Synthetic Snake Oil: Online Security Tips

DP54 Nimda Virus


Listen Later

Looking over 2001 one could say it was filled with travesties. After all, September 11th that year was the day the attacks on the World Trade Center and Pentagon occurred. And literally a week later, computers were hit with a virus that people believed was due to Al Qaeda.

 

Nimda is one of the most malicious worms users had to face that year. It spread itself quickly and surpassed all damage that Code Red, or other previous outbreaks caused that year.

 

The attention of this worm was brought attention on the 18th of September. It was a week after the bombing which was why people theorized this was done by Al Qaeda, however that theory was unfounded. It wouldn’t be until later when China allegedly admitted to this virus. This was uncovered when looking at the code and noticing China written in the code.

 

Nimda targeted both users and servers of Windows computers. On the user end any user running Windows 95, 98, NT, 2000 or XP were targets. Servers operating NT and 2000 were targeted.

 

How the name Nimda came to be was the reverse spelling of admin. There wasn’t any particular thematic reason for the name.

 

But as I said before, Nimda was by far the most damaging of the worms at the time and what made it so effective was due to how it infected computers. All through 2001, the viruses had specific conditions that had to be met in order for it to spread.

 

Nimda had five routes it could take. It could spread via:

 

  • Open network shares.
  • People browsing compromised sites.
  • Exploited directory vulnerabilities that were solved in recent and up to date patches.
  • Or back doors that were left behind by previous worms. Notably Code Red 2 and sadmind/IIS.
  •  

    This worm was devastating due to the fact it was more sophisticated than any other attack up to this point. What this says to us is that viruses have gotten stronger to the point they don’t need one specific condition that needs to be met in order to spread.

     

    But the creation and spread of these worms also shows us how unaware and unprepared we are when faced with this type of technology. The reality is that these worms could’ve been prevented. If we were more diligent about our emails and keeping everything updated we could’ve lessened the damage these viruses have caused.

     

    In a sense, all these attacks are a good thing. They serve as reminders for what we can do in the future to better protect ourselves from viruses or other attacks. We’ll be seeing this time and again with future viruses I’ll be talking about.

    ...more
    View all episodesView all episodes
    Download on the App Store

    Synthetic Snake Oil: Online Security TipsBy dpapp