Korean Internet Infrastructure Crippled

Status
Not open for further replies.

Phantasm66

Posts: 4,909   +8
It appears that the Slammer worm has caused so many problems in Korea, the world's most wired country, that all Internet activity in that country was effectively ground to a halt.

The implications of this are staggering. The opportunity for terrorists to use some type of worm to crush the Internet in certain countries and cause all kinds of financial mayhem are clear.

For the moment, it appears that Korea have targetted Microsoft as the responsible parties in this case. However, IMHO, the patch for this vulnerability was made available by Microsoft before these attacks, and as such its a failure of effected parties to keep up to date with security fixes that has caused these problems.

What do you think? Post comments here.

More on this story here, and here.
 
Another viewpoint here claims that any patches for the vulnerability released prior to service pack 3 for MS SQL Server were too hard to install.
 
Is Korea really the most "wired" country in the world? When I think of Internet, cell phones etc.. I think of the U.S, parts of Europe.. Japan perhaps.

Just curious...

Something like that could be a very bad blow for any technology-driven country. The Internet plays a much larger part of commerce and capitalism than it did 5 years ago... I might even say a vital part in some current economies.
 
It's impressive to see the kind of consequences that can occur when vulnerabilities like this are exploited, perhaps just a warning this time of what could happen in the future if security doesn’t get any more serious. IMO, Microsoft should be able of getting out clean out of this one because a patch had been released with some anticipation, no matter what the circumstances.
 
I thought Canada was the most wired country, I know we have the largest broadband usage and we are the country that pirates the most music due to cheap widely available broadband services.

G. PraTT
 
A testament to how our economies rely on the Internet so much.

Most wired country? Dunno about Korea...Maybe South Korea, North doesn't even have enough money to feed it's people...I'd think the US or Japan due to the economy. Probably us.
 
First Microsoft had problems getting the patch installed and deployed. See link below. What chance do you think the small to medium size companies have getting all the servers/work stations patched when 20+ patches a month are deployed.

http://apnews.excite.com/article/20030128/D7OR5N8O0.html

This problem can be fixed:
-Train programmers on common security flaws.
-Audit code for security.
-Create a new comprehensive patch management system.
-Improve testing of patches. Several patches have caused more problems then they have solved.
-Rebooting a server or work station to apply a patch and make it active is unacceptable.
-Close know flaws quicker (19 open on ie alone)http://www.pivx.com/larholm/unpatched/
-Intrusion prevention software could help.
 
Patches? We don't NEED no stinking patches!

While a patch may have been available for some time, this does not necessarily point to lax IT departments, or ignorance, as the cause of the spread of this worm.

As some of you already know, just because Microsoft issues a patch, many IT staff are reluctant to deploy it immediately. Why? Laziness? Not necessarily. All too many times, a patch causes more harm than good; total failures, the need to fully reinstall, etc. In effect a patch can cause more problems than it remedies.

Unfortunately, low confidence in the reliability of patches leads to the problem we are seeing now with Slammer.

My two cents,

SG.
 
Re: Patches? We don't NEED no stinking patches!

I want to express my feeling about Korea Internet.

Few years ago I've been working for a company which distribute Korean networking product such as DSL modem, LAN switch and router. For a better understanding of the products I've gone to SEOUL for training, but ...

After I spent several days in SEOUL. I didn't think I learn much from them (In Hong Kong I'm just a little so-call Engineer with a little M.C.P., I think technician is a better term for me). Actually I'm doing the testing, bug reporting and advise them on the english command interface about on the router. Honesty, they just copy the idea from a famous 'C' brand US product and create the hardware on their own. Price was low but software and hardware was far beyond, also support was bad (not many people can speak or write english in Korea).

Also the Korean love their country so much that they'll buy Korean products in the 1st priority, that's why the worm bring down their Internet "so efficiently", I'm sure this kind of things won't happen in other countries because I've been working in the industry for more than 8 years, and I feel that for the America and Europe countries, stability was more important than the price.
 
Re: Patches? We don't NEED no stinking patches!

Originally posted by Unregistered
While a patch may have been available for some time, this does not necessarily point to lax IT departments, or ignorance, as the cause of the spread of this worm.

As some of you already know, just because Microsoft issues a patch, many IT staff are reluctant to deploy it immediately. Why? Laziness? Not necessarily. All too many times, a patch causes more harm than good; total failures, the need to fully reinstall, etc. In effect a patch can cause more problems than it remedies.

Unfortunately, low confidence in the reliability of patches leads to the problem we are seeing now with Slammer.

My two cents,

SG.

An excellent point. I too, wait for "feedback" before delploying a new patch. Critical systems can't afford to have a new patch fail on them every other week.. The server market reflects this ideology with ALL operating systems and hardware.. Not just Windows or Microsoft related products and this is to be expected.

This doesn't mean it is Microsoft's fault for not making unbelievably, absoposilutely 100% tested awesome patches or the IT department's fault being cautious.. The worm maker should be getting the blame here.

On a scale of guilt, I'd give the worm maker #1, Microsoft #2 (for making an OS suceptible to this worm) and the IT dept #3. They are just playing it safe.
 
I just want to take this moment to ask a simple question. Why does everyone always blame MS everytime an exploit against one of their products causes big trouble? Are they the ones who deployed the worm? NO Are they the moronic employees who mindlessly checks their email with no regard to security? NO. I can keep going but I think you get the idea. most of these widespread problems are caused by stupidity.

It doesn't matter how secure a system is, someone will find a way to exploit it. As long as there are employees who click on every pretty link in their email, then it will be all the much easier to exploit those systems
 
This was a different type of worm... you didn't need to open an email to get it... it went into an SQL system without prompting of any kind.

And I think this isn't M$'s fault because the security patch was out many months ago. If you don't have confidence in a patch by then, then you are asking for a lot of trouble down the road... your OS is swiss cheese.
 
Well South Korea is not really the most wired country, more of like the most wired country in Asia with cheap broadband services. Well Veh, Korea generally refers to South Korea IMO.
 
If you want the heads up on this worm go and read this page, it wouldn't have mattered if 99,9% of all comps where patched, because a single infected system will reportedly be able to scan the entire internet in less than 12 hours, much less on a high-speed network...
 
Status
Not open for further replies.
Back