IT Compliance Advisor

Mar 30 2009   2:01PM GMT

60 Minutes: ‘The Internet is infected’ with the Conficker worm



Posted by: GuyPardon
Tags:
Anti-Virus
April Fools Day
Conficker
Denial-of-service attack
Information security
intrusion defense
malware
Microsoft
Microsoft Windows
Security
security policy
Windows Malicious Software Removal Tool

Leslie Stahl’s segment on 60 Minutes on the danger of the Conficker worm releasing a massive DDoS attack or other malicious action on April 1 has received widespread attention in the public eye and expressions of doubt from around the blogosphere, particularly in the security community. If you missed Stahl’s segment, there is an excellent demonstration of a hacker compromising and then mirroring her system, along with a discussion of the dangers that a global infection could pose. You can watch the “Is the Internet Infected?” 60 Minutes segment at CBSNews.com.

When asked this morning about the likelihood of the Conficker worm setting off a nasty April Fool’s Day surprise , SearchSecurity.com’s Rob Westervelt noted both the lack of sourcing for the story and the FUD that has surrounded the worm in the media. Citing both Microsoft and independent security experts, Westervelt suggested that patched, protected systems should have nothing to worry about on Wednesday. Robert McMillan of PC World, for instance, feels that fears of a Conficker meltdown are greatly exaggerated.

What can be done, if you are still worried? Eric Ogren wrote at SearchSecurity.com that the Microsoft Conficker worm offers attack prevention lesson and suggested the standard response to Web security threats: Run AV software and update patches. Microsoft has also provided a resource page for IT administrators, “Help Protect Windows from Conficker.”

Michael Horowitz, over at Computerworld, recommended the following steps to combat the Conficker worm:

Good luck out there. If concerns over the Conficker infection prove justified, it could be an ugly week in the IT world.

UPDATE: Westervelt also reported that the Conficker flaw has yielded a new tool for detection.

“Security researchers have developed a new tool that can scan the company network and remotely detect machines infected with the Conficker worm.

A proof-of-concept scanner was released by the Honeynet Project, a nonprofit security research organization. The tool is also being made available on many network scanning vendor tools: Tenable (Nessus), McAfee/Foundstone, Nmap, nCircle and Qualys.”

You can download the Honeynet Project’s scanning tool from Honeynet.org.

Reblog this post [with Zemanta]

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: