SAN FRANCISCO, June 14: A worst-case worm attack on the United States could easily cost the country $50 billion in direct damages, security experts said on Monday.

Nicholas Weaver and Vern Paxson, security researchers who work with the International Computer Science Institute (ICSI), a non- profit research group associated with the University of California at Berkeley, modelled a worst-case scenario in which state-sponsored attackers construct a worm exploiting an unpublished vulnerability, then launch it over the Internet.

"Although our estimates are at best approximations, a plausible worst-case worm could cause $50 billion or more in direct economic damage by attacking widely used services in Microsoft Windows and carrying a highly destructive payload," Weaver and Paxson said.

Weaver and Paxson make a number of assumptions to arrive at their worst-case worm, including attackers with extensive resources, such as those sponsored by an enemy nation; the ability to sniff out an as-yet-undiscovered vulnerability in Windows; and a resulting worm that could spread so quickly that anti-virus firms wouldn't be able to react in time with updated signatures before damage had been done.

An electronic attack of this magnitude "could cause widespread economic damage by disrupting or even destroying a large fraction of the computers responsible for day-to-day business," said Weaver and Paxson. "It's not implausible to conceive of attacks that could disrupt 50 million or more business computers."

By comparison, Weaver and Paxson said, last summer's Blaster worm, which exploited a vulnerability that was known for almost a month before the worm appeared, infected a minimum of eight million machines.

Worms would be the weapon of choice for such an attack, the researchers said, because they can spread very quickly, as evidenced by the Slammer worm of 2003, which managed to infect tens of thousands of systems worldwide in less than 10 minutes.

Weaver and Paxson investigated seven popular system and two motherboard manufacturers' wares, and found that, in a third of the cases, it's possible for a worm to cause enough damage that the motherboard would need to be replaced.

The other two-thirds of the time, the BIOS could be restored, but that's "a complex procedure that's beyond the skills of most computer users and perhaps even many system administrators," said the researchers.