Black box Gremlins are back in full force
Computer viruses have staged an impressive comeback during March. For several years, our own experience was that true viruses were mostly something of the past. The detection systems were simply too well-advanced to let through any unwanted malicious code. Furthermore, the anti-virus industry has matured to a level where most business operators became complacent, believing that all types of virus codes are now so well-identified, protection has become a routine.
What has become the major headache was so-called malware that ranged from fairly benign, i.e. tracking your preferences, to mildly annoying, those that throw pop-ups on your screen at the most inconvenient times. But these threats were all tolerable since they did not undermine the integrity of the operating system or programmes. They also did not mess with file content. With many of these infections, apart from the occasional pop-up, they were largely ignored and it was left to the anti-virus and anti-malware software to detect them and process them accordingly, either by deletion or quarantine.
As the threats became more sophisticated, so the software businesses rely on, also developed in tandem. There was a sort of equilibrium between the aspirations of virus developers and ordinary business folks who only want their computer to do what it is supposed to. If every now and then an intrusion caused some mild irritation, it was no big deal.
From our own experience in the Economist offices, it seemed as if the code writers lost interest in trying to infect all the world’s PCs, notebooks, tablets and smart phones. The attention has shifted perceptibly to hacking. As a matter of fact, hacking of our website has grown to be the number one threat and we had to make some stiff investments to protect our digital kingdom against a continuous stream of hacking attempts from Chinese and Russian domains. Rebuilding a website as elaborate as ours is a costly and time-consuming affair, but we learnt our lesson. Unfortunately, the flipside is that once a website is corralled in on all sides by protective barbed wire, it keeps out the predators, but it also deters a considerable number of visitors, any of whom could be potential new business.
Then, from around the end of February this year, suddenly viruses reared their ugly heads again, and our rather advanced network-based anti-virus system had a hard time keeping up. The attacks grew in intensity but the malicious code was mostly conventional, so no major incidents.
That is until this week, when suddenly a large bunch of key management files became infected and unusable from so-called ransomware. This is where the attacker sends you a trap that opens a backdoor and while you are happily roaming, that backdoor invites a virus on a foreign computer, to scramble and encrypt your files. Next thing, you get a notice informing you, you have to pay so and so, so much if you ever want your information unlocked.
Of course, this required very fast and drastic counter measures. At the same time it asked for a more advanced, more focused remedy which came in the form of another app which had to be activated on each work station individually. We even had to shut down the file server during this clean-up operation to ensure that no contamination spreads from the work station to the brain. This was all very disruptive, again time consuming, and with some minor costs. But some information was lost permanently, and only older versions could be restored.
What fascinates me is the devious minds that find a measure of satisfaction by disrupting the IT systems of small, everyday businesses. Given that small businesses are such a major economic contributor and employer, the type of person that enjoys stealing others’ livelihoods, is for sure a psychopath of the worst kind.
My logic tells me that if you do not like a product or a company, instead of letting them intimidate you to the extent that you feel an urge to retaliate, as consumer you can simply chose not to use their products. If you do not like Microsoft or their Windows operating system, nothing forces you to use them. You can go the Linux route, or even use other open-source, equally capable operating systems or programmes.
But if you hate them so much that you are willing to endanger the work of millions of people across the world, then you are really sick.
In my mind, computer hackers and virus developers, were always an excuse for demented IT wannabe’s. This week’s events only confirmed that view.