This month marks the 10th anniversary of Blaster -- a worm that tore a path of disruption across the Internet. It struck a few months before I started writing about information security. But even then I was well aware that something big had happened.
10 years ago, I had a life-altering work experience. I was on the team at Microsoft that was trying to solve 2 huge problems:
--2 Billion computers had been infected with a self-replicating virus (AKA 'worm') now known as Blaster.
--The NE Power Outage was, for a period of time and by some people, attributed to Blaster.
There are many of my former colleagues who spent literally a year of their lives working with me to fix the aftermath of these problems. There are more friends with whom I later worked with at the Idaho National Lab (INL) that helped me understand the breadth of the problem that was uncovered by Blaster, specifically the reliance of critical infrastructure upon consumer-grade technologies.
From my perch as a newspaper editor, I remember all the major news outlets speculating that Blaster was connected to the blackout. I've heard theories in the years since then, though I haven't seen solid proof of a connection.
The big thing that strikes me as I look back is how rapidly the threat landscape has changed. In the beginning the big news always involved worm outbreaks like Sasser and Mytob. First a big vulnerability would be revealed on Patch Tuesday and then someone would exploit it with malware. Then the trend shifted from covering that to chasing the latest data breach.
From early 2005 onward, every time a company announced it had suffered a breach, reporters like me would have to drop everything and chase it. Eventually, breaches were announced so often that it ceased to qualify as breaking news. Then the trend shifted to such things as hacktivism and the rise of cloud insecurity. The one constant along the way has been the challenge of regulatory compliance, from HIPAA to Sarbanes-Oxley and PCI DSS.
Also see: "What's New In Security? Nothing."
Now I'm part of Akamai InfoSec, seeing a variety of threats and defensive measures up close. The daily grind usually involves tracking and blunting the latest DDoS attacks targeting our customers.
I'm not 100 percent certain about what's next, but I suspect the next 10 years will be just as interesting -- if not more so -- than the last 10.