How Can You Prepare For The Next Conficker Worm?
So just like many IT professionals you fell fowl of the conficker worm? I am sure every IT professional has a plan for disaster should it ever occur but the conficker worm bit us all in the backside – why? Well, the truth is that not only was this a clever infection that outwitted most antivirus programs but it also took advantage of our lack of preparation when it comes to being fully prepared against malicious attack.
Here is a checklist that hopefully will enlighten you and also help you prepare against future problems:
1. Do not use simple passwords.
This is a simple mistake to make for IT professionals and users alike. Choosing ‘password’ as your password is inviting trouble. Many hackers and malicious coders will take advantage here. You should have a minimum complexity for your passwords.
2. Do not simplify your network share permissions.
If you are an IT professional you should know what this means. It means basically do not use the ‘everyone’ group in your network shares. You should tighten it up and use specific domain groups and only use the minimum required permissions or hackers will again take advantage of this lapse in security.
3. Use a good antivirus program.
More importantly keep it up to date! If you use a client/server program then this is fairly easy to do but make sure all visitors to your network have adequate protection also.
4. Keep your network patched with updates.
Antivirus programs are designed to keep attacks out, not necessarily to deal with it once on board. Remember this and keep all of your software including your operating system bang up to date with the latest patches. This could be server updates or client security updates. Microsoft have since developed patches to cover up the weakness in their system that the conficker worm took advantage of, who knows what else is lurking? Guys, keep it patched.
5. Prepare for the worst.
You may never be able to keep all infections out so be prepared with good up to date images of your machines. Also make sure that all data is backed up properly and you are prepared for disaster with a quick recover should the worst occur.
In conclusion do not become lazy when it comes to a good disaster recovery plan. Make sure you use antivirus and it is up to date, make sure your servers and your client computers are all up to date. Ensure you use strong passwords and minimal network shares. If you have images and copies of your software and data backups you are on your way to being prepared for when the next generation of conficker worm or it’s equivalent comes looking for trouble.