Conficker: the new warfare

Remember the quasi-Millennial panic about the Conficker worm back in April? It turned out to be nowhere near as nasty and damaging a threat as it had been painted, but it was still unique in a number of ways – most notably in its own methodologies, and in the way the security and computer industries pulled together to defend against it. New Scientist tells the story:

… frenzied headlines were proclaiming the impending meltdown of the internet. But 1 April passed without event. This was not a total surprise. After all, it was just the first date on which the worm’s URL strategy could change – it was still up to its creators to flick the virtual switch. To the outside, it looked like a gigantic April Fool.

And indeed it may have been. In fact, the whole URL business was probably a red herring: using a centralised URL to release a worm upgrade – even one as painstakingly concealed as Conficker’s – is not a particularly sensible approach. It gives the authorities a specific target to counter-attack. From the second version onwards, Conficker had come with a much more efficient option: peer-to-peer (P2P) communication. This technology, widely used to trade pirated copies of software and films, allows software to reach out and exchange signals with copies of itself.

It’s an interesting story – one with a remarkably movie-like plot, albeit devoid of the vest-wearing tough guy heroes and big CGI explosions that you’d need to script in to sell it to Hollywood…

But what’s worth noting is that this is a new form of warfare, a bloodless and almost entirely computer-based iteration of fourth-generation insurgency that relies on subterfuge and networking to achieve its aims, and demonstrates complex strategic thinking on the part of its instigators. It’s good to see that the expertise exists to combat it, but you have to wonder what would happen if something similar was targetted specifically at a nation-state like the US, whose military brass have demonstrated a poor understanding of the web’s flat battlefield.

You can’t deploy tanks against this sort of threat; the game has changed.