Warning: Conficker Malware Masks Other Viruses
IT professionals at midsize businesses beware: Conficker malware isn't totally out of the picture. The ubiquitous worm that was first detected back in 2008 caused numerous problems for IT professionals because of its ability to spread through networks without human interaction. Later that year, Microsoft issued a security update to patch the vulnerability Conficker was exploiting while also launching an attack on the worm with the intent to eradicate. Sadly, since then, variants of the virus have persisted thanks to its ability to spread through admin login credentials. According to InformationWeek, there were 59 million attacks against 1.7 million PCs in the fourth quarter of 2011 alone.
But it isn't just Conficker that IT needs to be worried about. The hard-to-spot worm, which has the ability to disable both antivirus software as well as Windows Automatic Updates, is acting as both a gateway and a cover for other types of malware. Discover Conficker on a computer in your network and you should expect to find a whole host of secondary malware lurking around. It's IT's worst nightmare--especially for smaller companies that may not have the budget or the resources to deal with a widespread infestation. Companies with only one IT pro on staff may have to bite the bullet and hire a temporary second hand to help clean up the mess. By-the-hour help doesn't come cheap, and in a bad economy, this is one extra no midsize business wants to have to shell out for. In the worst-case scenario, IT may need to look into purchasing new computers--something that isn't financially doable for every enterprise.
The persistence of this kind of worm brings to light the fact that simply depending on antivirus software isn't enough. IT administrators at midsize businesses have to be diligent about taking preventative measures as well as employing virus protection.
Although it seems painfully obvious, it is vital to make sure that every device on your network is up to date. One computer lacking the Microsoft 2008 update, and your whole network is compromised. This may seem farfetched, but imagine a scenario in which an employee is given an old Windows PC to use while their newer model is being repaired. Conficker has the ability to stay dormant. If the replacement device lacks the proper patches or is already infected, once it's up and running, your whole network could be compromised. Checking the computer before you get it up and running on the network takes a lot less time and money than eradicating malware on multiple devices.
Conficker's long life should also be a wake-up call for midsize business IT administrators who think cutting corners is the way to go. In the short term, it may save time, but in the long run, it only makes it easier for malware to persist. No matter how advanced technology gets, it's always when basic security measures get overlooked, that the biggest issues rear their ugly heads. In the case of Conficker, InformationWeek stresses that a key preventative measure is employing more complex admin passwords. No one will argue that it's much easier to assign easy-to-remember sequences like "adminadmin" or "123456," but those are the passwords that are going to leave your network vulnerable. This bodes true for smaller businesses as well. Any password and login that's used by more than one employees on more than one device is susceptible. Get clever and think of something harder to crack. It's also beneficial to change up the password every so often. Conficker isn't the only virus to use simple passwords as an access point, and it definitely won't be the last.
If you suspect that your network is infected with Conficker malware, the Microsoft site has a page that provides IT professionals with the information they need to diagnose their network and subsequently eradicate the malware.
This post was written as part of the IBM for Midsize Business program, which provides midsize businesses with the tools, expertise and solutions they need to become engines of a smarter planet. Like us on Facebook. Follow us on Twitter.