Robert Siciliano Identity Theft Expert
We are not out of the woods with this one.
Conficker’s rise and fall and the passing activity of the worm on April 1st has allowed researchers and anti-virus companies to better understand the virus and its impact. While April Fools was supposed to be the day of reckoning for Conficker, it wasn’t and still isn’t a joke.
Viruses often come with a trigger date, as pointed out by CNET. And while many fail to meet the media hype, they still can and often do cause millions or billions in damage.
The media does what it does and reports on the news. While they or even I may not always get the facts straight, the impetus is still there.
In a “Conficker Postmortem,” CNET examines the media frenzy and points to a humorous spoof that Wired ran, a fake live blog from the “Conficker Worm War Room.” CNET also points out that, “The New York Times called it an ‘unthinkable disaster’ in the making. CBS’s 60Minutes said the worm could ‘disrupt the entire internet,’ and The Guardian warned that it might be a ‘deadly threat’.”
The positive result of this media hype is that it brings attention to an ongoing problem for an audience that never considered themselves vulnerable to these issues. In my world, even Facebook friends and Twitter followers who had never reacted to previous posts on a plethoraof IT and personal security issues are finally starting to ask the right questions.
“Your mom’s virus,” as we knew it, has become a part of popular culture. In a sense, this is a good thing, because it’s now water cooler talk with the same level of buzz as Britney Spears going nutty. We in the security community couldn’t ask for more and better attention, that may potentially enlist an army of security moms. Thank you, Conficker!
Still, Conficker is the most sophisticated virus to date and is still waiting to strike, which can very well lead to major data breaches and identity theft. As the virus continues to call home for the yet to be delivered update, researchers have determined an estimated 3.5 to 4 million PCs are infected on the Conficker botnet, which is the most powerful and dangerous aspect of Conficker.
Overall totals of infected computers may still be between 10 and 15 million. Many of those have a dormant virus that has the capability to wreak havoc, or that may have already been rendered impotent by anti-virus providers and IT administrators who have taken advantage of numerous solutions by McAfee and others.
What the public needs to understand is this infection is anything but over. The virus phones home every day looking for its next set of updates, which could still have catastrophic results if the virus ever reaches its full potential.
The risk here is that a virus of this kind has technology that can disable anti-virus software and that prevents access to numerous websites which provide automatic security updates, including Windows.
Today, Brian Krebs from the Washington Post points out the similarity’s to Y2K potential bug, just as I did last week. “In one sense, the response to Conficker could be compared to that of Y2K: A great deal of smart people threw a whole lot of resources and energy at a fairly complex problem and managed to turn a potentially very ugly situation into a relative non-event.”
The attention that Conficker brought upon itself has rallied security professionals to be on their highest guard, which is exactly where they should be.
See Robert Siciliano, identity theft speaker, discussing hacking for dollars.
I’m excited to work with uni-ball in 2009 in a partnership to help raise awareness about the growing threat of identity theft and provide tips for protecting yourself. Check out Uniball.com for more information.