worm blog: The strange decline of computer worms

« Optimal Control of Treatment Costs for Internet Worm | Main | Corporate Guideline in Eradication of Nachi Worm »

The strange decline of computer worms

It sounds like some people think the worm problem is going away, or at least changing dramatically. At the 2005 WebSec conference, Mikko Hyppönen, from F-Secure, gave his perspective in a panel on Tuesday.

Mikko Hyppönen, director of anti-virus research at F-Secure, said that with the single exception of the Santy worm (which targeted vulnerable PHP installations) little new has been seen of computer worms since the May 2004 outbreak of Sasser. The hiatus follows a string of high-profile worm outbreaks including Blaster, Nimda, Slammer, Welchi and Code Red over recent years. The decrease in computer worms noted by F-Secure ironically comes at the same time many vendors, such as HP, Cisco, Check Point and others, are aggressively marketing worm-throttling technology.

Source: The strange decline of computer worms, by John Leyden, from Thursday 17th March 2005.

This sounds more like marketing and media spin to me. After all, various people concluded that 2004 was one of the most dramatic years for the worm yet. This problem doesn't go away overnight. Looking at it another way, malware authors are getting stealthy, and their tecyniques are changing. So, the conclusion that the worm problem is going away seems premature. More people are concerned about the IM worm problem than before based on recent activity, and mass mailers are just as popular as they've ever been.

March 20, 2005 in media | Permalink
Tell others: digg submit | del.icio.us this | Reddit

Comments

Oh where oh where have all the worms gone! Maybe it depends how you define a "new" worm. There are a huge number of new varients of existing malware (e.g. SDBot/AgoBot). Perhaps the worms have all gone open-source so all we get are forks of existing worms, not "new" ones.

Posted by: Evan | Mar 20, 2005 8:34:54 PM

The Internet "worm problem" started in 1988, so no, the threat is not gone. What's happened is that the bad guys have locked on to the fact there is money to be made compromising systems and people. Worms don't make money, they are really really loud and really really obvious. Y'all are *way* too hung up on worms; the criminals are past it, and you should be too.

Posted by: Kevin | Mar 21, 2005 7:44:55 PM

The comments to this entry are closed.