[<prev] [next>] [day] [month] [year] [list]
Message-ID: <000a01c2ce33$98c05270$6401a8c0@rms2>
From: rms at computerbytesman.com (Richard M. Smith)
Subject: How the BofA ATM network got whacked by the SQL Slammer Worm
'Slammer' attacks may become way of life for Net
http://news.com.com/2009-1001-983540.html?tag=fd_lede2_hed
....
That's exactly what happened to Bank of America, whose automated teller
machines suddenly stopped dispensing cash early Saturday. The reason:
The sheer volume of data produced by servers infected with Slammer
smothered databases in Bank of America's internal network.
"When a person uses an ATM, (the ATM) communicates with databases on our
internal networks," said Lisa Gagnon, a spokeswoman for the bank. "That
communication couldn't happen because our network was so congested."
Indeed, a single infected server churning out copies of the worm could
theoretically congest the bandwidth of a 100Mbps Ethernet, according to
analyses of the program.
By late Saturday, most of the company's ATMs were back in service. The
company located the entry point but, for security reasons, would give no
details of how the worm got in.
"Either the patch failed or we missed some servers when we applied the
patch," Gagnon said. "Going forward we will analyze what we can do to
make sure this doesn't happen again."
Powered by blists - more mailing lists