“We seem to have a botwar on our hands,” said Mikko Hypponen at computer security firm F-Secure.

An excellent article from the UK’s Guardian Unlimited tells the story of a then 16-year-old in southern Austria who writes viruses and worms just for kicks. It’s an interesting read. “When Mario is bored, he likes to sit at his laptop and create computer viruses and worms. Online, he goes by the name Second Part to Hell, and he has written more than 150 examples of what computer experts call ‘malware’: tiny programs that exist solely to self-replicate, infecting computers hooked up to the internet. Sometimes, these programs cause damage and sometimes they don’t. Mario says he prefers to create viruses that don’t intentionally wreck data, because simple destruction is too easy. ‘Anyone can rewrite a hard drive with one or two lines of code,’ he says. ‘It makes no sense. It’s really lame.’ Besides which, it’s mean, he says, and he likes to be friendly.”

Computer experts called 2003 ‘The Year of the Worm,’ with Slammer infecting nearly 75,000 servers in 10 minutes, followed by Blaster which carried its Bill Gates-taunting messages to hundreds of thousands of computers. Sobig.F then came along. The infection was so widespread that there was a point at which one out of every 17 email messages included a copy of the worm. While data is sketchy and sometimes disputed, worldwide costs of the attacks may have been around $82 million including productivity losses and cleanup.

With the most recent work attack of the past few days, one could easily think that we’re in for another Year of the Worm. Since news outlets were hit this time, they of course hurled their own pain at the masses. Infections have been relatively low, however, according to this article from the AP. “It’s a sign, security experts say, that computer users are heeding warnings to quickly install patches as they’re released. It also indicates that Microsoft’s efforts to batten down the hatches of its ubiquitous software is paying off.” It indicates yet a third thing, too. Automatic Update, which I often curse, is keeping users more up-to-date and, thus, safer. I guess I should leave the blasted thing On.

While it may appear that some tech managers may not have applied the required patch quickly enough, the patch for vulnerable Windows 2000 Service Pack 3 wasn’t released by Microsoft until after they made available Service Pack 4. The Service Packs are large and require some planning on the part of organizations, so SP4 wasn’t immediately downloaded and applied. The patch for SP3 was released sometime between 11:00 pm and midnight on Tuesday.

This week’s worm, Zotob, illustrates a compelling and new situation: the ‘window’ for patching may today be non-existent. This Win 2K vulnerability was, after all, only discovered a week ago. Hackers jumped right on the opportunity, however, perhaps faster than ever before. Communication is key to all relationships, evidently, as better hacker-to-hacker information sharing is alleged to be a factor behind that rapid virus turnaround.

But, much like other businesses today, hackers are also in coopetition scenarios since there’s also a battle brewing between at least three rival hacker factions. According to one source in that article, this week’s relatively minor mayhem was only ‘collateral damage’ in the battle to compromise computers and, in the process, generate ‘bot/worm/virus armies. In another article, the chief research officer at F-Secure was quoted as saying, “There appear to three different virus-writing gangs turning out new worms at an alarming rate, as if they were competing to build the biggest network of infected machines.”

Things are gonna get really, really interesting.