Security Researchers Worry About Worm Activation; Best Practices to Avoiding the Worm

By Matthew Harwood

IT security experts are fearfully awaiting the activation of an Internet worm believed to have infected over 1 million computers worldwide, according to USA Today.

The worm, known as "Conficker" or "Downadup," searches for and infects computers that run Microsoft Windows operating systems and failed to download a vulnerability patch released by the company in October.

The worm first appeared on Jan. 7. Tech security researchers say it probed for and implanted itself on any unpatched Windows PC. It then scanned for, broke into and infected all nearby computer servers. It also implanted itself onto any portable device plugged into the PCs' USB inputs, such as a thumb drive storage stick, an iPod or a digital camera. When the corrupted device was plugged into another computer, that machine became infected — and began searching for other PCs to infect.

Once activated, security experts worry the worm could steal massive amounts of personal information or coordinate an enormous spam blast.

Another problem is that the majority of infected computers are in China, Russia, and Brazil where pirating of Microsoft products are most pervasive, reports the Telegraph. People running pirated copies of Microsoft Windows do not have access to the security patch, and thus will continue to carry and spread the worm.

But there are things companies and individuals can do to protect themselves.

USA Today reports US-CERT's National Cyber Alert System recommends corporations disable the "autorun" feature within Windows. Microsoft has also issued a cleanup tool, but the worm blocks any Internet traffic to the tool. 

"Computer users," reports the Telegraph, "are advised to ensure their antivirus software, operating system and firewall is up to date, and that they have installed a Microsoft patch designed to combat the problem, MS08-067, which is available from the Microsoft site."

View Recent News (by day)


Beyond Print

SM Online

See all the latest links and resources that supplement the current issue of Security Management magazine.