SQL slammer worm

The SQL slammer worm (also known as W32.SQLExp.Worm) was a highly damaging computer worm that spread on the internet in early 2003.[1]

How it worked

The SQL worm mainly attacked computers that had Microsoft SQL Server 2000 or Microsoft Desktop Engine 2000 on them. The worm also produces a Denial-of-Service attack on some websites and computers because it sends too much data.[1]

History

In June 2002, Microsoft released a patch that fixed the weakness that the SQL worm attacked. However, many people did not fix the weakness. In January 2003, the worm was released. Within ten minutes of its release, it had attacked and infected 75,000 internet servers. Bank of America was one of the largest companies affected by the worm. Many of its ATM's would not work for consumers. The damage got worse, and on January 25, 2003, the worm cause a global internet slowdown. The worm was reported to have interfered with 911 calls and was responsible for many canceled flights.[2]

Aftermath and damage

During its lifetime in 2003, the SQL worm caused about 1 billion U.S Dollars in damage.[3]

References

  1. 1.0 1.1 "Risk Detected".
  2. Erbschloe, Michael (2004). Trojans, Worms, and Spyware: A Computer Security Professional's Guide to Malicious Code. Elsevier. p. 47. ISBN 978-0-08-051968-5.
  3. "Counting the cost of Slammer".