System Administrators Blame Each Other For Spread Of Slammer Internet Worm, Sophos Poll Reveals

A web poll of more than 200 business PC users, conducted by Sophos Anti-Virus, has revealed that most blame their fellow system administrators for the spread of the SQL Slammer internet worm in the last few days. The Slammer worm slowed down large sections of the internet at the weekend, reportedly causing ATM machines in America to stop working and knocking large sections of the South Korean population off the web.

64 per cent of poll participants felt that system administrators who failed to keep their systems updated with the latest security patches had been most at fault for allowing the Slammer worm to spread. 24 per cent blamed Microsoft for shipping buggy software, even though Microsoft warned system administrators of the security hole back in July 2002.

The poll also revealed that many system administrators have not put in place a formal way of dealing with new security vulnerabilities as they are discovered, with 12 per cent relying on mainstream news reports to tell them about potential problems.

Only 43 per cent of respondents said they had signed up for Microsoft’s security vulnerability mailing list – the method Sophos recommends to companies who wish to keep informed of new vulnerabilities as soon as they are discovered.

“The Slammer worm slowed parts of the internet to tortoise pace this weekend,” said Graham Cluley, senior technology consultant, Sophos Anti-Virus. “However, it was 100 per cent preventable. If network managers had put the patch from Microsoft in place when it was first announced last year, the worm would have had no air to breathe. Companies should put formal systems in place now to patch against future vulnerabilities or they could find themselves in a sticky mess.”

Interestingly, over 50% of those surveyed indicated that they noticed an internet slow down when Slammer was at its height at the weekend.