Endpoint Protection

A worm known as Kido, Conficker or Downadup has quickly replicated across vulnerable Windows computers in a recent outbreak utilising clever tricks to propogate more successfully.

The worm is thought to have moved from 3 million to 10 million infected computers in a short time and is continuing to rise exponentially. The worm is thought to have left a bot-net for its creators to utilise though there appears not to have been any attempt to use it yet.

The register speculates that the MOD may also have become victims of the worm with noticeable disruption for 2 weeks and counting to admin based workstations.

The worm is able to spread via USB sticks and also attempts login and password brute force attacks for access to networks, files and folders etc.  Microsoft has provided updates and a malicious software removal tool to counter its spread.

As attempts to prevent worms from their spread become more advanced so we see the creators use more advanced techniques to circumvent these strategies. Most notably here this worm is utilising vulnerable endpoints as a major tool in its success shining more light on the need for networks and its users to protect themselves against malicious mobile data.