The Information Technologies sent out an alert yesterday advising all individuals on campus to exercise caution when using University computers. In the statement, sent out by Tom Young of I.T. Security, there are three “immediate threats to our computers and networks” — fake video software, hijacked network connections and a work called Conficker that is expected to undergo changes today.
“The I.T. Security Office has noted a large number of computers that became infected with [malicious software] when fake video software was installed,” the I.T. special bulletin read.
The bulletin stressed that if computer users had doubt as to the trustworthiness of the software they were instructed to download, they should reject the download. The current anti-virus software on the computers is capable of detecting the virus once it infects the computers.
Once fake video software is downloaded, the bulletin stated that the virus will hijack the connected network and reroute the user to fraudulent websites. These websites will try to lure the user into offering personal information by posing as banks. When I.T. detects that a computer has been hijacked, “we will block its connection to the network until the computer is cleaned up.”
According to the bulletin, today “the current variant of Conficker will be receiving updates over the Internet.” Conficker is a worm that attacks Window’s computers, although computers with Microsoft’s security update from October is virtually invulnerable to the worm.
“While one never knows what might come next, it is unlikely we will see Conficker deliberately trying to inflict damage on infected systems this week,” the bulletin stated. “Conficker is being used to build a large network of captive computers, a botnet, that will eventually be used by some criminal enterprise.”
Even though I.T. believes the current Conficker threat is minimal at worst, the bulletin still stressed that everyone on the Cornell system should continue to install up-to-date versions of anti-virus software like Symantec AntiVirus.