IT Security & Network Security News & Reviews - eWeek



IT Security & Network Security News

Conficker Remains Mystery at RSA Security Conference


By: Brian Prince
2009-04-24
Article Rating:starstarstarstarstar / 4


There are  user comments on this IT Security & Network Security News & Reviews story.


After all the hype and a concerted effort by the security research community, much still remains unknown about those behind the Conficker worm. At the RSA Conference in San Francisco, attendees express a mix of skepticism and anticipation about the worm still plaguing Windows PCs.

The Cyber Secure Institute recently added one more number to think about when the security community hears the name Conficker—9.1 billion.

That is how many dollars were lost in terms of wasted time, resources and energy as the cyber-community dealt with the worm, variants of which over the past several months have infected millions of PCs.

Still with the relatively small efforts being made to monetize the worm, some at the RSA Conference half-jokingly wondered if the Conficker worm's authors were mainly interested in sending the security community into a tizzy while experimenting with ways to build a well-armored piece of malware.

Click here to see scenes from the 2009 RSA Conference.

At the conference, held in San Francisco April 20 to 24, researchers expressed mixed opinions about whether the fear generated by hype about Conficker was useful or harmful. Weeks after the worm's "big day" of April 1, however, researchers can still only speculate as to what will happen when the latest variant, widely known as Conficker.E but also known as Downadup.E, reaches its "untrigger date" in May.

Security expert Bruce Schneier noted in a blog post during the conference that the fact that Conficker's authors gave people a specific date to anticipate helped crystallize the fear many felt.

"It's a specific threat, which convinces us that it's credible. It's a specific date, which focuses our fear. The huge, menacing buildup and then nothing is a good case study on how we think about risks," Schneier wrote.

The exact number of Conficker infections overall remains in dispute, but the Conficker Working Group currently has the number of unique IPs infected with variants A, B and C at more than 3.5 million.

Kaspersky Lab recently analyzed peer-to-peer traffic between Conficker-infected computers and found about 200,000 unique IPs were participating in the P2P network. Kaspersky cautioned however that that number only includes computers participating in the network, and that the actual number of infected PCs is much higher.

There has been relatively little in the way of income-producing activity tied to Conficker. The worm has turned up in connection with a scheme to trick victims into paying for rogue anti-virus software. However, other than that, there has not been a huge stream of money coming from the worm's network of infected bots, numerous researchers said.

"Right now the motives are not completely clear," said Steve Manzuik, senior manager of security research and engineering at Juniper Networks. "But it would seem to me that there will be a money-making attempt simply based on the effort put into the code."







 
 
>>> More IT Security & Network Security News & Reviews Articles          >>> More By Brian Prince
 


FEATURED SPONSOR VIDEOS

Benefits of Workload Optimization

What Smart Companies MUST Learn from Gaming

Advances in Authentication

Vertical Markets Benefit from Workload Optimization

View More Videos

Brought to you by
Advertisement

FEATURED SPONSOR MESSAGE

Microsoft Sponsored Resource Center

Increase Your Microsoft Office 365 Knowledge! Dig inside this suite of cloud-based collaboration tools.

Watch the video >>

Brought to you by

Suggested Related Content:

Articles Labs/How-To Multimedia


Advertisement
Contact Us | About | Advertise | Site Map
eWEEK Quick LInks

Security:
Enterprise Networking
Network Security
Infrastructure Security
How To: Data
Security Watch Blog
Storage:
Data Storage
Cloud Storage
Storage Virtualization
Network Access Storage
How To: Storage
Storage Station Blog
Computing:
Apple OSX
Linux Systems
Windows 7
Managed Print Services
Computer Reviews
Microsoft Watch Blog
Google Watch Blog
Communications:
VoIP Solutions
Wireless Technology
Messaging Software
Web Services
Apps & Development:
Application Development
Enterprise Apps
Search Engines
Database Software
Web 2.0
CIOs

Vertical Markets:
Federal Government IT
Health Care IT
Finance IT
Mid-Market
Channel and VARs
Careers Blog
More eWeek Links:
Green Computing Center
Tech Knowledge Center
Tech Newsletters
Tech RSS Feeds
White Papers
Tech Videos
Magazine Subscriptions
Enterprise Websites:
ZDE Home
eWeek
Baseline Magazine
Channel Insider
CIO Insight
eSeminars and Events
Web Buyers Guide
Developer Websites:
DevSource C# and .Net
Dev Shed
DeveloperShed
ASP Free
SEO Chat
Codewalkers
Tutorialized
Scripts.com
Dev Mechanic
Dev Articles
Web Hosters
Dev Hardware
Technology Websites:
Device Forge
Desktop Linux
Linux Devices
Windows for Devices
PDF Zone
Linux Watch
TechDirect
Windows Migration
Smarter Technology

Use of this site is governed by our Terms of Use and Privacy Policy
Copyright ©1996-2012 Ziff Davis Enterprise Holdings Inc. All Rights Reserved. eWEEK and Spencer F. Katt are trademarks of Ziff Davis Enterprise Holdings, Inc. Reproduction in whole or in part in any form or medium without express written permission of Ziff Davis Enterprise Inc. is prohibited.
ZDE Cluster 2
 
Close this advertisement