The folks at CAIDA, the Cooperative Association for Internet Data Analysis, have posted a very intriguing analysis of the Sapphire SQL Server worm that overran the internet a few weekends ago. Basically they say this is the first confirmed example of a rapidly spreading worm, it infected 90% of the hosts within 10 minutes of being released. What was previously a theoretical possibility is now a potential reality: the internet could be seriously damaged by a worm before any person would have a chance to react. The Spread of the Sapphire/Slammer Worm
Working on security policies for an IT organization has convinced me that the biggest threat to computer security remains the people who manage the systems. If they don’t have the processes or the resources to patch the servers they administer such worms will become more frequent.
On a side note the CAIDA web site has some of best large scale visualizations of the internet available.
