Conficker Armageddon
Posted on April 02, 2009
Filed Under: Internet and web sites.
See Also:
virus
conficker
security
April 2nd has come and gone, 1 day after all computers were supposed to turn on their masters to start a new world order. Most of us have survived, so the only question left is: why all the hype over these computer non-events?
For the past several weeks, I have been reminding customers, contacts and friends alike to make sure their systems are properly patched. The merits of windows aside, update.microsoft.com will lead most systems through the process of installing all of the required security patches and even installs a malware removal tool. There is little to no challenge in this, and yet I routinely run across machines that have never seen an update. And of course, despite my warnings, prior to March 31, 2009, there is no action taken to secure large numbers of corporate and home pcs.
Yahoo news posts 1 snippet about upcoming Armageddon, and my phone literally melts as the friction of the hammer striking the insides of its tiny bells build enough energy to cause a brown out amongst my neighbors. The next 48 hours I will go without sleep as I proceed to spend day and night working with IT professionals at all levels, discussing the ramifications of a virus so lethal that that machines will self generate an autonomous AI.
But, as we giggled along like school girls while we scanned PC's for existing viruses, patched operating systems, verified firewall rules, and monitored network traffic, I couldn't help but think how this entire adventure should have been completely unnecessary. Many IT professionals know how to respect the powers and dangers of the internet -- developing standard usage protocols, and maintaining a healthy computing environment. The problem is that computers are so prevelant, and so necessary, that many companies that MUST afford to use computers, can't (or simply don't) afford an "IT professional" to take care of them. Many of them never consider what-if until a meteor has already nestled itself in their server room, and set the backup tapes that have never been changed or taken off-set, into a cozy camp-fire. And of course, by then, there are two calls to make: insurance company, and bankruptcy attorney.
Fortunately, we have these little scares to brink reality home before the crash. Yes, they are over-hyped, and a bit annoying to in-house IT professionals who have to spend their day explaining why they are not at risk, but so far in society they are still necessary. Without going into details, I will conclude with this: since March 31rst, I have over-seen the removal of over 4,000 virus and ad-aware infections, none of which were Conficker.