Conficker worm

Share this article:
What is it?
Conficker (a.k.a. Downadup) is a virulent worm best known for infecting Windows XP and Vista desktop PCs, but it is also attacking production corporate servers, including virtual machines in the virtualized data center.

How does it work?
Once a single server is infected, Conficker can wreak havoc by using that machine as a launch pad to scan and attack other vulnerable targets on both the physical and virtual networks.

Should I be worried?
The virtualized data center presents an especially fertile habitat for Conficker because of the lack of visibility and control present within the virtualized environment. Communication between VMs on an ESX server doesn't touch the physical network – making it invisible to traditional network monitoring tools and unprotected by physical network security devices. As a result, it is very easy for worms like Conficker to spread quickly in this environment.

How can I prevent it?
One solution to this problem is the installation of a virtual firewall. In a similar way to how their physical world counterparts work, virtual firewalls prevent unauthorized access to the virtual machines that they are protecting; they bring back the visibility and control that was lost in moving to the virtual environment, and most importantly, virtual firewalls provide "Day 0" protection from malware like Conficker.


Share this article:

Sign up to our newsletters

More in Opinions

Successful strategies for continuous response

Successful strategies for continuous response

While it isn't realistic for organizations to expect that it will never happen to them, a rapid, professional and continuous response can limit their scope and reputational impact.

When it comes to cyber attacks, predictions are pointless but preparation is key

When it comes to cyber attacks, predictions are ...

Rather than predicting the next lightning strike it is far better to pay attention to the areas we already know are vulnerable.

Protecting what matters

Protecting what matters

Whether it is a database of customer information or valuable intellectual property, an organization's "crown jewels" need to be protected with the most robust security possible.