August qualifies as the dog days of summer. It’s a good time to take it easy and use some PTO. But that’s not something the network administrators of 2003 could do, thanks to an onslaught of viruses.
August 2003 brought forward a nasty triple-punch of viruses that made major headlines, including a worm that may have left 50 million people in the northeastern United States without power for more than two hours.
The three viruses of August 2003
Microsoft issued an alert about the Blaster worm on Aug. 11, 2003. The worm exploited a vulnerability in machines running Windows 2003/XP/2000/NT if they weren’t up to date on security patches (a common tale of woe). Blaster would download and execute the msblast.exe file, causing a computer to reboot every 60 seconds and increasing network traffic through TCP ports 135 and 4444 and UDP 69. Companies, universities, and governmental agencies such as the Maryland Motor Vehicle Administration were hit—along with multiple utility companies working to bring the northeastern power grid back online.
On the heels of Blaster came Welchia, a “nematode” worm, or Robin Hood in computer virus form. Welchia infected computers running Windows 2000 and Windows XP. The worm downloaded a Microsoft security patch and removed Blaster from an infected computer’s system. Well-intentioned, but it created a ton of network traffic—and affected the U.S. Navy and U.S. State Department, Lockheed Martin, and Air Canada.
Amid all this, the SoBig.F virus—the sixth variant of the SoBig worm—arrived, traveling at its peak in one out of every 17 emails. Arriving via attachment, the worm spread through the infected user’s email address book. As damaging as SoBig.F was (it grounded Air Canada, which couldn’t catch a break), the virus was programmed to deactivate itself on Sept. 10, making way for the next variant.
Photo: nuttapon averuttaman / Shutterstock