News

Group Estimates Slammer Damage at $1 Billion

A U.K.-based security firm is estimating that economic damage from the SQL Slammer worm is already over $1 billion, making it the ninth most damaging malware attack yet in the firm's estimation.

MI2g released the billion-dollar estimate on Thursday, which was an upward revision of a figure the group released earlier in the week. "It has also jumped in ranking from number 13 a few days ago to number 9 in terms of the worst malware attacks recorded by the mi2g Intelligence Unit," an mI2g spokeswoman said in a statement.

By mI2g's reckoning, Klez and Love Bug have been the most damaging viruses or worms to date by a large margin. Klez caused between $8 billion and $9.9 billion in damage; Love Bug, between $7.8 billion and $9.6 billion. Coming in third is SQL Slammer's distant cousin, Code Red, at an estimated $2.4 billion to $2.9 billion in damage. Other members of the billion-dollar club, in order, are Yaha, SirCam, BugBear, Mafia Boy and Melissa.

SQL Slammer exploits a vulnerability in SQL Server 2000 and MSDE 2000 that was patched by Microsoft six months ago. It flooded the Internet with traffic starting early Saturday morning. Tens of thousands of hosts were infected. Although many servers were patched over the weekend, the problem resurfaced as users booted up desktop systems to start the work week.

The MSDE is installed in many desktop applications, including some versions of Office XP, Visual Studio, Visio, Visual FoxPro and many non-Microsoft products.

The memory-resident worm, also known as Sapphire and SQL Hell, caused denial of service conditions on some machines, while slowing the Internet generally, especially in the United States and South Korea. The worm did not carry a destructive payload.

The worm took advantage of vulnerabilities in the SQL Server Resolution Service, fixed on July 24, 2002, in a patch distributed with Microsoft Security Bulletin MS02-039. Microsoft's security team recommended that users update their systems with Microsoft Security Bulletin MS02-061, released in October, because the more recent patch is a cumulative patch that includes the fixes in MS02-039 and other critical fixes. SQL Server 2000 Service Pack 3, released Jan. 17, are protects systems from the flaw exploited by the worm.

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.

Featured

  • MIT Finds Only 1 in 20 AI Investments Translate into ROI

    Despite pouring billions into generative AI technologies, 95 percent of businesses have yet to see any measurable return on investment.

  • Report: Cost, Sustainability Drive DaaS Adoption Beyond Remote Work

    Gartner's 2025 Magic Quadrant for Desktop as a Service reveals that while secure remote access remains a key driver of DaaS adoption, a growing number of deployments now focus on broader efficiency goals.

  • Windows 365 Reserve, Microsoft's Cloud PC Rental Service, Hits Preview

    Microsoft has launched a limited public preview of its new "Windows 365 Reserve" service, which lets organizations rent cloud PC instances in the event their Windows devices are stolen, lost or damaged.

  • Hands-On AI Skills Now Outshine Certs in Salary Stakes

    For AI-related roles, employers are prioritizing verifiable, hands-on abilities over framed certificates -- and they're paying a premium for it.

Most   Popular