Talk of Conficker and its potential activity April 1st spread rapidly in the news this weekend.  The worm (also called DownAdUP) takes advantage of a Microsoft Windows vulnerability which was addressed in October 2008 as reported in our October 29, 2009 Security News.  It infects machines from the internet or from USB drives and self-replicates as part of a botnet.  CNET reports that the worm is programmed to modify itself on Wednesday to become harder to stop.  The worm is expected to begin connecting with up to 50,000 websites daily to check for instructions from the botmaster.  Some speculate that April 1st could be the target date of an attack.  Microsoft updated their information regarding the Conficker risks in this March 27, 2009 statement and is offering a $250,000 reward for information leading to the arrest of the culprits.

The worm is known to block the ability to connect with websites of security firms such as Trend Micro, McAfee or Symantec.  Additionally, it is known to prohibit an infected machine from successfully running Windows Update.  To help prevent your computer from becoming infected, you should follow basic security measures including using a firewall, keeping your computer software up-to-date, and using antivirus and antispyware.  For more security:
1.    Avoid using an administrator account to browse the internet
2.    Turn off Autoplay
3.    Use strong file and network passwords

4.    Secure shared folders
 
To add insult to injury, those seeking information about Conficker can be easily lured to malicious sites posing as antivirus programs.  Just trying to learn about the worm can lead to infection from opportunistic hackers.  Symantec reports that malicious sites are among top search results for Conficker C.  Be cautious of where you click!

For more information about Conficker and how to protect your IT system, contact CisCom Solutions at (502) 253-4525 x200.  No action is required of our Managed Services clients.  We have installed required updates.

Managed Services continue to grow in popularity as the preferred solution to address network security concerns.  Increased and more complicated risks, inadequate budgets and difficulty finding and maintaining competent IT staff has left many businesses looking to outsource IT services.  Small businesses are particularly hit hard since staff often have multiple roles and tend to be inadequately trained in IT security.  Symantec published results of their 2009 Managed Security in the Enterprise Report in a press release dated Mar. 23, 2009  "The study found that cyber risks and actual attacks have grown significantly in the past two years and are expected to continue to grow in the next two years.  Nearly all organizations surveyed (98 percent) have experienced tangible loss as a result.  This growth in risks and attacks comes at a time when IT reports it is difficult to address the problems due to inadequate budgets, increased regulatory pressures and staffing woes. As a result, most U.S. enterprises (61 percent) are moving to adopt managed security services. The study is based on surveys of 1,000 IT managers in U.S. and European enterprises in January 2009."

For information on CisCom Solutions Managed Services, click here or contact us at (502) 253-4525 x200.

Check out CisCom's Blog for the Latest Dave's Raves

We have a new blog.  It's just one more attempt to keep you up to date with what's happening and where we are headed. You'll find Dave's latest Raves featuring comments about his new IPhone.  Check it out!