Viruses that infect computers via removable storage devices, such as flash drives, continue to make computer security headlines. Leading the gang of Internet hoodlums is a nasty worm/virus called Conficker.
To date, Conficker, AKA Downadup, has infected upwards of 15 million computers. After U.S. Army networks were infected by flash drive-borne viruses, the Pentagon banned the use of flash drives and other types of removable storage devices such as cameras, external hard drives and certain types of printers.
Over the past few weeks, multiple reports have erupted about Conficker infections. Especially troubling have been infections in European military systems. Hundreds of computers that were part of German military networks had to be taken offline after Conficker infections were discovered. French fighter jets had to be grounded for several days because the computer databases containing their flight plans had been hijacked by Conficker. After becoming infected, the French Navy had to sever normal computer communication links and revert back to stone-age technologies such as telephones, fax machines and letters carried by the French Post Office. Users of one French military network were forbidden from even turning on their computers. Networks at 24 British Royal Air Force bases were infected by Conficker, along with 75% of the British Royal Navy fleet.
Enter the bounty hunters. In a move more akin to a scene from a Wild West movie than the focused efforts of highly-skilled security professionals, Microsoft is offering a $250,000 reward for information that leads to the arrest and conviction of those behind Conficker.
Microsoft has, in effect, formed a sort of Internet posse to go after the Conficker bad guys, as companies such as AOL and Symantec have offered to help pay off successful Internet bounty hunters. In a press release issued two days before Valentines Day, Microsoft spokesman George Stathakopoulos stated, “Microsoft’s approach combines technology innovation and effective cross-sector partnerships to help protect people from cybercriminals.” I don’t know about you, but to me it seems like a bit of a stretch to refer to bounty money as a “technology innovation.”
If you think that you have information that could lead to the arrest and conviction of those behind Conficker, you can reach Microsoft’s Antivirus Reward Hotline at 1-425-706-1111.
Viruses that are carried by removable storage devices such as flash drives succeed because they exploit a Windows “feature” called Autorun. Autorun should be disabled on all of your Windows-based computers. Don’t worry; you’ll still be able to use your flash drives, but in a much safer way.
If you are a do-it-yourselfer and want to implement the Autorun fix, you must be able to (1) Copy text, (2) Paste text, (3) Run Notepad, (4) Save a file with an unusual file extension, and (5) Find a file that you have saved. If you can perform those tasks, then you will have no problem following the instructions listed under Solution Number 3 at www.us-cert.gov/cas/techalerts/TA09-020A.html. If this is too much for you, drop me an email and I’ll send you the file to fix Autorun. The usual disclaimers (i.e., if you screw up your computer, it’s not my fault) apply.