Skip to Content

Worm Watchers

Software: Simulation tools fight new network parasites.
March 13, 2002

Most people now know the drill when it comes to thwarting a computer virus. Receive an e-mail with a vague subject line? Trash it.

If only that were enough to keep the Internet free from the wanton devastation of Code Red II and Nimda, just two of the new automated menaces (both technically worms, rather than viruses) now infecting millions of computer networks. Security experts admit such attacks can’t be prevented entirely, but they say simulation technologies now in development might at least help network operators predict how their systems will respond to invaders, so they can prepare better defenses and contain the damage.

The latest rashes of corrupting code are particularly virulent because they don’t require any social engineering-a phrase used to describe how virus makers trick people into opening tainted e-mails-and can infect networks without anybody noticing. Code Red II scans the Internet for vulnerable Web servers and creates “back doors” that allow hackers to control the servers remotely, to date causing $2 billion worth of server downtime and Internet traffic jams. Nimda spreads automatically via shared files, Web pages, e-mail and other routes. Infected computers can be cleaned, but the worms spread with such speed and in such volume that networks can grind to a halt.

Security experts are working to remedy individual vulnerabilities, but they agree the virus makers will always be able to find new ways to intrude. “It’s no longer a question of How can we keep them from coming in?’ but What do we do now?’” says computer scientist David Fisher at the CERT Coordination Center, a government-funded research and development center for Internet security at Carnegie Mellon University. Fisher helped develop Easel, a software simulation tool that runs potential nightmare scenarios involving the likes of Code Red and Nimda. Using the collected data from previous attacks-how many servers were affected in what span of time, for instance-it creates reference models that computer security specialists can use to minimize damage in future attacks. They might, for example, configure a network to recognize a nascent infection and shut down affected servers before the virus can spread further.

The center recently released the beta version of Easel, and similar software is under development at companies such as McAfee and Symantec. “We can’t hope to stop them,” says Sam Curry, virus expert at McAfee, “but by knowing what might happen when they do hit, we can at least keep them contained.”

Keep Reading

Most Popular

A Roomba recorded a woman on the toilet. How did screenshots end up on Facebook?

Robot vacuum companies say your images are safe, but a sprawling global supply chain for data from our devices creates risk.

A startup says it’s begun releasing particles into the atmosphere, in an effort to tweak the climate

Make Sunsets is already attempting to earn revenue for geoengineering, a move likely to provoke widespread criticism.

10 Breakthrough Technologies 2023

Every year, we pick the 10 technologies that matter the most right now. We look for advances that will have a big impact on our lives and break down why they matter.

These exclusive satellite images show that Saudi Arabia’s sci-fi megacity is well underway

Weirdly, any recent work on The Line doesn’t show up on Google Maps. But we got the images anyway.

Stay connected

Illustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.