Catching the Conficker feckers

Davey Winder
Saturday, 14 February 2009 18:08

IT Industry - Market

It has already become one of the most talked about, and most widespread, worms of recent years. But how do you go about catching the feckers behind Conficker?

Conficker is that most typical of tech troublemakers: it relies upon the laziness and stupidity of Windows users. By not bothering to install the MS08-067 patch from last October, they left themselves exposed to infection.

Untypically though, the numbers infected did not run to a few hundred, or even a few hundred thousand, but rather climbed into the tens of millions within a few days of the latest Conficker worm variation appearing.

It is estimated that as many as 30 percent of all Windows machines were not patched at the time when the worm was released into the wild.

Also known as Downadup and Kido, this worm has turned into a security nightmare for everyone from the home user through to the enterprise. Indeed, it is within the SME space that the most damage is likely to have taken place.

It is the small to medium sized enterprise where patches all too often tend to be rolled out more slowly, where automatic updates are not the norm for many reasons. Even large organisations which you might expect to know better apparently did not.

There are reports that NHS hospitals in the UK saw hundreds of computers infected, and we reported here at iTWire on how Conficker had some success in sinking the Royal Navy for a while.

Trouble is, every day Conficker is getting bigger and pretty much every security expert agrees that it can only be a matter of time before the giant Conficker Botnet springs into live to release an as yet unknown (although almost certainly spam and malware related) payload.

So what is being done to stop the Conficker feckers, and can the Conficker Cabal succeed in putting the kibosh on the cyber-criminals before it is too late? More on page 2...

CONTINUES