HDTV/3D TV News
Mark Bowden, the author of Black Hawk Down, is to release a new book next month based on the Conficker worm, which infects Windows operating systems.
Whilst Conficker has now been inactive for some time, it is thought to still be installed on PCs all over the world.
This isn’t a worm that, like many before, destroys Windows and creates bizarre errors that alert users to its presence. An average user wouldn’t even know that it was there and as many users around the world still use older operating systems, this allows for re-infections.
The malware was first discovered in 2008 and managed to infect around 12 million computers in over 200 countries.
These included government and military computers, and the author of the worm has never been found.
In theory then, it is possible that the author still controls a huge botnet and in his book, Bowden uses that theory to explore the possibility of “the first digital world war”.
According to the International Business Times, who looked at Conficker in a special report in January this year, the malware might be a few years old, but it is still potentially dangerous.
This is due in part to the sophistication of the worm – whoever wrote the software knew what they were doing.
The report states that the worm “wakes up” each day to check certain domain names for commands. This, the Times says, means that it could be told to perform certain actions at specified times in the future.
Bowden’s book looks at the possibility that the botnet could potentially control so many computers that it could become a weapon of mass destruction.
The book explores how the worm was discovered and the potential that it could take down the net.
In an interview with US radio station Fresh Air, Bowden explains that the botnet is still “out there and very, very dangerous.”
He says that a large DDoS attack could take down internet services and this could lead to it being overwhelmed and effectively going down.
This, he says, would lead to loss of life as air traffic, telecommunication and health services would be affected.
Whilst he thinks that the worm was probably created by cybercrooks in order to make money, it is the potential that it has as a weapon that is worrying security experts.
It’s unknown where Conficker originated. The IP was tracked to Argentina, but this is likely to have been routed and it is thought that its origins may be in the Ukraine.
Bowden says that a Ukrainian group were recently arrested using the botnet to drain US bank accounts of all their funds, stealing over $70 million overnight.
However, it is thought that they leased the botnet, rather than being the original creators.
Another reason that the malware is suspected of originating from the Ukraine is that it’s capable of checking which language is used on an infected computer, and it destroys itself if it finds it’s on a Ukrainian machine.
Whilst the group that got together to stop it had some initial success in fighting the Conficker worm, the writer of the malware soon brought out a new version designed to fight back.
This meant that they could write more complicated generation software which the worm uses to generate web addresses through which it can communicate with its controller.
Bowden believes that the creator of the malware has a thorough understanding of the IT security industry and was able to stay ahead of the game because of this knowledge.
Government agencies were apparently ill-equipped to deal with Conficker as they had neither the knowledge, nor the equipment, to deal with such a sophisticated attack.
Bowden also points out that the later strain of Conficker was due to contact the controller on April 1st 2009 and had access to the TLD of every country in the world.
Whilst nothing happened, it certainly could have and if nothing else then its arrival and subsequent infection rate has woken governments up to the real risks of botnets.
While governments in this country and the US seem to be concerned that hackers are the real risk, it seems that they should be more concerned with educating both themselves and the public about the issues surrounding computer security and botnets.
Comments (0)
