Conficker hype a 'problem,' says FBI cyber-chief

People may have a false sense of security following April 1 non-meltdown.

Mainstream media hype leading up to the Conficker worm's April 1 software update may have distracted people from legitimate cyber threats, the U.S. Federal Bureau of Investigation's head of cyber security said Thursday.

"For the general public to focus on Conficker -- that's the threat they're worried about -- I think that is actually a bit of a problem for us as a society," said Shawn Henry, assistant director of the FBI's Cyber Division, speaking at the RSA security conference in San Francisco Thursday. "There are dozens of Conficker-like threats and vulnerabilities out there.... while the media stories helped to raise awareness, I think that focusing people on that particular aspect, perhaps took away their attention from the overall threat, which is just as great or greater than Conficker itself."

Although nobody knows the worm-network's exact size, security researchers agree that Conficker is an unusually large 'botnet' of hacked computers, perhaps numbering as many as 4 million machines.

However, there are many other threats on the internet, including other, less-publicized botnet networks, fake antivirus software, and targeted 'spear-phishing' attacks.

"Public awareness is wonderful," Henry said, "but I'd like to see coverage of the entire threat vector."

Conficker spread, in part, by exploiting a previously patched bug in Microsoft Windows. So if all the Conficker hype helped people patch their computers and get up-to-date antivirus software, then it did some good, according to Paul Ferguson a researcher with Trend Micro. However, he added, "it's completely ludicrous to focus just on Conficker -- it is just a symptom of a much larger problem," he said via instant message.

Conficker gained an unusual amount of attention because it was the largest worm infection in six years, and because it had been preprogrammed to change the way it looked for instructions on the Internet on several predetermined dates.

It's April 1 update was the one that caught everybody's attention, because the worm began using very tricky update techniques on that date, precipitating speculation that the network might somehow spring to life and wreak havoc with that update.

A few days before April 1, the CBS news program "60 Minutes" picked up on the story, and the Conficker became a mainstream phenomenon.

When April 1 came and went without any type of Internet meltdown, that may have created a false sense of security amongst consumers, Henry said. He summed up a typical reaction to the hype in this fashion: "I saw on the news last night and it was supposed to happen today and it didn't. Therefore, the next time something comes out and there's an advisory I'm really not going to pay attention because it's not all that important."

But computer security is important. And if people were to gain a false sense of security because Conficker failed to destroy the Internet, that could be a bad thing.

"I don't want the public to think that there's this one threat and we didn't really see anything so we're safe," Henry said.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags securityconficker

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Robert McMillan

IDG News Service
Show Comments

Brand Post

PC World Evaluation Team Review - MSI GT75 TITAN

"I need power and lots of it. As a Front End Web developer anything less just won’t cut it which is why the MSI GT75 is an outstanding laptop for me. It’s a sleek and futuristic looking, high quality, beast that has a touch of sci-fi flare about it."

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Luke Hill

MSI GT75 TITAN

I need power and lots of it. As a Front End Web developer anything less just won’t cut it which is why the MSI GT75 is an outstanding laptop for me. It’s a sleek and futuristic looking, high quality, beast that has a touch of sci-fi flare about it.

Emily Tyson

MSI GE63 Raider

If you’re looking to invest in your next work horse laptop for work or home use, you can’t go wrong with the MSI GE63.

Laura Johnston

MSI GS65 Stealth Thin

If you can afford the price tag, it is well worth the money. It out performs any other laptop I have tried for gaming, and the transportable design and incredible display also make it ideal for work.

Andrew Teoh

Brother MFC-L9570CDW Multifunction Printer

Touch screen visibility and operation was great and easy to navigate. Each menu and sub-menu was in an understandable order and category

Louise Coady

Brother MFC-L9570CDW Multifunction Printer

The printer was convenient, produced clear and vibrant images and was very easy to use

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?