Organizations Avoid Ignoring Conficker, Advises Security Expert

According to Internet security specialists, Conficker worm is a state-of-the-art malicious software, which continues to appear on innumerable computers around the world. In fact, the malware is just right to launch cyber attacks, whether people responsible for it use it for their own criminal purposes or trade some portion of the bot network to other crooks.

Elaborating on its widespread impact, the specialists stated that Conficker spread through network shares along with USB devices that could halt a complete network even though it infected just one PC. This was possible by repeated trials for logging into all the computers of network, thereby starting off lockouts on the systems following excessive failed trials.

Rodney Joffe, Director of the Conficker Working Group (CWG), said - IP addresses of two airports in the UK came to notice infected by the worm during the routine scans by the CWG, as reported by ComputerWeekly on September 15, 2009.

Although the infected IPs had been noticed in the networks' guest accounts, yet the disturbing fact was that the worm continued to be on those networks, causing possible damage to the IT set-up of the airports, said Joffe.

Moreover, printers and other devices operable on Windows were at risk of attacks that could harm the computer network, like Conficker, which struck the IT set-up of Ealing Council this 2009.

The worm impacts all devices used on a Windows network. This means that equipments like printers can be responsible for rapid re-infection although companies spend on purifying each networked PC. The security specialists further said that it was difficult to detect such re-infections, as majority of the devices were devoid of consoles by which IT managers normally examined the operating software.

The specialists cautioned that the impact of Conficker could be astounding if it turned on, thereby allowing its seizure and dispatch of financial information.

Joffe said - organizations should not think that since Conficker is now not so active. Those responsible for it wouldn't use it maliciously anymore, as reported by ComputerWeekly on September 15, 2009.

Joffe concluded that organizations, which ignored anything about Conficker, would themselves be liable for any harmful effect since they didn't act appropriately.

Related article: Organizations Integrating IT Security into Business Agenda

» SPAMfighter News - 9/29/2009