Cotton Rohrscheib

The Cotton Club Blog & Podcast

You are here: Home / Blog / For those that asked about the Worm

For those that asked about the Worm

by 1 Comment

First, I want to clarify that while I sit behind a keyboard all day, technically I am not an “expert” when it comes to viruses and worms, etc., (I primarily write software and build web applications and websites) but being in this industry I have had to deal with issues related to malware, etc., and I have had dialogue with various government agencies including the FBI and CERT regarding issues related to hacking, etc.  I am also kept abreast of “trends” through various forms of direct communication from the Federal Government’s CERT (Computer Emergency Response Team) in the event that something is brewing or is already in place.  All of this to say, that I am probably a little more knowledgeable about viruses, worms, and malware, than most people, but by no means someone you should rely on solely.  At the bottom of this post I am putting some links to products I recommend however, the one thing that I will advise is having one of these products on all of your machines.

I have received no fewer than 100 emails, text messages, twitters, and facebook messages since yesterday evening and this morning from friends asking “seriously, what do we need to do about this worm thing?”  So I decided that the best thing to do, instead of responding to all of these one at a time (which I attempted to do this morning but gave up) is to just post what I know about it on here in hopes that everyone will read this, so sorry if I don’t respond directly to your questions… (again, at the bottom of this blog post are links to some antivirus software that I recommend, you can click on the links directly and purchase these online securely)

  1. If you use a Mac, don’t worry…
  2. If you noticed that your Windows Update has stopped working automatically you might want to check into that, that’s a symptom that you have been infected.
  3. It is most likely to propagate itself through networks at large corporations and businesses but the casual home user is not immune
  4. It will likely force you to be unable to interact with a lot of popular antivirus websites that are out there, they might have this part fixed by now but I know that early on it was supposed to block you from receiving files from places that did virus protection and removal and all of that.
  5. It basically resides on your machine without you really knowing it and then at a certain point it interacts with about 200 (possibly 500) websites that more or less tell it what to do.  Now this could be used for anything, most likely a denial of service on a particular website (this happens when 10 million computers all login to one particular website or service at the same time and fry the gizzard more or less).  The serious side of this would be if it has also got some key logging components that could potentially harvest and send your passwords, credit card numbers, etc.

That’s basically all i know about the worm itself, now here is what we know this morning after it has officially turned April 1 across the globe.

  1. There might be more than they originally thought affected by this virus according to some things I have read this morning.
  2. The upside to all of this is that when these computers basically went out to these websites or services to look for instructions, nothing was sent to them.  So basically nothing happened, so far..

Those of you who know me know that I haven’t been too concerned about this one, but that doesn’t mean that there isn’t something brewing out there that we should all be concerned about in the future.  I firmly believe that in our lifetimes we will see at least one global attack of some sort, attacks like these are just getting better and more elaborate over time.

In fact, the writers of this Conficker thing have actually gathered a lot of respect from inside the community (myself included) due to the complexity of the thing. 

Finally, what can you do to protect yourself or your network from having something like this take you down and potentially ruin your day?  The answer is the same answer I have been giving out for 10 years or more, use and update an antivirus program.

I have some recommendations if you are interested in solutions for your home or small business, the links below will take you directly to these products for purchasing.

  • Norton AntiVirus 2009 – complete package
  • Spy Sweeper with AntiVirus – subscription package
  • Webroot AntiVirus with AntiSpyware – subscription package
  • ZoneAlarm Antivirus – complete package
  • ZoneAlarm Antivirus Small Business Edition – complete package

If you are looking for a more high-end approach to fighting viruses, spyware, etc., our friends at Tiger Direct also offer some options that include installation of the software by their team.  If you are novice computer user and would rather have someone install the software remotely for you, this is probably the option for you:

  • I-Team Install: Antivirus/ Desktop Security Suite
  • I-Team Install Option: Corporate Antivirus Client
  • I-Team Install Opt: Corp Antivirus (Symantec, Etc)

As a side note, I posted the message to twitter last night about the worm as kind of an inside joke to a room full of about 35 or 40 programmers I was meeting with.  Since Twitter also posts to my Facebook, I may have inadvertently created panic with some of you that weren’t in the loop, sorry about that…  While we were all joking about this thing, it’s still something that should always be in the back of our minds.

Happy April Fools Day though…

Please Drop Your Questions or Comments