We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Remembering Slammer on its anniversary

A new generation of worm

Cash machines frozen, airlines and hospitals reverting back to old-fashion paper forms to track patients. This was the scene on 25 January 03, shortly after the Slammer worm appeared and quickly began spreading around the world, flooding computer networks with worm-generated traffic and knocking vital database servers offline.

One year after it appeared, the Slammer worm is being remembered as a watershed moment in the life of the internet: the sudden appearance of a new type of malicious code that could spread worldwide in minutes.

Slammer used a known buffer overflow in Microsoft's SQL Server database to spread across the world in approximately ten minutes, doubling the number of computers it infected every 8.5 seconds. According to a study of the worm's outbreak published by the Cooperative Association for Internet Data Analysis (CAIDA), a new system was infected every 37 minutes.

A year on its impact is still being felt. Corporations and vendors have changed policies, increased vigilance to internet threats, and worked to foster better security from Microsoft.

Slammer exposed previously unknown interdependencies that were thought to be separate from the internet, says Alan Paller, director of research at the Sans Institute.

"People realised that all the things that we didn't think were connected to the internet actually were," Paller says. "If your routers are connected to the internet and they're full, nothing can flow, so an outage of internet connections is an outage of the entire internet infrastructure."

The aftermath of the Slammer outbreak brought sweeping changes at Microsoft to improve the security of its products, with increased vulnerability assessments and penetration testing of its products and deployment of new automated tools to inspect product code for security holes.

IDG UK Sites

How to get a free EE Power Bar: Mobile and broadband customers eligible for free smartphone charger

IDG UK Sites

Why Netflix won't terminate your account for using a VPN, probably

IDG UK Sites

Forever 21 denies pirating Adobe, Autodesk and Corel software, accuses companies of 'bullying'

IDG UK Sites

New Apple TV 2015 release date rumours: Apple's WWDC invite shows Apple TV