The $250,000 bounty offered by Microsoft is too much too late.
Nick Garlick, managing director of Nebulas Security, claimed that businesses' apathy to IT security is shocking and they could have taken simple steps to protect themselves from the Conficker worm.
Garlick said: “Microsoft's resolve to catch malware authors and so protect its customers is totally understandable. However, what is incomprehensible is that the 12 million computers infected with the virus could have been easily protected – had their users taken simple, routine measures to install the necessary patches and up-to-date anti-virus software.
“Security breaches are entirely preventable – effective and inexpensive technology exists to prevent them. Conficker illustrates the point yet again: network and IT administrators must make security a priority. It should be so ingrained in their culture that patching and anti-virus updating is routine and regular – it's incredibly frustrating that these lessons still aren't being learned. Pre-empting this type of situation is easy, compared with dealing with the havoc, loss of reputation and confidence which they create.
“If security breaches carry on unchecked, the day when customers start taking action against breached organisations can't be far away.”