Quite simply, Conficker is a very scary worm, for several reasons:
- millions of machines have been infected using a bug for which there is a PUBLISHED FIX.
- the authors of Conficker have made several revisions to address weaknesses and make the worm stronger
- we still have NO IDEA what, if anything, will happen on April 1
In short, this is a nasty piece of code that has a HUGE footprint around the world, and is sitting there waiting for the "bad guys" to decide what they want to do. If they are smart, and so far they appear to be, they will likely not launch some massive attack on 4/1, but will instead remain under the radar, using the infected machines to launch other attacks, steal information, send SPAM, and basically function as a "for rent" platform for various illegal activities.
Everyone, right now, should read the prior posts on my blog to make sure your systems are protected!
And keep an eye on things on Wednesday - it will be, at the least, a very interesting day for those of us in the InfoSec world!
No comments:
Post a Comment