Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Even though there were no major incidents reported on April 1, after rumours circulated that computers infected with the Conficker worm would be hit, vendors have claimed that this was just a warning, and that users should remain prepared and covered.
Christopher Budd, security response communications lead for Microsoft, claimed that the security response centre team had not seen any actions outside of what they had expected. It had seen systems infected with the worm start to use the new domain generation algorithm, but hadn't seen any new variants released or any new attacks levied as a result of this.
Budd said: “While there's been a significant focus on the April 1 date, customers shouldn't take it to mean that once April 1 has passed that all the risks around Conficker.D lessen or go away. Conficker.D should remain a manageable cause for concern and it doesn't go away after April 1.
“Just like it has on 1st April, Conficker.D will continue trying to contact domains using this new algorithm on April 2, April 10 and beyond. This means that even though it hasn't happened today, a new variant or a new attack could be levied in the future.
“Customers should keep focused and keep doing what they've been doing: focusing on ensuring your systems are updated with MS08-067, keeping your security software signatures updated, and cleaning any systems you identify that are infected with any version of Conficker.”
Graham Cluley, senior technology consultant at Sophos, said: “I actually think most of the computer security industry were remarkably reserved and sane during the build up to Conficker, reminding people that there was no guarantee that the worm would do anything noticeable at all and that it was quite possible that hackers wouldn't give Conficker-infected PCs any new instructions.
“Of course, as I've been saying all along, the people behind Conficker could choose any day to instruct it to do something malicious - there was nothing which made it more likely on 1st April. So the need for you to remove Conficker is just as necessary today as it was yesterday, and will be tomorrow.”
Finally, Paul Henry, security and forensic analyst at Lumension, said: “Conficker is now armed and ready; all it lacks is the will of those who control it to put it to use. Let's not lose sight of the fact that it is not the infected machines we should be concerned for – it is the IP address of the victims that Conficker targets in the future that are at risk. “What level of comfort should people now have, knowing Conficker is updated but nothing has happened yet? We still have some sleepless nights ahead as it's not simply today we need to worry about, it's everyday in the future until Conficker is permanently shut-down.” See original article on scmagazineuk.com
“What level of comfort should people now have, knowing Conficker is updated but nothing has happened yet? We still have some sleepless nights ahead as it's not simply today we need to worry about, it's everyday in the future until Conficker is permanently shut-down.”
See original article on scmagazineuk.com
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.