Malware Monday Mostly Nothing To Worry About
As it turned out, fears that thousands of Internet users would be blocked from using the Internet starting yesterday proved to be unwarranted:
So much for the Internet apocalypse.
Several security experts and media reports predicted that Monday, July 9, would be remembered as the day millions lost their Internet connections — and possibly their livelihoods. Those concerns did not play out.
At 12:01 a.m. Eastern Time on Monday, the Federal Bureau of Investigation pulled the plug on servers that had been communicating with personal computers infected with a particularly thorny piece of malware. The malware, called DNSChanger, reconfigured the computers’ settings for the Domain Name System, or DNS, which functions as the switchboard for the Internet. The DNS translates user-friendly Web addresses like fbi.gov into numerical addresses that allow computers to speak to each other. Without DNS servers operated by Internet service providers, the Internet could not operate.
By Monday afternoon, Internet service providers had yet to release the number of affected systems. But the final tally is likely to be nowhere near Internet Armageddon, partly because Internet service providers, like AT&T and Verizon, temporarily substituted their own DNS servers for those set up by the F.B.I. AT&T plans to keep its servers running through the end of the year. Verizon will keep its servers running through the end of July.
Some will take this as yet another opportunity to play down the warnings that we receive from time to time about things like this, but I think that’s mistaken. This is one of those situations where it’s better to be safe than sorry, and if publicizing news like this causes people to become more aware of Internet security issues and their own security settings then it accomplished something. At the same time, of course, there comes a point when the “boy who cried wolf” effect might kick in as people start to ignore warnings in the future. The media probably did hype the story a bit much, but one of these days we’re going to wake up to a real cyber attack of some kind and we’ll need all the warnings we can get.