Future landscape of Internet worms
Wired: Gathering ‘Storm’ Superworm Poses Grave Threat to PC Nets, by Bruce Schneier.
Thanks to Digg for finding this.
I’ve read some of Bruce’s work from time to time for over 8 years and have always been impressed with his work in cryptography and security. The interesting points in this article include things like
“Not that we really have any idea how to mess with Storm. Storm has been around for almost a year, and the antivirus companies are pretty much powerless to do anything about it.“ – Bruce Schneier [Wikipedia Bio / Bruce's Website]
And a link from the post to the author of an analysis of Storm’s (the name of the Worm) potential, leads us to:
“It is worth mentioning that multiple DDoS attacks have occurred in the December and January timeframe, targeted at anti-spam sites and anti-rootkit software developers. An attack was even launched against the personal website of the author of this analysis, in retaliation for research into botnet-controlled pump-and-dump stock spam. These attacks have been determined to be from no fewer than three independent and unrelated botnets. We see now the spam war is escalating to new levels. It could be that the spammers have been emboldened by the successful attack on BlueFrog last year, which shut down a service that was affecting the spammers’ ability to conduct their “business.” With no repercussions from that attack, or even older attacks which shut down certain DNS blocklists, it seems that more spammers are willing and able to attack anyone who threatens their profit potential.” – Joe Stewart
I’ve always thought that the design of a worm or virus that does damage is self defeating, as Bruce points out:
“Old style worms — Sasser, Slammer, Nimda — were written by hackers looking for fame. They spread as quickly as possible (Slammer infected 75,000 computers in 10 minutes) and garnered a lot of notice in the process. The onslaught made it easier for security experts to detect the attack, but required a quick response by antivirus companies, sysadmins and users hoping to contain it. Think of this type of worm as an infectious disease that shows immediate symptoms.
Worms like Storm are written by hackers looking for profit, and they’re different. These worms spread more subtly, without making noise. Symptoms don’t appear immediately, and an infected computer can sit dormant for a long time. If it were a disease, it would be more like syphilis, whose symptoms may be mild or disappear altogether, but which will eventually come back years later and eat your brain.” – Bruce Schneier
Talk like this always wants me to go in to the cryptography and security industry. A challege like this (to thwart the constant evolution of destructive or disruptive software) would be exciting. Perhaps if my career moves more towards networking it would be possible to pursue this at some future point in my life, but to do so now would be such a huge change in direction for my career track that I would be entry level at best.
If you enjoyed this post, please consider to leave a comment or subscribe to the feed and get future articles delivered to your feed reader.
Comments
No comments yet.
Leave a comment