Conficker is coming: Are our domain names in danger?

For those who have been fretting over the imminent appearance of the wily worm Conficker C next week, the Canadian Internet Registration Authority (CIRA) has been at work on a solution to keep .ca domains safe once the worm is unleashed upon the world, and thinks Canadian IT staffers and Internet pros should have nothing to worry about.

This two-stage worm was detected last fall. Its first stage involves infecting as many computers as possible, according to Byron Holland, president and CEO of CIRA. “From there, it will reach out to its host to receive its direction,” he said. “It’s one of the biggest bot-nets out there.”

After its discovery in autumn, experts had been working on puzzling through the code, and discovered that the second phase would most likely deploy on April 1.

And right in the line of fire? The .ca domain, which is one of the 110 country-code domains targeted by the worm for corruption.

More from IDG News Service

The search for Conficker’s first victim

So far, experts don’t know what the exact intent of the worm is, said Holland, although it could range anywhere from spam to various forms of fraud or identity theft.

“Part of what Conficker does is register new domains that can become a host for driving the spread of infection,” said James Quin, senior research analyst with the Info-Tech Research Group. “This doesn’t present a threat to existing Web sites since those domains are already registered. The threat is that the worm could register new, currently unused domains.”

More from IDG News Service

Conficker worm spawns evil twin

The thousands of endangered domain names will be taken out of circulation, said Holland.

The only real fallout is someone perhaps missing out on their preferred domain name, said Quin. “Should one of those domains turn out to be something an individual or business desires, that individual may feel impacted, but no more so than if the domain had previously been registered for legitimate purposes,” he said.

“Of the small number of registered domains, we are investigating them and validating them to make sure they are kosher,” Holland said. He could not confirm the number of possibly affected domains, citing security concerns.

“This will do two things: preserve the good name of the .ca domain (since no Conficker attacks will launch from .ca addresses), and limit the spread of Conficker by giving it fewer sources from which to work,” said Quin.

Holland recommends that IT managers running Windows systems make sure to keep their software up-to-date and patched up with the Conficker security patch that was recently released.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now