Asia's Source for Enterprise Network Knowledge

Friday, April 25th, 2014

Information security management

DNSChanger Internet doomsday threat fizzled, impact minimal

Now that the feds have cut the lifeline for Internet users infected by the DNSChanger malware, we find that the result of that action wasn't quite the "Internet doomsday" that some had predicted.

DNSChanger caused a panic because it was routing Internet traffic through rogue servers, which the Federal Bureau of Investigation seized and shut down in late 2011. The FBI was hosting surrogate servers to keep infected users online, but pulled the plug on Monday, forcing users to get clean or risk losing their connections.

But as of Sunday night, the FBI estimated that only 41,800 computers remained infected by DNSChanger, the Associated Press reports, and some Internet service providers are offering their own solutions to keep customers online. It's safe to say the cutoff day has been free of catastrophes. "We're not aware of any issues," FBI spokeswoman Jenny Shearer told the Boston Globe.

The Warnings Worked

In light of the aftermath--or lack thereof--you might see this whole ordeal as overblown. But there's another way to look at it: The information campaign worked.

As of February, half of all Fortune 500 companies owned computers infected with DNSChanger, and an estimated 350,000 computers around the world were still infected.

I first wrote about DNSChanger in April, but by then, the FBI's original cutoff date had already passed. A federal judge extended the deadline from March to July because not enough people were aware of the situation.