Saturday, June 18, 2011

Nimda Virus

In the months before and after September 11, 2001, the United States was bombarded with a series of cyber attacks. A group of criminals exposed vulnerabilities in the Microsoft operating system, and created a buffer overflow virus, which executed arbitrary code and infected hundreds of thousands of computers. By July 19, 2001, the amount of infected hosts reached over 350,000 zombies. A series of separate viruses named Code Red I and Code Red II crippled valuable servers and made calculated attacks on US government computers.
On September 18, 2001, a new virus attacked United States operating systems. The worm was given the name Nimda, and it was an advanced version of Code Red II. Some might say that the Code Red viruses were created in preparation for the much larger Nimda attack, which was executed the week following the attacks on the World Trade Center and Pentagon. Due to the release date of the virus, members of the American government speculated on a link between the cyber attacks and Al Qaeda, but this theory ended up proving unfounded. The American media did not report much on the virus because of the terrorist attacks.
Multiple propagation vectors allowed Nimda to become the Internet’s most widespread and dangerous virus. It took only 22 minutes for the worm to rip through the American financial sector, causing over $3 billion in damage. The Nimda virus was so effective because it used five different infection vectors. People could, and still can, get the virus via e-mail, open network shares, infected websites, exploitation or via back doors left behind by the Code Red II virus. The group of people behind the Nimda virus and the theft of billions of dollars are unknown. The event greatly damaged the world’s financial sector and economy.

No comments:

Post a Comment