By By Catherine Curran, News Correspondent

‘
Having already infected 10 million computers worldwide, Downadup, the latest prolific computer worm that mainly targets corporate and university networks, has Northeastern stepping up precautions to protect their network and urging students to do the same.
On Jan. 22, the university issued an announcement on the myNEU portal about the worm. According to the announcement, the worm exploits the autorun feature on Microsoft Windows, which will automatically run files from a USB or disc drive. Having already installed patches in the Northeastern network in November 2008, the school has since disabled the autorun feature on all university computers.
Also known as Conficker, the worm started in the eastern hemisphere, with China currently the most infected country in the world, according to recent media reports. Unlike a virus, worms don’t require much action from a user to get it moving.
Glenn Hill, the director for Information Security and Identity Services at Northeastern, said Downadup is predominately passed to computers when USB drives or mp3 players are inserted. The worm is then released and the computer in question is infected. Macs are not at risk, Hill said.
Once in the machine, the worm creates a server, passes the infected computer’s URL out to other computers, modifies network settings and slows networks with unnecessary traffic, Hill said. As a way to preserve itself the worm disables access to security updates that would protect the computer from such infections, he said.
Northeastern has been keeping an eye on Downadup for a while, Hill said.
‘With threats in their infancy, we typically watch to evaluate their spread and determine the extent of risk to the community before causing alarm or undue amounts of work,’ he said. ‘Once the worm began a solid march from its origin in the far east, and began moving quickly westward, the university set a security policy on university-owned machines to interfere with the ability of the worm to launch and spread within the NU network.’
Part of the fear surrounding Downadup is the threat of a second wave of copycat viruses. Hill said some have already surfaced.
‘The effects of variants are often very similar to the original worm,’ Hill said. ‘While defensive measures are already taken and are expected to be sufficient, the information security department monitors the threat landscape daily.’
Jamie Miller, a middler international affairs major, said he isn’t concerned about a second version.
‘The news media has a tendency to report that the next phase will be truly devastating,’ he said. ‘Code Red was supposed to kill the Internet, but once people know about it people take measures to avoid the next one. I’m more concerned with the next unknown virus because we have no idea how to stop it or what vulnerability it will exploit.’
Many students said they had faith in the Northeastern system. ResNet reported that students often come in for security updates and there has been a noticed increase during the past few weeks.
‘The viruses get so big, and by the time they get so rampant everyone kind of knows they’re coming,’ Miller said.
But students should still remain vigilant, Hill said. He recommended updating anti-virus software weekly; never open unsolicited e-mails, attachments, downloads or URLs; and he warns students to watch their computer for any signs of slowness, stalling or disc activity when not in use. If a message that’s infected is displayed, disconnect the computer from the network and contact ResNet, Hill said. Do not reconnect or share files until the infection is gone, he said. Students can also visit infoservices.neu.edu for up to date information on threats, along with preventative and removal tools.