Conficker worm

Share this article:
What is it?
Conficker (a.k.a. Downadup) is a virulent worm best known for infecting Windows XP and Vista desktop PCs, but it is also attacking production corporate servers, including virtual machines in the virtualized data center.

How does it work?
Once a single server is infected, Conficker can wreak havoc by using that machine as a launch pad to scan and attack other vulnerable targets on both the physical and virtual networks.

Should I be worried?
The virtualized data center presents an especially fertile habitat for Conficker because of the lack of visibility and control present within the virtualized environment. Communication between VMs on an ESX server doesn't touch the physical network – making it invisible to traditional network monitoring tools and unprotected by physical network security devices. As a result, it is very easy for worms like Conficker to spread quickly in this environment.

How can I prevent it?
One solution to this problem is the installation of a virtual firewall. In a similar way to how their physical world counterparts work, virtual firewalls prevent unauthorized access to the virtual machines that they are protecting; they bring back the visibility and control that was lost in moving to the virtual environment, and most importantly, virtual firewalls provide "Day 0" protection from malware like Conficker.


Share this article:

Sign up to our newsletters

More in Opinions

Me and my job: James Hill senior security architect, Consolidated Data Services

Me and my job: James Hill senior security ...

James Hill senior security architect, Consolidated Data Services (CDS), discusses his role at his organization.

Ahead in the cloud

Ahead in the cloud

Growth businesses are always looking for flexible ways of working that reduce capital and running costs, while securely delivering the data users need, when and where they need it.

Data archiving benefits

Data archiving benefits

Many CIOs are still unsure what role governance should play in their data archiving strategy.