Microsoft Collaborates With Industry To Disrupt Conficker Worm

Microsoft has announced a partnership with technology industry leaders and academia to implement a co-ordinated, global response to the Conficker (aka Downadup) worm. Together with security researchers, the Internet Corporation for Assigned Names and Numbers (ICANN) and operators within the Domain Name System, Microsoft has co-ordinated a response designed to disable domains targeted by Conficker. Microsoft has also announced a $250,000 reward for information that results in the arrest and conviction of those responsible for illegally launching the Conficker malicious code on the Internet.

“As part of Microsoft’s ongoing security efforts, we constantly look for ways to use a diverse set of tools and develop methodologies to protect our customers,” said George Stathakopoulos, general manager of the Trustworthy Computing Group at Microsoft. “By combining our expertise with that of the broader community, we can expand the boundaries of defense to better protect people worldwide.”

As cyberthreats have rapidly evolved, a greater level of industry co-ordination and new tactics for communication and threat mitigation are required. To optimise the multiple initiatives being employed across the security industry and within academia, Microsoft helped unify these broad efforts to implement a community-based defense to disrupt the spread of Conficker.

Along with Microsoft, organisations involved in this collaborative effort include ICANN, NeuStar, VeriSign, CNNIC, Afilias, Public Internet Registry, Global Domains International, M1D Global, AOL, Symantec, F-Secure, ISC, researchers from Georgia Tech, the Shadowserver Foundation, Arbor Networks and Support Intelligence.

“The best way to defeat potential botnets like Conficker/Downadup is by the security and Domain Name System communities working together,” said Greg Rattray, chief Internet security advisor at ICANN. “ICANN represents a community that’s all about co-ordinating those kinds of efforts to keep the Internet globally secure and stable.”

“Microsoft’s approach combines technology innovation and effective cross-sector partnerships to help protect people from cyber criminals,” Stathakopoulos said. “We hope these efforts help to contain the threat posed by Conficker, as well as hold those who illegally launch malware accountable.”

Microsoft’s reward offer stems from the company’s recognition that the Conficker worm is a criminal attack. Residents of any country are eligible for the reward, according to the laws of that country, because Internet viruses affect the Internet community worldwide.