Conficker Worm More Than An April Fool’s Day Joke

If you haven’t heard about Conficker worm, tell us where you’ve been hiding: We want to go there too.

In all seriousness however, the Conficker worm is a serious issue that has made a name for itself not only in the security world, but is (slowly) being recognized by the general public. While it might be easy to make a joke about that (we’ll refrain) the truth is that anytime the general public pays attention to a worm, you know that worm is having a far reach and is probably infecting more computers than the estimates on record.

While we could go into how the Conficker worm works (USB flash drives as a means for propagation for one), we feel that it’s more important to look at why Conficker works. In our world of gizmos and highly technical solutions, how is a relatively simple worm like Conficker getting through?

To answer that, we need to go back to the basics of security.

Currently, there are a lot of complex technical solutions used to ‘solve’ security problems. The only problem with using technical solutions to solve security problems is that you are only creating 50 percent of the solution. The other 50 percent of the solution has to do with the people using the so-called technical solutions, and that’s the vulnerability Conficker is counting on. 

The reason Conficker has been so successful is because it takes advantage of human dependence on technical solutions. It’s getting around technical controls by tricking people that aren’t properly trained or who are trained only to use technical solutions to solve security problems.

Because let’s face it: Technical processes with no support behind them can only take you so far. It’s like sending someone to Spain with a Spanish/English dictionary but nothing else. While that person might be able to frantically look up what someone’s saying because they have the proper ‘tool’ (in this case, the dictionary), how far are they really going to get by relying on that dictionary the whole time?

That dictionary isn’t going to have every phrase defined, and it won’t have the explanations of Spanish culture (for example, taking a siesta) so the person in Spain with nothing but a Spanish/English dictionary is going to feel pretty lost pretty quickly. Sending someone into a security problem with nothing but ‘technical solutions’ is very similar: Those technical solutions can only get you so far, and anytime something comes up that doesn’t fit within those technical solutions (or the ‘dictionary’) the person relying solely on those technical solutions will feel pretty lost.

Because in the end, basics aren’t necessary firewalls, but getting back to security awareness in the form of proper training. As humans we want to believe that answers are complicated when really, doing the basics—and doing them well—can prevent so many problems.

But, that’s just us: Why do you feel that the Conficker worm has been so successful, and do you feel that it deserves the media attention it’s getting? If you’re interested in reading some of that media, please click here.  

###

While we won’t teach you how to create your own Conficker worm, we will help you meet local security professionals through creating a strong community on this site. To contribute toward that goal, consider becoming a subscriber of NovaInfosecPortal today.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.