The Conficker computer worm planned for release on April 1st passed uneventfully. While many news sources predicted a huge disaster, which didn’t happen, the worm will still have repercussions for those infected. The fact that there was no major system crash or data loss means that many people will have their guard down. This false sense of security could potentially lead to further complications or even disaster down the road.

Altogether it has been reported that the Conficker Worm has propagated onto 1.1 million computers worldwide. So far the infection has been mostly benign in nature but it is expected that the greater purpose of the worm is data farming. What this means is that when a system operator types in credit card numbers, bank information or any other personal identifier the worm will log the information and send it back to the author. The worm remains a silent threat because if it doesn’t cause computer malfunction it means that it can remain in operation and continue to work.

While there are now numerous patches for the exploit many people still have not bothered to apply them. The worm in its current state poses a serious problem to personal information but there is still the possibility of further mutation. So long as a system remains un-patched the worm’s author has the ability to upload further changes. These changes could make it harder for current deletion techniques to work or even deliver a more volatile payload.

What makes the possibility of a mutated worm strain more dangerous is the amount of publicity the infection has already received. The worm’s author knows he is working with a limited timeframe before a complete fix is achieved. This fact alone might force him to release a more dangerous attack in the near future. Those computers already protected are unlikely to be affected but that still leaves over a million compromised PCs.

One of the easiest ways to tell if you have been infected is if you experience delayed internet connectivity or through a failure of the windows update service. If you experience either of these you should check for possible infection immediately or contact your IT staff. The Conficker worm may not have created a large scale disaster but the danger is still very real.

– Richard Keene
IT Computer Support of New York
Design and Optimization Department