Some thoughts about the Conficker worm. What is the Conficker worm up to and what does it mean for you? And in our attempts to stop the worm, are we actually creating the ultimate security hole? Some food for thought.
The Conficker worm series has been around for quite some time now, having been branded with versions Conficker.A - Conficker.D. With proper security measures, the usual: be aware of what files you're opening, know where your removable devices come from, and always keeping your anti-malware applications and OS up to date, you should be able to avoid infection. Conficker can spread in multiple ways and this should open up many individuals eyes about just how serious the consequences can be if you choose to postpone your system updates.
Conficker has evolved and updated multiple times but perhaps what is most interesting is that there is still no definitive answer for what the worm actually does. The worm could steal credit card numbers and any other sensitive data you enter in your PC, it could be a massive April Fool's joke, it could use the millions of computers it has infected to send out massive amounts of spam e-mail, or coordinate an attack on specific targets (government computers, business servers, whatever the target may be). All of this could of course also be rented out to the highest bidder.
There have been a few reports of incidents with the worm and it's April 1st update procedures. An article from the Washington Post ( http://voices.washingtonpost.com/securityfix/2009/04/conficker_worm_strikes_militar.html?wprss=securityfix ) offers a few more reports about the worm - including some serious ones regarding an ATM and a nuclear missile installation. It's worth the read and interesting to see the amount of panic and havoc a computer program can cause today, as our dependency on computing machinery is immense. Of course the majority of which still run some version of Windows.
The goal of those creating the worm is to create something that affects the widest audience—which is why the developed a Windows exploit instead of something for Linux or Mac. Not because the Open Source world is perfect or OSX is invulnerable but simply because the majority of computers on this planet run some form of Microsoft Windows. The method by which the worm is introduced, the hole in the operating system that it exploits, to effect the most people, should be one that is undiscovered and within the OS itself - not a separate application. In other words, you would not search for an exploit in a game you run on Windows but instead a hole within Windows itself.
Microsoft released a patch in 2008 to fill the exploit(s) the worm used and prevent it's spreading to updated computers. No doubt many people have gone and checked their computers to ensure they have the patch installed. So, in our attempts to prevent the worm from spreading, by downloading these updates and so forth to stop the worm from invading our homes and businesses we have given the authors of Conficker one important piece of knowledge: the majority of Windows PCs that are updated, the ones that are in important places, have the code running that is inside that patch.
If there is in fact a error, a hole, in the code that Microsoft used to patch the Conficker exploit, the coders would be able to ensure a massive area of effect if they modified Conficker to exploit that security flaw.
What we ask now is that: in our attempts to stop this worm and protect ourselves have we given the Conficker authors precisely what they were after?
If you'd like to know some more about the virus, you can check out this article ( http://www.symantec.com/norton/theme.jsp?themeid=conficker_worm&inid=us_ghp_link_conficker_worm ) from Symantec and some quick searches on Google will have you on your way.
What do we suggest you do to try to keep you safe? Simple. Keep your firewall on, keep all your software updated as well as your operating system, and more than anything - know where your files come from and if the file can be trusted or not. Use the scanning abilities of your anti-virus software to help keep your computer clean. Even if a friend tells you their PC is not infected, scan their flash drive anyways, their e-mailed files, and don't use Autorun. For those who dual-boot you can scan your files in your alternate OS before moving files to Windows. And of course, you can always completely switch to Linux or Mac.
Copyright © 2010 The Moditory. All Rights Reserved.
Joomla! is Free Software released under the GNU/GPL License.
