mailing list archives
A virus too big to fail?
From: "Rob, grandpa of Ryan, Trevor, Devon & Hannah" <rmslade () shaw ca>
Date: Mon, 22 Jul 2013 18:20:29 -0700
Once upon a time, many years ago, a school refused to take my advice (mediated
through my brother) as to what to do about a very simple computer virus
infection. The infection in question was Stoned, which was a boot sector infector.
BSIs generally do not affect data, and (and this is the important point) are not
eliminated by deleting files on the computer, and often not even by reformatting
the hard disk. (At the time there were at least a dozen simple utilities for
removing Stoned, most of them free.)
The school decided to cleanse it's entire computer network by boxing it up,
shipping it back to the store, and having the store reformat everything. Which
the store did. The school lost it's entire database of student records, and all
databases for the library. Everything had to be re-entered. By hand.
I've always thought this was the height of computer virus stupidity, and that the
days when anyone would be so foolish were long gone.
I was wrong. On both counts.
"In December 2011 the Economic Development Administration (an agency under
the US Department of Commerce) was notified by the Department of Homeland
Security that it had a malware infection spreading around its network.
"They isolated their department's hardware from other government networks, cut
off employee email, hired an outside security contractor, and started
systematically destroying $170,000 worth of computers, cameras, mice, etc."
The only reason they *stopped* destroying computer equipment and devices was
because they ran out of money. For the destruction process.
Malware is my field, and so I often sound like a bit of a nut, pointing out issues
that most people consider minor. However, malware, while now recognized as a
threat, is a field that extremely few people, even in the information security field,
study in any depth. Most general security texts (and, believe me, I know almost
all of them) touch on it only tangentially, and often provide advice that is long
out of date.
With that sort of background, I can, unfortunately, see this sort of thing
====================== (quote inserted randomly by Pegasus Mailer)
rslade () vcn bc ca slade () victoria tc ca rslade () computercrime org
Confidentially, your delusion that you are the only sane one and
everyone else is mad is correct, but they *are* in charge ...
- Len Norris (editorial cartoon)
Fun and Misc security discussion for OT posts.
Note: funsec is a public and open mailing list.
- A virus too big to fail? Rob, grandpa of Ryan, Trevor, Devon & Hannah (Jul 23)