No Conficker meltdown as 1 April ‘deadline’ passes
There's been no global computer armageddon, as predicted by security experts, but did the hype cause more harm than good?
Security experts stayed awake around the world to see what the Conficker worm would do on 1 April, but fears of internet armageddon appeared unfounded.
Machines infected with the Conficker virus tried to establish a link with command servers as expected, but so far experts hadn't seen any new instructions from the creators of the worm.
Ever since it started spreading seriously though millions of Windows PCs at the beginning of the year, Conficker has constantly been in the headlines the House of Commons was the latest high profile network to be hit.
The fact that Conficker was due to change operations and contact new domains on 1 April was the reason why some news outlets had made predictions of "global meltdown", but the large majority of security experts confirmed that nothing major was likely to happen.
Garner analyst John Pescatore said that the intense media attention paid to the 1 April deadline was unwarranted and that a spectacularly damaging event was never likely to occur.
He also made the point that this type of hype could be harmful, and that enterprises needed to be much more concerned with unrecognised threats.
David Harley, director of malware intelligence at ESET, said on his blog: "The very people outside this industry who hyped the issue out of all proportion will now dismiss it as vendor hype, and may suggest that the whole thing is an urban myth.
"I do wonder whether by acknowledging and trying to counter the hype, we nevertheless fed it, but the alternative would have been to allow the panic merchants a clear field."
Other security experts made the point that although they hadn't seen a malicious payload from Conficker, that didn't stop it from activating one in the future.
Rik Ferguson of Trend Micro said that it was a shame that "less scrupulous" parts of the media had created such a frenzy, when valuable time should have been spent educating people how they could clean it up and how they could avoid it going forward.
He said: "It's really important to say that 1 April was just the date when that functionality was switched on.
"It will continue happening every day now. The infected machines are going to do the same thing they've done today, every day."
He said that people still needed to ensure their machines were clean, patched and in enterprise environments enforcing strong passwords, and with auto-run functionality within Windows explicitly disabled.
Defeating ransomware with unified security from WatchGuard
How SMBs can defend against the onslaught of ransomware attacksFree download
The IT expert’s guide to AI and content management
How artificial intelligence and machine learning could be critical to your businessFree download
The path to CX excellence
Four stages to thrive in the experience economyFree download
Becoming an experience-based business
Your blueprint for a strong digital foundationFree download