ABOUT MELILLO | TECHNOLOGY PARTNERS | NEWS & INSIGHTS | CONTACT US | EVENTS
CIO Services
Data Center Services
Disaster Recovery
Enterprise Management
IT Service Management
Mission Critical Infrastructure
Risk Management
Storage Solutions
Virtualization
Staff Supplementation
News & Insights >> News Release
ALERT: Dangerous Malicious Worm Release on April 1
The security industry is preparing for the potential release of a particularly dangerous worm, "Conficker C," on April 1


As you may have heard, the security industry is preparing for the potential release of a particularly dangerous worm, "Conficker C," on April 1.  The original Conficker code first appeared in 2008, and it is now on its third variant.
 
This issue has garnered the attention of Microsoft, who has offered a $250,000 reward for the capture of the person who wrote the code. 


No one can predict exactly the behavior of this new variant on April 1 but it is known that it is very virulent.  The worm supposedly will infect millions of computers and bring them all under the control of a master computer.  From there, the ramifications of coordinated, distributed attacks are enormous.
 
Security researchers are currently working on a cure for this issue, but it is up to us to protect ourselves from this threat.  We at Melillo Consulting are concerned for our clients and are ready to assist with proactive security management of mission critical infrastructure to ensure that the threat from this worm is greatly reduced.  From the datacenter to the firewall and the IT management processes that run your infrastructure, Melillo's comprehensive solutions can help.
 

In the meantime, we offer the following quick-hit guidelines for you to consider: 
1.  Ensure that all servers on the private and DMZ networks are fully patched with both OS and anti-virus updates.  This is your primary defense against any impending attack.
 
2.  If you are using intrusion detection and prevention technology, update the signatures from your vendor.  Check IBM ISS X-Force's notice.  Make sure that your firewall configuration reflects a solid "explicit deny" policy both inbound and outbound.
 
3.  Have your incident management process ready to go in the event of worm infection.  Ensure that your notification chain is aware of this issue and to prepare to coordinate response.
 
4.  Emergency modification of firewall policies may be necessary to block outbound infected network traffic if your firewalls are not already configured to block it.  Make sure that all people in the change management process are ready in the event you need them.


For more information, questions, or concerns, or for assistance in taking the necessary precautions to prevent infection, please contact Florindo Gallicchio at gallicchio@mjm.com or at 732.563.8412.
 
@2008 MJM Melillo Consulting. All rights reserved.  
Contacts & Feedback  |  Terms & Conditions  |  Privacy Statement