Posts Tagged ‘conficker’

TechRadar.com put together a list of the “10 easiest ways to boost your online security“, a list that mostly focuses on minimizing your risk of infection online. With the rise, and continued threat, of Conficker, a list like this will help you augment your security defenses.

1. Augment your anti-virus tool
2. Switch to plain text mail
3. Don’t click mail links
4. Vet your email
5. Switch web browser
6. Check web sites before you visit (with Web of Trust)
7. Manage your passwords
8. Screen all downloads
9. Know P2P basics
10. Create a virtual sandbox

Some of this is a little technical, so read on here for full details.

The list is, however, missing one major thing, so I’m going to put that at item zero – UPDATE your software. This includes your operating system as well as the software that runs on it – most of this you can automate, but don’t keep dismissing those reminders to update and restart. At least 11% of PCs are currently unpatched with the latest Microsoft update, making them even more vulnerable to threats such as Conficker.

The Conficker worm continues to cause mass anxiety. Microsoft is offering a $250k reward for information about the cybercriminal and the industry is banding together to try to stop the spread of the worm that has infected 2-10 million PCs.

So far, the infected computers haven’t been used for malicious activity, but analysts think it’s only time before that happens. This could be the first stage to a larger attack – a single algorithm can tell Conficker-infected systems to contact domain names and be used to download malicious software.

“This worm would be a marvelous tool in hands of whoever can control it, but the real harm from it has yet to be felt, and we’re trying to postpone that day.” – Paul Vixie, founder of Internet Systems Consortium

Security researchers are working to register as many of the domains as possible that are being sought by Conficker in an attempt to prevent them from hosting malicious software. For those registered by others, the registrant information is being investigated for any ties to the cybercriminals behind this worm. In order to handle the scale of this attack, and future attacks, the industry has had to band together to co-ordinate efforts with governments around the world. For example, for the first time ever, domain name registrars have agreed to shelve Conficker domains, preventing them from being purchased.

There’s also a new Conficker B++ variant which may be a response to blocked ability to register many Conficker domains. We suggest doing what you can to update your systems (see the latest Microsoft Security Advisory) to prevent your PC from being at risk.

And while on the topic of malware, Roger Grimes writes that the only malware cure is to start from scratch.
You may also want to read Bruce Schneier’s analysis of Conficker and how it’s spreading.

Image; wax115 @ morguefile