There are bad times just around the corner,
There are dark clouds hurtling through the sky.
And it's no use whining about a silver lining,
For we KNOW from experience that they won't roll by.
From: There are bad times just around the corner, by Noel Coward.
The recent tsunami tragedy should make us all realize that no matter how unlikely a catastrophe might seem, the potential exists.
Ask any large company about its disaster-readiness and recovery plans and you'll hear about multiple data centres, standby generators, and on and on. But are they really prepared for the Big One?
The problem is the large-scale network disasters we've seen so far have been limited in scope and fixed in a few days. Most of our big catastrophes, which have been caused by worms and viruses, have in reality caused less financial and operational problems than spam and spyware.
The Big One, the mother of all cyberdisasters, will affect more machines in more organizations in more countries than any disaster we've seen. Its effects will be lasting, and its economic impact dreadful.
You might disagree about calling today's spam and spyware problems catastrophes. But when you consider the billions of dollars in lost productivity, corrupted data and support costs, it's hard to not call these disasters.
Mikko Hypp"nen, director of antivirus research at F-Secure recently suggested that "Uncrackable viruses . . . could be on the horizon. Authorities put up their best numbers yet in 2004 with respect to arresting virus writers, but unfortunately the people they're catching are hobbyists and teenagers . . . the biggest threats come from professionals who are beefing up their arsenals"
And that's the least of it. What if an uncrackable virus targets spyware as a delivery and transmission vector?
Or what about a zero-day exploit built into a virus or worm that infects, say, Windows operating systems? It would be great to believe that such a combination couldn't exist, but that wouldn't be a smart bet given the history of the security problems of commercial products and their increasing complexity.
In such a scenario, we could find that within a few hours most consumer PCs would be disabled and most of our outward-facing servers would collapse. Next the problem would spread to our internal servers and desktops and laptops.