The significant characteristic of the C-Level Virus is the request from a CEO, CFO, CIO (C-level) executive to learn if we are protected against “I have no specific details, but I heard it on the news.” Much like the hoax, its payload is the consumption of resources.
There are new threats every day; see some of the Current Treat News links. To appear in a broadcast news report, there must be something peculiar about the payload. “You’ll see a floating Obama head,” for example, is newsworthy.
It is nearly impossible to confirm protection against these newsworthy threats because it was reported locally. There is no sample in the wild. It is not a significant threat.
The Sophos Security Threat Report for July 2009 contains a sidebar (on page 10) titled “Conficker – A worm gains notoriety” which lays blame for Conficker fears such as “Will your PC be jacked on April first?” (in the British tabloid The Sun) “The Conficker Worm: April Fool’s Joke or Unthinkable Disaster?” and “PC security forces face April 1 showdown with Conficker worm” at the feet of journalists who ignored computer security professionals.
The C-Level Virus diverts resources to low risk threats. Unfortunately, there are few mitigation measures available to defend against the C-Level Virus.
