posted by Thom Holwerda on Wed 1st Apr 2009 13:48 UTC
IconWe're well and deep into April 1 now, and if you were to believe some of the reports and hype on the internet, we should've all been paying in bottle caps right about now. As any sane person already saw coming, the Windows worm Conficker didn't do anything. It just kind of sat there, patiently mocking all those who did not update their machines properly.

The Conficker.c variant had an activation date of April 1, 2009, and naturally, people were curious as to what exactly it would activate. April 1 is well under way now, even 12:00 GMT has passed, and it's a bit of a letdown. Thanks to all the doom and gloom media reports, I was expecting a total meltdown of society. I had been saving up bottle caps for months now, and easily have enough of them to buy some leather armour and a Chinese assault rifle. I guess I'll keep them just in case there's going to be yet another meltdown of society.

Joking aside, what exactly has Conficker.c done so far? Well, not a whole lot. The earlier variants of the worm (a and b) haven't changed their behaviour at all, and the c variant only increased the number of domains it polled for possible update locations. It hasn't sent any spam, nor has it partaken in any denial-of-service attacks. In other words, nothing has happened.

Still, this doesn't mean that the problems are gone. There are still between 1 and 4 million infected machines out there because of people who failed to keep their machines up-to-date (even after news of the worm became known), and those need to be cleaned up. With the increase in number of domains polled for updates, this process has become a little harder.

What can we learn from all this? Well, if you still need to learn something from this, you haven't been paying attention the past, say, 9 years. The internet is a source of viruses, worms, and malware, and Windows has been particularly receptive to them. The situation has improved greatly since Windows Vista, though. The key to avoiding these problems is to use another operating system, or at least to keep Windows up-to-date. Expletive deleted.

The security hole exploited by Conficker and its variants was already patched before the worm got out, which means that if you were a good boy or girl, and kept your machines up-to-date, you had nothing to fear. However, thanks to the laxness of other people, we are now facing a pretty huge botnet that could be used for anything from sending spam to performing DOS attacks.

Apparently, among those lax people are several government agencies. The UK Ministry of Defence has been infected, including a number of Royal Navy warships, but also the UK's parliament, a Sheffield hospital, the judicial systems in the city of Houston, and the Bundeswehr (that's the German army).

Doesn't it feel comfortable to have your government watch over you?

e p (0)    31 Comment(s)

Technology White Papers

See More