Worm: The First Digital World War

Worm: The First Digital World War

3.8 28
by Mark Bowden

View All Available Formats & Editions

The Conficker worm infected its first computer in November 2008 and within a month had infiltrated 1.5 million computers in 195 countries. Banks, telecommunications companies, and critical government networks (including the British Parliament and the French and German military) were infected. No one had ever seen anything like it. By January 2009 the worm lay…  See more details below


The Conficker worm infected its first computer in November 2008 and within a month had infiltrated 1.5 million computers in 195 countries. Banks, telecommunications companies, and critical government networks (including the British Parliament and the French and German military) were infected. No one had ever seen anything like it. By January 2009 the worm lay hidden in at least eight million computers and the botnet of linked computers that it had created was big enough that an attack might crash the world.

Surprisingly, the U.S. government was only vaguely aware of the threat that Conficker posed, and the task of mounting resistance fell to disparate but gifted group of geeks, Internet entrepreneurs, and computer programmers. They formed what came to be called the Conficker Cabal, and began a tireless fight against the worm. But when Conficker’s controllers became aware that their creation was beginning to encounter resistance, they began refining the worm’s code to make it more difficult to trace and more powerful testing the Cabal’s unity and resolve. Will the Cabal lock down the worm before it is too late? Game on.

Worm reports on the fascinating battle between those determined to exploit the internet and those committed to protect it.

Read More

Editorial Reviews

From the Publisher

“[Worm] is well-written and informative, capturing a key episode in a fast-moving field we all need to better understand.”—The Washington Post

“When Mark Bowden writes, smart readers pay attention. . . . Bowden is a deserved brand name – a superb reporter and compelling narrative writer, whether his subject is war in a forlorn land (Black Hawk Down, set in Somalia) or a variety of others in seven other books (Killing Pablo, Guests of the Ayatollah, etc.). And now we have the current masterpiece, Worm.”—The Philadelphia Inquirer

“Worm is a solid although disquieting read for anyone with a stake in the Internet’s continued smooth functioning—and these days, isn’t that just about all of us?”—Pop Matters

“In the world of nonfiction, Bowden is an ace, a writer with guts and gusto. . . [Worm] does a terrific job of setting the groundwork, turning the highly technical into something comprehensible.”—The Seattle Times

“Worm details a digital-age battle between good and evil . . . It is a harbinger of the future, where threats to the cyber domain are as real and potentially cataclysmic as a weapon of mass destruction.”—Military Review

“Bowden . . . gives this account of the computer world’s efforts to neutralize the Conficker worm the flavor of a riveting report from the digital battlefield’s front lines. . . . A nerve-wracking but first-rate inside peek into the world of cybercrime and its vigilant adversaries.”—Booklist

“[T]he thumbs of every 30-something üntergeek will still Tweet in ecstasy at seeing technical terms like NCP/IP, Port 445, and MS08-067 spread across the pages of a mainstream book. But the rest of us should take Mark Bowden’s warnings with the utmost seriousness because of the growing threats to our wired world.”—New York Journal of Books

“[T]his book chronicles a larger threat and should be on the shelves not just of computer collections, but any general lending library.”—The Midwest Book Review

“People have compared cybercrime to a type of warfare. And after reading Mark Bowden’s fast-paced Worm: The First Digital World War, it’s easy to see why.”—South Bend Tribune

“Excellent. . . a screen grab of a kaleidoscopic video with a projection growing bigger by the day, a sound getting louder by the hour.”—The Oregonian

“[A] story that readers will find entertaining, informative, and—hopefully—a little alarming.”—Lawfare

“Bowden is a sharp, funny writer who can convey a complex narrative in crisp terms . . . A brief, punch reminder of our high-tech vulnerabilities.”—Kirkus Reviews

“[Bowden] delivers a dramatic cyber crime story that explores . . . a devastating computer virus and a potential weapon in war.”—Publishers Weekly

Peter W. Singer
The book is well-written and informative, capturing a key episode in a fast-moving field we all need to better understand.
—The Washington Post

Veteran journalist Mark Bowden is best known for his battlefront bestsellers Black Hawk Down and Guests of the Ayatollah, but in Worm, he turns to a truly global war that might have already invaded your home. In late 2008, digital experts first became aware of Conficker, a devilishly intricate virus that infected as many as 12 million computers in 200 countries. Worm tracks the double-edged high-tech hunt to find the culprits and neutralize the virus they implanted, taking you inside the strange world cyber-crime fighters, which includes both professionals and good-guy amateurs. A riveting, scary read.

