So we sit on the brink of yet another malicious attack - the Conficker Worm - and wait patiently to see what evil it will unleash. Most of the online and print media have been sounding the alarm for at least the past week. Most have been reporting the facts as they are known, while others are sensationalizing the event in much the same way the Michelangelo virus was (for those that can remember back that far). While I do not mean to trivialize the potential impact of this malicious code, I never cease to be amazed at how attacks such as this still manage to negatively impact business and government systems in this day and age.
The Conflicker Worm is avoidable by insuring that Microsoft patch MS08-067 is installed (MS08-067 was part of Security Update KB958644, which was published by Microsoft in October 2008), and that anti virus signatures are current. While I certainly hope that I am wrong, I expect that we will read of organizations that will incur significant loses due to the effects of this virus. Implementation of some basic best practices such as automatic virus scans on a regular basis, keeping current on OS security patches and virus definitions, and not allowing any external device (such as USB memory) to be used in a machine without first scanning the files will prevent a good majority of the problems that these viruses can cause. In organizations such as mine it allows our security administrators to focus their attention fighting the never ending battle against those from around the world who try desperately to infiltrate our network in the hopes that we have some sort of window into some of the prized federal systems.
There is nothing more important in any computing environment than having good security plans and practices that are followed diligently. Any IT organization that is adversely impacted by a minor event such as this (and again I hope that this is nothing more than minor in its impact and effect) should seriously consider the value that it provides and whether its users would be better served by another provider.
The Conflicker Worm is avoidable by insuring that Microsoft patch MS08-067 is installed (MS08-067 was part of Security Update KB958644, which was published by Microsoft in October 2008), and that anti virus signatures are current. While I certainly hope that I am wrong, I expect that we will read of organizations that will incur significant loses due to the effects of this virus. Implementation of some basic best practices such as automatic virus scans on a regular basis, keeping current on OS security patches and virus definitions, and not allowing any external device (such as USB memory) to be used in a machine without first scanning the files will prevent a good majority of the problems that these viruses can cause. In organizations such as mine it allows our security administrators to focus their attention fighting the never ending battle against those from around the world who try desperately to infiltrate our network in the hopes that we have some sort of window into some of the prized federal systems.
There is nothing more important in any computing environment than having good security plans and practices that are followed diligently. Any IT organization that is adversely impacted by a minor event such as this (and again I hope that this is nothing more than minor in its impact and effect) should seriously consider the value that it provides and whether its users would be better served by another provider.
Subscribe to this blog's feed