Conficker Communicates With Command; Conficker Media Communicators Miss An Opportunity

As generally anticipated in the tech press, the Conficker worm communicated with its controllers, downloading new instructions, but otherwise failing to cause problems. Problems, though, were what many in the mainstream press were looking for, and therein lies a problem itself.

Keith Ferrell, Contributor

April 1, 2009

2 Min Read
Dark Reading logo in a gray background | Dark Reading

As generally anticipated in the tech press, the Conficker worm communicated with its controllers, downloading new instructions, but otherwise failing to cause problems. Problems, though, were what many in the mainstream press were looking for, and therein lies a problem itself.The widespread Conficker worm updated itself right on April 1 schedule. And that's about all that happened.

Not that a lot of technology watchers expected a lot more than that to happen: we suggested last week that the predictions of mass attacks would prove mostly to be hype from hell, nor were we alone.

But the mass media, particularly television, never eager to miss a chance to sound apocalyptic alarms, sounded plenty of impending doom and disaster warnings, with Lesley Stahl's 60 Minutes piece, "The Internet Is Infected," perhaps the highest profile of them.

In doing so, the media missed a chance to communicate the real problem that Conficker and other malware represents. The one that you and your employees and vendors and customers understand:

Conficker and other malware spread because there are still millions of computers that are insufficiently protected, operated by millions of computer users who simply don't pay attention to patch and anti-malware updates, or, more frighteningly, don't know that they need to.

And now that Conficker has failed to live up to hell-hype, odds are the complacency will only get worse.

While Stahl's piece mentioned anti-virus software, it was mentioned tangentially at best, despite having a Symantec executive on camera. Many of the mainstream press reports included links to anti-virus companies and sites, but otherwise kept the focus trained on the looming April 1 Internet disaster.

Where were the service pieces? Simple, straightforward stories that would show viewers what anti-malware defenses are, how to set them to auto-update themselves, how to protect yourself from scamware and phishing expeditions?

The mainstream outlet's tech-specialist journalists as rule did a good job of putting things in perspective, with Larry Magid (of CBS, among other outlets) pointing out on NPR that there's no profit in hackers bringing the Internet to a halt.

Small and midsized businesses like yours understand the importance of communicating, and constantly, with your employees and vendors about the threats that are present on the Internet. You are or should be -- aggressive in your insistence that all devices connected to your network be identified and protected, that all patches be installed immediately, that virus definition updates are a part of daily operations.

Do that, and when Conficker, or the Next Big Threat, does seek to monetize itself, it will do so without tagging your business or your employees.

Don't miss the opportunity that the mass media did.

About the Author

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights