January 27, 2003

Cnet: Worm exposes laziness and Microsoft flaws

My spin: By now I'm sure you know a worm as affected many computer systems - world wide. HOWEVER, the question is how to protect computers against such attacks, is it even possible? Sure it is possible, however, is it realistic. There's so many viruses and hack attacks launched against computer systems. Many smaller businesses can not hire a full time data security administrator, much less fund an entire unit dedicated to it. Having said that, look at all the large businesses who have been hit by this worm!

news analysis The Sapphire worm that hit servers running Microsoft SQL this weekend was a wake-up call for anyone who thought the Internet had become a safer place following increased attention by corporate and government leaders.

In the largest such incident since the Code Red and Nimda worms swamped servers in 2001, the Sapphire worm--also known as Slammer and SQLExp--infected more than 120,000 computers and caused chaos within many corporate networks. Some Internet service providers in Asia were overwhelmed.

The small but malicious program rapidly exploited a six-month-old flaw in Microsoft SQL servers, underscoring a dirty secret in the IT industry: software bugs are common and administrators are slow to fix even widely publicized problems, said Johannes Ullrich, director of the security information site Incidents.org. (full story)

0 comments