It’s that time of year again when most admins get more nervous about computer security. Why? April 1st is looming, and often malware is implanted on victims machines with an internal timer set to unleash its effects on April Fools Day.
Conficker is the perfect example. It is a dangerous computer worm that has targeted Microsoft Operating Systems and has already infected millions of computers around the world since its discovery in November 2008. The worm, also known as Downup, Downadup and other names, has a countdown in its code set to go off on April 1st, and until now we don’t have a clear understanding of its purpose. Whatever it does, it’s unlikely to be fun.
Conficker and its variants (A, B, and C – the most recent version) is believed to be a dormant worm that’s waiting to be triggered by its author. Maybe it will send information collected from its victim’s computers, maybe it’ll set off a coordinated attack to bring down major websites and/or search engines, or maybe it’ll just flood the Internet with calls from all its infected machines to eventually bring down a huge portion of the Net.
So what can you do to avoid Conficker?
– Make sure your system has been updated with all available Windows updates. If the automatic update process is disabled then turn it on.
– Simply running anti-virus software is not enough, you have to use a comprehensive security suite
– Turn off the auto-run feature for USB keys
– Use strong passwords for your network access (including your wireless setup), and any application that requires a password
– Ensure that any shared folders are secured
So, will we see a new version in 2011? Only time will tell…