DNSChanger malware deadline arrives: What to do if your Internet is cut off
Webroot's SecureAnywhere Complete 2012 software for computer security on display at Best Buy in Mountain View, Calif., Friday, July 6, 2012. / AP Photo/Paul Sakuma
(AP) WASHINGTON - Having trouble getting online?
Some may find their smartphones working overtime because the family computer couldn't seem to connect to the Internet Monday morning.
You may be one of thousands across the United States who waited too long or simply didn't believe the warnings, and your Internet may have shut down just after midnight because of malware that took over computers around the world more than a year ago.
At 12:01 a.m. EDT, the FBI turned off the Internet servers that were functioning as a temporary safety net to keep infected computers online for the past eight months. The court order the agency had gotten to keep the servers running expired, and it was not renewed.
Now, if your computer is infected, your only hope is your Internet service provider's help desk.
CNET: How to detect and fix a machine infected with DNSChanger
In South Korea, there were no reports from affected computers Monday. As many as 80 computers there are believed to be infected with the malware that may cause problems in Web surfing, down from 1,798 computers in February, according to the government.
"The impact will be limited," said Lee Sang-hun, head of network security at the Korea Communications Commission, a government body. The government and private broadband providers opened helplines and issued warnings. They also asked users to check if their computers were infected and to download antivirus software. South Korea is one of the most wired countries in the world, with more than 90 percent of households connected to broadband Internet.
The problem began when international hackers ran an online advertising scam to take control of more than 570,000 infected computers around the world. When the FBI went in to take down the hackers late last year, agents realized that if they turned off the malicious servers being used to control the computers, all the victims would lose their Internet service.
In a highly unusual move, the FBI set up the safety net. They brought in a private company to install two clean Internet servers to take over for the malicious servers so that people would not suddenly lose their Internet.
And they arranged for a private company to run a website, http://www.dcwg.org, to help computer users determine whether their computer was infected and find links to other computer security business sites where they could find fixes for the problem.
From the onset, most victims didn't even know their computers had been infected, although the malicious software probably slowed their web surfing and disabled their antivirus software, making their machines more vulnerable to other problems.
Efforts to solve the issue have been hindered a bit by a few factors: Many computer users don't fully understand the technologically complex machines they use every day to send e-mail, shop, and surf for information. The cyber world of viruses, malware, bank fraud and Internet scams is often distant and confusing, and warning messages may go unseen or unheeded.
And other people simply don't trust the government, and believe that federal authorities are only trying to spy on them, or take over the Internet, by pushing solutions to the infection. Blogs and other Internet forums are riddled with postings warning of the government using the malware as a ploy to breach American citizens' computers — a charge that the FBI and other cybersecurity experts familiar with the malware quickly denounced as ridiculous.
There is an underlying sense that this has been much ado about nothing — like the hoopla over Y2K, when the transition to the year 2000 presented technical problems and fears that some computers would stop working because they were not set up for the date change. In the end there were very few problems.
Considering that there are millions of Internet users across the country, several thousand losing access isn't a big deal — unless you are one of them.
Rep. Jim Langevin, D-R.I., who co-founded the cybersecurity caucus in Congress, said computer users have a responsibility to practice good cyber hygiene and make sure their computers have not been infected or hijacked by criminals.
"These types of issues are only going to increase as our society relies more and more on the Internet, so it is a reminder that everyone can do their part," he said.
FBI officials have been tracking the number of computers they believe still may be infected by the malware. As of July 4, there were about 45,600 in the U.S. — nearly 20,000 less than a week earlier. Worldwide, the total is roughly 250,000 infected. The numbers have been steadily declining, and recent efforts by Internet service providers may limit the problems Monday.
Tom Grasso, an FBI supervisory special agent, said many Internet providers have plans to try to help their customers. And some may put technical solutions in place Monday that will correct the server problem. It they do that, the Internet will work, but the malware will remain on victims' computers and could pose future problems.
Other Internet providers have simply braced for the calls to their help lines.
Popular in SciTech
- Watch: NASA captures Okla. tornado from space Play Video
- Weird pirate ant comes with an "eye patch"
- The 7 weirdest things made by 3D printing
- Microsoft announces Xbox One
- Amazon proposes a colossal biospherelike Seattle campus
- Microsoft announces Xbox One 16 Photos
- Storms that spawned deadly Oklahoma tornadoes seen from space (video)
- Xbox One Press Conference
Y2K wasn't a disaster because companies spent a huge amount of money fixing their software and thousands and thousands of computer professionals worked their butts off for them for nearly two years to keep it from being a problem. The alarm expressed was based on the fact that IT departments had a long history of underestimating the amount of time it takes to fix stuff like this and management had a long history of underfunding such projects (funny how those two things go together). It was precisely because of that alarm that the IT professionals managed to pull it off.
Same with this thing. It wasn't a disaster because a lot of smart people spent a lot of time, thought and effort keeping it from being a disaster, starting with the decision to keep clean servers running while they got the word out.
So see how that works? If people work their butts off to prevent a foreseeable disaster, the fact that the disaster didn't happen wasn't because the disaster was illusory, but, rather because people dug in to keep it from happening. And maybe, just maybe, if we'd recognize and praise the people who work to keep foreseeable disasters from happening rather than sneering at their successes, we'd have fewer foreseeable disasters.
----------------------------------------------
"Some may find their smartphones working overtime because the family computer couldn't seem to connect to the Internet Monday morning."
this story has been running on nearly every news and technology related site for weeks now.