«
»

Thanks for asking, I Am Fine!!!

Wow, It’s Been Awhile…..

Yes, it has been a while. But guess who has reared it’s ugly head once more? None other than Conficker!!

New Zealand’s Waikato District Health Board has announced that the Conficker (aka Downadup) Worm has infected it’s entire hospital network. On Thursday, 12/17 was when the problems were first discovered and Microsoft was called in to diagnose the problem. Two hours later, Conficker was found to be the culprit. This forced 3,000 of the Districts networked computers to be shut down. This caused the 7 hospitals, in their network, to urge patients not to seek care at their facilities, unless it was an absolute emergency.

The Conficker worm, which has become the most prolific computer infestation in history, is estimated to infect up to 15 million different computers, although due to the difficulty in tracking this worm, range from a low of 5 million infected computers. Each serving as a ‘zombie’ in it’s vast botnet. For a reminder regarding Conficker, you can check out my past post from 1/23/09 HERE and from 3/25/09 HERE, once again on 4/12/09 HERE.

But here is the part that gets me. How? and Why? did this worm get into that hospital’s network. First off, where was there IT staff? Conficker, although prolific, is not something that any computer should ever become infected with as long as proper security measures are in place. When the worm was first detected in 2008, and found it’s way into computer systems due to an exploit in the Windows Operating System (OS), Microsoft reacted quicky and on October 23, 2008, issued a patch (MS08-067) which closed the hole in the OS. They then pushed out a tool know as the Malicious Software Removal Tool or MRT, which effectively could remove the malware from an infected computer. It is true that the initial spread of this malware was through external USB storage devices, such as thumb drives, which were inserted into “Auto Run” enabled computers, but the fact remains, that a simple update and scan using the MRT should have removed the worm. The fact that Conficker, like I said earlier, may still infect up to 15 million computers is appalling, since a patch and fix for it has been available for 14 months now.

So let’s all make sure that we are updated. Using Internet Explorer, go to http://www.update.microsoft.com and check to make sure that you have all the critical updates that are available. Keep checking until there are no more updates available. Then make sure that Automatic Updates is turned on. Next make sure that your anti-virus software is up to date. Don’t have an anti-virus software, then check out my recommendations HERE. And lastly scan using the Malicious Software Removal Tool. Don’t know how??  Click HERE.

Although this is news, in my opinion, an organization such as this should be embarrassed that this incident has occurred. No major organization, with a competent IT department, should ever run into a situation like this. Of course, sabotage is always something to investigate, but under normal circumstances, Conficker should technically be dead and buried by now.

What are your thoughts regarding the Conficker worm…..

Leave a Comment!!

This entry was posted on December 30, 2009 at 9:15 pm and is filed under All Posts, Computers, Helpful Hints, News, Security, Tech News with tags , , , , , , , . You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

Comments are closed.