A Lesson From Virus History

Aug. 26, 2003

The last couple of weeks have been pretty rough for everyone who uses the Internet. Two different worms (Blaster & SoBig) struck our computers and networks. In additon to this, we saw a major power outage across the northeastern coast. "What next?" you might ask. Well, next we should look for an even worse worm problem. 

By looking at the history of the past few years and worm development a trend becomes quite clear. When a new type of worm shows up that exploits a system vulnerability, it isn't long before some nefarious hacker builds a better one. The worms of the past couple weeks weren't particularly destructive, but their siblings might be. An recent article in Information Week says, "Remember Code Red, the worm that wrecked havoc on the Internet in the summer of 2001? The one that actually caused the damage was Code Red II. It was an optimized variant of the original that swept through hundreds of thousands of vulnerable systems ... in a matter of hours." 

Another interesting point that a quick study of history supplies is this one: These secondary, damaging attacks all used the exact same way of 'getting into' systems as their non-destructive cousins. The lesson of this is clear - If you get hit with a worm or virus, apply the patch that stops similar attacks at once. Doing so will prevent the damaging variants that are certain to follow from getting at your precious data.