CWG Failed Greatly in Catching the Perpetrators of Conficker
CWG (Conficker Working Group) recently published a report named "Lessons Learned" according to which, the main failure in fighting Conficker has been the inability to nab a single person or gang of cyber-criminals who operated the virus. Securecomputing.net.au reported this on January 28, 2011.
Evidently, CWG discusses the historical events associated with the Conficker network, its different versions as well as the measures adopted for countering it, while describing the virus as an enormous e-threat of the recent time.
The Conficker, which was introduced during late 2008, was developed for building a botnet i.e. many infected PCs assembled to form a network, which cyber-criminals could control as well as use for dispatching spam for theft of personal data.
States the report that for many months CWG has been battling Conficker, while the latter has been intermittently released in fresh variants in order that the prevention efforts vis-à-vis the virus could be aborted. Indeed, CWG registered and stopped all the domains that Conficker could potentially use and only with that could it keep the virus' authors distanced from developing it further.
Additionally, according to the report, CWG's greatest success was in stopping Conficker creators from acquiring hold over the botnet, whereas its greatest miss related to its inability towards restoring contaminated PCs as also removing the botnet's danger.
Moreover, the report states, the combat initiative also included the efforts of ISPs, registrars of domain names, and government bodies that effectively stopped hackers from regulating Conficker-infected bots assembled in a gigantic network.
And while this kind of effort was new then, it nonetheless, showed the way to the subsequent Mariposa Working Group as well as formed a model that partnerships of public and private organizations emulated to thwart rapidly-spreading malware infections.
Another great miss, says the Conficker Working Group's document, was that although some amount of restoration effort did happen, there are still innumerable A/B variations of the virus inflicting contaminated PCs. Therefore, the Group advised increased restoration from the beginning along with greater harmonized interaction with ISPs. Nevertheless, some members of CWG suggested that complete restoration mightn't have served as an attainable goal.
Related article: Cisco Finds Two Vulnerabilities and Recommends for Patches
» SPAMfighter News - 02-02-2011