News Stay informed about the latest enterprise technology news and product updates.

60 Minutes: 'The Internet is infected' with the Conficker worm

Leslie Stahl’s segment on 60 Minutes on the danger of the Conficker worm releasing a massive DDoS attack or other malicious action on April 1 has received widespread attention in the public eye and expressions of doubt from around the blogosphere, particularly in the security community. If you missed Stahl’s segment, there is an excellent demonstration of a hacker compromising and then mirroring her system, along with a discussion of the dangers that a global infection could pose. You can watch the “Is the Internet Infected?” 60 Minutes segment at

When asked this morning about the likelihood of the Conficker worm setting off a nasty April Fool’s Day surprise ,’s Rob Westervelt noted both the lack of sourcing for the story and the FUD that has surrounded the worm in the media. Citing both Microsoft and independent security experts, Westervelt suggested that patched, protected systems should have nothing to worry about on Wednesday. Robert McMillan of PC World, for instance, feels that fears of a Conficker meltdown are greatly exaggerated.

What can be done, if you are still worried? Eric Ogren wrote at that the Microsoft Conficker worm offers attack prevention lesson and suggested the standard response to Web security threats: Run AV software and update patches. Microsoft has also provided a resource page for IT administrators, “Help Protect Windows from Conficker.”

Michael Horowitz, over at Computerworld, recommended the following steps to combat the Conficker worm:

Good luck out there. If concerns over the Conficker infection prove justified, it could be an ugly week in the IT world.

UPDATE: Westervelt also reported that the Conficker flaw has yielded a new tool for detection.

“Security researchers have developed a new tool that can scan the company network and remotely detect machines infected with the Conficker worm.

A proof-of-concept scanner was released by the Honeynet Project, a nonprofit security research organization. The tool is also being made available on many network scanning vendor tools: Tenable (Nessus), McAfee/Foundstone, Nmap, nCircle and Qualys.”

You can download the Honeynet Project’s scanning tool from

Reblog this post [with Zemanta]

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.