Publishers Weekly
Bestselling Black Hawk Down author Bowden follows a group of white-hat computer experts who came together to fight Conficker, malware that surfaced in late 2008 and appeared poised to take over millions of computers running Windows Operating System on April 1, 2009. Bowden shows how “The Cabal” struggled to stay ahead of the Conficker worm as it evolved in the course of four months into ever more threatening incarnations. The author takes readers behind the scenes, showing the security specialists’ increasing frenzy, not to mention occasional infighting, as they worked to defeat the worm. Along the way, the author lucidly explains how malware can take over computers as well as how the very openness of the Internet makes it vulnerable to attack. “If no one is ultimately responsible for the Internet, then how do you police and defend it?” he asks. But while Bowden presents the Cabal’s efforts to defeat Conficker as an epic good vs. evil battle, the actual stakes are never entirely clear. Even the computer researchers have no way of knowing whether Conficker will set off “Cybarmageddon,” or will amount to no more than an elaborate April Fool’s joke. (Oct.)
Library Journal
Not those squishy things but something much more revolting: the Conficker computer worm first noticed in November 2008 that goes after the Microsoft Windows operating system. It's now said to control millions of government, business, and home computers worldwide. Bowden (Black Hawk Down) helps us worry about the consequences.
Kirkus Reviews

From the author of Black Hawk Down, a different sort of blood-and-thunder heroism narrative, out on the frontiers of cybercrime.

Journalist Bowden (The Best Game Ever: Giants vs. Colts, 1958, and the Birth of the Modern NFL, 2008, etc.) enthusiastically explains that world commerce faces serious threats from malware, especially "botnets," networked computers with a customized hidden infection that can be triggered by the malware programmer for any number of vicious effects. The largest such threat to date became known as Conficker when it surfaced abruptly in 2008. Much of Bowden's narrative documents the work of a disparate, volunteer group of early Internet pioneers, ex-hackers and driven cyber-security professionals who came together, mostly online, to form the Conficker Working Group or (its preferred name) The Cabal. Initially, the group felt confident in their collective, improvised efforts to minimize the worm's ability to infect individual computers and form a botnet; they were thus increasingly alarmed when Conficker was twice upgraded in sophistication by its mysterious programmers. Worse, their attempts to alert federal authorities were met with comical paranoia and ineptitude. Since Conficker functioned by randomly infecting large quantities of domain names, it was particularly difficult to counteract; yet, after much tension, the activation date for the botnet came and went to no apparent effect. Bowden notes that "the prospect of nothing happening...had actually become the prevailing theory of The Cabal itself." Still, Cabal members and Bowden both insist that the danger was not overstated. The author concludes that Conficker proves that "carefully tailored targeted attacks" are the wave of the future, using as an example the Stuxnet worm that attacked Iranian nuclear-production facilities. Bowden is a sharp, funny writer who can convey a complex narrative in crisp terms, but due to the subject matter, this remains an airy and less-engaging book than his best-known works.

A brief, punchy reminder of our high-tech vulnerabilities.

Read More

Product Details

Grove/Atlantic, Inc.
Publication date:
Product dimensions:
5.40(w) x 8.20(h) x 0.80(d)

Read an Excerpt


The First Digital World War
By Mark Bowden

Atlantic Monthly Press

Copyright © 2011 Mark Bowden
All right reserved.

ISBN: 978-0-8021-1983-4

Chapter One



The new worm in Phil Porras's digital petri dish was announced in the usual way: a line of small black type against a white backdrop on one of his three computer screens, displaying just the barest of descriptors—time of arrival ... server type ... point of origin ... nineteen columns in all.

The readout began:

17:52:00 ... Win2K-f ... (NET.AR): PRIMA S.A, BUENOS AIRES, BUENOS AIRES, AR. (DSL) ...

