Sunday, March 29, 2009

Media hysteria

The media appears to be prepping us for the next Y2K technology disaster with the Conflicker worm on the first of April. Headlines like “Conficker worm threatens April Fools' chaos” are not designed to be informative simply inflammatory. The media hasn’t been in the business of providing balanced reporting for a long time now. If you actually read the article you’ll find the following:

 

“But researchers who have been tracking Conficker say the date will probably come and go quietly.”

 

which doesn’t make for a very exciting headline does it? That certainly isn’t going to get people reading your paper is it now?

 

If you were a bad guy who controlled a whole swag of machines via the Conflicker worm why the hell would you want anyone to know? Simply put, it would spoil your revenue stream because cybercrime these days is much like any commercial business, it is all about making money!

 

It does however illustrate an interesting issue, where does the average PC user go to get information about keeping their technology secure? The prevalence of Conflicker worm seems to demonstrate that not many understand the need to update their system regularly, given that the patch to prevent Conflicker has been available since October. So where do they turn? The article fails to provide any links or explicit instructions as to what a user can do to even check their systems.

 

This again plays into the hands of the bad guys, more or less ensuring that their infections will continue to spread. I often wonder what sort of drag the effects of cybercrime have on the economy? The cost of lost time and productivity, the cost of cleaning up infections and potential cost of lost or compromised information. Pro-active security is always cheaper than reactive measures yet judging by the number of Conflicker infections that is the minority opinion.

 

Why? Where is the system failing? Why aren’t more people being made aware of the potential threats to their systems? Are people, in fact, choosing to ignore these warnings in the belief that it can never happen to them? Why has it become so difficult to protect even the most basic PC installation? Honestly, I don’t know the reasons but the potential end results of this ignorance are clearer everyday yet it seems the world become less and less secure with every machine that is connected to the Internet.

 

As I have said before, it’s a brave new world and you are the only one responsible for your security, because few out there, media included, are going to provide you with any meaningful or helpful information. Isn’t that nice to know when you’re swimming with the sharks? The only solution I can provide is knowledge. If you don’t understand the threat, learn. If you want to protect yourself and your information, learn. Luckily, that’s is one thing the Internet is good for – information.