The Conficker
worm may unleash massive cyber-attacks this week, but security
suppliers say businesses simply need to patch systems to avoid
potential disaster.
Only compromised machines still linked in to the Conficker
botnet will be affected by anything the worm is instructed to do,
said security firm Kaspersky.
Conficker is believed to have infected up to 10 million
computers and security researchers say there is evidence the worm
will get further instructions on 1 April, prompting fears of
cyber-attack.
The latest variants of the worm are capable of disabling
firewalls and anti-virus software and updating themselves using
peer-to-peer networks as well as internal networks.
Although potentially dangerous, this issue has been over-hyped
said Rick Howard, director of security intelligence at security
supplier iDefense.
Microsoft, which issued a patch for Conficker in October 2008,
is
offering a reward of $250,000 for finding the creators of the
virus.
The precautions responsible users and organisations have taken
already will protect them from all the latest Conficker variants,
Howard said.
This means IT administrators should ensure every system on their
network has the appropriate
MS08-067patch applied, said Jason Miller, security manager at
security firm Shavlik Technologies.
This should include internal and external, physical and virtual
machines, he said.
The patch must be applied before attempting to clean systems,
otherwise systems will simply become reinfected in an endless
cycle, Miller said.
Conficker infected computers of
MPs and members of the House of Lords, it emerged last week,
highlighting weaknesses in parliament's IT security.