Slammer Damage May Top $1 Billion
Digital attacks, including worms and viruses, have caused more than $8 billion in damages worldwide in January, a U.K. security firm reports, with the Slammer virus alone costing about $1 billion.
January attacks are at a record level, numbering close to 20,000 in just the first month of a year that analysts predict will see a widespread increase in security incidents.
At the present growth rate, 2003 is likely to be hit with more than 180,000 digital attacks worldwide, according to Mi2g's estimates. That's a big leap from 2002's numbers, which rang in at 87,525.
Last weekend's Slammer worm, which slowed or halted email, business and even ATM transactions around the globe, accounted for damages of $945 million to $1.15 billion, according to analysts at London-based Mi2g Ltd. This makes Slammer the ninth most-destructive worm or virus on record, Mi2g said.
Slammer, widely seen as an omen of worms to come this year, wreaked havoc for three days from Europe to North America and Asia. The worm hit the wild on Saturday, Jan. 25 and was quelled Monday, after network and security administrators around the globe installed the necessary patch that closed the hole the worm was crawling through.
The worm takes advantage of a known vulnerability in Microsoft Corp.'s SQL 2000 Web servers. Microsoft released a patch for it last summer, but obviously many companies and home users failed to install the patch, leaving their systems open for attack.
The worm, which doesn't damage the infected machine or delete or change files, generates massive amounts of network packets, overloading servers and routers, slowing down network traffic -- sometimes bringing it to a complete stop under the weight of the attack.
Security analysts say they are not expecting any further spikes caused by the Slammer worm. Various governments, which reportedly include the U.S. and South Korea, are now tracking down whoever released the worm in the wild. Initial investigations are pointing to the worm originating in China.
The report from Mi2g noted that Slammer interfered with emergency telephone systems, and disrupted five of the 13 root DNS servers, online airline ticketing systems, and credit card and ATM services.