Conficker is dead. Or is it?

Cast your minds back to 2009.  A nasty new internet worm is abroad and rampant.  These were the days of Conficker.

A lot has been written about this threat in the past.  The impact in 2009 was huge, with over 10 million infections and some of the compromised networks included the UK Houses of Parliament, and the UK MoD.  Embarrassing!  The worm was effective because it embodied multiple attack vectors simultaneously.  It famously exploited a weakness in Microsoft’s Netbios and took advantage of weak passwords.

So why mention this now?  Well, just last week a customer had their internet connection shut off because the ISP detected the tell-tale signs of Conficker – DNS requests for Conficker sinkholes coming from the customer’s router.  This cost the customer a lot in hours of support while we painstakingly scanned their network, strengthened passwords.  After a lot of searchng we found the culprit machines to be tills runnng Windows XP, with no Windows updates, hence prone to infection.  There is a moral here: expect the unexpected.  The pcs and laptops of the firm were reaonably up-to-date with Windows 10, AV protection, and updates.  No one thought the tills were a vector!

Thankfully I had been urging this customer to sign up to our AVG Managed Workplace service. This protects the customer by monitorng the devices on a network and making sure they get approved Windows patches and antivirus protection.  They had held off because of the (I would say reasonable) monthly cost.  Now they know how reasonable the monthly cost is versus the unexpected one of a virus outbreak, so they are going ahead with the AVG.  A lesson learned!

What steps can you take to protect yourself?

  • Make sure you have Windows Update working properly
  • Make sure you have effective antivirus
  • Consider the configuration of your firewall – you can use this to protect yourself and log any “dubious” traffic.
  • Be careful with Windows settings, such as “Autoplay”.  Allowing alien usb memory sticks onto your network can exploit weaknesses here and should be a no-no.

Alternatively, make life simple for yourself and engage a local friendly IT firm who can automate much of this for a small monthly fee.  We would be glad to do it for you and the cost is around £3 per machine, per month.  Not much for a whole lot of peace of mind.