There are several stories today about viruses. The BBC website is carrying one about a worm that has multiple characteristics ( password hacking and passing information back to websites) – known as Conficker, Downadup, or Kido, it has been around since October last year. This has, according to F-Secure, infected at least 8.9 million PC’s. How do they know this? Well in the case of this virus it is trying to send the information gleaned from PC’s back to certain domain names which the virus is creating – F-Secure have reverse engineered it nad have tracked the IP traffic to these sites which are being created. Rival firm Sophos have identified the password cracking ability of the worm as well and highlight the reason why more secure passwords must be enforced.
But perhaps the most worrying is a story that has appeared in a small newspaper company in one of the Royal Navy’s main bases – the Portsmouth News. It would appear a large number of the navy ships internal systems have been effected by an unnamed virus taking down their internal NavyStar network. For security reasons I guess we’ll never know the exact cause of the problem or its source.
But for me it rings the warning bells – in our current economic turmoil there will be a temptation to cut corners. This is one area where you don’t!! Also with globally large numbers of skilled programmers finding themselves with time on their hands we may find the “bad eggs” developing a few more nasty surprises.
UPDATE: Symantec move Virus Threat level
ThreatCon Level 2
Medium : Increased alertness
This condition applies when knowledge or the expectation of attack activity is present, without specific events occurring or when malicious code reaches a moderate risk rating. Under this condition, a careful examination of vulnerable and exposed systems is appropriate, security applications should be updated with new signatures and/or rules as soon as they become available and careful monitoring of logs is recommended. Changes to the security infrastructure are not required