Cybersecurity community 'learned valuable lessons from Conficker'

Conficker helped the cybersecurity community identify its strengths and weaknesses in defending against global threats, says a Rendon Group report.

Conficker helped the cybersecurity community identify its strengths and weaknesses in defending against global threats, says a Rendon Group report.

The report was commissioned by the US Department of Homeland Security to examine the lessons learned in fighting the Conficker worm, designed to create a botnet.

The report records the events surrounding the creation and operation of the Conficker Working Group (CWG) so that it could be used as a model in future.

The CWG grew out of an informal coalition of security researchers working to resist the world's largest known computer worm infection.

Click here to down the full report on Conflicker from the Conflicker Working Group. (Requires registration)

Despite a few errors, the report found the CWG was successful in preventing Conficker's author from gaining control of the botnet through an "unprecedented act of co-ordination and collaboration" by the cybersecurity community, including Microsoft, ICANN, domain registry operators, anti-virus vendors, and academic researchers.

Rodney Joffe senior technologist at Neustar and director of the CWG said the group demonstrated how the global community, public and private, can and should in the future come together to combat common threats.

"However it is also a clear example of how this 'best of breed' co-operation is generally powerless to stop determined attacks. Conficker remains undefeated, and no arrests have yet been made," he said.

The CWG estimates that more than seven million government, business and home computers in over 200 countries are still infected by Conficker and potentially under its control.

The Conficker Working Group, the report said, teaches us that private sector collaboration, public-private information sharing, support to law enforcement, resources and legislative reform are among the many urgent requirements if the cyber security community is to stay ahead of impending threats.

This and other lessons learned and recommendations are detailed in the report, with specific reference to group structure, operations, data usage and relation with stakeholders.

Sign-up to Computer Weekly to download more reports on security:

Ovum: Security Trends in 2011

The 11 Security Commandments

How to tackle internet filtering and reporting

Architecture for de-perimitisation of IT security




Enjoy the benefits of CW+ membership, learn more and join.

Read more on IT risk management

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.