[Witty targeted a firewall product:] When users participating in the best security practice that can be reasonably expected get infected with a virulent and damaging worm, we need to reconsider the notion that end user behavior can solve or even effectively mitigate the malicious software problem and turn our attention toward both preventing software vulnerabilities in the first place and developing large-scale, robust and reliable infrastructure that can mitigate current security problems without relying on end user intervention.

Colleen Shannon and David Moore of the Cooperative Association for Internet Data Analysis (CAIDA) offer a fascinating and rather frightening analysis of last week’s Witty worm.  It’s dangerous out there, folks.

Witty seems to have been an orchestrated attack, albeit using an opportunistic method.  The paper argues convincingly that we’re using the wrong security model; if we don’t change, the bad guys are gonna take down a lot of computers.  Doesn’t matter if it’s a prank or something really malicious, it’s going to be costly regardless.

Link courtesy of Mikko Hyppönen/F-Secure

Here’s a technical analysis of Witty, from Matthew Murphy. It is also worth a read, if you didn’t mind slogging through code.

This entry was posted in Semi-Geekery and tagged . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.