Despite widespread fears of a mass outbreak on the Internet on this week, the Conficker worm proved to be a dud.
But what the Conficker episode did show is the dangerously primitive state of Internet security, several experts said, even as cyberthreats increase.
All people had to do to protect themselves from Conficker was to apply an emergency patch that Microsoft issued in October -- ahead of Conficker's arrival -- for a recently discovered flaw in the Windows operating system that Conficker was designed to exploit.
The patch was originally intended to protect Microsoft's customers against a different piece of malicious code, a data-stealing worm called Gimmev that targeted Asia and Eastern Europe, said Mary Landesman at Scansafe in San Francisco.
But many companies and home users didn't apply the patch right away, and Conficker's creators -- who improved on techniques and code found in last year's Storm worm -- had their opening.
"We tend to be pretty lazy about this stuff," said Richard Howard, the intelligence director of iDefense, which protects companies and government agencies. "I was talking to somebody who pulled an old server out of a closet that hadn't been on the Internet for a while and hadn't been patched, and they got it."
Conficker could still activate itself, and it's not the most dangerous piece of malicious code out there, several experts said.
In the past five months, there has been an explosion of code designed to steal data from specific companies and government agencies, including a worldwide spying operation reported last weekend by Canadian researchers that has targeted computers in more than 100 countries.
E-mail Deborah Gage at dgage(at)sfchronicle.com.
(Distributed by Scripps Howard News Service, www.scrippsnews.com.)
Must credit the San Francisco Chronicle
ttt
ttt
Post new comment