How the Grinch Hacked Christmas
by Ed Skoudis
(Thanks to Dr. Seuss…)
(To be read in the voice of Boris Karloff, of course!)
Every Who on the Network liked Christmas a lot...
But the Grinch, a highly skilled cracker, did NOT!
The Whos ran the Internet, keeping it humming.
Sys admins configging, network folks plumbing,
InfoSec professionals, working together,
Toiling all the year 'round, no matter the weather.
But, on Christmas day each year, they all took a break
To spend restful time with friends and in fun partake!
Yet, this single day off put the Grinch in a fret.
"They should work all the time, taking care of the 'Net,"
Scowled the Grinch at his laptop, a sleek, black machine,
Named Max, as he held a brew chock full of caffeine.
"Why for over ten years I've put up with it now!
I MUST stop this break from coming... But HOW?"
Then the Grinch hatched a plan that made Max really squirm.
"I will disable the Inter-Net with a worm!"
He started writing code, typing furiously.
As it began to take form, he was filled with glee.
The malware attacked many kinds of OSs:
Solaris, Windows, and Linux would be messes.
Using Warhol techniques with some zero-day sploits,
You see, his Christmas Eve worm was very adroit.
In under an hour, it would spread ev'rywhere
Causing systems to crash, thus requiring great care.
On Christmas, the Whos would have to work extra hard
Cleaning up the big chaos, their Christmas day scarred.
He decided to name his foul worm, "Santa-Klez."
Then he set about spreading the code just like pez.
It was now Christmas Eve, time to launch the attack.
He logged into one server to upload his hack.
He picked this system, from which to start the rank spree
Because he had a shell there from his ISP.
He'd have to work quickly, it would not be a cinch.
Just then, a strange chap sent an IM to the Grinch.
It claimed, "I am the Lorax. I speak for the trees!"
"Sorry, wrong tale," growled the Grinch, "Just leave, if you please!"
After dismissing him, the Grinch wasn't quite done,
For Cindy Lou Who messaged him, spoiling his fun.
She managed this system and her IDS said,
It had spotted some code the Grinch swiped from Code Red.
But, you know, that old Grinch was so smart and so slick
He thought up a lie, and he thought it up quick!
"Why, my sweet admin friend," the sly Grinch hacker typed,
"There's a huge bug on the 'Net that shouldn't be hyped.
"So I'm releasing an ethical worm, my dear.
It will rapidly spread my good patch far and near."
Cindy accepted the fib she heard from the Grinch,
Who then released his code without even a flinch.
That is our story… Now it's your turn to advise.
Please do answer these questions to win a fine prize!
As you ponder these issues, you may want to buy…
Counter Hack, a great stocking stuffer… No lie!
1) Because worms can cause problems, I'd like you to share
The proactive steps an org can take to prepare.
2) After preparing, suppose a worm gets released.
What do you do to make sure damage is decreased?
3) Beyond any one agency, corp, group, or firm,
How can the whole community stop such a worm?
4) If no Grinch sends a Christmas Eve worm this fine year,
Tell me, what will you do to spread holiday cheer?
For those of you who aren't into parsing verse, here are the same questions, rendered in plaintext:
1) What proactive steps can an organization take to prepare for worms?
2) If a worm is released and spreading, what can an organization do to react to a worm and minimize damage?
3) Beyond a single company, what can the Internet community as a whole do to stop a rampaging worm like the one in the story?
4) Assuming no Christmas Eve worm spoils it, what are your holiday plans this year?
For the winning answer by St. gnick, click here.