The Enemy Within: Fascinating Article About the Conficker Computer Worm
The Conficker computer worm has been around for about two years now. First spotted in 2008, it began to spread and by January of 2009 started causing problems in Europe: the French Navy computer network became infected, forcing aircraft at several airbases to be grounded; the UK Ministry of Defence reported the worm had spread across various administrative offices; the Manchester police computer network was infected, and disconnected from the main Police National Computer for three days.
The Enemy Within is a brilliant and fascinating read about Conficker. Writer Mark Bowden takes a very technical subject and breaks it down, in layman’s terms, so that you don’t have to be a computer security expert to understand what’s going on.
The worm itself has some remarkable properties. It exploits a Windows vulnerability and on infection, repairs the vulnerability to prevent other worms from entering. It uses an incredibly sophisticated encryption to communicate with random servers, receiving instructions and updates to its own code.
The kicker is: it’s not so much that the worm is infecting tons of computers. That’s bad in and of itself, true. But the worm is biding its time, waiting for… something. And that’s the most unsettling part.
What I don’t think has fully sunk in for me is the fact that the worm cannot be stopped. It’s sophisticated enough to essentially evolve, and has eluded some of the top security experts for nearly two years now. And with one of the worm’s most recent upgrades (switching to a peer-to-peer communication method, as opposed to checking in to a random server), it’s become impossible to accurately track how many computers have been infected.
There are tons of quotable bits from this article, and it’s an incredibly compelling and well-written piece. I’m awed and frightened in equal measure. The Enemy Within is a really gripping article, and very much a cops and robbers kind of a read.