Not exactly. I’ve been slammed with questions about the Internet shutting down on Monday. Fact: The Internet is NOT shutting down. Some DNS servers are being shut down. You can hop onto legitimate DNS servers in a few easy steps if you need to.
However, when I click through my resources I’m not seeing cohesive details on what’s happening and what I need to do about it. So here is a brief article that outlines the situation. I’m citing the FBI here and linking to their web pages to ensure you get the Correct information.
1. Last year as a result of Operation Ghost Click a ring of criminals was shut down. This ring had infested millions of computers with malware called DNSChanger “Approximately 4 million computers in more than 100 countries. There were [believed to be] about 500,000 infections in the U.S. ”
2. Unsuspecting computer users were routed to these rogue DNS servers. In doing this the “thieves were able to manipulate Internet advertising to generate at least $14 million in illicit fees.”
3. When the case broke “Remediation efforts were immediately undertaken to minimize any disruption of Internet service to the users of computers infected with the Malware.”
4. “The remediation effort is being carried out pursuant to the order of a Manhattan federal court judge. As part of that order, the defendant’s rogue DNS servers have been replaced with legitimate ones. Internet Systems Consortium (“ISC”), a not-for-profit entity, was appointed by the court to act as a third-party receiver for a limited period of 120 days during which time it will administer the replacement DNS servers.”
Note from Scott: I’m going to guess these “remediation efforts” will be under scrutiny for some time. Why the FBI chose this course of action needs to be looked at closely. What it the right move?
Ok. So thems the facts. What are we supposed to do about it?
1. Check to see if your DNS is legit or you are using a rogue server. If you know how to get your DNS settings from your computer, then take note of your DNS settings and enter them into this site: https://forms.fbi.gov/check-to-see-if-your-computer-is-using-rogue-DNS
2. If you don’t know how to check your DNS, take a look at this article from the FBI that walks you through the steps for Mac and PC. You’ll need to scroll down through background of DNSChanger but I thought the article was good: http://www.fbi.gov/news/stories/2011/november/malware_110911/DNS-changer-malware.pdf
Here is where I pulled the background for this posting:
Did the FBI act correctly? Could there have been a better way to inform users? I’d love to hear from you about what you think.