Computer experts have increased warnings about the worst Internet virus, a worm, that is stealing personal and corporate information and using computers to infect others. Warnings have intensified because millions of computer users have still failed to install a Microsoft patch issued in October that could protect them. “It’s a bit like many disasters,” Liza van Wyk, CEO of management training organisation AstroTech said, “we hear the warnings, we understand the consequences of not heeding them, we see or hear of what happens to others and yet many don’t take action until disaster strikes.”
The virus or worm called Conficker or Downadup, is spread by a Microsoft Windows vulnerability, by guessing network passwords and by hand-carried consumer gadgets like USB keys. Experts say it is the worst infection since the Slammer worm exploded through the Internet in January 2003, and it may have infected as many as nine million personal computers around the world. It is suspected that Eastern bloc criminal gangs may have created it. Worms like Conficker harness infected computers into unified systems called botnets, which then accept programming instructions from their clandestine masters. Many computer users may not notice that their machines have been infected, and computer security researchers said they were waiting for the instructions to materialize, to determine what impact the botnet will have on PC users. It might operate in the background, using the infected computer to send spam or infect other computers, or it might steal the PC user’s personal information.
The program uses an elaborate shell-game-style technique to permit someone to command it remotely. Each day it generates a new list of 250 domain names. To control the botnet, an attacker would need only to register a single domain to send instructions to the botnet globally, greatly complicating the task of law enforcement and security companies trying to intervene and block the activation of the botnet. Computer security researchers expect that within days or weeks the bot-herder who controls the programs will send out commands to force the botnet to perform some as yet unknown illegal activity. “A cleverly managed worm could disable a good deal of the world’s computers, devastating economies and companies,”Van Wyk warned. “And so it is essential that companies revisit their disaster management programmes and if they don’t have them they need to create them.
We have a popular course, Disaster Management and Recovery that goes through all the processes companies should have in place to protect themselves from anything ranging from hurricanes, to workplace accidents or computer system breakdowns. “With computers, as an example, there are some essentials that not all companies have in place. System data should be backed up regularly and should designate the location of stored data, file-naming conventions, media rotation frequency and method for transporting data offsite. “It is good business practice to store backed-up data offsite in commercial data storage facilities that are specially designed for this. Our Disaster Management and Recovery course carries a thick manual of a few hundred pages that gives best practice examples, from everything to designing teams that specialise in everything from medical emergencies to computer problems.” Van Wyk said that growing challenges around climate change was seeing pressure on companies to manage insurance effectively, “more flood, rain, hail, earthquake and fire damage is being recorded globally and it has put pressure on companies and individuals to revisit insurance policies and to ensure they have adequate protection.” She said: “The workplace has become a complex environment, those in charge of disaster management have to consider everything from a disruptive strike to a client slipping on a wet floor and getting injured while visiting, to acts of terrorism or simply bad luck. Having a Disaster Management and Recovery plan in place reduces risk by making teams aware, and ensures that if misfortune strikes the company is better able to recover rapidly at lower financial and personal costs.”
AstroTech is a major South African training organisation based in Johannesburg. It targets executives and managers in the public and private sector for training in management, people skills, information technology and project management. Each year more than 3 000 people take part in more than 60 courses in Johannesburg, Durban and Cape Town. Many more receive specialist in-house training.
LIZA VAN WYK
CEO ASTRO TECH
Tel: 011 582 3200
CSC Communications (Pty) Ltd
Tel: 011 646 7637 or 021 762 2656
Charlene Smith Communications (Pty)Ltd
Contact: Leila Beltramo
Tel: 021 762 2656