April 1 damage from Conficker worm not likely to catch up to hype
Today we unsuspecting L.A. Times tech bloggers were besieged by e-mails from publicists regarding "the Conficker C threat pending for April 1," offering "insight on any scenario that happens tomorrow," and alerting us that companies have been preparing ahead of time "in an effort to prevent the Conficker worm from spreading further and potentially causing substantial damage."
Just like the Y2K hysteria and other bugs du jour, the Conficker worm has been a prime vehicle for the language of terror and fear. And just like those other instances, the warnings make for better conversation than the reality.
"As you are probably aware," read one e-mail from a PR firm called GlobalFluency, "tomorrow, April 1 is the day that the Conficker worm, possibly the most widespread ever, is predicted to inflict its damage through the hundreds of thousands of computers that it has infected. Nobody knows what Conficker will unleash."
GlobalFluency went on to offer an interview with an expert from a computer security firm that markets anti-virus software.
Conficker, a digital worm that has reportedly infected millions of Windows computers, has been widely covered in the media, including in the New York Times, which wondered if Wednesday would bring "An April Fools Joke or an Unthinkable Disaster," and on "60 Minutes," which noted that "so far, the bad guys who created it haven't triggered Conficker. It's just sitting out there like a sleeper cell."
Twitter, a useful heat map for online conversations, lit up today with thousands of worried messagesabout Conficker. "I'm terrified of that conficker virus thing," wrote Sarah Rutherford of New York. "Not getting back on here at all for the rest of the week!!"
But as more sober commentators have noted, Conficker is not a ticking time bomb set to ...
... blow up the Internet at midnight. On a blog at SecureWorks, Joe Stewart noted,
Rather than being a call for the worm to begin a major attack, the change happening tomorrow is more like an evolutionary step that makes Conficker more slippery and more difficult for security experts to track down and exterminate.
Alex Eckelbery of Sunbelt Software reminds usersthat a fix for Conficker has been around for nearly six months. The worm "takes advantage of a vulnerability in Windows that Microsoft fixed in October of last year," he wrote. "If a machine is patched with this update from Microsoft, then that system cannot get infected."
Conficker's true potential for damage and destruction is simply not known, and won't be until its mastermind puts his creation to work -- whether that's as part of another huge cloud of zombie spam computers, an identity theft ring or something more innocuous.
"We don’t know yet if there’s anything explosive in it," said Chris Schwartzbauerof Shavlik Technologies, a security firm. "Really what we've learned about this one is that the unique way it’s architected makes it particularly wily."
That is, more is known about its infectiousness than about its potential for harm.
Experts agree that Microsoft Windows users can still protect themselves against Conficker and other potential security threats by making sure their systems have current anti-virus software and the most recent patches from Microsoft. See prevention instructions here.
-- David Sarno
QUICK! EVERYBODY PANIC!!! Ooooh worry worry worry worry...*duck and cover*...
whats that? what am i worried about...oh...say, good question!!
...pesky internet lemmings...
when will the media begin to realize that the power they abuse is too precious; that the "scare tactic" sensationalism over ever triviality must stop...
the revolution will be televised - and we don't care what network brings it to us, so stop squabbling.
Posted by: hinsel | March 31, 2009 at 08:05 PM
Finally, a reasonable series of thoughts on this stupid virus scare. Thank you. Now can you please tell my family to stop FWDing all the hyperbole?
Posted by: Tim | March 31, 2009 at 08:17 PM
I hope something does happen
Itll be interesting to see something instead of hype all the time
Posted by: Lostpunkdc | March 31, 2009 at 08:18 PM
Despite all the hype, my computer isn't infected with this,
and even if it was, the removal instructions are available on many websites.
Conficker has been exaggerated greatly.
Posted by: Adam | March 31, 2009 at 08:18 PM
No one knows whats going to happen tomorrow, so to say that its nothing major to worry about is about the same as the people saying it could disrupt the internet. No one knows so wait until tomorrrow to see what really happens
Posted by: Neo | March 31, 2009 at 08:19 PM
I have a feeling this is all an extravagant April Fool's joke...
