News Analysis

Conficker fails to live up to hype – so far

Warwick Ashford

Conficker has so far failed to unleash the internet chaos many predicted on 1 April when the worm was expected to contact criminal command and control centres.

Some security suppliers scrambled ahead of the supposed activation date to capitalise on a recent technology breakthrough that allows anti-virus systems to penetrate the worm's camouflaging capability.

It remains to be seen whether Conficker was just another marketing opportunity like the Michelangelo virus.

The supplier community has not done itself a service by sounding another warning about a threat that has failed to materialise, says John Colley, Emea managing director of (ISC)2.

Security professionals are unlikely to be swayed by such hype and follow instead the basic principle of ensuring all systems are patched and up to date, he says.

But even security experts who have downplayed the hype around Conficker have emphasised that the true nature and purpose of the worm is still unknown.

"We may not know what Conficker is going to do, but its authors are clearly malicious enough that we do not want their crud on our networks," says Dan Kaminsky, director of penetration testing at IOActive.

With over 10 million machines worldwide said to be infected, most security experts are still urging caution.

In the run-up to 1 April, analyst firm Gartner advised the deadline should not be taken too seriously, but stopped short of dismissing Conficker as a threat.

Conficker is a serious problem that businesses must address, says Gartner analyst Joe Pescatore.


Useful links:


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy