AT ITS peak, the Conficker Worm had control of at least 8 million computers. Conficker didn’t steal credit card numbers; it quietly took over computers and waited for instructions. You wouldn’t know it, but your computer would be a part of an army: a botnet that could be used for fraud, spam or a coordinated assault that could not only take down any website in the world but the entire Internet itself. In the fall of 2008, it was just waiting for instructions.
In Worm: The First Digital War (Atlantic Monthly Press; $25), journalist Mark Bowden tells the story of Conficker, and of the brilliant and dedicated group of volunteers who came together to fight it. I asked Bowden how Conficker came to his attention. He told me, “A front-page article in the Wall Street Journal in January 2009, which I remember vividly because I read it and didn’t understand anything about it.” Bowden wasn’t the only one who had trouble understanding the threat. Our national security agencies were slow to get the picture. I asked Bowden to describe the role the government played: “Well, I think the way it was described in the DHS’s own report was ‘Zero involvement.'” But luckily, some folks were paying attention. Researchers at Menlo Park’s SRI International spotted Conficker early and picked it apart to discover how it would be receiving instructions. Because the worm employed state-of-the-art cryptography, it could not receive commands from anyone but the botmaster. But there was an opportunity to do something. The worm automatically and predictably generated 250 domain names a day and contacted them looking for instructions. It would be possible to stop the botmaster from talking to the botnet. And all it would take would be to register 250 domain names a day, indefinitely. An expensive task, but it would buy time.
Next, it would be necessary to track down the worm’s shadowy maker, while securing every domain name the worm would contact. Security experts began to coordinate around the problem, and one in particular, Rick Wesson, began rack up some serious credit card debt for the good of all the Internet. They called themselves the Cabal. “There is a kind of spirit in the Internet world and the computer networking world,” Bowden told me. “A desire to protect what is an extraordinary tool and one of the great achievements of modern times.”
Bowden opens every chapter with a quote from the X-Men comics. At first, this seems a bit silly, but the more one reads, the more appropriate it feels—a group of special individuals coming together for the good of everyone. “I think they deserve all the credit in the world,” Bowden says. “The fact that they did this on a volunteer basis is fairly remarkable. So we owe them all a debt of gratitude.”
Mark Bowden
Tuesday, 7pm
Computer History Museum, Mountain View