informa
/
Risk
Commentary

Conficker Dead -- Long Live Conficker

Whether or not the Conficker worm is essentially dead, just lying low or somewhere in-between, the lessons of the massive botnet are likely to live on for a long time. Bad news is that there are lessons learned by the botnet makers, too.
Whether or not the Conficker worm is essentially dead, just lying low or somewhere in-between, the lessons of the massive botnet are likely to live on for a long time. Bad news is that there are lessons learned by the botnet makers, too.While word of Conficker's death may turn out to be, in Mark Twain's word, "premature," there's been so little action from the botnet in recent months that the post-mortems are beginning to flow.

The most interesting of these is over the Conficker Working Group, which has some fascinating infection rate numbers.

A year after the great April Fools 2009 Conficker fizzle, there are still well over 6 million compromised systems in the botnet.

That's not only a staggering statistic, it's also, as has been observed by Shadowserver Foundation's Andre DiMino, an asset.

And it seems unlikely that so large an asset will remain underutilized for long, whether Conficker awakens, or COnficker's lessons are used to create and unleash the next generation of botnets.

Recommended Reading:
Editors' Choice
Kirsten Powell, Senior Manager for Security & Risk Management at Adobe
Joshua Goldfarb, Director of Product Management at F5