It was near the end of the workday for most Californians, November 20, 2008, a cool evening in Menlo Park. Phil took no notice of the newcomer at first. Scores of these digital infections were recorded on his monitor every day, each a simple line on his Daily Infections Log—actually, his "Multi perspective Malware Infection Analysis Page." This was the 137th that day. It had an Internet Protocol (IP) address from Argentina. Spread out across the screen were the infection's vitals, including one column that noted how familiar it was to the dozens of antivirus (AV) companies who ride herd on malicious software (malware). Most were instantly familiar. For instance, the one just above was known to all 33 of the applicable AV vendors. The one before that: 35 out of 36.

This one registered a zero in the recognition column: 0 of 37. This is what caught his eye when he first noticed it on his Log.


Outside it was dark, but as usual Phil was still at his desk in a small second-story office on the grounds of SRI International, a busy hive of labs, hundreds of them, not far from Stanford University. It is a crowded cluster of very plain three-story tan-and-maroon buildings arrayed around small parking lots like rectangular building blocks. There is not a lot of green space. It is a node of condensed brainpower, one of the best-funded centers for applied science in the world, and with about seventeen hundred workers is the second-largest employer in Menlo Park. It began life as the Stanford Research Institute—hence the initials SRI—but it was spun off by the university forty years ago. It's a place where ideas become reality, the birthplace of gizmos like the computer mouse, ultrasound imagery machines, or tiny robot drones. The trappings of Phil's office are simple: a white leather couch, a lamp, and a desk, which is mostly taken up by his array of three computer monitors. On the walls are whiteboards filled with calculations and schematics and several framed photos of vintage World War II fighter planes, vestiges of a boyhood passion for model building. The view out his window, through a few leafy branches, is of an identical building across an enclosed yard. It could be any office in any industrial park in any state in America. But what's remarkable about the view from behind Phil's desk has nothing to do with what's outside his window. It's on those monitors. Spread out in his desktop array of glowing multicolored pixels is a vista of cyberspace equal to ... say, the state of Texas.

One of the inventions SRI pioneered was the Internet. The research center is a cornerstone of the global phenomenon; it owned one of the first two computers formally linked together in 1969, the first strand of a web that today links billions. This was more than two decades before Al Gore popularized the term "information superhighway." There at the genesis, every computer that connected to the nascent network was assigned its own 32-bit identity number or IP address, represented in four octets of ones and zeros. Today the sheer size of the Internet has necessitated a new system that uses 128-bit addresses. SRI ceded authority for assigning and keeping track of such things years ago, but it retains ownership of a very large chunk of cyberspace. Phil's portion of it is a relatively modest, nothing-to-brag-about-but-damned-hard-to-get, "slash 16," a block of the original digital universe containing 65,536 unique IP addresses—in other words, the last two octets of its identity number are variable, so that there are two to the sixteenth (216) possible distinct addresses, one for each potential machine added to its network. It gives him what he calls "a large contact surface" on the Internet. He's like a rancher with his boots propped on the rail on the front porch before a wide-open prairie with, as the country song says, miles of lonesome in every direction. It's good for spotting intruders.

Phil's specialty is computer security, or, rather, Internet security, because few computers today are not linked to others. Each is part of a network tied to another larger network that is in turn linked to a still larger one, and so on, forming an intricate invisible web of electrons that today circle the Earth and reach even to the most distant parts of our galaxy (if you count those wayfaring NASA robot vehicles sending back cool snapshots from mankind's farthest reach into space). This web is the singular marvel of the modern age, a kind of global brain, the world at everyone's fingertips. It is a tool so revolutionary that we have just begun to glimpse its potential—for good and for evil.

Out on his virtual front porch, Phil keeps his eyes peeled for trouble. Most of what he sees is routine, the viral annoyances that have bedeviled computer users everywhere for decades, illustrating the principle that any new tool, no matter how helpful, will also be used for harm. Viruses are responsible for such things as the spamming of your in-box with come-ons for penis enlargement or million-dollar investment opportunities in Nigeria. Some malware is designed to damage or destroy your computer, or threaten to do so unless you purchase a remedy (which turns out to be fake). When you get hit, you know it. But the newest, most sophisticated computer viruses, like the most successful biological viruses, have bigger ambitions, and are designed for stealth. They would be noticed only by the most technically capable and vigilant of geeks. For these, you have to be looking.

