In 2003, the SQL Slammer worm infected over 100,000 unpatched SQL instances in under 10 minutes. To this day, that is the record for a fast-infecting network worm. Worms died down for a few years but they are back with a vengeance. The recent WannaCry and Petya ransomware programs are clear examples of this.
Worms prey on unpatched software or user configuration errors, such as weak passwords, to break into their next victim’s computer. Both WannaCry and Petya exploited millions of unsuspecting PCs, surprising users who thought they were protected.
Network worms are always the scariest malware programs because, as SQL Slammer showed, they spread quickly, do their evil, and get out. The damage is done before the humans know what is going on.