Back

Back from the cyber-grave: Return of the SQL Slammer

Recent news reports have unearthed an interesting comeback story in the tech world – back from the cyber-grave it was left in over a decade ago, the SQL Slammer returns.

The SQL Slammer, also know as the Sapphire Worm and Helkern, first came to light 14 years ago in January of 2003. The virus, which was only 376 bytes in size and used a vulnerability in Microsoft SQL Server 200, performed DDoS attacks (Distributed Denial of Service) to infect over 75,000 victims across the globe in under 10 minutes when it was released in January of 2003. The virus works by sending requests to UDP port 1434, infecting a server, then sending out the same message to random IP addresses, causing a denial of service.

A Microsoft patch to SQL Server 2000 effectively stopping the reign of the SQL Slammer. Until recently, that is.

A DDoS Blast from the Past

According to cybersecurity experts at Check Point, the SQL Slammer is once again active on the internet.

Research done by Check Point showed that during the time of November 28, 2016, and December 4, 2016, the SQL Slammer was one of the top malware detected. This comes as a massive increase of SQL Slammer attempts have recently resurged.

Attacks from the virus were directed across 172 countries, with 26% of those attacks directed at networks within the United States, and the IP addresses that propagated most of the attacks originated from China, Vietnam, Mexico and Ukraine.

A Quiet Comeback

Before the recent resurgence in attacks, the SQL Slammer hasn’t been active on the internet. It’s curious that this technologically ancient, mostly outdated virus would make a comeback, which puzzles security experts. Officials from Check Point question if the worm is attempting a comeback of sorts.

Old threats are still threats, however, which the resurgence of the SQL Slammer proves. The only way to maintain a safe network from threats old and new alike is to ensure your organization is following best practices for network security.
The most effective way to ensure your network security is up-to-speed with all the threats facing it is by working alongside a trusted IT partner like NENs. IT partners not only keep you prepared for viruses of the future, but have your back against the vintage viruses of 2003 as well.

Client Feedback

“We are about 60% more effective, since we contracted with NENS. The new IT structure helped our office work more efficiently and NENS was able to help make our performance faster. NENS was able to diagnose issues quickly and fix them in a timely manner.”

—Kristen Hammond
Read More