DOD on high alert for Conficker worm
April 2, 2009
Computer users booted up their machines Wednesday wary of the Conficker worm, which had squirmed its way into millions of computers and was expected to enter a new phase. The day, however, passed without any incidents, according to military officials and most news reports.
Lt. Cmdr. Steve Curry of U.S. Strategic Command, which is in charge of protecting the Department of Defense global information grid composed of 17,000 networks and 5 million pieces of equipment worldwide, said they were prepared.
"We are doing everything to protect our systems and make sure they are secure," Curry said. "And as far as I know, this hasn’t gone off in our systems."
The worm, which was detected in October and has infected anywhere from 3 million to 12 million PCs worldwide running Microsoft Corp.’s Windows operating system, was expected to start replicating Wednesday, herding computers into a "botnet" of linked machines. And the mounting fear was that infected machines would then send spam, steal personal information, carry out scams and crash Web sites.
Though Internet Armageddon did not happen, all worms and viruses pose risks, said Tim Madden, spokesman for the Joint Task Force–Global Network Operations, a component of Strategic Command.
"Conficker is just the latest example of what we’ve been contending with for a while now," Madden said. "What we’ve been trying to do is raise awareness."
To combat Conficker and other harmful worms and viruses, the DOD has made sure all systems are configured to download the latest anti-virus software and has aggressively enforced password policy. They also have disabled all AutoPlay/AutoRun capabilities on its systems.
Madden could not talk specifically, though, about what was done to guard against Conficker.
As for the home computer user, there are a couple of easy steps to making sure PCs are free of the dreaded worm.
Conficker blocks infected computers from accessing antivirus vendors and Microsoft Web sites, so victims won’t get automatic updates and can’t download the Conficker removal tools that those companies have developed. An easy way to tell if your computer has been poisoned is to point your browser to Microsoft Web sites or the antivirus vendors such as Symantec Corp. or F-Secure Corp. If they refuse to load, then the Conficker worm could be the culprit.
The best remedy is to have a friend — whose computer is not infected — download a removal tool from Microsoft or one of the antivirus vendors. Then that person should e-mail the tool to you.
When you use the program, though, make sure the word "Conficker" is not in the title because the worm will stop the computer from running it. Many antivirus vendors and Microsoft have already solved this problem by using a variant of the word in its program title.
Madden also warned computer users to be careful when connecting removable media, such as USB drives, and to steer clear of potentially harmful Web sites.
"It’s like anything else," he said, "you have to be aware of what you let in your house."
The Associated Press contributed to this story.