It’s Friday the Thirteenth, an infamous date in the history of malware.
So here’s a satirical trip down memory lane to consider other dies irae in the computer virus calendar:
* Jerusalem virus – deletes files on any Friday the 13th from 1988 onwards.
This virus came out in 1987 but explicitly suppressed its payload that year (when Friday 13ths happened in February, March and November). In those pre-internet malware days, it needed to give itself months to spread before making its bid for infamy.
* Durban virus – zaps your hard disk on any Saturday the 14th.
The Durban virus first appeared in South Africa, following advice to South African public servants to “put their computer clocks forward a day” before going home on Thursday 12th, as a temporary mechanism to minimise the risk of damage from the Jerusalem virus.
* Sunday virus – deletes files every Sunday, and asks you “Today is SunDay! Why do you work so hard?”
Except, however, that it doesn’t actually trigger its warhead due to a bug. You can imagine why the malware author didn’t get around to testing that part of the code.
* Honni virus – pops up a picture of Erich Honecker on Saturday 13 August 1994.
That’s the 33rd anniversary of the creation of the Berlin Wall. The late and unlamented Honecker, former leader of the DDR, had recently died in exile in Chile.
* Stuxnet virus – mentions Wednesday 09 May 1979 in its code.
The virus commemorates the performance on that day of the Grateful Dead in Broome, New York. (You can hear the audience cheer when the lyrics of the song “Truckin'” reach New York in the sound-clip below.)
(23-second extract from Grateful Dead audience recording on 1979-09-05)
Just from these few examples, you can see that there are often interesting payloads buried away inside malware code.
There’s nothing wrong with being intrigued by the backstory of a virus.
After all, many people have been seduced into seeing Stuxnet as all about Israel versus Iran, not realising that it is also a celebration of the good old days of bluesy psychedelic rock, and a surreptitious in memoriam of multi-megabyte guitar riffs.
But, whatever you do, don’t get sidetracked by dates when it comes to your computer security strategy.
We do, sadly, seem to have a collective tendency to do this.
For example, we wasted billions of dollars fretting over what might happen precisely at the start of 01 Jan 2000, instead of recognising that the Millennium Bug, such as it was, could affect date-related calculations in general, not just at the stroke of midnight.
We speculated wildly that we might experience an IT meltdown 01 April 2009, when one of the variants of the the Conficker virus would start calling home. Somehow it wasn’t enough that the virus was already widespread, and continuing to spread and harm networks, largely through poor security practices.
(Lessons to learn about Conficker – still relevant today)
As Chester and I discussed in a podcast in November last year, it’s all very well to have Cybersecurity Awareness Week (as Australia does each winter), or Cybersecurity Awareness Month (as the USA started doing in 2011). But if that’s all we have, we’re not doing much better for our collective health than we would by having an annual Stop Smoking Afternoon.
(Listen to Chet and Duck discuss cybersecurity awareness)
"We need to be talking to our friends and family - and colleagues, and our bosses, and the people who work for us - all the time about security, because if we don't, the crooks are going to win....Every little step that each of us takes actually makes things much harder for the cybercrooks."
So if you’re going to make a New Year’s Resolution for your business in 2012, take Chester’s advice: Make IT Security your business!
Leave a reply
