Feeds

Two weeks 'til the internet disappears, for 58 Fortune 500 companies

Stand by for 4 per cent of the US gov to go dark, too

Internet Security Threat Report 2014

Even though the DNSChanger safety net deadline expires in just two weeks, 12 per cent of Fortune 500 firms still have at least one infected machine on their network, according to a new survey.

DNSChanger screwed up the domain name system (DNS) settings of compromised machines to point surfers to rogue servers, redirecting surfers to dodgy websites as part of a long-running click-fraud and scareware distribution racket. The FBI dismantled the botnet's command-and-control infrastructure back in November, as part of Operation GhostClick.

A court order, twice extended, allowed the Feds to set up replacement DNS Servers that resolved DNS queries from infected machines. This extended safety net will lapse on 9 July. Security laggards – who have had months to act and most recently have been targeted with warning messages from Google and Facebook – will be unable to use the internet normally unless they clean up their systems after this 9 July deadline. Without access to DNS servers it won't be possible to send emails or surf the web, leaving compromised machines cut off from the interwebs.

Despite the seriousness of these looming problems, a survey by IID (Internet Identity), published on Thursday, discovered that 12 per cent of the Fortune 500 firms and 4 per cent of "major" US government organisations are still infected with DNSChanger. The malware also disables security software and updates on infected machines, further increasing the security risk by leaving compromised machines wide open to secondary attacks.

IID reports that at least 58 of all Fortune 500 companies and two out of 55 major government entities had at least one computer or router on their network that was infected with DNSChanger. By comparison, in January IID, half of all Fortune 500 companies and US federal agencies were infected with DNSChanger, so the situation has improved a long way over the last five months but is still far from satisfactory.

The statistics come from IID's security intelligence and reputation services as well as data from other security and internet infrastructure organisations.

At its peak as many four million computers were infected by DNSChanger. An estimated 300,000 machines are still infected, according to figures from the DNSChanger Working Group.

Clean-up advice, along with more information and advice, can be found on the DNSChanger Working Group website here. IID has published an infographic about DNSChanger here. ®

Internet Security Threat Report 2014

More from The Register

next story
George Clooney, WikiLeaks' lawyer wife hand out burner phones to wedding guests
Day 4: 'News'-papers STILL rammed with Clooney nuptials
Shellshock: 'Larger scale attack' on its way, warn securo-bods
Not just web servers under threat - though TENS of THOUSANDS have been hit
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
PEAK IPV4? Global IPv6 traffic is growing, DDoS dying, says Akamai
First time the cache network has seen drop in use of 32-bit-wide IP addresses
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
Stunned by Shellshock Bash bug? Patch all you can – or be punished
UK data watchdog rolls up its sleeves, polishes truncheon
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.