Conficker Alive and Well Post April 1st Deadline

Dennis Faas's picture

So, a couple days have come and gone and we're without any real evidence that the Conficker worm was a legitimate threat. Was it all just a bunch of hooey? Maybe, but if there's one thing we should take away from the debacle, it's that the problem isn't yet solved, even if there was no disaster.

Most security experts were just happy to breathe a sigh of relief when April 1st came and went without planes falling out of the sky. "I'm not sure what to think," remarked BT chief security officer Bruce Schneier. "In a sense, the whole Conficker thing just puts a name on a general problem." (Source: cnet.com)

Eye of The Storm

The big problem is that Conficker is still unresolved.

The nasty, if quiet worm made its way through a Windows hole Microsoft tried to patch last year, and has also been able to spread through storage devices and poorly encrypted networks. Although there were no reports that Conficker did any real damage on April 1st, the worm is still out there, looming and waiting. (Source: pcworld.com)

CNET.com even speculates that the threat may be worse now. For one, systems with Conficker infections can still spread the worm through peer-to-peer (P2P) technology, even as registrars block access to command-and-control servers and domains.

"It's not like it's gone," said IOActive's director of penetration testing Dan Kaminsky. "We're looking at a massive, amorphous network with a command and control that we don't have the means to block anymore. Things got worse on April 1 for the remaining infected nodes."

Mainstream Media Creates Most Dangerous Situation

Of course, the real disaster on April 1st was in the media. Sensationalist reports made it sound like this could be a disaster of epic proportions, sending people scrambling to anti-virus software homepages desperately seeking updated protection. Yahoo headlines even suggested that Conficker and April 1st could make for an online "Pearl Harbour," shamelessly stirring up worries.

And so, now that the date has passed without any visible sign of sinister activity, most people remain angry with the media and with anti-virus software companies, who they believe like to create such sensations. In essence, the boy cried wolf once, and the second time it's unlikely anyone will be listening.

Conficker's not gone, and those media outlets that suggested this thing could spark panic and disaster may have created the most dangerous situation of all.

Rate this article: 
No votes yet