Conficker Worm: Legitimate Threat or April Fool’s Joke?

How do we keep this site running? This post may contain affiliate links — the cost is the same to you, but we get a referral fee. Compensation does not affect rankings. Thanks!

Worm on keyboardFor a while now articles have been surfacing in newspapers and publications such as Business Week, about the lack of comprehensive security in government agencies such as NASA. But what if the hackers don’t need to infiltrate government systems to pose a serious threat to computer users and their privacy, much less national security? Via the cloud computing concept, all hackers would need to do is infect a large number of personal computers.

Cloud computing for the dark side

That’s precisely what it appears the malicious Conficker worm is trying to do. An estimated 12 million Windows machines have been infected since last October (Linux and Mac computers are not affected at this time, but you should still apply regular security updates). The Conficker worm has the ability to remove antivirus software and disable Windows update protections.

What does the Conficker worm do?

But the question you’re still wondering is – what exactly does the worm do? Security experts don’t know for sure, the only certainty is that the virus is scheduled to trigger on April 1, 2009. Will it be malicious or merely an April Fool’s joke? Based on an analysis of the worm’s code by security professionals, there’s a number of possibilities as to what the Conficker virus might do:

  • Parallel computing – the Conficker worm could become a powerful parallel computer by taking control of all the PC’s it has infected and using them as one machine.
  • Rent out a massive network – the perpetrators could then rent out their cloud computing network for malicious purposes.
  • Peer to peer (P2P) network – Conficker could be used to create an intricate and complex peer-to-peer (P2P) file sharing system, similar to the way Torrent operates.
  • Dark Google, or Dragnet – the parallel network could be used to gather data from the millions of infected users, and make that data searchable via a Dark Google. This is potentially the most frightening implication of them all.

How to protect yourself against Conficker

Now that we’ve got you all stressed out and worried (sorry!), you can solace in the fact that you found this article and now have the opportunity to protect your computer from infection. Just follow these recommended steps:

  • If you’re running Windows, please install and run Microsoft’s Malicious Software Removal Tool.
    • When you run it, you can select “Quick Scan,” and it will check for Conficker and a few dozen other known issues. If you have time, you should also run the Full Scan.
  • Make sure Windows Update is set to automatically check for and download patches for your system every day. You may even wish to set it to automatically install them.
  • Make sure your systems are protected by a firewall. Preferably a hardware firewall, such as those sold by Linksys, but at least a software firewall, which all modern operating systems now offer (but which you may need to enable).
  • Install anti-virus software, and make sure it’s regularly updating itself to get the latest malware signatures.
  • Install and run Secunia PSI, which is a piece of software that can scan all of your installed third-party programs, and let you know if any are out-of-date, insecure, or unsupported. It also provides links to download any necessary updates for the software. This is the only tool we are aware of that has this capability — and many times, third-party applications are not being updated, even though they contain serious security risks.
  • If you’re still using IE 6, please consider updating your Internet Explorer browser to the current version. You may also wish to try Mozilla Firefox, a popular browser that has a good security track record.

Alex bring a series of in-depth articles on search marketing and content management systems as well as troubleshooting tips to We Rock Your Web's collection. He is an avid tennis player, nature enthusiast, and hiker, and enjoys spending time with his wife, friends, and dogs, Bella and Lily.

Leave a Reply

2 Comments on "Conficker Worm: Legitimate Threat or April Fool’s Joke?"

avatar
Anonymous
Anonymous

I vaguely remember hearing a little about the Conficker Work virus several years ago when the media had gotten a hold of that story. However, I do not remember understanding just how dangerous it could have been and just what the possibilities were if it had actually taken off as people had feared it would.

It carries more weight with me now as I have a much better understanding of the “cloud” concept and just how networking can function and be utilized in general. As a subscriber to Gmail and owner of a Google Android phone, I am more Googled-out than anyone I know and much of my life and the data about it is contained on the Google servers up in that great big cloud of theirs. Every email I have ever sent or received gets stored in my enormous inbox. That includes all the attachments that go along with that inbox and outbox as well. I have sent copies of blank checks and other sensitive information over the web, and it is still just hanging out there.

What the virus could have done was not only access my entire hard drive and memory but also gain entry to that entire cloud of information that could really mess my life up. That’s not all though, with the “Black Google” concept on the table, that means that all that data would be searchable too. That is more frightening because simply having access to data doesn’t mean that anyone can necessarily find what they want, but when you basically open up your entire world to the most powerful search engine in the world, then you may have big problems.

It is a tantalizing concept, and I am glad that it did not come to fruition. Still I must say that if it did, then maybe we all would have been amazed at how powerful it truly could have been.

Anonymous
Anonymous

Almost lost me in the beginning.

The first paragraph is headed, “What is the Conficker Worm?” yet neither answers that query nor gives background as to why that specific question is important. If you are like me and began reading without any specific knowledge of what the Conficker Worm was, this would be an important question to have actually answered from the get-go.

What was the Conficker Worm might at this point be a more relevant question. The article dates itself immediately with the “April 1, 2009” trigger. My first instinct after reading that the article is a few years old was to think: Why, then, should I even care about the Conficker Worm?

But the article still has merit despite its age. Historically speaking, the concept of a computer virus posing a major US security threat remains relevant, and I learned a lot by reading about what the malicious code could do. This type of knowledge is definitely good to have on file for me as a personal computer owner. Macs these days are targets as well, and should also take protective measures against infection, which I was glad to see was mentioned.

From the descriptions of what the possible trajectories of the worm activation could lead to, it is clear that the authors of the article have an elevated level of knowledge about the subject and about what the consequences of viruses are. I liked that the article did seem to be written for lay-people rather than for experts. This is an important point, since the general public is who is at the greatest risk for worm infection. Gaining the trust of this audience therefore is of utmost importance, and the author does so artfully.

The advice to protect your computer against the worm, however, is sound advice no matter what. The article being dated to 2009 threw me off a bit, because I wondered whether there were any updated security measures to take (technology moves fast in the computer world), but I still paid close attention to the protection measures. Because, no matter what, history has a way of repeating itself.

wpDiscuz

Send this to a friend