Conficker: After the Flood, the Backlash

Good morning. Is there anyone still out there and connected? Thought so.

While one or two people who comment here seem to think I’m personally responsible for developing, maintaining, and marketing ESET products (and in at least one case writing the malware as well) I’m afraid I didn’t spend April 1st crouched over a rack of PCs waiting for That Worm to do something unexpected. I was actually at Cambridge University, delivering a lecture.

Doesn’t that sound impressive? Actually, while it’s literally true, that was an object lesson in social engineering. I was actually talking to a mixed audience at a workshop organized by JANET, which provides connectivity and services to about 18 million end users in education, about testing. (Yes, testing again… And no-one mentioned Conficker!) So I didn’t just become a visiting Professor (I have been getting a lot of mail addressed to Dr. Harley recently, but that’s a whole different issue), and I didn’t see many students.

But then, perhaps I wouldn’t have anyway: it seems that one university in the UK is  finding that not having restrictions on the use of social network sites on university computers means that students are unable to use those machines for assignment-related research because they’re being hogged 24/7 by less conscientious students updating their Facebook pages.

What I have seen, since I’ve been unable to avoid referring to Conficker so far, is the beginning of the backlash I predicted yesterday. An article in the Guardian claims that we’ve been predicting "in internet conflagration" – but the only "example" Charles Arthur could find of vendor hype was an uncontentious quote from the NCC Group, which is, no doubt, a group of wonderful people, but definitely not an AV vendor. The New York Times, meanwhile, suggested that "fears of an attack…my have been a windfall for anti-virus software makers, who warned consumers about the worm…"

Who’d have thought that we were going to make so much money out of all those free removal tools?

David "not a Dr. of anything" Harley BA CISSP FBCS CITP
Director of Malware Intelligence


Author David Harley, ESET

  • Jim Nutley

    Dude! If you’re going to be responsible for global malware you need to cultivate an evil laugh! ^_^

    The whole conflicker thing made me reconsider what I should keep, as a whole, on my system for security, but I didn’t come to any conclusions. I’ve got a payed up version of ESET running, and I occasionally run Spybot, and my Microsoft XP firewall is up. Is that good enough, or am I missing something?

  • David Harley

    I will be spending the weekend watching Penelope Pitstop and Scooby-Doo videos in order to cultivate an appropriately villainous snigger. Thank you for the suggestion.

    I’m not a great fan of the XP firewall, but it’s certainly better than none. You’d expect me to say this, but I actually quite like the one integrated into our product: it’s a lot less intrusive than the dedicated firewalls I’ve tried, without losing too much functionality. Running the occasional antispyware is a good idea.

    I guess you’re watching your patching, have autorun disabled and such?

Follow us

Copyright © 2017 ESET, All Rights Reserved.