Here comes your worst nightmare: Superworm

Believe it or not, Internet worms until now have been too dumb and inefficient to cause much impact, according to software developer and activist Brandon Wiley.

Wiley said these inefficiencies will be corrected in a new generation of superworms capable of cooperating to blanket the Internet.

'Coordination between worms is the key in my scheme for superworms,' said Wiley, who set up the Foundation for Decentralized Research, at

Coordination 'eliminates overzealous infection' so a worm does not choke on its own glut of traffic, he said.

The Code Red worm in early 2001 used random scanning to propagate, which wasted bandwidth and caused self-competition for hosts, he said. The Nimda worm later that year added the capability for multiple avenues of infection. 'That was very nice, but not very stealthy,' Wiley said.

The 2002 Slapper worm could be updated by its controller to execute code on infected machines, but its various versions wasted time and energy competing among themselves, he said.

Gem of a worm

Wiley expressed admiration for the single-packet design of the Sapphire worm, which succeeded in infecting 90 percent of vulnerable systems on the Internet within about 10 minutes in January 2003.

'That was just brilliant,' he said. But Sapphire didn't stop after 10 minutes. It continued trying to spread randomly, which drew attention to it and exhausted bandwidth.

Sapphire is the first example of a theoretical worm that Wiley called Warhol, capable of spreading across the Internet in about 15 minutes. The name came from pop artist Andy Warhol's remark that in the future everyone would be famous for 15 minutes.

Wiley's prototype superworm, which he called Curious Yellow, could combine a fast-spreading Warhol worm with a coordination algorithm to prevent overlap and competition.

'Each copy of the worm has a plan'knows what range of addresses it is in charge of,' Wiley said.

Each worm that took over a host could be updated to carry out commands or execute code. The result would be a large, robust network of controlled machines programmable for either benign or malicious tasks.

Wiley also has a scheme for blocking Curious Yellow: a patch-update algorithm called Curious Blue.

'People get mad when I tell them about this, because they say the cure is worse than the problem,' he said. Curious Blue, besides quickly patching vulnerabilities, also could quickly open up back doors and cause other trouble.

'If somebody wants to fund this,' he said, 'it would keep me from designing my superworm.'

About the Author

William Jackson is a Maryland-based freelance writer.


  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected