SQL Slammer Spread 30 min
Coronavirus Spread 90+ Days
The SQL Slammer Virus, also known as the Sapphire Virus, is malware in the form of a worm that caused a Denial of Service on many internet hosts in 2003, and caused thousands of network outages and even dramatically slow down Internet traffic! The worm spread rapidly, infecting the majority of its 75,000 victims within ten minutes. This worm exploited a vulnerability in Microsoft’s SQL Server.
Similarities between Computer and Biological Viruses?
Social isolation is the 2020 solution to flatten the curve on Coronavirus infections. In 2003 preventing the spread of SQL Slammer required network Isolation (blocking TCP 1434 – SQL’s communications port). However, as witnessed by the COVID-like map from 2003, due to the speed of computer infections, network isolation couldn’t be put in place fast enough to stop the spread of SQL Slammer. Whether the world has learned enough to put social isolation in place quickly enough to slow and stop the spread of COVID19 remains to be seen.
Source: NC State Study
AS AN SMB OWNER, WHAT DOES THIS MEAN FOR ME?
The SQL Slammer worm costs companies an estimated $750 Million to over $1 Billion in damages. In this case the risks were easily avoided if these companies had patched their systems. Therefore, as a business owner, make sure your company’s cybersecurity program includes the following protections:
- Patch your systems for critical vulnerabilities. This worm was only able to compromise computers that hadn’t been patched in over 6 months!
- Isolate your critical systems using network segmentation and port isolation. SQL Slammer invaded so many networks because TCP 1434 was open unnecessarily between networks. Had the port been closed or isolated, this virus would not have spread.
- Train your employees with a robust cybersecurity awareness program. Teach them how to spot and avoid email phishing attacks, social engineering, and other hacker attack methods.
- Govern your employees with policies such as Information Handling, Acceptable Use of Computers, and Passwords at a minimum.
- Have a Risk Assessment performed on your company to understand the potential threats and vulnerabilities you face. Then, based upon your budget, create a remediation plan to begin reducing your risks to an acceptable level.
- Test your employees with Phishing attacks randomly to ensure they are paying attention to this threat.
- Ensure you have Technical protections in place to protect you when your training and governance fails you. Antivirus, SPAM filtering, removing Administrator rights to your windows desktops, and deploying a Password Manager.
These seven measures are all defense-in-depth cybersecurity strategies for lowering your risk.