![[identity profile]](https://www.dreamwidth.org/img/silk/identity/openid.png){kind=small}
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
A good analysis from SecurityWire.
How can we not know what happened? The first three days of Conficker.c have come and gone without disaster, and the security industry does not know why. Perhaps the $250,000 reward sponsored by Microsoft scared off the attackers before they could activate the malware downloaders. Perhaps the coalition of vendors cut off command and control communications with intelligent DNS actions. Perhaps enough consumers upgraded their endpoint security software. Perhaps the attack is not really gone and the attackers just had a professional schedule slip in development of their malicious code. Or perhaps we just got lucky. The point is that an industry north of $30 billion doesn’t know. As well, it can’t predict disaster nor can it issue an “all clear.”
no subject
you can try to be secure. you can plans to instantly reimage targeted machines, and have working backups, and a method to restore 500 desktops and/or servers in a quick fashion... but you cannot prevent OS intrusions 100% have a plan. stick to it.
conficker right now is simply a rude wake up call at 2am.
#