Author Robert Vamosi takes us on a trip down memory lane as he recalls the Top 10 Security Nightmares of the Decade in PCWorld. These were just some of the debacles that spawned IT security as a job specialty, and revisiting them gives us a taste of the attacks we’ll be asked to thwart in the future. It’s a handy list of things to watch out for. Here’s the top five.
Back in February 2000, a Canadian teenager named Mafiaboy used automated floods of incomplete Internet traffic to cause several sites – including Amazon, CNN, Dell, eBay, and Yahoo – to grind to a halt in a distributed denial of service attack.
Viruses and worms have always been around, but in the summer of 2001 one aggressive worm threatened to shut down the official White House Website. Code Red, so named because the discoverer was drinking "Code Red" cola from Mountain Dew at the time.
3. MySpace, Facebook, and Twitter Attacks
At the beginning of the decade, security experts at businesses had to struggle with employees’ use of instant messaging from AOL, Webmail from Yahoo, and peer-to-peer networks. These applications poked holes in corporate firewalls, opening various ports that created new vectors for malware.
4. Organized Viruses and Organized Crime
After the Melissa virus struck in 1999, e-mail-borne viruses peaked the following year with ILOVEYOU, which clogged e-mail servers worldwide within 5 hours.
With the financial backing of organized crime syndicates came widespread and clever innovations in malware. In 2007, the Storm worm – which began like any other virus – started talking to other Storm-compromised computers, forming a network of compromised computers all using the Overnet peer-to-peer protocol. This protocol allowed the operator to send out a spam campaign or to use the compromised computers to launch a DDoS attack.
Is it any surprise there are several thousand job postings for security specialists here on Dice?
— Leslie Stevens-Huffman