![[identity profile]](https://www.dreamwidth.org/img/silk/identity/openid.png){kind=small}
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
A good analysis from SecurityWire.
How can we not know what happened? The first three days of Conficker.c have come and gone without disaster, and the security industry does not know why. Perhaps the $250,000 reward sponsored by Microsoft scared off the attackers before they could activate the malware downloaders. Perhaps the coalition of vendors cut off command and control communications with intelligent DNS actions. Perhaps enough consumers upgraded their endpoint security software. Perhaps the attack is not really gone and the attackers just had a professional schedule slip in development of their malicious code. Or perhaps we just got lucky. The point is that an industry north of $30 billion doesn’t know. As well, it can’t predict disaster nor can it issue an “all clear.”
no subject
you can try to be secure. you can plans to instantly reimage targeted machines, and have working backups, and a method to restore 500 desktops and/or servers in a quick fashion... but you cannot prevent OS intrusions 100% have a plan. stick to it.
conficker right now is simply a rude wake up call at 2am.
#
no subject
no subject
There is always a weak point for malware to exploit. (Currently, the weak point is Windows.) No matter what we do, there will always be a weak point. When there are several weak points, you don't even know what to watch. (The weak points are quantum, watching them makes them strong.) What is the dollar size of the industry that is seeking to invade our online networks? Hard to put a dollar size on organized crime, but I bet it is about the same size as that $30 billion industry.