The worm that nearly ate the Internet

A cyberweapon called EternalBlue, stolen in 2017 from the National Security Agency’s secret labs, has been used to attack the networks of entire cities — Baltimore is still struggling to free thousands of municipal computers infected just last month. Botnets also enabled Russia’s meddling in the presidential election in 2016, sending millions of social media users false stories.

Conficker’s botnet was easily capable of launching any of the above — and far worse. At its height, when it consisted of at least 10 million individual IP addresses, there were few computer networks in the world secure enough to withstand an attack from it. And yet it was used only once, to spread a relatively minor strain of “scareware” intended to frighten unsuspecting users into downloading fake antivirus software. That attack was surprisingly pedestrian, like taking a Formula One racecar for a slow ride around the block. Surely something bigger was coming.

But it never did. Why? Who created Conficker, and why bother if they were not going to use it?