funsec mailing list archives
A virus too big to fail?
From: "Rob, grandpa of Ryan, Trevor, Devon & Hannah" <rmslade () shaw ca>
Date: Mon, 22 Jul 2013 18:20:29 -0700
Once upon a time, many years ago, a school refused to take my advice (mediated through my brother) as to what to do about a very simple computer virus infection. The infection in question was Stoned, which was a boot sector infector. BSIs generally do not affect data, and (and this is the important point) are not eliminated by deleting files on the computer, and often not even by reformatting the hard disk. (At the time there were at least a dozen simple utilities for removing Stoned, most of them free.) The school decided to cleanse it's entire computer network by boxing it up, shipping it back to the store, and having the store reformat everything. Which the store did. The school lost it's entire database of student records, and all databases for the library. Everything had to be re-entered. By hand. I've always thought this was the height of computer virus stupidity, and that the days when anyone would be so foolish were long gone. I was wrong. On both counts. http://gizmodo.com/government-destroys-170k-of-hardware-in-absurd-effort- 708412225 or http://is.gd/NHkmo3 "In December 2011 the Economic Development Administration (an agency under the US Department of Commerce) was notified by the Department of Homeland Security that it had a malware infection spreading around its network. "They isolated their department's hardware from other government networks, cut off employee email, hired an outside security contractor, and started systematically destroying $170,000 worth of computers, cameras, mice, etc." The only reason they *stopped* destroying computer equipment and devices was because they ran out of money. For the destruction process. Malware is my field, and so I often sound like a bit of a nut, pointing out issues that most people consider minor. However, malware, while now recognized as a threat, is a field that extremely few people, even in the information security field, study in any depth. Most general security texts (and, believe me, I know almost all of them) touch on it only tangentially, and often provide advice that is long out of date. With that sort of background, I can, unfortunately, see this sort of thing happening again. ====================== (quote inserted randomly by Pegasus Mailer) rslade () vcn bc ca slade () victoria tc ca rslade () computercrime org Confidentially, your delusion that you are the only sane one and everyone else is mad is correct, but they *are* in charge ... - Len Norris (editorial cartoon) victoria.tc.ca/techrev/rms.htm http://www.infosecbc.org/links http://blogs.securiteam.com/index.php/archives/author/p1/ http://twitter.com/rslade _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- A virus too big to fail? Rob, grandpa of Ryan, Trevor, Devon & Hannah (Jul 22)
- Re: A virus too big to fail? Jeffrey Walton (Jul 22)
- Re: A virus too big to fail? David Harley (Jul 23)