10 Reasons Why Conficker Can Happen Again

 
 
By Don Reisinger  |  Posted 2009-10-28
 
 
 

10 Reasons Why Conficker Can Happen Again


It was just under a year ago that the Conficker worm was first detected. It was ravaging Windows PCs all over the world. The worm exploits Windows flaws to link the host computer to virtual command that can be controlled by the worm's remote authors. Conficker still controls millions of computers all over the world.

But as Conficker fell from the headlines, many of us forgot about its potential danger. And in the course of a year, not much has been done to ensure that a major breakout of Conficker or something similar won't happen again. Simply put, the threat is still there and, unfortunately, it can impact users once again.

Here's why:

1. Security is a "catch-up" game

Unfortunately, operating system security isn't proactive. In most cases, an issue erupts and the security community scrambles to fix it. That happened with Conficker. And since the worm is still impacting the globe, there's little chance that it won't continue to happen. We need to catch up to the malicious hackers.

2. Blame the users too

Users don't spend enough time focusing on their own security. Conficker was able to infect so many computers because users just don't know how to handle security issues when they arise. It gets worse when Microsoft releases a security patch for Conficker and a large portion of its users (30 percent, according to most estimates) don't even patch their systems. Until users understand the security ramifications of their actions, Conficker can very easily happen again.

3. Malicious hackers are becoming more sophisticated

Since Microsoft and security firms are doing a better job of combating security issues, malicious hackers are becoming more sophisticated. Nowhere is that more evident than in Conficker. It wasn't a simple Trojan or virus. It was designed specifically to capitalize on the weaknesses inherent in Windows-users and code. It was a sophisticated attack. And so far, the security community is having a hard time combating it.

4. Windows is still Windows

It's no secret that Windows isn't the most secure operating system on the market. Most malware producers see it for what it really is: an easy target. Not much has changed over the past year. There's no reason to suggest that anyone who wanted to mimic Conficker's impact couldn't do it again. Windows is still Windows.

5. Security programs aren't up to the challenge

Although there are several antivirus and anti-spyware programs available to Windows PCs, the vast majority of those machines simply don't have the capability to identify and remove all the security threats that impact the Windows ecosystem. That's precisely why security experts tell users to have more than one security program running at all times. Until security programs can effectively manage known issues, how can we expect them to manage the unknown? 

The Window of Opportunity Remains Wide Open




6. We don't know Windows 7

Microsoft might claim that Windows 7 is the most secure operating system to date, but in the end, we just don't know. It has only been in the wild for six days. Malicious users are just starting to get used to the new operating system. Once they find potential holes in the operating system, they will start launching attacks. Only then will we know how vulnerable Windows really is.

7. There's no threat

The average malicious hacker just isn't worried about the ramifications of releasing another Conficker-like worm. Have we caught the bad guys in the past? Sure. But the vast majority of hackers are free to wreak havoc on Windows computers, never worrying about being caught. Microsoft offered a $250,000 reward to the person who caught the hackers behind Conficker. It has yet to pay out. Until we catch the hackers and bring them to justice, there's little chance they'll think twice about exploiting users.

8. Software problems are intensifying

There are more security threats impacting the Windows ecosystem than ever before. But it's not just Windows that bears the blame. Many of the applications users are running on their computers are also contributing to the issue. Secure software isn't necessarily finding its way to computers today. That gives malware distributors countless opportunities to find unique ways to impact millions.

9. How have things really changed?

When we consider the Conficker outbreak and the response to it, I'm hard-pressed to find ways in which our ability to confront such a threat has changed. Microsoft and the security community might have been more proactive with Conficker than it was in the past, but nothing groundbreaking has emerged from the incident. It's difficult to say that we really learned from Conficker and we've taken concrete measures to ensure it doesn't happen again.

10. There's no shortage of malicious hackers

As much as I'd like to say that the number of people trying to exploit others is small, it's really not. There are folks all over the world who are constantly trying to find ways to create a Conficker-like outbreak. Many fail. But until we find a way to stay ahead of those people, rather than wait for them to strike, at least some will succeed. And that is simply unacceptable.


Rocket Fuel