Conficker worm grounds French military

It was widely reported today that French military aircraft were grounded after the databases containing their flight plans were infected with the Conficker worm - at one point French naval staff were even told not to switch on their computers. (Telegraph.co.uk).

Not only the French being affected though, the UK Ministry of Defence also reported that some of its major systems were also affected, spreading across admin offices, Royal Navy Warships and Submarines.  It has even infected over 800 Hospital computers in Sheffield! Does anyone else find this somewhat concerning?

Microsoft warned of this worm, releasing notifications and patches as soon as the vulnerability was identified - the patch was released on 15th October 2008 (Microsoft Information Page, Virus Alerts) yet the military seem to have not patched their systems or secured against potential sources of infection!  So, what can YOU do to avoid Conficker (otherwise known as DownUp, DownAdUp or Kido)?

Conficker Diagram (From Microsoft) Conficker is a WORM (View our article about Computer Worms here) which means that it attempts to make multiple connections across a network in order to spread itself.  This might manifest itself in several ways which may include
  • Being unable to access websites (particularly security related sites such as windows update, antivirus sites and so forth)
  • Slow responses
  • Problems with accounts being locked out - it uses a "brute force" dictionary attack to attempt to guess your Administrator password to access ADMIN$ shares
  • Services related to computer security being disabled
  • Difficulty accessing the internet

Microsoft have provided the image displayed above, which illustrates nicely how the Conficker worm spreads through networks who have vulnerabilities - these could be machines without the latest updates, infected removable media, "open" network shares, or those with weak passwords.  Needless to say, avoiding the above is the best way to ensure you do not become infected with this (or indeed any) worms, trojans or viruses.

There is, unfortunately, no such thing as a perfect world!  If you have suspicions that you might have been affected by this, or any other virus, trojan or worm it is VERY important that you take action immediately, especially if you may have confidential or secure information on your computer or your network.  Please read our article "I've got a virus - what do I do?" for further information.

Worryingly, the New York Times and antivirus company F-Secure both suggested that 9 MILLION PC's WORLDWIDE were infected with Conficker as at 22nd January 2009, and Qualys, a Silicon Valley security firm suggested that at least 30% of computers do not yet have the patch applied which protects against this vulnerability, hence leaving themselves open to attack. Image courtesy of Microsoft, http://www.microsoft.com/protect/computer/viruses/worms/conficker.mspx

Share this page

Facebook MySpace Twitter Digg Delicious Stumbleupon Google Bookmarks RSS Feed 

Recent Work











Log In