Unintended Consequences—Blackouts and Worms

Two of the nation's biggest networks got slammed this week. What lessons have we learned?

If ever a month proved the law of unintended consequences, August did. From the blackout that left millions of people in the northeastern and Midwestern US as well as parts of Canada out of power, to the Blaster worm that brought down hundreds of thousands (reports put the number at or near 300,000) of Windows machines, weve seen sure signs that technology sometimes bites back.

Im sure there will be weeks, if not months of speculation as to exactly what caused the blackout, and we may never know the precise answer. The problem appears to have started with a power station in the Midwest. But it is clear that despite being designed to spread power to lots of communities—in part to ensure that electricity would always be available—the power grid failed.

The basics of how the Blaster worm works and how it spread are better understood. But although Microsoft did have a patch ready, and the antivirus programs were primed to catch the malicious code, it still spread far faster than most people thought it would. In fact, one of our editors—someone who knew how to patch his system and even talked about the process on television—got hit with the worm, though his antivirus program stopped it from being a real problem.

This particular worm is especially nasty because it infects PCs running Microsoft Windows 2000 and XP (as well as Windows NT4 and Server 2003) by initiating a TCP session on one of several ports.