Computerworld - It has been said that we're all but food for the worms. In the rush to create a worldwide network, we have once again rendered ourselves food for worms, albeit an entirely different kind of worm, in a situation not nearly so bleak as death.
However, an examination of the events of last winter—the onset of the SQL Slammer worm on Jan. 25, 2003, and the global outbreak of the SARS virus in late February—exposes an equally disturbing parallel.
On Jan. 25, the SQL Slammer worm ravaged the Internet (see story). The emergence of Slammer marked a watershed moment in the evolution of information security and the Internet. Its repercussions were felt not only by the online community, but also by the general public. For the first time, people without an e-mail address, Web access or even a computer felt the effects of a new class of Internet threat.
Similarly, the SARS virus has infected many people with no connection to its source. SARS managed to traverse the globe in a relatively short time with deadly results. Like Slammer, SARS afflicted people whose everyday lives remained outside the virus's "hot zone" and posed an immediate threat to the general public.
Most eerie is what enabled both SQL Slammer and SARS to present such a threat. Though SARS infected people and SQL Slammer crashed computer networks, observing their similarities provides insight for both security professionals and health officials.
 |   |
| Dan Ingevaldson, engineering manager of Internet Security Systems' X-Force Research and Development unit, played a key role in the discovery and identification of the SQL Slammer worm. In his role as a dedicated security researcher, he has led teams responsible for the discovery of several high-profile vulnerabilities. |
Like SARS, Slammer displayed characteristics of some of its predecessors. Slammer, and the earlier Code Red and Nimda worms, shared the same modus operandi. Although they weren't directly destructive—they didn't reformat hard drives or trash files—each reportedly infected 200,000 to 300,000 unique computer systems worldwide. However, there was one key difference with Slammer: It crossed the digital divide into the mainstream. With SQL Slammer, suddenly worms were no longer virtual creations that only disrupted connected businesses and people surfing the Web or checking their e-mail. In a moment's time, people who didn't know or care about the Internet could feel the effects of a malicious cyber worm.
Free Insider GuideCopyright © 1994 - 2012 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.
