Not all worms are created equal. Some cause minor annoyance. Some propagate madly for a few weeks, then end up doing nothing worse than wasting bandwidth. Some strum up some spam, and then that's it.
Then, every once in a while, a worm will come along -- such as Storm -- that potentially has the power to shutdown even the largest, and most protected of networks, at the drop of a cyber-hat.
First pinned down in mid-January of this year, Storm (also known as Dorf/Fam, Peacomm, and SMALL.EDW by Sophos, Symantec, and Trend Micro respectively) has been quickly gaining in strength. It takes advantages of holes in Windows operating systems -- pretty much every version of Windows, excluding Windows Server 2003.
Once a system is compromised by the trojan, the 'Stormed' computer will become a zombie-slave. The comprised computer then becomes one more machine composing Storm's massive botnet. The virus primarily propagates itself by using this gargantuan botnet to send out infected emails that have intruiging, fake news headlines for subjects -- such as: “Chinese missile shot down USA aircraft” or “U.S. Secretary of State Condoleezza Rice has kicked German Chancellor Angela Merkel.”
How big is Storm's botnet? Some estimates think the botnet could be as large as 50 million computers. It's entirely possible that one person is behind the worm, pulling the strings, and is able to focus the power of this zombie-network, however they like. “In terms of power, the botnet utterly blows the supercomputers away,” chief anti-spam technologist Matt Sergeat, from MessageLabs, was quoted as saying. “If you calculate pure theoretical throughput, then I'm sure the botnet has more capacity than IBM's BlueGene. If you sat them down to play chess, the botnet would win."
So far, experts have seen the activity of Storm's botnet periodically spike, for a few hours at a time. But it is estimated that only about %10 of the botnet's power has been applied in these activity spikes -- if the person pulling the strings of Storm were to fully engage the zombie-networks, the full Denial-of-Service powers could possibly be enough to cause severe chaos -- such as overwhelmingly networks of even the largest of companies and services.
It is also possible that the services of the 'Storm' infection could be 'rented' to service nefarious criminal purposes, such as mega-spam campaigns, or possibly even to launch some sort of mercantile cyberwar.
So far, it seems that Storm has been applied to 'pump-and-dump' stock scams (the zombie-networks send millions of emails saying that some stock is about to take off -- and once the price of the stock is artificially inflated by many suckers buying into it, the stock is sold off for huge profits.)
Chief forsenic officer of MyNetWatchman.com, Lawrence Baldwin, related to website itnews.com that: “Cumulatively, Storm is sending billions of messages a day. It could be double digits in the billions, easily."
It'll be interesting to see if the full force of Storm will be unleashed before network security specialists, or Microsoft employees, are able to clamp down at all on the trojan's proliferation -- but unfortunately, it seems the primary reason why this worm has gotten so huge, is that many people just can't resist opening up mysterious emails with interesting subjects.
Curiosity killed the computer network.