Sure, sure. A small populous likely adopted better security practices, but the masses will soon forget about Conficker, if they haven't already. So what have we, as a security community, gained? What did we miss while we were so consumed by concerned users and implementing new IDS signatures to detect the "new" Conficker behaviors that were to bring down the 'Net?
I don't know about you, but Conficker is still taking up a decent amount of time, and it's hard not to think about what's getting missed because of this focus. For example, a couple of mailing lists I'm on have seen increased malware activity from hosts infected with something other than Conficker. Also, there was the excellent story about "GhostNet" that fell to the wayside due to Conficker hype. GhostNet is much more interesting than Conficker, but it got lost in the bustle.
What's the general consensus in the infosec community? How many of you feel like you had the wool pulled over you eyes? For me, I still haven't decided what caused the snowball of media attention, or its purpose, but I do believe Conficker still poses a very real risk to enterprises. At this point, I'm afraid infosec pros are going to dismiss it, as well, until it comes back to bite them. As with most things, only time will tell.
John H. Sawyer is a senior security engineer on the IT Security Team at the University of Florida. The views and opinions expressed in this blog are his own and do not represent the views and opinions of the UF IT Security Team or the University of Florida. When John's not fighting flaming, malware-infested machines or performing autopsies on blitzed boxes, he can usually be found hanging with his family, bouncing a baby on one knee and balancing a laptop on the other. Special to Dark Reading.