09 January,2009 11:40 AM IST | | Kumar Saurav
A rapidly spreading computer worm, Downadup with several new versions, might force many corporate houses to shut their e-mail servers. An anti-virus solution provider, FSecure, warned on Thursday that the virus can hamper all workstations of the organisation.
Wing Fei Chia, security response manager, F-Secure Labs, said, "The virus is spreading fast in the Asia-Pacific region. This vulnerability affects many of the current operating systems including Windows Server 2008 and Vista SP1."
Harmful than ever
These viruses change access rights, which can't even be identified or modified by the administrator. These worms are sent through uncountable fictitious websites that are hard to detect and hence can't be restricted by the server administrators at the right time.
On entry, this new set of viruses gets access to your passwords, protected files and then infects internal and external storage devices. In the worst-case scenario, they may also bring the entire workstation to a halt. Also known as Conficker, Downadups are usually difficult to remove since they have their own extremely aggressive protection mechanism. They start working at the initial steps of booting, so even anti-viruses can't detect them.
"The basic structure of viruses hasn't changed, however, they have developed a camouflage, which makes them impossible to trace. You identify them only when you lose control over your access rights," said Vijay Mukhi, president, Foundation of Information Security and Technology. "They set up their own access rights. If they get access to internal corporate network, it can never be eradicated fully. Even disinfection of this worm is complex and could require shutting down parts of your network."
How to avoid infection
"Make sure latest Microsoft patches have been applied and your system is using the latest version of your antivirus product. Turn off autorun and autoplay for USB sticks. Also make sure that your users' domain passwords are strong and take extra care about the domain administrators' passwords," a cyber expert said.
u00a0
If already infected
Since the worm is hard to delete if widespread, immediately summon your antivirus vendor for disinfection. Restrict USB stick usage and block unnecessary traffic at your firewalls. Chia said, "The organisation must deploy the MS08-67 patch on their systems else they will be at high risk of infection."
| Virus going mobile |
| Mobile security threats have grown significantly over the past couple of years and in 2008, they increased by 400 per cent. Viruses like WinCE and InfoJack are rampant on Windows handsets. "As people put more and more valuable data on their cellphones and personal digital assistants (PDAs), these devices are becoming attractive targets," said Vijay Mukhi, president, Foundation of Information Security and Technology. WinCE/InfoJack is a software that steals information from a device and sends it to a particular website. |
