K.C. Claffy, one of the computer scientists at the San Diego Supercomputer Center on the University of California, San Diego campus, just e-mailed me her latest thoughts on the Conficker worm.

As my post from last week detailed, the internet virus is looking like one of the scariest to come along in quite awhile. The authors of Conficker, also known as Downadup, are threatening to activate the virus on April 1.

When I last spoke with Claffy in January, she said the virus could be the work of “a teen just proving he can do this, or some billion-dollar scammer setting up an impervious spam network.” Now she is saying the virus is too complex to be the work of a bored teen.

Here is what she wrote in her e-mail to me:

Several people have told me that the code writers are extremely sophisticated, so by now I’d rule out ‘bored teenager’, or indeed, any single person, as the author. It seems more likely a group of skilled professionals who want to infect as many computers as possible to deploy a multi-million node platform at their whim/command. Except there’s no clear signal on what the objective might be, perhaps it’s just another botnet for hire.

What makes it feel like an episode of “24” is that we can tell the authors are refining the virus to be more robust and powerful as it’s spreading, making design choices that exploit both policy and technology weaknesses in the internet architecture, and remaining underground. While security researchers, ICANN (Internet Corporation for Assigned Names and Numbers) and law enforcement are handicapped by restrictions on data collection and sharing — it’s not even legal to study the operating system!

Any government, certainly the [United States], must look up and pay attention to that. The policy implications are profound.

Claffy forwarded me this link, which she called “actual scientific research” on Conficker.


Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.