August 2003 was the busiest worm month since the Code Red/Nimda period in 2001. Blaster, Welchia, Sobig.F — three significant worms in two weeks.
What this teaches
The lull I observed in 2002 has ended. The threat landscape returns to high activity. Operators should plan for a sustained higher tempo through end of year and into 2004.
The specific defensive disciplines remain unchanged — patching, segmentation, monitoring, defence in depth. The cumulative cost of doing all of them well continues to grow.
More as the year develops.