Posted by: Vanessah | March 31, 2009 at 08:20 PM
people are screwed no one can tell whats gunna happen....... the conficker guys control the spread when ever they want hehehehe
Posted by: dallas | March 31, 2009 at 08:28 PM
I agree that this worm is way overhyped, but still, better safe than sorry. May as well let people know that they should patch their machines and do some updates.
Posted by: brad | March 31, 2009 at 08:30 PM
Hurry! To the bunkers!
I have heard some seriously ridiculous stuff related to this, but I can't say I'm surprised at the overreaction of this, given other scares. I only wish people would listen to reason; my brother says he's placing his computer on "firewall lockdown" (it's some feature on his antivirus) overnight and isn't going on it at all tomorrow.
Posted by: Y2K Survivor!!!1!1 | March 31, 2009 at 08:36 PM
o0o0o0 I love worms!!!
Gummy worms that is!!!
Posted by: Flutterby | March 31, 2009 at 08:48 PM
Regardless of the fact that something may or may not happen at the stroke of 12:00 tonight, people need to take a step back and look at how much money is wasted on totally insecure operating systems. Mickeysoft has never made a secure product and probably never will. Try downloading the 100% free Ubuntu Linux (or any other flavor of Linux for that matter). Once you try it, you'll never go back to a Windoze system. Everything you really need or probably want is free, 100% SAFE and extremely secure. Linux machines are not effected by any of the virus attacks that a Windoze machine is wide open to.
Posted by: Jon Foster | March 31, 2009 at 08:48 PM
As a network administrator, it doesn't really matter to me if it's over hyped or not. If there is any damage potential it is essential that software be patched.
Not knowing the possible impact doesn't make it less of a threat. Just like Y2K.
We can have 100 of these kind of situations that amount to nothing, and I'll still be patching my network when incident 101 happens.
Posted by: Turbo | March 31, 2009 at 08:52 PM
I've seen a couple of websites saying most of the infected computers won't even be in North America...only about 6% will.
The rest are in Asia and South America.
I just updated so I should be okay hopefully. =]
Posted by: Stacie | March 31, 2009 at 08:53 PM
Well, the truth is we don't exactly know how many versions of the worm exist. It is very possible that their is a smart phone variant, but the knowledge of such a thing isn't public.
Most people don't even know that smart phones can get viruses or worms, but they can, if thats the case this thing could be much much larger. If it can do that who is to say it can't use the smart phone's ability to sync with a network to spread, or use the phone providers network itself to spread.
This thing could do anything from crash one of the Internets main server to sell infected computers anti-virus software using various affiliate programs. The latter would probably be extremely lucrative and down right hilarious.
Posted by: BKozik | March 31, 2009 at 09:14 PM
Easy check. Can anyone over in the Old World where April 1st is the date say if there are serious problems?
Posted by: Oddzball | March 31, 2009 at 09:38 PM
The thing about "finding a new update location", is that since the worm can find a new update source it could be a brand new derivitive of a new worm which could corrupt all .mp3, .doc, .zip, etc. just like the iloveyou virus of 2001 did. The only difference is that this virus/worm is spreading and infecting only and then (possibly) doing it's damage later. It's a real threat, but unlikely that it will see much success.
Posted by: Jeremiah | March 31, 2009 at 10:00 PM
Whether or not Conficker is a real threat is beyond me. All I know is that my laptop is infected, it's supposed to be activated today, and there's nothing I can do now. Linux programs aren't as safe as they're made out to be. It was made to be reprogrammed. With the Conficker worm, I'm unable to boot into 'safe mode' or reset to the factory settings. What ever the person who made Conficker has is in store for us, I'd like to know. This is kind of scary for me being 17 and all.. All my computers in my house aren't infected except my laptop. My 'autocheck' is no longer on my laptop. What ever is going on, I plan to look into it more on my school's computers.
Posted by: | April 01, 2009 at 09:47 AM
Did microsoft pull of the biggest coup ever by getting masses of jo public to willingly update their browsers and windows software to avoid the threat of this 'worm'? I'd love to see their traffic stats for the last week of March 09. I bet it spiked.
Posted by: Michaela Carmichael | April 01, 2009 at 10:38 PM