Dealing with Conficker Infections


« Defeating & Removing Conficker | Main | Neeris: Conficker Copycat or Conficker Inspired? »

04/01/2009



Dealing with Conficker Infections

Kevin R. Smith
Co-Editor


ZDNet brings word of at least one very high-profile Conficker infestation: The British Parliment.

At the very least, it has penetrated the entire Parliament IT system. Will the ministries be the next to turn up infected? The National Health Service hospital systems and Royal Navy Fleet have also been infected, according to ITWire.

What's got people in an uproar about this is that it's "an embarrassment" for the infection to've even happened given that Microsoft has had a patch out now for about six months.

I can't speculate as to the, "Why?" of how this happened there, i.e. "Why if a patch was available for months didn't a government agency marshall the resources to ensure the patch was deployed?" but rather what we will do is offer some of the advice quoted in the email sent to the users who're "directly connected to the Parliamentary Network,"

An additional characteristic of this virus is that for some types of files it can skip direct to the Network from a USB memory stick or other portable storage device (e.g. mp3 players) without hitting the virus checker software. We ask that for the time being you do not use memory sticks or any other portable storage devices on the Parliamentary Network.


The reason we bring this up is because while we haven't heard of any infections coming via MP3 players, that doesn't mean that such an attack vector isn't possible. MP3 players, phones, and other similar devices while small and user friendly give us all a very false sense of security because of their size and that we rely on them daily.

They're seemingly quite harmless. After all, it's just a cell phone, or it's just an iPod, but the reality is that they're little computers. Computers that are in many ways more powerful and more capable than most of us can ever imagine, and they're being used more and more by consumers and crackers alike in ways the designers and users alike never even imagined.

In fact, this brings to mind another similar recent attack vector: USB viruses in digital picture frames.

All-in-all, the best advice about protecting your computer and your network from infection are the same as always:

  1. Only plug things into your computer or network you know.
  2. Only open attachments you're expecting--even if ones you aren't expecting are from someone you know.
  3. Keep your computer Operating System patched.
  4. Keep your programs patched.
  5. Run the best antivirus and firewall software you can afford. Internet security software is an ideal choice for this.

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a0133f40d81f4970b01348764919c970c

Listed below are links to weblogs that reference Dealing with Conficker Infections :

Comments

You can follow this conversation by subscribing to the comment feed for this post.

The comments to this entry are closed.