Public/Private partnerships reached a new level of cooperation over the past week, as unprecedented collaboration emerged to fight the Conficker Worm. Of course, it doesn't hurt that Microsoft has offered a $250,000 reward for information that leads to an arrest and conviction of those responsible.
The Washington Post ran a major story on this week's developments. Here's an excerpt:
"... Security experts say the worm may be the first stage of a larger attack. By using a mathematical algorithm, Conficker can tell infected systems to regularly contact a list of 250 different domain names each day. If just one of those domains is registered by the virus writer, it could be used to download an as-yet unknown secondary component to all infected systems maliciously, such as malicious software.
'This worm would be a marvelous tool in hands of whoever can control it, but the real harm from it has yet to be felt, and we're trying to postpone that day,' said Paul Vixie, founder of Internet Systems Consortium, a Redwood City, Calif., company whose open-source software powers millions of Internet servers around the globe."
The work being done to battle this worm could form a new model for fighting future malware. Law enforcement is working with academia, private sector companies, and Internet policy groups to develop new ways to work together. The security research community is even working with other countries such as China to defeat new cyber threats.
It will be interesting to see if this new trend continues or reverts back to previous patterns. With the new stimulus money identified for technology research, I'd say the former.
What are your thoughts on working together to fight malware? Will it last?
