worm that came to be known as Slammer. Slammer’s attack was ruthless and quick, spreading hundreds of times faster than the Code Red virus or Nimda worm. Yet it started with a single killer packet. The tiny worm hit its first victim at 12:30 am Eastern standard time. The machine – a server running Microsoft SQL – instantly started spewing millions of Slammer clones, targeting computers at random. By 12:33 am, the number of slave servers in Slammer’s replicant army was doubling every 8.5 seconds. Full Story
About OODA Analyst
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.