In an apparent effort to cause British commuters to miss their trains, Chinese hackers have ordered the Conficker.C botnet to randomly change the time on the venerable and vulnerable Big Ben. This has caused millions of Londoners to be late for work this morning.
Hey, this is no more ridiculous than trying to protect against Conficker. Why is it ridiculous? Because Conficker is only a symptom of poor security. If you disable autorun you protect against thousands of threats, including Conficker. Your aim should be to prevent the vulnerability, not the exploitation of the vulnerability. If you have strong passwords you protect against lots of attacks, including Conficker. Weak passwords leave you exposed to much more than Conficker. If you keep your operating system patched and your anti-virus up to date you protect against hundreds of thousands of threats, including Conficker.
So, you have an army about to attack you. Do you ask how to defend against a single soldier or do you defend against the army?
The interesting thing about Conficker.C is that by registering 50,000 domains each day it is making a lot of noise. An incredible amount of noise. It occurs to me that perhaps the purpose of this is to draw attention away from another attack. Perhaps Conficker.C is a decoy. Are you going to fall for the decoy or protect against the other 99.9% of the threats out there in addition to Conficker?
Education is essential to security. I recommend you go to http://www.staysafeonline.org and start reading and getting educated. You can also find tips for good passwords, disabling autorun, and other advice from me at http://www.sdchamber-members.org/TechTip.htm.
Randy Abrams
Director of Technical Education