[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[dvd-discuss] Fwd: Bush taps Clarke as CyberdefenseChief
- To: dvd-discuss(at)cyber.law.harvard.edu
- Subject: [dvd-discuss] Fwd: Bush taps Clarke as CyberdefenseChief
- From: John Schulien <jms(at)uic.edu>
- Date: Wed, 10 Oct 2001 13:47:52 -0500
- Reply-To: dvd-discuss(at)cyber.law.harvard.edu
- Sender: owner-dvd-discuss(at)cyber.law.harvard.edu
Everyone is so creative about windows worm
payloads ... modifying bank accounts, posting
fake stories. There's a much less farfetched
scenario ...
A fast-spreading ISS/Outlook worm that infects
as many computers as possible, then, all at
once, starts a low level format on all of the
attached hard drives, of all of the infected
computers, and flashes the BIOS with random
garbage, making all infected computers unbootable.
In a matter of minutes, such a worm could
effectively destroy tens if not hundreds of
thousands of computers.
A computer with the bios zeroed out would
have to be physically repaired -- the flash chip
would have to be replaced -- in order to ever
boot again, which would cause widespread chaos.
and how many people really back up their hard
drive correctly? How many people back it up
at all? How many companies use one computer
to back up another computer, or rely on RAID
to protect against data loss? In such a
scenario, if you didn't have your data backed
up on offline media, you would lose everything.
Such an attack would do far more damage then
silly attempts to post fake stories or
manipulate bank accounts.
THAT is the magnitude of the danger of the
continuing revolving door of Microsoft ISS
and Outlook bugs. Agreed. We ain't seen
nothing yet.