10 Reasons Why Conficker Can Happen Again

News Analysis: The Conficker worm affected users nearly one year ago. But now that it has left the headlines, there might be a false sense of security in the Windows ecosystem. There shouldn't be. Even the most up-to-date security programs are hard-pressed to keep up with the latest threats. There are countless millions of PCs and thousands of applications that aren't protected by the latest security software or have never been patched to close known security flaws. There is no telling when some new virus or Trojan as cunningly malicious as Conficker will appear.

It was just under a year ago that the Conficker worm was first detected. It was ravaging Windows PCs all over the world. The worm exploits Windows flaws to link the host computer to virtual command that can be controlled by the worm's remote authors. Conficker still controls millions of computers all over the world.
But as Conficker fell from the headlines, many of us forgot about its potential danger. And in the course of a year, not much has been done to ensure that a major breakout of Conficker or something similar won't happen again. Simply put, the threat is still there and, unfortunately, it can impact users once again.
Here's why:
1. Security is a "catch-up" game
Unfortunately, operating system security isn't proactive. In most cases, an issue erupts and the security community scrambles to fix it. That happened with Conficker. And since the worm is still impacting the globe, there's little chance that it won't continue to happen. We need to catch up to the malicious hackers.
2. Blame the users too
Users don't spend enough time focusing on their own security. Conficker was able to infect so many computers because users just don't know how to handle security issues when they arise. It gets worse when Microsoft releases a security patch for Conficker and a large portion of its users (30 percent, according to most estimates) don't even patch their systems. Until users understand the security ramifications of their actions, Conficker can very easily happen again.
3. Malicious hackers are becoming more sophisticated
Since Microsoft and security firms are doing a better job of combating security issues, malicious hackers are becoming more sophisticated. Nowhere is that more evident than in Conficker. It wasn't a simple Trojan or virus. It was designed specifically to capitalize on the weaknesses inherent in Windows-users and code. It was a sophisticated attack. And so far, the security community is having a hard time combating it.
4. Windows is still Windows
It's no secret that Windows isn't the most secure operating system on the market. Most malware producers see it for what it really is: an easy target. Not much has changed over the past year. There's no reason to suggest that anyone who wanted to mimic Conficker's impact couldn't do it again. Windows is still Windows.
5. Security programs aren't up to the challenge
Although there are several antivirus and anti-spyware programs available to Windows PCs, the vast majority of those machines simply don't have the capability to identify and remove all the security threats that impact the Windows ecosystem. That's precisely why security experts tell users to have more than one security program running at all times. Until security programs can effectively manage known issues, how can we expect them to manage the unknown?

Don Reisinger

Don Reisinger

Don Reisinger is a longtime freelance contributor to several technology and business publications. Over his career, Don has written about everything from geek-friendly gadgetry to issues of privacy...