IT Security & Network Security News & Reviews - eWeek



IT Security & Network Security News

10 Reasons Why Conficker Can Happen Again


By: Don Reisinger
2009-10-28
Article Rating:starstarstarstarstar / 5


There are  user comments on this IT Security & Network Security News & Reviews story.



  Table of Contents:
  1. 10 Reasons Why Conficker Can Happen Again
  2. The Window of Opportunity Remains Wide Open

News Analysis: The Conficker worm affected users nearly one year ago. But now that it has left the headlines, there might be a false sense of security in the Windows ecosystem. There shouldn't be. Even the most up-to-date security programs are hard-pressed to keep up with the latest threats. There are countless millions of PCs and thousands of applications that aren't protected by the latest security software or have never been patched to close known security flaws. There is no telling when some new virus or Trojan as cunningly malicious as Conficker will appear.

10 Reasons Why Conficker Can Happen Again
( Page 1 of 2 )

It was just under a year ago that the Conficker worm was first detected. It was ravaging Windows PCs all over the world. The worm exploits Windows flaws to link the host computer to virtual command that can be controlled by the worm's remote authors. Conficker still controls millions of computers all over the world.

But as Conficker fell from the headlines, many of us forgot about its potential danger. And in the course of a year, not much has been done to ensure that a major breakout of Conficker or something similar won't happen again. Simply put, the threat is still there and, unfortunately, it can impact users once again.

Here's why:

1. Security is a "catch-up" game

Unfortunately, operating system security isn't proactive. In most cases, an issue erupts and the security community scrambles to fix it. That happened with Conficker. And since the worm is still impacting the globe, there's little chance that it won't continue to happen. We need to catch up to the malicious hackers.

2. Blame the users too

Users don't spend enough time focusing on their own security. Conficker was able to infect so many computers because users just don't know how to handle security issues when they arise. It gets worse when Microsoft releases a security patch for Conficker and a large portion of its users (30 percent, according to most estimates) don't even patch their systems. Until users understand the security ramifications of their actions, Conficker can very easily happen again.

3. Malicious hackers are becoming more sophisticated

Since Microsoft and security firms are doing a better job of combating security issues, malicious hackers are becoming more sophisticated. Nowhere is that more evident than in Conficker. It wasn't a simple Trojan or virus. It was designed specifically to capitalize on the weaknesses inherent in Windows—users and code. It was a sophisticated attack. And so far, the security community is having a hard time combating it.

4. Windows is still Windows

It's no secret that Windows isn't the most secure operating system on the market. Most malware producers see it for what it really is: an easy target. Not much has changed over the past year. There's no reason to suggest that anyone who wanted to mimic Conficker's impact couldn't do it again. Windows is still Windows.

5. Security programs aren't up to the challenge

Although there are several antivirus and anti-spyware programs available to Windows PCs, the vast majority of those machines simply don't have the capability to identify and remove all the security threats that impact the Windows ecosystem. That's precisely why security experts tell users to have more than one security program running at all times. Until security programs can effectively manage known issues, how can we expect them to manage the unknown? 








 
 
>>> More IT Security & Network Security News & Reviews Articles          >>> More By Don Reisinger
 


FEATURED SPONSOR VIDEOS

Benefits of Workload Optimization

What Smart Companies MUST Learn from Gaming

Advances in Authentication

Vertical Markets Benefit from Workload Optimization

View More Videos

Brought to you by
Advertisement

FEATURED SPONSOR MESSAGE

Start the New Year with business intelligence—it’s a smart move

Join us on February 1 for an encore rebroadcast at either 5 am or 12 noon EST and discover how business intelligence (BI) supports companies in uncertain business and economic climates. Get expert advice on how to create a strategy that fits your organization's needs and budget and see how quickly it can pay for itself.

Click Here

Brought to you by
eweek digital

Suggested Related Content:

Articles Labs/How-To Multimedia


Advertisement
 
APPLY FOR A FREE 
SUBSCRIPTION BELOW:
>Try digital eWEEK
>Renew today
>Subscription help
>More FREE Subscriptions
First Name:Last Name:
Title:Company:
Address:City:
State:Zip Code:
Email:
Issue Index | Contact Us | About | Advertise | Magazine Customer Service | Site Map
eWEEK Quick LInks

Security:
Enterprise Networking
Network Security
Infrastructure Security
How To: Data
Security Watch Blog
Storage:
Data Storage
Cloud Storage
Storage Virtualization
Network Access Storage
How To: Storage
Storage Station Blog
Computing:
Apple OSX
Linux Systems
Windows 7
Managed Print Services
Computer Reviews
Microsoft Watch Blog
Google Watch Blog
Communications:
VoIP Solutions
Wireless Technology
Messaging Software
Web Services
Apps & Development:
Application Development
Enterprise Apps
Search Engines
Database Software
Web 2.0
CIOs

Vertical Markets:
Federal Government IT
Health Care IT
Finance IT
Mid-Market
Channel and VARs
Careers Blog
More eWeek Links:
Green Computing Center
Tech Knowledge Center
Tech Newsletters
Tech RSS Feeds
White Papers
Tech Videos
Magazine Subscriptions
Enterprise Websites:
ZDE Home
eWeek
Baseline Magazine
Channel Insider
CIO Insight
eSeminars and Events
Web Buyers Guide
Developer Websites:
DevSource C# and .Net
Dev Shed
DeveloperShed
ASP Free
SEO Chat
Codewalkers
Tutorialized
Scripts.com
Dev Mechanic
Dev Articles
Web Hosters
Dev Hardware
Technology Websites:
Device Forge
Desktop Linux
Linux Devices
Windows for Devices
PDF Zone
Linux Watch
TechDirect
Windows Migration
Smarter Technology

Use of this site is governed by our Terms of Use and Privacy Policy
Copyright ©1996-2012 Ziff Davis Enterprise Holdings Inc. All Rights Reserved. eWEEK and Spencer F. Katt are trademarks of Ziff Davis Enterprise Holdings, Inc. Reproduction in whole or in part in any form or medium without express written permission of Ziff Davis Enterprise Inc. is prohibited.
ZDE Cluster 8