Feeds

Two weeks 'til the internet disappears, for 58 Fortune 500 companies

Stand by for 4 per cent of the US gov to go dark, too

The essential guide to IT transformation

Even though the DNSChanger safety net deadline expires in just two weeks, 12 per cent of Fortune 500 firms still have at least one infected machine on their network, according to a new survey.

DNSChanger screwed up the domain name system (DNS) settings of compromised machines to point surfers to rogue servers, redirecting surfers to dodgy websites as part of a long-running click-fraud and scareware distribution racket. The FBI dismantled the botnet's command-and-control infrastructure back in November, as part of Operation GhostClick.

A court order, twice extended, allowed the Feds to set up replacement DNS Servers that resolved DNS queries from infected machines. This extended safety net will lapse on 9 July. Security laggards – who have had months to act and most recently have been targeted with warning messages from Google and Facebook – will be unable to use the internet normally unless they clean up their systems after this 9 July deadline. Without access to DNS servers it won't be possible to send emails or surf the web, leaving compromised machines cut off from the interwebs.

Despite the seriousness of these looming problems, a survey by IID (Internet Identity), published on Thursday, discovered that 12 per cent of the Fortune 500 firms and 4 per cent of "major" US government organisations are still infected with DNSChanger. The malware also disables security software and updates on infected machines, further increasing the security risk by leaving compromised machines wide open to secondary attacks.

IID reports that at least 58 of all Fortune 500 companies and two out of 55 major government entities had at least one computer or router on their network that was infected with DNSChanger. By comparison, in January IID, half of all Fortune 500 companies and US federal agencies were infected with DNSChanger, so the situation has improved a long way over the last five months but is still far from satisfactory.

The statistics come from IID's security intelligence and reputation services as well as data from other security and internet infrastructure organisations.

At its peak as many four million computers were infected by DNSChanger. An estimated 300,000 machines are still infected, according to figures from the DNSChanger Working Group.

Clean-up advice, along with more information and advice, can be found on the DNSChanger Working Group website here. IID has published an infographic about DNSChanger here. ®

Next gen security for virtualised datacentres

More from The Register

next story
e-Borders fiasco: Brits stung for £224m after US IT giant sues UK govt
Defeat to Raytheon branded 'catastrophic result'
Germany 'accidentally' snooped on John Kerry and Hillary Clinton
Dragnet surveillance picks up EVERYTHING, USA, m'kay?
Snowden on NSA's MonsterMind TERROR: It may trigger cyberwar
Plus: Syria's internet going down? That was a US cock-up
Who needs hackers? 'Password1' opens a third of all biz doors
GPU-powered pen test yields more bad news about defences and passwords
Think crypto hides you from spooks on Facebook? THINK AGAIN
Traffic fingerprints reveal all, say boffins
Rupert Murdoch says Google is worse than the NSA
Mr Burns vs. The Chocolate Factory, round three!
Microsoft cries UNINSTALL in the wake of Blue Screens of Death™
Cache crash causes contained choloric calamity
prev story

Whitepapers

5 things you didn’t know about cloud backup
IT departments are embracing cloud backup, but there’s a lot you need to know before choosing a service provider. Learn all the critical things you need to know.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.
Rethinking backup and recovery in the modern data center
Combining intelligence, operational analytics, and automation to enable efficient, data-driven IT organizations using the HP ABR approach.
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.