On Monday, the FBI shut down Internet servers that were used as a temporary fix to a worldwide malware attack. The virus, known by various names, is a DNS changer that was started around 2007 by a ring of Estonian cyber criminals. The virus infected a computer, redirected infected computers through Internet servers controlled by the criminals, and then sent individuals to sites other than where they really wanted to go. As a result, infected computers were often led to dangerous websites and products and exposed to other malware.
Shutting down the temporary servers is the last step in an ongoing operation to stop the virus. In November 2011, the FBI, together with foreign partners, arrested the Estonian criminals and seized their servers. The FBI, however, could not simply shut down the servers, because doing so would have caused 4 million infected computers to lose access to the Internet.
The FBI tasked the nonprofit Internet Systems Consortium with setting up temporary servers while the FBI worked to contact those who had been infected. The FBI partnered with the DNS Changer Working Group to provide an easy way for users to see if they were infected and remove the virus. As a result of their efforts and the efforts of Internet service providers, it estimated that fewer than 42,000 U.S. computers were cut off from the Internet.
It took only seconds to check a computer for the virus, and the antidote was almost as quick. Even the best cybersecurity software and the passing of strong cybersecurity legislation cannot replace individual responsibility on the Internet. Additionally, the U.S. should resist calls of “doomsday” every time some cyber threat emerges; otherwise, real cyber threats might go unnoticed.
If you or someone you know has a computer unable to connect to the Internet, contact your Internet service provider or follow the directions listed here.
Source material can be found at this site.