Business continuity adverts
Monthly newsletter Weekly news roundup Breaking news notification    

DHS releases its own worm detection tool

Get free weekly news by e-mailThe US Department of Homeland Security has announced today the release of a DHS-developed detection tool that can be used by the federal government, commercial vendors, state and local governments, and critical infrastructure owners and operators to scan their networks for the Conficker/Downadup computer worm.

The department's United States Computer Emergency Readiness Team (US-CERT) developed the tool that assists mission-critical partners in detecting if their networks are infected. The tool has been made available to federal and state partners via the Government Forum of Incident Response and Security Teams (GFIRST) Portal, and to private sector partners through the IT and Communications sector Information Sharing and Analysis Centers (ISACs).

Additional outreach to partners will continue in the coming days.

"While tools have existed for individual users, this is the only free tool – and the most comprehensive one – available for enterprises like federal and state government and private sector networks to determine the extent to which their systems are infected by this worm," said US-CERT Director Mischel Kwon. "Our experts at US-CERT are working around the clock to increase our capabilities to address the cyber risk to our nation's critical networks and systems, both from this threat and all others."

In addition to the development of this tool, DHS is working closely with private sector and government partners to minimize any impact from the Conficker/Downadup computer worm. This worm can infect Microsoft Windows systems from thumb drives, network share drives, or directly across a corporate network if network servers are not protected by Microsoft’s MS08-067 patch.

US-CERT recommends that Windows Operating Systems users apply Microsoft security patch MS08-067 (http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx) as quickly as possible to help protect themselves from the worm. This security patch, released in October 2008, is designed to protect against a vulnerability that, if exploited, could enable an attacker to remotely take control of an infected system and install additional malicious software.

•Date:31st March 2009• Region: US •Type: Article •Topic: ISM news
Rate this article or make a comment - click here

BC Journal

SPONSOR: Business Continuity from Backup Technology




Copyright 2010 Portal Publishing LtdPrivacy policyContact usSite mapNavigation help