Anything new was enough to make Phil's spine tingle. He had been working with computers since he was in high school in Whittier, California, and had sent away in 1984 for a build-it-yourself personal computer. Back then personal computers were not yet on the market. Small companies catered to a fringe community of users, many of them teenagers, who were excited enough and smart enough to see the potential for home use. They would order kits and assemble the machines themselves, using them to play games, mostly, or configuring them to perform simple household or business chores. Phil's dad was an accountant, and his mom ran a care center for senior citizens, so he amazed them by programming his toy to handle time-consuming, monotonous tasks. But mostly he played games. He took computer classes in high school, contributing at least as much as he took away, and in college at the University of California, Irvine, he fell in with a group of like-minded geeks who amused themselves by showing off their programming skills. At the time—this was in the late 1980s—Sun Microsystems dominated the software world with "Solaris," an operating system with a reputation for state-of-the-art security features. Phil and his friends engaged in a game of one-upmanship, hacking into the terminals in their college labs and playing pranks on each other. Some of the stunts were painful. Victims might lose a whole night of work because their opponent had remotely reprogrammed their keyboard to produce gibberish. So Phil's introduction to computer warfare, even at this prank stage, had real consequences. It was a world where you either understood the operating system enough to fend off an attack, or got screwed.

This kind of competition—mind you, these were very few geeks competing for very small stakes—nevertheless turned Phil into an aggressive expert in computer security. So much so that when he graduated, he had to go shopping for a professor at the graduate level who could teach him something. He found one in Richard Kemmerer at the University of California at Santa Barbara (UCSB), one of the only computer security academics in the country at the time, who quickly recognized Phil as more of a peer than a student. The way you capitalized on superior hacking skills in academia was to anticipate invasion strategies and devise way of detecting and fending them off. Phil was soon recognized as an expert in the newly emerging field. Today, UCSB has one of the most advanced computer security departments in the world, but back in the early 1990s, Phil was it. When UNIX-5 was purported to be the most secure operating system in the business, Phil cooked up fifty ways to break into it. When he was twenty years old, he was invited to a convention on computer security at SRI, where he presented his first attempts to design software that would auto-detect his impressive array of exploits. The research institute snapped him up when he finished his degree, and over the next two decades Phil's expertise has evolved with the industry.

Phil has seen malware grow from petty vandalism to major crime. Today it is often crafted by organized crime syndicates or, more recently, by nation-states. An effusive man with light brown skin and a face growing rounder as he approaches middle age, he wears thin-framed glasses that seem large for his face, and has thick brown hair that jumps straight up on top. Phil is a nice guy, a good guy. One might even say he's a kind of superhero. In cyberspace, there really are bad guys and good guys locked in intense cerebral combat; one side cruises the Internet for pillage and plunder, the other to prevent it. In this struggle, Phil is nothing less than a giant in the army of all that is right and true. His work is filled with urgent purpose and terrific challenges, a high-stakes game of one-upmanship in a realm that few people comprehend. Like most people who love their work, Phil enjoys talking about it, to connect, to explain—but the effort is often doomed:

... So what we ended up doing is, see, we ended up becoming really good at getting ourselves infected. Like through a sandnet. Executing the malware. Finding the IRC site and channel that was being exploited by the botmaster and simply going after it. Talking to the ISP and directly attacking. Bringing it down. Bringing down the IRC server or redirecting all IRC communications to use ...

He tries hard. He speaks in clipped phrases, ratcheting down his natural mental velocity. But still the sentences come fast. Crisp. To the point. You can hear him straining to avoid the tricky territory of broader context, but then, failing, inevitably, as his unstoppable enthusiasm for the subject matter slips out of low gear and he's off at turbo speed into Wired World: ... bringing down the IRC server ... the current UTC date ... exploiting the buffer's capacity ... utilizing the peer-to-peer mechanism ... Suffice it to say, Phil is a man who has come face-to-face many times with the Glaze, the unmistakable look of profound confusion and uninterest that descends whenever a conversation turns to the inner workings of a computer.

