10 Reasons Why Conficker Can Happen Again

By Don Reisinger  |  Posted 2009-10-28 Print this article Print

News Analysis: The Conficker worm affected users nearly one year ago. But now that it has left the headlines, there might be a false sense of security in the Windows ecosystem. There shouldn't be. Even the most up-to-date security programs are hard-pressed to keep up with the latest threats. There are countless millions of PCs and thousands of applications that aren't protected by the latest security software or have never been patched to close known security flaws. There is no telling when some new virus or Trojan as cunningly malicious as Conficker will appear.

It was just under a year ago that the Conficker worm was first detected. It was ravaging Windows PCs all over the world. The worm exploits Windows flaws to link the host computer to virtual command that can be controlled by the worm's remote authors. Conficker still controls millions of computers all over the world.

But as Conficker fell from the headlines, many of us forgot about its potential danger. And in the course of a year, not much has been done to ensure that a major breakout of Conficker or something similar won't happen again. Simply put, the threat is still there and, unfortunately, it can impact users once again.

Here's why:

1. Security is a "catch-up" game

Unfortunately, operating system security isn't proactive. In most cases, an issue erupts and the security community scrambles to fix it. That happened with Conficker. And since the worm is still impacting the globe, there's little chance that it won't continue to happen. We need to catch up to the malicious hackers.

2. Blame the users too

Users don't spend enough time focusing on their own security. Conficker was able to infect so many computers because users just don't know how to handle security issues when they arise. It gets worse when Microsoft releases a security patch for Conficker and a large portion of its users (30 percent, according to most estimates) don't even patch their systems. Until users understand the security ramifications of their actions, Conficker can very easily happen again.

3. Malicious hackers are becoming more sophisticated

Since Microsoft and security firms are doing a better job of combating security issues, malicious hackers are becoming more sophisticated. Nowhere is that more evident than in Conficker. It wasn't a simple Trojan or virus. It was designed specifically to capitalize on the weaknesses inherent in Windows-users and code. It was a sophisticated attack. And so far, the security community is having a hard time combating it.

4. Windows is still Windows

It's no secret that Windows isn't the most secure operating system on the market. Most malware producers see it for what it really is: an easy target. Not much has changed over the past year. There's no reason to suggest that anyone who wanted to mimic Conficker's impact couldn't do it again. Windows is still Windows.

5. Security programs aren't up to the challenge

Although there are several antivirus and anti-spyware programs available to Windows PCs, the vast majority of those machines simply don't have the capability to identify and remove all the security threats that impact the Windows ecosystem. That's precisely why security experts tell users to have more than one security program running at all times. Until security programs can effectively manage known issues, how can we expect them to manage the unknown? 

Don Reisinger is a freelance technology columnist. He started writing about technology for Ziff-Davis' Gearlog.com. Since then, he has written extremely popular columns for CNET.com, Computerworld, InformationWeek, and others. He has appeared numerous times on national television to share his expertise with viewers. You can follow his every move at http://twitter.com/donreisinger.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel