It's just another malware Monday. With apologies to Prince, Apollonia, The Bangles, and anyone who ever had 80s hair, today is supposed to be Internet Armageddon, the ultimate bad hair day for some Internet users.
The story has been all over the Internet and all over ZDNet. Unless you've been living under a rock, you know that the FBI seized some DNS servers used by a malware infection called DNS Changer. DNS Changer set the IP address of infected computers to a series of DNS servers operated by criminals, and from there, any domain name request could be routed by criminals to fraudulent sites.
See also: ZDNet DNS Changer topics summary
The FBI, rather than just suddenly taking the DNS servers down, instead cleaned them up and has been operating them for the better part of a year. If your computer was infected, you'd still go to a spoofed server, but that server would then send your requests to where they belonged.
As of today, that's no longer the case. As of today, those servers are coming down.
On one hand, it might not seem like that much effort (or money) to keep a few DNS servers operating so as not to upset hundreds of thousands of users. True, the servers are costing somewhere on the order of $87,000 to operate, but that's chump change compared to many federal programs.
The reality is that the people who were infected by DNS Changer are still at risk. They're probably still practicing risky behavior and so, whatever practices got them infected in the first place may well get them infected again.
Sometimes, the only way to help people understand the risk of these things is for them to experience it themselves. In the education world, it's called guided discovery. For some people, the only way they're going to learn is to experience the consequences of their actions.
When the FBI's DNS servers go down today, those who are infected will feel the consequences of their actions. And what, exactly, were those actions?
Most people get infected in a few different ways: visiting an unsafe web site, opening an unsafe email attachment, running downloaded software they shouldn't be running, and so on.
The irony, of course, to the title of this article is that if you can no longer read this article, you can't read any of the suggestions I'm about to make. Irony is like that. But if you do get back online, follow these suggestions. If you're a techie supporting a family member or friend who insists on going to those sites or opening those emails, give them a copy of this article.
So what are some safe practices?
I'm not going to list them all, but here's a few to get you started:
- Don't open email attachments. Ever. Period. They can contain a nasty payload.
- Make sure you're running an antivirus program and it's up-to-date.
- Make sure you update your operating system regularly.
- Make sure to update all the supporting programs like Flash, Acrobat, Quicktime, Java, and so forth.
- Make sure you're running a modern browser. If you're still running XP and IE6, just slap yourself.
- Don't consider yourself safe just because you're running a Mac or a Linux box.
- Make sure you're behind a firewall and a router, both software and physical.
- Don't download and install programs from random web sites.
- Don't go visiting naughty web sites.
- Don't go to free download sites or sites offering pirated software, movies or music
Well, that's ten. That should keep you busy until the blogosphere declares the next Internet Armageddon. Stay safe out there.
Oh, and to the folks in the FBI who are getting some heat today for turning off the servers: thanks for keeping them up all this time. Shutting them down with plenty of notice was the right thing to do.
Finally, for those of you who are offline and can't read this article, just print it out. You can read it then.