No Conficker meltdown as 1 April ‘deadline’ passes

There's been no global computer armageddon, as predicted by security experts, but did the hype cause more harm than good?

Security experts stayed awake around the world to see what the Conficker worm would do on 1 April, but fears of internet armageddon appeared unfounded.

Machines infected with the Conficker virus tried to establish a link with command servers as expected, but so far experts hadn't seen any new instructions from the creators of the worm.

Ever since it started spreading seriously though millions of Windows PCs at the beginning of the year, Conficker has constantly been in the headlines the House of Commons was the latest high profile network to be hit.

The fact that Conficker was due to change operations and contact new domains on 1 April was the reason why some news outlets had made predictions of "global meltdown", but the large majority of security experts confirmed that nothing major was likely to happen.

Garner analyst John Pescatore said that the intense media attention paid to the 1 April deadline was unwarranted and that a spectacularly damaging event was never likely to occur.

He also made the point that this type of hype could be harmful, and that enterprises needed to be much more concerned with unrecognised threats.

David Harley, director of malware intelligence at ESET, said on his blog: "The very people outside this industry who hyped the issue out of all proportion will now dismiss it as vendor hype, and may suggest that the whole thing is an urban myth.

"I do wonder whether by acknowledging and trying to counter the hype, we nevertheless fed it, but the alternative would have been to allow the panic merchants a clear field."

Other security experts made the point that although they hadn't seen a malicious payload from Conficker, that didn't stop it from activating one in the future.

Rik Ferguson of Trend Micro said that it was a shame that "less scrupulous" parts of the media had created such a frenzy, when valuable time should have been spent educating people how they could clean it up and how they could avoid it going forward.

He said: "It's really important to say that 1 April was just the date when that functionality was switched on.

"It will continue happening every day now. The infected machines are going to do the same thing they've done today, every day."

He said that people still needed to ensure their machines were clean, patched and in enterprise environments enforcing strong passwords, and with auto-run functionality within Windows explicitly disabled.

Featured Resources

Defeating ransomware with unified security from WatchGuard

How SMBs can defend against the onslaught of ransomware attacks

Free download

The IT expert’s guide to AI and content management

How artificial intelligence and machine learning could be critical to your business

Free download

The path to CX excellence

Four stages to thrive in the experience economy

Free download

Becoming an experience-based business

Your blueprint for a strong digital foundation

Free download

Most Popular

What are the pros and cons of AI?
machine learning

What are the pros and cons of AI?

8 Sep 2021
Citrix mulling potential sale after tumultuous 2021
mergers and acquisitions

Citrix mulling potential sale after tumultuous 2021

15 Sep 2021
Hackers develop Linux port of Cobalt Strike for new attacks

Hackers develop Linux port of Cobalt Strike for new attacks

14 Sep 2021