A team of network security experts in California has determined that the computer worm that attacked and hobbled the global Internet (January 25) was the fastest computer worm ever recorded.

Within 10 minutes of debuting at 5:30 a.m. (UTC) Jan. 25 (9:30 p.m. PST, Jan. 24) the worm was observed to have infected more than 75,000 vulnerable hosts. Thousands of other hosts may also have been infected worldwide. The infected hosts spewed billions of copies of the worm into cyberspace, significantly slowing Internet traffic, and interfering with many business services that rely on the Internet.

The Sapphire worm's software instructions, at 376 bytes, are only one-tenth the size of the Code Red worm, which spread through the Internet in July 2001. Sapphire exploited a known vulnerability in Microsoft SQL servers used for database management, and MSDE 2000, a mini version of SQL for desktop use.

The team in California investigating the attack relied on data gathered by an array of Internet 'telescopes' strategically placed at network junctions around the globe. These devices sampled billions of information-containing 'packets' analogous to the way telescopes gather photons. >from *Sapphire/Slammer worm shatters previous speed records for spreading through the Internet*. february 4, 2003

related context
> The Spread of the Sapphire/Slammer Worm By David Moore, Vern Paxson, Stefan Savage, Colleen Shannon, Stuart Staniford, and Nicholas Weaver. february 4, 2003
> CERT Advisory CA-2003-04 MS-SQL Server Worm. january 25, 2003
> i love you :: computer_virus_hacker_culture. may 23, 2002

imago
> worm-eaten: program empty body