Conficker worm

Share this article:
What is it?
Conficker (a.k.a. Downadup) is a virulent worm best known for infecting Windows XP and Vista desktop PCs, but it is also attacking production corporate servers, including virtual machines in the virtualized data center.

How does it work?
Once a single server is infected, Conficker can wreak havoc by using that machine as a launch pad to scan and attack other vulnerable targets on both the physical and virtual networks.

Should I be worried?
The virtualized data center presents an especially fertile habitat for Conficker because of the lack of visibility and control present within the virtualized environment. Communication between VMs on an ESX server doesn't touch the physical network – making it invisible to traditional network monitoring tools and unprotected by physical network security devices. As a result, it is very easy for worms like Conficker to spread quickly in this environment.

How can I prevent it?
One solution to this problem is the installation of a virtual firewall. In a similar way to how their physical world counterparts work, virtual firewalls prevent unauthorized access to the virtual machines that they are protecting; they bring back the visibility and control that was lost in moving to the virtual environment, and most importantly, virtual firewalls provide "Day 0" protection from malware like Conficker.


Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in Opinions

Heartbleed, Shellshock and POODLE: The sky is not falling

Heartbleed, Shellshock and POODLE: The sky is not ...

While it may seem like 2014 is the year of the vulnerability, in reality, this year has not been much different than years past.

Technology alone isn't going to secure IoT connected devices

Technology alone isn't going to secure IoT connected ...

It's clear that vulnerabilities continue to exist, despite our best efforts to combat them. In fact, we have addressed many of the same problems before.

DDoS is the new spam...and it's everyone's problem now

DDoS is the new spam...and it's everyone's problem ...

As new solutions emerge, it's critical for organizations to protect themselves by being informed, aware, and acting whenever possible. Those that don't take action are playing a very dangerous game.