After tying up email and online business for nearly three days, the attack
of the Slammer worm seems to be over.
“It’s over now. I really hope so,” says Mikko Hypponen, manager of
anti-virus research in F-Secure’s Helsinki, Finland office. “The worst
didn’t happen on Monday. I was a little bit worried about it. The peak in
the U.S. was much, much smaller than it was on Monday in Europe. It was
surprisingly worse in Europe.”
Security analysts from around the globe had worried that the opening of the
business week yesterday would bring on a new wave of the worm that had
slowed or halted Internet traffic throughout Asia, Europe and North America
over the weekend.
The Slammer worm, which takes advantage of a known
vulnerability in Microsoft Corp.’s SQL 2000 Web servers, disrupted business,
Web browsing, ATM banking and even some telephone service.
The worm, which still garnered F-Secure’s second-highest security alert,
spiked Internet traffic when business started in Europe yesterday and then
again when business commenced in the United States.
While Slammer doesn’t
damage the infected machine or delete or change files, it generates massive
amounts of network packets, overloading servers and routers, slowing down
network traffic — sometimes bringing it to a complete stop under the weight
of the attack.
Security analysts say they are not expecting any further spikes caused by
the Slammer worm. Various governments, which reportedly include the U.S. and
South Korea, are now tracking down whoever released the worm into the wild.
Initial investigations are pointing to the worm originating in China.
The Blame Game
And now that the Slammer, also known as Sapphire, is under control, analysts
and corporate IT managers are laying blame and trying to figure out how the
worm could cause such global disruption.
Slammer’s rampage was completely dependent on a known vulnerability going
unpatched. Microsoft released a patch for the problem last summer, but
obviously many network administrators did not install it, leaving an opening
for the attack to spread far and fast around the world.
Analysts also point out that many home users are running SQL on their
machines and don’t even realize it. The software often comes bundled in
third-party software packages, including games. If users don’t know it’s
there, they’re obviously not going to install needed patches for it.
But the bulk of the problem came from unpatched corporate networks. And
today talk is about who is at fault. Were network administrators negligent
or were they too overworked and understaffed to be able to manage the
situation properly? Are administrators not properly trained to distinguish
serious flaws out of the thousands of vulnerabilities that are discovered
every year? Is Microsoft to blame for releasing a patch too complicated to
install efficiently?
Security analysts say the answer lies in a combination of all of the above.
“Administrators are inundated with vulnerabilities and patches,” says Dan
Woolley, a vice president at Reston, Va.-based SilentRunner, Inc., a network
security company. “There are so many patches coming out on any given
system…you have to prioritize them. You can’t install them all. How do
you know what you’re supposed to do?”
And Woolley says the recent spate of layoffs and budget cuts is only adding
to the problem.
“If you don’t have as many people on staff, you have an increased number of
threats, and there are more and more patches coming out, you’re in a box,”
adds Woolley. “You put that all together and you have a very, very dangerous
environment. It all adds up to catch yah.”
A study of 200 business PC users, conducted yesterday by Sophos Anti-Virus,
shows that system administrators blame each other for the spread of the
Internet worm.
The poll shows that 64% say that system administrators who failed to install
the latest security patches are the most at fault. Another 24% blame
Microsoft for shipping buggy software.
Patch Flood
F-Secure’s Hypponen says Microsoft should share the blame with
administrators.
“Yes, Microsoft did do the responsible thing back in July when it announced
the hole and made the patch available,” he says. “The initial reaction is
that it’s all about lazy administrators. But it’s not that simple to install
Microsoft’s patch. It’s one of the most difficult patches to install. Many
administrators probably tried installing it and gave up or didn’t install it
right.”
Hypponen notes that this past Sunday, Microsoft shipped a new version of the
patch — a more simple version — because of complaints from the admin
community.
But MJ Shoer, president of Jenaly Technology Group, Inc., a Portsmouth,
N.H.-based outsourced IT firm, says the problem lies with the overwhelming
amount of vulnerabilities and corresponding patches that are continually
flooding the industry.
“It’s the age-old battle,” says Shoer, who notes that deciding which
patches to install is like an educated crap shoot. “Patches come out so
frequently, it’s like the boy who cried wolf… If you installed them all,
it would consume the day. You have to evaluate the patches that come out and
see what makes sense to apply right away and what makes sense to keep an eye
on.”
Huawei’s AI Update: Things Are Moving Faster Than We Think
FEATURE | By Rob Enderle,
December 04, 2020
Keeping Machine Learning Algorithms Honest in the ‘Ethics-First’ Era
ARTIFICIAL INTELLIGENCE | By Guest Author,
November 18, 2020
Key Trends in Chatbots and RPA
FEATURE | By Guest Author,
November 10, 2020
FEATURE | By Samuel Greengard,
November 05, 2020
ARTIFICIAL INTELLIGENCE | By Guest Author,
November 02, 2020
How Intel’s Work With Autonomous Cars Could Redefine General Purpose AI
ARTIFICIAL INTELLIGENCE | By Rob Enderle,
October 29, 2020
Dell Technologies World: Weaving Together Human And Machine Interaction For AI And Robotics
ARTIFICIAL INTELLIGENCE | By Rob Enderle,
October 23, 2020
The Super Moderator, or How IBM Project Debater Could Save Social Media
FEATURE | By Rob Enderle,
October 16, 2020
FEATURE | By Cynthia Harvey,
October 07, 2020
ARTIFICIAL INTELLIGENCE | By Guest Author,
October 05, 2020
CIOs Discuss the Promise of AI and Data Science
FEATURE | By Guest Author,
September 25, 2020
Microsoft Is Building An AI Product That Could Predict The Future
FEATURE | By Rob Enderle,
September 25, 2020
Top 10 Machine Learning Companies 2020
FEATURE | By Cynthia Harvey,
September 22, 2020
NVIDIA and ARM: Massively Changing The AI Landscape
ARTIFICIAL INTELLIGENCE | By Rob Enderle,
September 18, 2020
Continuous Intelligence: Expert Discussion [Video and Podcast]
ARTIFICIAL INTELLIGENCE | By James Maguire,
September 14, 2020
Artificial Intelligence: Governance and Ethics [Video]
ARTIFICIAL INTELLIGENCE | By James Maguire,
September 13, 2020
IBM Watson At The US Open: Showcasing The Power Of A Mature Enterprise-Class AI
FEATURE | By Rob Enderle,
September 11, 2020
Artificial Intelligence: Perception vs. Reality
FEATURE | By James Maguire,
September 09, 2020
Anticipating The Coming Wave Of AI Enhanced PCs
FEATURE | By Rob Enderle,
September 05, 2020
The Critical Nature Of IBM’s NLP (Natural Language Processing) Effort
ARTIFICIAL INTELLIGENCE | By Rob Enderle,
August 14, 2020
Datamation is the leading industry resource for B2B data professionals and technology buyers. Datamation's focus is on providing insight into the latest trends and innovation in AI, data security, big data, and more, along with in-depth product recommendations and comparisons. More than 1.7M users gain insight and guidance from Datamation every year.
Advertise with TechnologyAdvice on Datamation and our other data and technology-focused platforms.
Advertise with Us
Property of TechnologyAdvice.
© 2025 TechnologyAdvice. All Rights Reserved
Advertiser Disclosure: Some of the products that appear on this
site are from companies from which TechnologyAdvice receives
compensation. This compensation may impact how and where products
appear on this site including, for example, the order in which
they appear. TechnologyAdvice does not include all companies
or all types of products available in the marketplace.