The Glaze is familiar to every geek ever called upon to repair a malfunctioning machine—Look, dude, spare me the details, just fix it! Most people, even well-educated people with formidable language skills, folks with more than a passing knowledge of word-processing software and spreadsheets and dynamic graphical displays, people who spend hours every day with their fingertips on keyboards, whose livelihoods and even leisure-time preferences increasingly depend on fluency with a variety of software, remain utterly clueless about how any of it works. The innards of mainframes and operating systems and networks are considered not just unfathomable but somehow unknowable, or even not worth knowing, in the way that many people are content to regard electricity as voodoo. The technical side of the modern world took a sharp turn with the discovery of electricity, and then accelerated off the ramp with electromagnetism into the Realm of the Hopelessly Obtuse, so that everyday life has come to coexist in strict parallel with a mysterious techno dimension. Computer technology rubs shoulders with us every day, as real as can be, even vital, only ... also ... not real. Virtual. Transmitting signals through thin air. Grounded in machines with no visible moving parts. This techno dimension is alive with ... what exactly? Well-ordered trains of electrons? Binary charges?

That digital ranch Phil surveys? It doesn't actually exist, of course, at least not in the sense of dust and sand and mesquite trees and whirling buzzards and distant blue buttes. It exists only in terms of capacity, or potential. Concepts like bits and bytes, domain names, ISPs, IPAs, RPCs, P2P protocols, infinite loops, and cloud computing are strictly the province of geeks or nerds who bother to pay attention to such things, and who are, ominously, increasingly essential in some obscure and vaguely disturbing way to the smooth functioning of civilization. They remain, by definition, so far as the stereotype goes, odd, remote, reputed to be borderline autistic, and generally opaque to anyone outside their own tribe—THEY ARE MUTANTS, BORN WITH ABILITIES FAR BEYOND THOSE OF NORMAL HUMANS. The late M.I.T. professor Joseph Weizenbaum identified and described the species back at the dawn of the digital age, in his 1976 book Computer Power and Human Reason:

Wherever computer centers have become established, that is to say, in countless places in the United States, as well as in all other industrial regions of the world, bright young men of disheveled appearance, often with sunken glowing eyes, can be seen sitting at their computer consoles, their arms tensed and waiting to fire their fingers, already poised to strike, at the buttons and keys on which their attention seems to be riveted as a gambler's on the rolling dice. When not so transfixed, they often sit at tables strewn with computer printouts over which they pore like possessed students of a cabalistic text. They work until they nearly drop, twenty, thirty hours at a time. Their food, if they arrange it, is brought to them: Cokes, sandwiches. If possible, they sleep on cots near the computer. But only for a few hours—then back to the console or printouts. Their rumpled clothes, their unwashed and unshaven faces, and their uncombed hair all testify that they are oblivious to their bodies and the world in which they move. They exist, at least when so engaged, only through and for computers. These are computer bums, compulsive programmers. They are an international phenomenon.

The Geek Tribe today has broadened to include a wider and more wholesome variety of characters—Phil played a lot of basketball in high school and actually went out with girls—and there is no longer any need need for "printouts" to obsess over—everything is on-screen—but the Tribe remains international and utterly obsessed, linked 24/7 by email and a host of dedicated Internet chat channels. In one sense, it is strictly egalitarian. You might be a lonely teenager with pimples in some suburban basement, too smart for high school, or the CEO of some dazzling Silicon Valley start-up, but you can join the Tribe so long as you know your stuff. Nevertheless, its upper echelons remain strictly elitist; they can be as snobby as the hippest Soho nightclub. Some kind of sniff test applies. Phil himself, for instance, was kept out of the inner circle of geeks fighting this new worm for about a month, even though he and his team at SRI had been at it well before the Cabal came together, and much of the entire effort rested on their work. Access to a mondo mainframe or funding source might gain you some cachet, but real traction comes only with savvy and brainpower. In a way, the Tribe is as virtual as the cyber-world itself. Many members have known each other for years without actually having ever met in, like, real life. Phil seems happiest here, in the glow of his three monitors, plugged into his elite global confederacy of the like-minded.


