This article can also be found in the Premium Editorial Download "Information Security magazine: Reflections on the impact of Sarbanes-Oxley."

Download it now to read this article plus other related content.

Turning Points

ChoicePoint, Sarbanes-Oxley and the advent of crimeware had company. Here are seven more information security signposts of the last decade.

DDoS Attacks Compared to today's targeted incursions on companies, MafiaBoy's February 2000 DDoS attacks on major ecommerce sites like Yahoo, Buy.com, eBay, E*Trade, CNN and Amazon seem like high-profile Internet pranks. Yet they paved the way for a rash of extortion schemes based on DDoS attacks and shook consumer confidence in online buying. One-third of those surveyed following the attacks said they were less likely to make a purchase on the Internet, and three out of five were more concerned about their privacy than before.

Code Red, NIMDA, Slammer Truly the evil trinity of early malware, Code Red, NIMDA and SQL Slammer made Windows and network administrators shiver. Code Red struck first in July 2001, exploiting a buffer overflow vulnerability in Microsoft's IIS Web server that had been patched weeks earlier. NIMDA, meanwhile, arrived a week after the Sept. 11 terrorist attacks, leading some to speculate the worm could be a follow-up attack against an already shaken nation. NIMDA spread not only via email as Code Red did, but through open network shares or infected Web sites. It also exploited a hole in IIS. Slammer may go down as

    Requires Free Membership to View

the most prolific and efficient worm in history. Hitting in January 2003, Slammer spread incredibly quickly through a buffer overflow bug in SQL Servers worldwide. Within 10 minutes, 90 percent of vulnerable machines had been infected (a patch for the vulnerability had been available for six months). Slammer weighed in at less than 400 bits of code, but delivered a nasty denial of service payload, slowing down Internet backbones in countries all over the world.

9/11 The Sept. 11 terrorist attacks had an enduring impact on the economic, psychological and social fabric of the United States, but was it a turning point in information security? Not to a great degree, but it did increase awareness of security, and focus attention on contingency planning and business continuity.

Spam Spam has exploded as a security and operational problem, making up 87 percent of global email by the end of 2006, according to email security vendor Commtouch. That volume spiked precipitously late last year, fueled by the use of botnets, largely replacing the buying and selling of address lists, and new evasion techniques delivering not only unwanted junk email, but a litany of phishing attacks and spyware.

This was first published in January 2008

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: