Do the normal rules of engagement apply here? When I was in the telecommunications industry, we tackled problems like this systematically:
- Identify the risk.
- Identify the number of infections.
- Allocate all parties and resources necessary to resolve.
- Run hourly checks to ensure every compromised system is attended to.
- “Lessons Learned” with all parties involved once 100% resolution is attained.
Seems like documentation and tracking are the key. At my former company, we used massive spreadsheets and sent updates to those assigned to verify resolution and remove the record. What would scale on the Internet, considering it is between 3 million and 12 million records?
Another question: Should this all be centralized is a consortium? I have mixed feelings with this. In a corporate office it certainly was convenient to have strict policies and standards. Consistent problems bring consistent solutions, as the saying goes. I also consider myself a free market and free Internet kind of technologist.
Perhaps just a crowd-sourced site (I know, I know) focused on the resolution of all the Confickers of the world, providing information, links, etc. would be on the right course. Make it a condition that all the information is Creative Commons and low and behold, maybe we’d have a winner.
Here is CNN’s information regarding recent activity on Conficker. What troubles me about it is the apparent loss of hope in a resolution. Kind of makes me sad to think that Sunday breakfast table conversation might end up starting with Dad opening a newspaper and asking “I wonder what Conficker is up to today?” Very disturbing.
We need to do something about this before it starts to reflect badly on the tech community.