Conficker worm

Share this article:
What is it?
Conficker (a.k.a. Downadup) is a virulent worm best known for infecting Windows XP and Vista desktop PCs, but it is also attacking production corporate servers, including virtual machines in the virtualized data center.

How does it work?
Once a single server is infected, Conficker can wreak havoc by using that machine as a launch pad to scan and attack other vulnerable targets on both the physical and virtual networks.

Should I be worried?
The virtualized data center presents an especially fertile habitat for Conficker because of the lack of visibility and control present within the virtualized environment. Communication between VMs on an ESX server doesn't touch the physical network – making it invisible to traditional network monitoring tools and unprotected by physical network security devices. As a result, it is very easy for worms like Conficker to spread quickly in this environment.

How can I prevent it?
One solution to this problem is the installation of a virtual firewall. In a similar way to how their physical world counterparts work, virtual firewalls prevent unauthorized access to the virtual machines that they are protecting; they bring back the visibility and control that was lost in moving to the virtual environment, and most importantly, virtual firewalls provide "Day 0" protection from malware like Conficker.


Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in Opinions

Me and my job: Chris Sullivan, vice president of advanced solutions, Courion

Me and my job: Chris Sullivan, vice president ...

This month we get to know Chris Sullivan, vice president of advanced solutions at Courion.

Threat of the month: SVPENG

Threat of the month: SVPENG

We take a closer look at SVPENG, malware that's capable of launching two different types of attacks.

Security assessment stability

Security assessment stability

We should be asking if it is worth the cost of constantly switching security assessment companies, says Ken Stasiak CEO, SecureState.