Posted by: Troy Tate
anti-virus, antivirus, Conficker, endpoint, endpoint protection, information security, lessons learned, malware, Microsoft, network, patches, patching, predicting future, Security
1. The media can take a story about Information Technology and say nothing of substance. What did the 60 Minutes story do for the IT industry? It made Symantec look like they could not effectively address security risks and might even create a sense of false security. I wonder how the CBS IT staff felt when it was revealed that some computers had been compromised. Who was this April Fools joke for? Working in IT at times makes you feel like Rodney Dangerfield – “I don’t get no respect”
2. If YOU don’t patch it… the bad guys will. Correct patching does stop malware. Microsoft told us about this issue October 2008. It took about a month for the first Conficker release and the number of infected systems has been growing ever since. The largest growth of infections has been on those machines running a pirated copy or on systems where patches are not applied. Conficker applies its own patch to prevent other malware from exploiting this vulnerability.
3. An up to date, running and effective antivirus is a good thing. It doesn’t do any good to have out of date anti-virus or have it disabled. It works only when enabled.
4. IT Industry giants can work together when needed. The Conficker Working Group has a significant number of vendors, who on any other day might be competitors, cooperating to manage the potential risk of the Conficker malware. These giants include: Afilias; AOL; Arbor; Cisco; ESET; F-Secure; Facebook; Global Domains International; ICANN; Internet Storm Center; Internet Systems Consortium; Juniper; Kaspersky; McAfee; Microsoft; Neustar; NIC Chile; SecureWorks; Shadowserver; SRI International; Support Intelligence; Symantec; Team Cymru; Trend Micro; Verisign.
5. Like Aldous Huxley says, “Facts do not cease to exist because they are ignored”. Ya still gotta be wary of the potential implication of a Conficker, or any other similar malware, and its impact on global IT infrastructure. Keep your systems patched with effective endpoint security products like anti-virus, firewalls, intrusion prevention and such. Disable the auto-run feature on removable media. Don’t you want to be in control of your system rather than it controlling you? I predict that there will be something like Sasser all over again – the sky isn’t falling – but it does show some cracks at times.
What other things do you think was learned from this non-event?
Thanks for reading & let’s continue to be good network citizens!