You’re not a very forgiving bunch are you? :) At least, that’s the message I’m getting from the poll we ran overnight.
It looks like 30% of you feel that fellow system administrators should shoulder the blame for the recent Conficker worm outbreak which has affected business across the globe – because they have been too slow to roll out a Microsoft security patch.
Microsoft also felt the wrath, with 17% of respondents feeling that it is the operating system vendor’s fault for having the security hole in the first place. 53% hold the virus writers responsible for the worm which takes advantage of the flaw.
Who is most to blame for the Conficker (aka Downadup) worm outbreak?
So, the majority of users believe that the virus writers must take the ultimate responsibility for deliberately creating and unleashing this worm. And I think that’s right – we must never lose sight that they are the real villains of this story.
But what is most surprising to me is that so many technical people blame their peers for not doing a better job of defending their networks. Many companies appear to be incredibly frustrated by the constant need to roll-out emergency patches across their networks.
And worryingly for Microsoft, 1 in 5 people’s anger is directed in their direction for having the software flaw in the first place. Hey, does that mean those adverts of Bill Gates and Jerry Seinfeld didn’t have the desired affect to make us feel all warm and gooey when we think of Microsoft? Funny that.
Some of you took the time to add some extra comment on the poll. For instance, Clu-blog reader Richard wrote that he believed the answer was “Simple”..
“Network administrators [are to blame] for not taking patches and security seriously enough. There is no real excuse for not patching Windows, nothing to loose and everything to gain.”
Thanks to all 168 of you who participated in the poll. Maybe we’ll do it again sometime.
Disclaimer blah-blah: Please bear in mind that this poll is not scientific and is provided for information purposes only. The comments expressed on this page are those of a subsection of poll participants, and not necessarily those of Sophos. Sophos makes no guarantees about the accuracy of the results other than that they reflect the choices of the users who participated. Sophos reserves the right to edit participants’ comments for the purposes of clarity, brevity and decency. Sophos reserves the right not to publish the comments of all participants. Yadda Yadda Yadda.
