A putrid fruit fell from computer security's mangled tree. Did anyone see where it landed?
A headline at InfoPackets.com asks the all-important question: “Whatever Happened to the Conficker Virus?”
What, indeed. You’d think the poor beast disappeared without a trace. Part of me wants to issue an Amber alert for it.
“It’s the biggest botnet in the world, and nobody cares,” one expert lamented
When F-Secure technovangelist Mikko Hyppönen speaks to a rather bored media these days, he insists Conficker still has “five million” PCs under its control. Yet the global media all but ignores him. “It’s the biggest botnet in the world, and nobody cares,” he lamented when I queried him over the media’s near-total lack of enthusiasm.
(Forgive the oxymoron when I say “near-total lack.” I’ll make up for it with a great metaphor, I promise.)
You know John Leyden’s byline if you read The Register with any regularity. I asked him to opine on why his colleagues seem so blasé. Here, Leyden contrasts Conficker‘s abundance of data before April vs. its absence of data after April:
No new victims have emerged and the update mechanism changed in April so that [there is] far less visibility [among antivirus vendors] about what the worm is doing. Microsoft has … released a removal tool, which has probably had an effect on reducing the population of infected hosts, albeit to an as yet unknown extent.
Figures on how many systems remains infected by Conficker remain hard to come by (I know because I’ve asked). Vendors — the root source of many stories about malware — are not talking about the worm, coming up with any new analysis etc. either. Everybody has moved on and they are now talking about attacks on social media websites, such as Twitter, reflecting the current media fad. All this means there’s no more fuel to throw on the fire, even for specialist IT reporters.
(I know, I know: it sounds like I should introduce Leyden to Hyppönen. They know each other quite well. Neither one knew I’d quote the other in this column.)
A computer security reporter observed “everybody has moved on and they are now talking about attacks on social media websites … reflecting the current media fad”
Hyppönen’s problem as an antivirus vendor, and Leyden’s problem as a (competent!) computer security reporter, echo the problems I’ve seen over the last 20+ years. With only rare exceptions (
i.e.e.g. The Register), the computer media routinely goes insane with misdirected security hype — and then routinely ignores the real threat(s) after they realize just how badly they got hoodwinked by their own misdirection.
Conficker is the most recent putrid fruit to fall from computer security’s mangled tree. (Hey, now that’s a great metaphor!) You’d almost swear I wrote Leyden’s summary for him:
The media in general has a short attention span. And for national press a story about a computer virus is never going to make the news unless it’s the fastest spreading, biggest ever or hits a high profile target. The fact that nothing much happened with Conficker after the 1 April deadline [passed] means that the mainstream media, if they think of it at all, think of the worm as a damp squib.
I don’t think the story will return to prominence unless someone is arrested for creating the malware, which seems unlikely.
Rest in peace, Conficker … we hardly knew ye.