Arm Yourself Against Conficker

By Mike on 9:00 am

Filed Under: , ,

There's been a lot of talk lately about the Conficker worm, a computer trojan also known as Kido or Downadup. Computer hacking has gone way beyond what was presented in films such as War Games and Hacker. Originally, it was just for sport; however that has all changed in about the last five to ten years. The new trend is creating botnets, networks of computers infected with a virus that can be remotely controlled by black hat hackers or script kiddies. (A script kiddie is a non-technical person using pre-packaged tools to hack and control systems. A black hat is a hacker who breaks into systems for malicious purposes. White hats are hackers who test security systems from vulnerabilities) Huge sums of money can be made, even from hacking into home computers. They can skim credit card information when you make purchases, get online banking login info to break into your account, and get personal information to steal your identity. Botnets can collect this information en mass or are used to send out large volumes of spam emails or to replicate and spread the original virus.

What makes Conficker such a problem is it's ability to update itself. It is estimated that it has already infected 9 million machines, up from just 3 million a week ago according to F-Secure. Not only does it spread through infected websites but also over USB sticks and local area networks. It logs into a series of domains to check for updates, meaning that the worm can thwart attempts to remove it. On April 1st, 2009, it is estimated that all 9 million of these machines will begin phoning home and it is the expected date in which its creators will activate the botnet. The problem is so severe that Microsoft has actually put a $250,000 bounty on the head of its creator.

So how's at risk and how can you stop a Conficker infection, or any other virus? Anybody who uses a Windows based computer are at risk. Mac and Linux users are safe from Conficker. If you are a Windows user, the only way to be 100% secure from viruses and malware is to disconect your modem/LAN from the wall and never attached any peripherals to your system. This is obviously impractical so you'll be wise to keep your computer locked up like Fort Knox instead. Here's some tips for all users to improve system security.

1. Update your OS to the latest service pack
Service packs are major software updates for operating systems. They include cumulative security patches and sometimes offer new features. Your system should have the latest pack. If your an XP user, you should be running Service Pack 3. Vista users should have Service Pack 1. You can find out by right clicking the Computer icon on the desktop and selecting properties. It will provide you with system info. Mac users running Leopard should have OS X 10.5.6 installed, which you can check by opening the Apple menu and selecting "About this Mac". Service packs are updated through your system's update program.

2. Fully update everything else
Besides service packs, make sure your OS is up to date as far as everything else is concerned, especially with the latest security patches. Once again this can be done through the update menu. For power users, I recommend turning off automatic updates, instead letting it tell you what updates are available. It lets you pick and choose. For everyone else, just enable automatic updates. Web browsers should be updated to the latest version in particular as well as any other programs that connect to the internet. You should be running Internet Explorer 7 or Firefox 3.

3. Use a good anti-virus program
There are a lot of choices available. Symantec and McAfee are what most people use but these programs tend to be bloated and require a lot of system resources to run. Free anti-virus software is usually much lighter and often just as good or better than commercial counterparts. A lot of enterprise anti-virus companies such as AVG and Avast provide free home versions of their software. You should also get anti-spyware software. Windows Defender is a good enough free program for Windows users that offers background protection. Many other free alternatives such as Ad-Aware require manual scans.

4. Turn on your firewall
The built in firewall through Windows and Mac OS X are fine. Make sure it's turned on. For added security, you can set it to stealth mode meaning other computers cannot even see you online unless you access them first.

5. Don't visit unsavory websites
A lot of "free" porn sites, P2P channels, and pirated software portals are infested with malware. While legitimate sites can become infected, the vast majority comes from the more unsavory websites. Just stay away from these.

0 comments for this post