What Is The Storm Worm For?
Old style worms -- Sasser, Slammer, Nimda -- were written by hackers
looking for fame. They spread as quickly as possible (Slammer infected
75,000 computers in 10 minutes) and garnered a lot of notice in the
process. The onslaught made it easier for security experts to detect
the attack, but required a quick response by antivirus companies,
sysadmins and users hoping to contain it. Think of this type of worm as
an infectious disease that shows immediate symptoms.
Worms like Storm are written by hackers looking for profit, and they're different. These worms spread more subtly, without making noise. Symptoms don't appear immediately, and an infected computer can sit dormant for a long time. If it were a disease, it would be more like syphilis, whose symptoms may be mild or disappear altogether, but which will eventually come back years later and eat your brain.
No one knows what it's for, how to stop it from spreading, or how to combat it if it is turned on. Other than a few pump-and-dump stock schemes, the only thing the worm has attacked has been anti-spam sites that tried to bring attention to it. It points to a failure of imagination in our public officials that this worm has not been identified by law enforcement as the threat it is -- perhaps the largest criminal enterprise ever: A robot army of malware, numbering in the millions. Fix the robot army of computer syphilis, please.