Excerpted from Worm by Mark Bowden Copyright © 2011 by Mark Bowden. Excerpted by permission of Atlantic Monthly Press. All rights reserved. No part of this excerpt may be reproduced or reprinted without permission in writing from the publisher.
Excerpts are provided by Dial-A-Book Inc. solely for the personal use of visitors to this web site.

Read More

Customer Reviews

Average Review:

Write a Review

and post it to your social network


Most Helpful Customer Reviews

See all customer reviews >

Worm: The First Digital World War 3.9 out of 5 based on 0 ratings. 28 reviews.
Anonymous More than 1 year ago
It took me two days to finish this book. As a Computer Programmer, I quickly fell in love with this book and it showed me that other people had passion about working with computers, the internet and making sure our net' and information was safe from the "Black Hats". This book took me deep inside on what really happened during the Conficker outbreak (I seriously had to look it up) and I could not just believe that there was a lot going on. This book delve into the minds of the people who were working so hard to prevent our net from crashing, working 24-7 to make sure out information is safe. (SPOILER ALERT) Ha, even though nothing happened and the virus did not really do any damage, hence the April fools (END OF SPOILER) but at the same time, just reading this book and witnessing the strong faction of what is going on in Cyberwarefare today and the process of keeping out information safe, just made me want to enroll in Information Tech. Lol :)
Anonymous More than 1 year ago
Anonymous More than 1 year ago
Anonymous More than 1 year ago
This was an interestung read but at times seemed to jump back and forth in time and covered the same background material several times. A good editing would have cleaned this up and significantly improved the boiok.
cbo More than 1 year ago
The book is very interesting. However, the formatting of the Nook version is inconsistent. Every few pages, or several times a page, the line spacing goes from double space to single space. Yes, I can set the electronic version to all single space, but even then the spacing isn't consistent (just enough to be distracting). I don't have this problem with any other of my Nook purchases.
Anonymous More than 1 year ago
I found this narrative engaging & remarkably easy to follow, Luddite though I may be. After reading it, I'll be less cavalier about keeping system updates current, & I'll take warnings of worms & viruses more seriously. I've relaxed a little about doing business over the Internet, but this book confirms my belief that it's far more vulnerable than we admit. -- catwak
Anonymous More than 1 year ago
Anonymous More than 1 year ago
The Nook version has problems with the font on my copy - different fonts & font sizes from page to page and even on the same page. There are misspelled words, poorly constructed sentences and paragraphs, and heavy reliance on gigantic cut and paste blocks of emails sent between team members that don't help the story. After around 100 pages the book bogs down into repetition, fails to mention there is a fourth variant of this worm, and otherwise is truly not worth buying -- if you must have it find it used.
Anonymous More than 1 year ago
We all know that cyber crime is real, but do you know that the goverment, FBI,NSA,&DOD, don't have a clue how to stop it? Well read this book and you will understand not only that they clueless, but who the real good guys are. This is non-fiction, but it reads like a suspense novel.
Anonymous More than 1 year ago
Anonymous More than 1 year ago
NaturalDreamer123 More than 1 year ago
Since this was a gift, I can't comment on the content but the delivery was prompt and the product was in excellent condition.
Anonymous More than 1 year ago
Anonymous More than 1 year ago
Anonymous More than 1 year ago
Anonymous More than 1 year ago
Anonymous More than 1 year ago
Anonymous More than 1 year ago
Elaine_avid_reader More than 1 year ago
This book was easy to read. Timely content, unbelievable because it is a glimpse into the future.
Anonymous More than 1 year ago
Another great read by Bowden, shockingly informative. I recommend this book.
Anonymous More than 1 year ago
Cylix More than 1 year ago
I've been interested in computers since computer class with the commodore superpet and I've loved reading about the evolution of computers and the net. This book is for people who enjoy reading stories about a world within the web.
Anonymous More than 1 year ago
Anonymous More than 1 year ago
I just could not get into this book because it seemed so technical and too complicated ,even in the beginning, to try to follow so I never continued reading it. Sorry but this is just not kind of book to get into and keep on reading....This would be a good book for someone who is much more into computers, and all it touches on.....
Anonymous More than 1 year ago