No Conficker meltdown as 1 April ‘deadline’ passes
There's been no global computer armageddon, as predicted by security experts, but did the hype cause more harm than good?
Security experts stayed awake around the world to see what the Conficker worm would do on 1 April, but fears of internet armageddon appeared unfounded.
Machines infected with the Conficker virus tried to establish a link with command servers as expected, but so far experts hadn't seen any new instructions from the creators of the worm.
Ever since it started spreading seriously though millions of Windows PCs at the beginning of the year, Conficker has constantly been in the headlines the House of Commons was the latest high profile network to be hit.
The fact that Conficker was due to change operations and contact new domains on 1 April was the reason why some news outlets had made predictions of "global meltdown", but the large majority of security experts confirmed that nothing major was likely to happen.
Garner analyst John Pescatore said that the intense media attention paid to the 1 April deadline was unwarranted and that a spectacularly damaging event was never likely to occur.
He also made the point that this type of hype could be harmful, and that enterprises needed to be much more concerned with unrecognised threats.
David Harley, director of malware intelligence at ESET, said on his blog: "The very people outside this industry who hyped the issue out of all proportion will now dismiss it as vendor hype, and may suggest that the whole thing is an urban myth.
"I do wonder whether by acknowledging and trying to counter the hype, we nevertheless fed it, but the alternative would have been to allow the panic merchants a clear field."
Other security experts made the point that although they hadn't seen a malicious payload from Conficker, that didn't stop it from activating one in the future.
Rik Ferguson of Trend Micro said that it was a shame that "less scrupulous" parts of the media had created such a frenzy, when valuable time should have been spent educating people how they could clean it up and how they could avoid it going forward.
He said: "It's really important to say that 1 April was just the date when that functionality was switched on.
"It will continue happening every day now. The infected machines are going to do the same thing they've done today, every day."
He said that people still needed to ensure their machines were clean, patched and in enterprise environments enforcing strong passwords, and with auto-run functionality within Windows explicitly disabled.
Key considerations for implementing secure telework at scale
Identifying the security risks and advanced requirements of a remote workforceDownload now
The State of Salesforce 2020
Your guide to getting the most from SalesforceDownload now
Fast, flexible and compliant e-signatures for global businesses
Be at the forefront of digital transformation with electronic signaturesDownload now
Rethink your cybersecurity strategy for the new world
5 steps to secure the enterprise and be fit for a flexible futureDownload now