April 1st Conficker.D: More Bark Than Bite?

I’ve been reading on forums that people are suspecting if Conficker is being hyped by bored newsrooms and antivirus companies eager to keep subscriptions going in a downwards economy.  I’ve just been watching CNN and I’m leaning towards the cynical point of view *how strange for me!*

There is a real threat.  No doubt there.  But is it really as bad as reported?  I’ve just been watching CNN and it’s up there with the “Is this the End of Days” reporting from a few years ago.  Newsrooms thrive on fear.  People are addicted to it.  It sells papers, drives up web page hits and most importantly, it sells advertising.

CNN had some AV guy on who suggested everyone buy AV software and subscriptions.  What a shocker!  They read some Twitter tweets.  Everyone questioned the reality of the threat except one message from a security consultant.  CNN’s advice was pathetic:

  • Check your email attachments: Great.  What about USB sticks and RPC ports?
  • Use complex passwords: That won’t help one bit with Conficker.  It doesn’t give a damn about your password.
  • Install/update your antivirus: Woohoo, sell some licenses.

The one bit they did get right was how to tell if you’re “owned”.  Try open a antivirus web page such as Trend Micro or AVG.  If you can’t:

  • Ensure your Internet connection is working.
  • If it is then you’re probably infected with Conficker or something else.

The best defence is to ensure that your Automatic Updates is working.  Microsoft released an update last October to defend against this thing, long before it was on the Internet.  If you think you have Conficker then download the Malicious Software Removal Tool from Microsoft.  The best defensive strategy:

  • Make sure the firewall on your Internet connection is working correctly and blocking all but the required inbound traffic.
  • Raise your Windows Firewall to defend against threats.  Administrators can force this in “public” or non-domain mode using Group Policy.
  • Run Automatic Update to ensure you have all security updates from Microsoft and reboot after the installations.  The install isn’t complete until you reboot.
  • Disable autorun in Windows.  This will help stop Conficker from getting on your system from removable storage, e.g. USB sticks.

Odds are, this is more Y2K hype but it doesn’t hurt to be careful and to stay careful.

EDIT #1:

Thanks to Enda Flynn (TechNet Ireland Manager) for this link from MS.  It contains informaton on how to defend yourself from Conficker.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.