For anyone that has caught the news lately, April 1st of this year comes with an added sense of foreboding and dread, especially if you depend on a Windows based computer on a day to day basis. The Conficker Worm is the widest spread computer infection the world has seen since the SQL Slammer infection of 2003, which caused denial of service errors for some internet hosts, and affected overall traffic on the entire net. While SQL Slammer was estimated to have infected around 75,000 users worldwide, the estimates for computers currently infected with a variant of the Conficker Worm range in the 5 – 15 million user range, and the payload of those infected is set to activate on April 1st. Depending on the variant, the Conficker Worm can make changes to user account lockout policies, disable Windows Services, swamp domain controllers, disable access to websites that host Anti-virus resources and updates, and create massive peer–to-peer connections with other infected PC’s, allowing data to be shared among them.
With that in mind, Datotel would like to bring you our Top 4 Ways to Protect Your Network:
1. Educate Your Users – The most basic level of network security begins with your users. Educate them on ways to recognize phishing websites, and emails that rely on social engineering to trick users into installing software or revealing info about themselves, your company, or your data. Inform them of the proper procedures for allowing guest access to your network, and of the dangers of allowing unauthorized hardware onto your network.
2. Anti-virus / Anti-spam software – Even the most diligent users can’t protect themselves against every method of infection. Because of that, adequate anti-virus protection, including spam message filtering, is a must. Enterprise level A/V products offer real time protection against known virus types. They also allow for granular scanning options for individual machines, both of which are necessary for early detection and quarantine / repair of any located infection.
3. Patches / Updates – A vast majority of viruses in existence today are successful because the average user doesn’t properly update their machines. Conficker is a perfect example of this. The virus takes advantage of an exploit in the Windows Server Service that runs on every version of Windows from Windows 2000 forward. A patch was released by Microsoft in October of 2008 to address the vulnerability, yet the exploit is still a massive problem 6 months later because of neglected patch installation. Select an unobtrusive schedule, and make sure your servers and desktops are installing patches regularly.
4. Audit Your Network – Unsecured networks are the backs on which hackers and virus authors carry their software through the web. No matter the size of your network, make sure you are periodically auditing your hardware and internal processes to make sure they are in line with best practices. Make sure none of your hardware utilizes default passwords. Make sure your wireless access points are properly secured. Make sure no unnecessarily open ports exist on your firewall. Make sure your hardware is currently covered by a support contract, and if it’s EOL, upgrade to something that is supported. An infected computer is an annoyance. An infected network is a liability.