On April 1, millions of PC users around the world prepared for the conficker.c Internet worm to infest their computers, turn them into “zombie machines,” and attack.
Much to their surprise, as well as the surprise of PC manufacturers, nothing has happened.
Holly Sewart of IBM’s X-force, a computer security service, even went as far as telling CNN that it appears the worm was somewhat of a joke.
However, the worm is in existence whether it has surfaced in great numbers or not. It is one of a strain of four conficker worms working their way through PCs. It was thought to have infected between 5 million and 10 million computers, but has yet to cause the chaos that was predicted.
According to Symantec.com, the conficker worm allows its creators to remotely install software on infected machines, which will most likely be used to create a botnet that will be rented out to criminals who want to send SPAM, steal IDs and direct users to online scams and phishing sites.
It mostly spreads across networks. If it finds a vulnerable computer, it turns off the automatic backup service, deletes previous restore points, disables many security services, blocks access to a number of security Web sites and opens infected machines to receive additional programs from the malware’s creator. The worm then tries to spread itself to other computers on the same network.
Larry Mendez, TJC’s chief information office, said that TJC has not yet had any problems with the worm due to the extensive antivirus software in place.
“Currently we use the corporate edition of Symantec AntiVirus. We have each individual computer system updated daily to make sure we have current and updated virus/adware/spyware definitions installed,” Mendez said. “Additionally, we have a product from TippingPoint. That is an Intrusion Detection System (IDS) that looks deep into network traffic and stops worms like Conficker. We also have firewalls and other packet filters to help with meticulous network traffic.”
A Microsoft customer service representative said the steps Microsoft has in place effectively protect against the worm, but users should ensure that the anti-virus installed on the computer is updated in order to prevent intrusions. The representative also said Microsoft offers no-charge support via chat, e-mail or phone.
Worms and viruses make their way through the Internet by searching for weak places in security. However, many users allow the malicious software, also known as malware, free access to their hard drives by downloading information from the Internet through sites like the popular peer-to-peer file sharing site LimeWire.
Freshman Shaquita Shead said that she gets viruses often and believes it’s from downloading music from the Internet.
“It happens about every other month or every two months. I download a lot of music from LimeWire, and that probably has something to do with it,” Shead said. “I have to scan the whole computer and take everything off that has a virus.”
Sophomore Martin Smith said he has very meticulous Internet habits that keep his machine safe. He doesn’t use peer-to-peer file sharing sites or other obvious virus breeding grounds.
“As far as viruses go, I don’t go places I could get a virus. Anything like Limewire or bit torrent, that’s the number one way to get this malicious software in your computer – trying to get something for nothing,” Smith said. “I don’t use a firewall or virus protection or anything. I’m completely open, but I’m very meticulous and careful about what I do. I really highly doubt I will ever get a virus.”
Freshman Kathy Reyes owns three PCs, all with virus protection.
“I have Norton on mine. My dad’s has Webroot and my mom’s computer has Avast. The other two computers download music and videos, and we’ve had to wipe the drives several times,” Reyes said. “We try to get rid of it through the antivirus first. If that doesn’t work, we take it to the shop.”
Despite the problems, Reyes believes Microsoft is trying to help their customers.
“Microsoft tries. They even hire hackers to prevent stuff like that from happening, but hackers have a bad habit of getting into programs like Internet Explorer and planting viruses,” Reyes said.
Smith said Microsoft does what it must to stay in operation.
“They [Microsoft] tell you what you need to hear to buy more products,” Smith said. “It’s actually better if that [the worm] happens to you because then you will have to contribute to the computer industry by having your computer fixed or buying more PC parts or having a window certified technician employed on your behalf to fix your computer.”
The Conficker worm and many others are usually targeted at PCs, many Macintosh owners believe they are completely safe from malicious software simply because it is a Mac. However, the main reason Macs have fewer viruses is because they make up less of the market share.
“Macs are safer from the perspective that they have less of the market share,” Mendez said. “If a malicious individual aspires to cause harm and make a large impact, they typically focus efforts on the market leader, and that is a PC.”
Viruses are viral, meaning they must have other machines nearby to effectively spread and cause havoc. Macintosh computers only make up about 7.5 percent of the market share, which means there are fewer computers to spread and infect.
“Microsoft dominates so much. There’s not much in it for the hackers to get off on attacking a Mac user because there are less Mac users,” Smith said. “There’s not a big bang for your buck to write a virus for a Mac, because it won’t proliferate itself as much as a Microsoft virus will, but there’s still Mac viruses out there.”
There are ways to protect against malicious software. One example is the operating system Linux. Linux is a part of the of the free and open source software collaboration, which is basically a lot of computer savvy people all over the world coming together to better software simply because they feel it should be better.
“In Linux, there are no viruses because of the way the software is. Nothing runs without you knowing it,” Smith said. “Microsoft has a thing in its operating system called a registry, (which runs) background services and stuff. That’s the key pitfall to why these viruses are able to do so much.”
There are other, more simple ways of protection that do not require downloading a new operating system.
“Any worm and malicious software can be a threat. Make sure you are running some type of antivirus suite and keep it updated,” Mendez said. “Also, make sure that you are keeping your Windows operating system updated via Windows Update for critical updates, security fixes and such.”