Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications

Cyber Secure Institute executive comments on Conficker worm

Cyber Secure Institute : 23 April, 2009  (Technical Article)
Economic damage caused by Conficker worm entirely preventable with concerted prevention efforts according to Executive Director of the Cyber Secure Institute
Rob Housman, the Executive Director of the Cyber Secure Institute, has released this statement concerning the Conficker worm controversy:

Because there was no major Conficker-created problems on April 1st when hijacked computers went online and began communicating with controller domains, numerous commentators are now downplaying the significance of the Conficker problem. This conclusion is wildly off base and patently flawed. In short, just because the other guy in a fight doesn't pull the trigger when he's got the gun to your head, doesn't mean you won the fight.

It is important to look at the totality of the Conficker problem. Whether or not Conficker ultimately turns out to be a sales tool for bogus Ukrainian security software or something much more destructive, the simple fact is that the Conficker worm has infected vast numbers of computers around the world. And, it has shown the ongoing vulnerability of IT systems and networks.

Any analysis of the Conficker worm's impact must also factor in the—wasted—time, resources, and energies of the cyber-community, governments, companies and individuals. Extrapolating out from studies on the average cost of similar past attacks, the total economic cost of this worm (including the cost of efforts to combat the worm, the cost of purchasing counter-measure software) could be as high as $9.1 billion. Even using the single, outlying source that suggests a much more limited scope of infection (<200,000)—vastly less than all other sources suggest—the cost of this virus is still roughly $200 million dollars.

Additionally, while the Conficker worm has yet to play out a doomsday scenario, there is the strong possibility that the next worm that utilizes similar capabilities will be much less benign.

The most confounding aspect of the Conficker worm threat is that this entire problem, along with most other similar threats, can now be avoided if we would deploy inherently more secure technologies. At least two technologies—the Integrity Global Security operating platform and the Tenix Interactive Link Device—have been certified secure by the National Information Assurance Partnership and the NSA against the most sophisticated cyber threats, including ones like Conficker. These new technologies are capable of protecting systems, isolating critical data and can eliminate viruses and worms from computers at the click of the mouse. Deploying these technologies would pay for itself in the near- to mid-term. Over the long-term the savings here, in time, energy and opportunity costs would clearly be in the hundreds of billions.

If anything Conficker has demonstrated the inadequacy of today's cybersecurity, in particular relying upon cybersecurity add-ons like firewalls, anti-virus programs, and the like.
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012