Conficker worm attacks U computers

By Jeremy Thompson, Staff Writer

A highly infective computer virus is attacking the U.

The virus, known as the Conficker worm, implants itself into computers with compromised anti-virus software, or those lacking proper patches to repel the worm, said Mindy Tueller, communications manager for the Office of Information Technology. Tueller explained that the worm then lays dormant on the computer until it is programed by an external source to activate, at which time it can be programed to do a variety of things.

“The important thing to note is to not panic,” Tueller said. “At the same time, this is a malicious threat that must be taken seriously. That is why we sent an e-mail about it. We want people to be aware of the danger.”

The e-mail, sent Friday morning and addressed to all campus members, stated that the worm presented “a serious concern that data may be compromised. This includes login and password information, patient data, student data, credit card numbers, etc.”
The e-mail encouraged all students to install up to date anti-virus software, as well as current security patches in an attempt to repel the worm.

Chris Nelson, spokesman for U Health Sciences, said the worm must be taken seriously because it presents such a very real threat.

“This virus is dangerous because even machines that were patched with the most current updates were found to still contain the worm,” Nelson explained. “This means that even after a machine was cleaned, the virus would re-appear. So, as a precautionary step, the health science centers shut down access to external Internet pages for most of the day Friday in an attempt to isolate the worm.”

On Friday afternoon, Nelson said that the worm had been contained and removed, and the IT department was in the process of rechecking all computers to make sure that the worm would not reappear.

Nelson explained that as far as the U could tell, there was no risk to health care records or patient care records at the hospital. He explained that this is because those sources of information are stored in their own network, with multiple protections that prevent the information from being accessed.

Tueller said that the extent of the damage caused by the worm will probably not be known for a few days.

“We are unclear about what the exact damage will be,” Tueller said. “These type of worms usually steal info-credit card numbers, login information, or other personal data-things that could be used for identity theft. We felt that we needed to inform everyone about this because the worm is now a big concern because it has made its way onto campus. We want to limit it’s effects, and are working in every way possible to do that.”

Nelson indicated that the U is unsure how the worm made it onto the university’s networks, but that a formal investigation would take place sometime this week. He said that the worm could be spread by something as simple as a digital camera, or a USB drive.

Tueller said that if students are afraid that their computers might be infected, or have questions about the worm, they can contact the campus help desk at 801-581-4000. They can also follow the steps outlined in the e-mail to ensure that their personal machines are clean.

[email protected]