We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,258 News Articles

How the IT world conspired to kill Conficker

With global effort, a new type of worm is slowed

By dividing up the work of identifying and locking out Conficker's domains, the group has only kept the worm in check, not dealt it a fatal blow, said Andre DiMino, co-founder of The Shadowserver Foundation, a cybercrime watchdog group. "This is really the first key effort at this level that has the potential to make a substantial difference," he said. "We'd like to think we've had some effect in crippling it."

This is uncharted territory for Icann, the group responsible for managing the internet's address system. In the past, Icann has been criticised for being slow to use its power to revoke accreditation from domain name registrars who have been widely used by criminals. But this time it's getting praise for relaxing rules that made it hard to lock down domains and for bringing together the group's participants.

"In this specific case they greased the wheels so that things would move quickly," said David Ulevitch, founder of OpenDNS. "I think they should be commended for that. ... It's one of the first times that Icann has really done something positive."

The fact that such a diverse group of organisations are all working together is remarkable, said Rick Wesson, CEO of network security consultancy Support Intelligence. "That China and America cooperated to defeat a malicious activity on a global scale... that's serious. That's never happened," he said.

Icann did not return calls seeking comment for this story and many of the participants in the Conficker effort, including Microsoft, Verisign and the China Internet Network Information Center (CNNIC) declined to be interviewed for this article.

Privately, some participants say that they do not want to draw attention to their individual efforts to combat what may well be an organised cybercrime group. Others say that because the effort is so new, it is still premature to discuss tactics.

Whatever the full story, the stakes are clearly high. Conficker has already been spotted on government and military networks and has been particularly virulent within corporate networks. One slip-up, and Conficker's creators could reprogram their network, giving the computers a new algorithm that would have to be cracked and giving them an opportunity to use these computers for nefarious purposes. "We have to be 100 percent accurate," Wesson said. "And the battle is a daily battle."

IDG UK Sites

Nokia 105 review: How to get a free phone (and play Snake!)

IDG UK Sites

Samsung: King of the Androids (or MWC, at least)

IDG UK Sites

Inside Microsoft's universal platform for designing apps that work on PCs, tablets, phones, Xbox...

IDG UK Sites

How to watch Apple's 9 March 'Spring Forward' Apple Watch event live stream, and what to expect: Ap?......