No attack, but threat has not disappeared

It was the day the earth didn’t stand still. The February 3 worm — which received a variety of names from a variety of different security firms — was, we were told, going to prove to be a severe security threat, damage our systems, mess up our data, rearrange all our CDs, empty the fridge and drive the dog out of the house.

  • E-Mail
By  Peter Branton Published  February 12, 2006

|~|comment-35267main.jpg|~|To the relief of many, the February 3 worm attack did not happen.|~|It was the day the earth didn’t stand still. The February 3 worm — which received a variety of names from a variety of different security firms — was, we were told, going to prove to be a severe security threat, damage our systems, mess up our data, rearrange all our CDs, empty the fridge and drive the dog out of the house (we may have got a couple of these wrong, it was hard to remember all the warnings we got in the build-up to the date). And of course, what actually happened was... nothing very much. A handful of systems were affected on the Friday, but since it was on a Friday, it seems likely that even for those working on that date (very few here in the Middle East) it amounted to nothing more than the chance to go home a bit early. Not so much a security disaster, more of an early shopping opportunity. As soon as the deadline date was safely passed, and we were all assured that doomsday had not descended on us all, many industry watchers were quick to say that of course they had known all along that it wouldn’t be a problem. (In fairness, actually most security firms had said that if a user’s machine was properly protected then they should be safe from danger). It does however raise the issue of just how far we should go in sounding the alarm over such threats. How much noise should we make? Those of us with long-ish memories will remember IT’s biggest scare of them all: the Year 2000 issue (which was related to how computers stored data, the fear being that many systems would not recognise the date change). That issue dominated the IT industry agenda for several years, fortunes were literally made in coming up with solutions to fixing it. And what happened at 12.01am on January 1 2000? Nothing much, IT-related, although quite a lot of parties were still going strong at the time. But systems didn’t crash (nor did planes, there had been a lot of reports that aviation systems would be affected, leading to worries about booking a flight for that time, or being under a flight path), computers continued functioning, the world went on pretty much as before. Plenty of systems engineers woke up the following day with a headache, but it wasn’t linked to their day job. So were all the billions of dollars that were spent fixing the Year 2000 problem wasted, since it didn’t turn out to be that much of a problem after all? The answer, in short, was no. A slightly-less short, no, because if the effort hadn’t been made, then there almost certainly would have been serious system crashes on Jan 1 2000 and then it would have been too late to do anything. If we all act to fix a problem and it doesn’t happen, then great, we’ve avoided trouble. But let’s just make sure that it was a real problem in the first place. ||**||

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code