Slammer Worm Hits Major US Auto Manufacturer

Event Year: 2003 Reliability: Confirmed
Country: United States
Industry Type: Automotive
Description:

At 5pm on Saturday, June 25, 2003 a major US auto manufacturer was hit with the Slammer worm.  A SQL patch had been available for approximately 6 months but had not been applied to the manufacturers systems.  The worm spread very quickly, ultimately affecting 17 of the manufacturer’s plants.  The event lasted for approximately 8 hours before it was contained.  Limited infrastructure firewalls did nothing to prevent the spread.  Ultimately, IT was forced to detach the unprotected telecom infrastructure which appeared to be the primary mode of spread between plants.

Impact:

17 manufacturing plants affected.  More than 1,000 computers had to be “rebuilt”.  Event was estimated to cost the company $150 Million USD.

Action Description: The manufacturer conducted an audit of all plants for external unwatched/unprotected data connections. One plant alone was found to have over 400 violations. They conducted security awareness training in all plants.