Will the FBI close down your online business this March?

In tackling the DNSChanger botnet, the FBI may take a load of businesses offline. Davey Winder is, unsurprisingly, anxious...

Half of all Fortune 500 companies are still infected.

Now this is where it gets interesting and a little perturbing: the FBI managed to secure a court order which enabled it to replace the DNS heart of the Trojan, so that all traffic would flow through a surrogate DNS server instead. The court order in question allows the FBI to maintain this surrogate DNS service until 8 March. After which, and I'm guessing you are ahead of me here, any business whose computers are still infected with the Trojan, and therefore still using this surrogate DNS service, will find themselves removed from the internet entirely and dumped into 404-ville.

Which could, if the numbers I have seen are to be believed, lead to an awful lot of companies suddenly and catastrophically being denied access to the internet. Within the US alone, and remember that DNSChanger was a global infection spreading across more than 100 countries, half of all Fortune 500 companies are still infected and half of all major government agencies likewise carry at least one infected machine.

The DNSChanger Working Group, established to help co-ordinate remediation of the Trojan infection, is known to be considering applying for an extension to the court deadline to relieve the likely impact otherwise, given the high number of infections still found to be active. But it could all be something of a pointless exercise. After all, the Conficker Working Group had a similar remit and some three years after it was founded there are still thought to be around three million systems still infected with the Conficker Worm.

It would be a good thing if the situation frightened those enterprises who have not bothered to properly scan for and remove any DNSChanger infections to implement a proper security strategy. If you want to be sure you are not one of them, then perhaps you should contact your security vendor for advice as to how to check your network for evidence of infection.

One cannot help but marvel at the irony of the timing of all this though, what with Anonymous having made a declaration that it would launch a DDoS attack against DNS root servers, and effectively take down the internet, on 30 March. Now it looks like, for a large number of businesses anyway, that the FBI may just beat them to it.

Featured Resources

Digital document processes in 2020: A spotlight on Western Europe

The shift from best practice to business necessity

Download now

Four security considerations for cloud migration

The good, the bad, and the ugly of cloud computing

Download now

VR leads the way in manufacturing

How VR is digitally transforming our world

Download now

Deeper than digital

Top-performing modern enterprises show why more perfect software is fundamental to success

Download now

Most Popular

The enemy of security is complexity
Sponsored

The enemy of security is complexity

9 Oct 2020
The top 12 password-cracking techniques used by hackers
Security

The top 12 password-cracking techniques used by hackers

5 Oct 2020
What is a 502 bad gateway and how do you fix it?
web hosting

What is a 502 bad gateway and how do you fix it?

5 Oct 2020