April 3, 2009

Conficker (April) Fools Day The Real Danger is not ConfickerConficker (April) Fools Day The Real Danger is not Conficker

Forgive me if I editorialize and slip from factual reporting into expressing my opinion. April 1 has come to most of the world and the sky has not fallen yet. In fact, most of the incidents reported so far are more related to Conficker hysteria than to the effects of the worm (or are April Fools jokes themselves). To be sure, Conficker has been busy downloading instructions for the next round, but nothing dramatic has happened.

A breakthrough (thanks to some German researchers, Rich Mogull, and Dan Kaminksy) made a couple of days ago will make it possible to perform network scans for infected machines. There are also many tools available online to scan for and remove Conficker. The threat is far from over, but my biggest concern is not the noisy, headline-grabbing threats like Conficker. In the end, more harm may be done (and more money stolen from innocent victims by) the myriad of fake malware removal tools (rogues) that the publicity about Conficker has spawned.

In the end, the noisy Confickers of the security world are not our biggest threat. The whole Conficker affair smells like a marketing ploy to me – intended to get the attention of those potential buyers of future exploits who lurk in the shadows of the internet. The yet-undisclosed authors of Conficker have certainly demonstrated their abilities. Microsoft’s $250,000 reward is an indication of just how much top-notch malware writers like this could command for their services. The real threats are the quiet ones, the ones that lurk undetected for years, silently stealing information and leaking it out without being noticed. There is no better example than the recently-disclosed GhostNet allegedly operated by the Chinese.

We must not let ourselves become so distracted by the threats in yesterday’s or today’s headlines that we become laxed in our vigilance. This would be the perfect time to slip in a new zero-day exploit while everyone is focused on Conficker. It is those crafty, hidden pieces of malware that will be some future headline (or, worse, the ones that will remain undiscovered and never make the headlines) that keep me awake at night.

Dennis H in West Virginia, US

April 1

Homepage: Nerds On Site

Blog Home: Blog

Artile: Conficker (April) Fools Day The Real Danger is not ConfickerConficker (April) Fools Day The Real Danger is not Conficker

Sort By Category