If the Conficker worm did nothing, or not very much, why did it turn into such a story?
Was it hype? Is it still hype? Why was Conficker Different and was it really different?
It's fair to point out that elements of Conficker's design inadvertently attracted attention, namely the fact that it activated at a set date in the future while blocking access by users large numbers of anti-malware sites from that point onwards.
We have to assume that Conficker was not meant to attract attention, because what's the point of a worm that flags itself? Everyone knows that successful malware works as far as possible using stealth. In itself this flag waving was odd, sinister even.
Then there is the view that Conficker was hyped by security companies on the look-out for a good story to talk up their wares, which turns out to be wide of the mark. In fact, Conficker anxiety emerged from respected security blogs, and has been extensively cracked open by a range of independent (which is to say they don't sell ‘products') white hats.
What was unusual, however, as far as I can tell, is the synchronised way that all this happened, amplified by the compulsive blogging by paid security boffins. But get this. Far from hyping Conficker as the crack of doom as some have assumed, the overwhelming majority of them did their best to say as little as possible that was specific. Most sat glued to the fence as hard as they could, and have stayed there ever since.
A quick tally...
It's going to get you (the experts say)
Most of the world's TV, radio, cable and newspaper media, but what do these guys really know?
We will give you money if you tell us who wrote it.
It's sort of interesting...but we wouldn't dare make any predictions.
Who cares? We can remove it anyway.
It's hype and we're off for a round of golf.
Conficker was the big security story of the year of which nobody with any real understanding was willing to say very much.
The mainstream opinion is that it is for the best if the world gets the odd scare over security because it stakes the sort of complacency that will one day ruin a network or a PC, or the world. The danger is that turning the amp to 11 risks drowning out everything else.
What this suggests is that the security world has long tentacles but not necessarily sensitive ones. A herd mentality takes over, people join in because they feel they have to say something, and smaller, less sinister and possibly more dangerous threats can still go totally unnoticed. Nothing mush actually gets said, however, because that would risk credibility.
It's a disaster in the making, possibly, we think, maybe, perhaps.
The one positive from Conficker is that word ‘botnet' has entered the playground and omnibus lexicon of ordinary mortals, not a huge revolution in security awareness but more than a thousand press releases from government security campaigns could ever have achieved. Who knows, perhaps we need more scares.