Close
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Applications
    • Applications
    • Cybersecurity
    • Networking
    • Small Business

    10 Reasons Why Conficker Can Happen Again

    By
    Don Reisinger
    -
    October 28, 2009
    Share
    Facebook
    Twitter
    Linkedin

      It was just under a year ago that the Conficker worm was first detected. It was ravaging Windows PCs all over the world. The worm exploits Windows flaws to link the host computer to virtual command that can be controlled by the worm’s remote authors. Conficker still controls millions of computers all over the world.
      But as Conficker fell from the headlines, many of us forgot about its potential danger. And in the course of a year, not much has been done to ensure that a major breakout of Conficker or something similar won’t happen again. Simply put, the threat is still there and, unfortunately, it can impact users once again.
      Here’s why:
      1. Security is a “catch-up” game
      Unfortunately, operating system security isn’t proactive. In most cases, an issue erupts and the security community scrambles to fix it. That happened with Conficker. And since the worm is still impacting the globe, there’s little chance that it won’t continue to happen. We need to catch up to the malicious hackers.
      2. Blame the users too
      Users don’t spend enough time focusing on their own security. Conficker was able to infect so many computers because users just don’t know how to handle security issues when they arise. It gets worse when Microsoft releases a security patch for Conficker and a large portion of its users (30 percent, according to most estimates) don’t even patch their systems. Until users understand the security ramifications of their actions, Conficker can very easily happen again.
      3. Malicious hackers are becoming more sophisticated
      Since Microsoft and security firms are doing a better job of combating security issues, malicious hackers are becoming more sophisticated. Nowhere is that more evident than in Conficker. It wasn’t a simple Trojan or virus. It was designed specifically to capitalize on the weaknesses inherent in Windows-users and code. It was a sophisticated attack. And so far, the security community is having a hard time combating it.
      4. Windows is still Windows
      It’s no secret that Windows isn’t the most secure operating system on the market. Most malware producers see it for what it really is: an easy target. Not much has changed over the past year. There’s no reason to suggest that anyone who wanted to mimic Conficker’s impact couldn’t do it again. Windows is still Windows.
      5. Security programs aren’t up to the challenge
      Although there are several antivirus and anti-spyware programs available to Windows PCs, the vast majority of those machines simply don’t have the capability to identify and remove all the security threats that impact the Windows ecosystem. That’s precisely why security experts tell users to have more than one security program running at all times. Until security programs can effectively manage known issues, how can we expect them to manage the unknown?

      The Window of Opportunity Remains Wide Open

      6. We don’t know Windows 7
      Microsoft might claim that Windows 7 is the most secure operating system to date, but in the end, we just don’t know. It has only been in the wild for six days. Malicious users are just starting to get used to the new operating system. Once they find potential holes in the operating system, they will start launching attacks. Only then will we know how vulnerable Windows really is.
      7. There’s no threat
      The average malicious hacker just isn’t worried about the ramifications of releasing another Conficker-like worm. Have we caught the bad guys in the past? Sure. But the vast majority of hackers are free to wreak havoc on Windows computers, never worrying about being caught. Microsoft offered a $250,000 reward to the person who caught the hackers behind Conficker. It has yet to pay out. Until we catch the hackers and bring them to justice, there’s little chance they’ll think twice about exploiting users.
      8. Software problems are intensifying
      There are more security threats impacting the Windows ecosystem than ever before. But it’s not just Windows that bears the blame. Many of the applications users are running on their computers are also contributing to the issue. Secure software isn’t necessarily finding its way to computers today. That gives malware distributors countless opportunities to find unique ways to impact millions.
      9. How have things really changed?
      When we consider the Conficker outbreak and the response to it, I’m hard-pressed to find ways in which our ability to confront such a threat has changed. Microsoft and the security community might have been more proactive with Conficker than it was in the past, but nothing groundbreaking has emerged from the incident. It’s difficult to say that we really learned from Conficker and we’ve taken concrete measures to ensure it doesn’t happen again.
      10. There’s no shortage of malicious hackers
      As much as I’d like to say that the number of people trying to exploit others is small, it’s really not. There are folks all over the world who are constantly trying to find ways to create a Conficker-like outbreak. Many fail. But until we find a way to stay ahead of those people, rather than wait for them to strike, at least some will succeed. And that is simply unacceptable.

      Don Reisinger
      Don Reisinger is a longtime freelance contributor to several technology and business publications. Over his career, Don has written about everything from geek-friendly gadgetry to issues of privacy and data security. He became an eWEEK contributor in 2009 producing slide shows focusing on the top news stories of the day. When he's not writing, Don is typically found fixing computers or playing an old-school video game.

      MOST POPULAR ARTICLES

      Big Data and Analytics

      Alteryx’s Suresh Vittal on the Democratization of...

      James Maguire - May 31, 2022 0
      I spoke with Suresh Vittal, Chief Product Officer at Alteryx, about the industry mega-shift toward making data analytics tools accessible to a company’s complete...
      Read more
      Cybersecurity

      Visa’s Michael Jabbara on Cybersecurity and Digital...

      James Maguire - May 17, 2022 0
      I spoke with Michael Jabbara, VP and Global Head of Fraud Services at Visa, about the cybersecurity technology used to ensure the safe transfer...
      Read more
      Applications

      Cisco’s Thimaya Subaiya on Customer Experience in...

      James Maguire - May 10, 2022 0
      I spoke with Thimaya Subaiya, SVP and GM of Global Customer Experience at Cisco, about the factors that create good customer experience – and...
      Read more
      Big Data and Analytics

      GoodData CEO Roman Stanek on Business Intelligence...

      James Maguire - May 4, 2022 0
      I spoke with Roman Stanek, CEO of GoodData, about business intelligence, data as a service, and the frustration that many executives have with data...
      Read more
      Cloud

      Yotascale CEO Asim Razzaq on Controlling Multicloud...

      James Maguire - May 5, 2022 0
      Asim Razzaq, CEO of Yotascale, provides guidance on understanding—and containing—the complex cost structure of multicloud computing. Among the topics we covered:  As you survey the...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×