IT Trenches

Apr 2 2009   8:53PM GMT

5 Things we learned from the Conficker non-event



Posted by: Troy Tate
Tags:
anti-virus
antivirus
Conficker
endpoint
endpoint protection
information security
lessons learned
malware
Microsoft
network
patches
patching
predicting future
Security

1. The media can take a story about Information Technology and say nothing of substance. What did the 60 Minutes story do for the IT industry? It made Symantec look like they could not effectively address security risks and might even create a sense of false security. I wonder how the CBS IT staff felt when it was revealed that some computers had been compromised. Who was this April Fools joke for? Working in IT at times makes you feel like Rodney Dangerfield – “I don’t get no respect”

2. If YOU don’t patch it… the bad guys will. Correct patching does stop malware. Microsoft told us about this issue October 2008. It took about a month for the first Conficker release and the number of infected systems has been growing ever since. The largest growth of infections has been on those machines running a pirated copy or on systems where patches are not applied. Conficker applies its own patch to prevent other malware from exploiting this vulnerability.

3. An up to date, running and effective antivirus is a good thing. It doesn’t do any good to have out of date anti-virus or have it disabled. It works only when enabled.

4. IT Industry giants can work together when needed. The Conficker Working Group has a significant number of vendors, who on any other day might be competitors, cooperating to manage the potential risk of the Conficker malware. These giants include: Afilias; AOL; Arbor; Cisco; ESET; F-Secure; Facebook; Global Domains International; ICANN; Internet Storm Center; Internet Systems Consortium; Juniper; Kaspersky; McAfee; Microsoft; Neustar; NIC Chile; SecureWorks; Shadowserver; SRI International; Support Intelligence; Symantec; Team Cymru; Trend Micro; Verisign.

5. Like Aldous Huxley says, “Facts do not cease to exist because they are ignored”. Ya still gotta be wary of the potential implication of a Conficker, or any other similar malware, and its impact on global IT infrastructure. Keep your systems patched with effective endpoint security products like anti-virus, firewalls, intrusion prevention and such. Disable the auto-run feature on removable media. Don’t you want to be in control of your system rather than it controlling you? I predict that there will be something like Sasser all over again – the sky isn’t falling – but it does show some cracks at times.

What other things do you think was learned from this non-event?

Thanks for reading & let’s continue to be good network citizens!

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: