USA India
Home Articles UserTV Press Releases Dictionary Books Education Careers B-Channels Resources Forums Blogs Classifieds
Tuesday 7 Oct, 2008 eNewsletter Register Login
Archives
Articles By Date
Articles By Category
 
 
 Archives >> Details
The limits of disaster
Prepare all you want--you're going to get zapped anyway.
Posted by : Nelson King

Around mid-August a former colleague of mine called from Lansing, Mich.: "My workstation insists I have an authorization error and reboots all the time; but that doesn't matter because the power's out everywhere. Are you OK?" As you may recall, it was mid-August 2003 when a lot of things technical went into a handbasket headed for Hades. Among other things, there were 50 million people without electricity and the Blaster worm was spreading rapidly.

Of course, when it came to information technology, individuals and companies that take pains to protect their systems were prepared to weather power outages and block worms. Just like myself and my friend's business in Michigan. After all, didn't we both have backup batteries and antivirus software?

Not that we thought we were invulnerable. We've seen the law in Murphy's court far too many times. However, I suspect we both thought we'd taken enough precautions so that troubles would happen to others. Naturally, I wouldn't be writing this if our measures of protection had been adequate--no problem, no lesson.

Patch as patch can

I now vaguely recall that a few weeks before the arrival of the Blaster worm in my email in-box, I got an e-mail message from Microsoft warning of a serious security weakness in Windows and highly recommending a visit to the Microsoft site for a patch. This was a rather unusual plea, aimed largely at consumers. Companies are handled differently and in general are assumed to be watching their patches.

I don't know about you, but many of us are disposed to take most anything Microsoft says with a grain of salt (or perhaps even a pinch). Besides, Microsoft issues virus warnings and other product "fixes" with great regularity. It's easy to underestimate the importance of any particular warning.

Whatever the reason, several hundred thousand of us--including many corporations--didn't act on Microsoft's advice. This meant that our systems were subject to a buffer overflow during a remote procedure call (translation: The Blaster worm program could gain control of a computer).

I still don't know exactly how the worm got into my computer system. I was running a top-rated antivirus program, and as far as I know the virus definitions were up to date.

I remember that at about the same time I received a very official-looking e-mail from my ISP, threatening disruption of service and saying I should contact the company immediately. Everything--logos, pictures, text--looked exactly like the material at the company's official Web site, except that when I clicked on the link that was supposed to take me to an accounting contact, I was suddenly at a porno-site. Something similar happened at other links on the page.

Believe me, I'm not a sucker for this sort of ruse, but this e-mail message was sophisticated, both in presentation and context. Because I'd opened the message and worse, clicked through some links, I wouldn't be surprised if it was the source of the Blaster worm. Then again, I still don't know why the antivirus software didn't catch it; but I'm not sure exactly when my virus protection was updated.

That's two strikes against me--not paying attention to warnings, and not being sure of my antivirus software. The third strike was something like opening an infected message. It took me the better part of a day to figure out why my computer was rebooting (the key symptom of the Blaster worm), find the patch at Microsoft, get a clean-up program from the antivirus vendor, and return my system to normal.

My friend Dean in Michigan had his entire business out of e-mail communication for that day--and then the lights went out.

Assault and battery

I know that Dean is meticulous about security and backup. I wouldn't say he's paranoid, but one of his favorite sayings is "Just because you're paranoid doesn't mean they're not out to get you." He runs a small IT-oriented business where, if the computers don't work, work isn't being done. So he's careful, or as the economists say, risk-averse. He's spent the money and taken the time to have antivirus protection on both his server and on individual workstations. He has UPSes (uninterruptible power supplies) on every computer, and I'm sure he monitors their batteries. He's proud of his efforts, as any craftsperson is proud of good tools.

Fat lot of good it did him. In one day, the Blaster worm invaded at least two of his computers, including his company mail server, and then the power went out--not for a few minutes, but for almost 24 hours.

He told me, "It was like watching the movie '2001: A Space Odyssey,' where HAL the computer terminates the lives of the hibernating astronauts. I watched my UPS monitor helplessly, as one by one our workstation batteries died and people frantically tried to finish up work. We were supposed to be finishing a job for a client on the West Coast; all we were able to do at the last minute was send e-mail and make phone calls telling them what had happened. What a mess."

Perhaps he should have had a gas-powered generator to kick in when the power went out. However, a generator big enough to run several computers (with peripherals) and keep the lights on would cost thousands of dollars, not to mention requiring frequent checking and maintenance. I don't know if he studied the option, but in any case, he still doesn't have a generator.

The bigger picture

Part of the problem is that Dean and I are small-business people; in my case, a business of one. Despite our IT backgrounds, neither we nor our companies are in a position to do "everything possible" to protect our computer systems. That includes the cost of having an adequately large and well-maintained power generator, or constantly monitoring for updates and fixes to software. Then again, the unprecedented power outage and the nature of the Blaster worm affected a lot of people. We were hardly alone.

So what? Dean and I both agreed that these events weren't like the weather--somewhat unpredictable and unpreventable. Just because a lot of other businesses were caught doesn't mean that it was OK for us. The hard-nosed response was therefore...Well, there is no hard-nosed response unless a company is willing to spend whatever it takes to gain "near 100-percent security." Perhaps some large corporations can do this and still build it into their pricing structure. We can't.

After looking at costs, Dean decided that investment in an adequate power generator didn't balance with the possible loss of revenue from a major blackout. Despite the inconvenience, he didn't really lose any business (the client in California was quite accommodating). Likewise, I'm not about to pay somebody to monitor my software fixes and updates; I have to do it myself.

We're not comfortable with the time and effort it takes to do this kind of big-picture risk analysis, but the main lesson from the Blaster/blackout combination is that you can't afford not to figure risk versus cost for extreme cases.

Most digital technology not only isn't invulnerable, but also, much of it isn't even robust--it's fragile. Serious and systemic problems occur. Blaster/blackout wasn't a wake-up call. We were already awake, like most business people (we hope). I'm assuming we can always do a better job at computer security and backup; however, this was a reality check, something to make us examine our limits.

 
 
Archives by Date
 
 
 
 
 
Copyright © 2001-2008 ComputerUser, Inc., All Rights Reserved
About us | Terms of use | Privacy Policy | Legal | Trademark/Copyright | Awards | Advertise | Writer guidelines | Sitemap | Contact | FAQ's | Feedback  | Link to us

Here are the topics we cover computer certification computer careers computer training computer games consulting data recovery data security digital entertainment emerging technology gadget reviews handheld computers hardware reviews home automation home networks home office how-to advice internet linux local companies local news local profiles macintosh mp3 players network security online music online security open-source small-business technology soho software reviews technology books technology dictionary vpn web site reviews wi-fi windows wireless technology tech articles tech news press releases tech dictionary education resources career solutions create your personal blog upload your videos become a writer usergroups special interest group SIG 3com cipts adobe adobe certified expert apc ncpi apple achds acpt acsa actc avaya bea 8.1 certified administrator 8.1 certified architect 8.1 certified developer 9 certified administrator bicsi rcdd checkpoint ccmse ccsa ccsa ngx ccse ccse ng plus with ai ccse ngx cisco access routing and lan switching ccda ccdp ccie ccip ccna ccnp ccnp old ccsp ccvp crmam ip communications optical proctored exams for validating knowledge sales specialist storage networking vpn and security wireless lan citrix cca 3.0 cca 4.0 cca 4.5 cca xp ccea 3.0 ccea 4.0 ccea xp ccia ciw ciw associate ciw certified instructor master ciw admin master ciw designer master ciw enterprise developer security analyst comptia a+ network+ security+ server+ computer associates ca cusa cuse cwna cwna cwsp dell eccouncil cea cep certified ethical hacker chfi e-commerce architect emc emc specialist implemenation technology foundations enterasys ese eta exam express exin exin itil extreme networks ena ens filemaker f7cd f8cd fortinet fortigate foundry cne fujitsu fujitsu guidance software ence hdi css hda hdm hdsa hitachi hitachi certified professional hp ais apc app aps ase certified systems developer csa cse master ase huawei hcne hyperion hcp ibm advanced deployment professional advanced technical expert application developer business process analyst certified administrator certified advanced system administrator certified advanced technical expert certified associate developer certified enterprise developer certified solution designer certified specialist certified systems expert database administrator db2 deployment professional enterprise developer eserver certified specialist ibm on demand business solution advisor solution designer solutions developer solutions expert storage administrator system administator iisfa cifi intel isaca cisa isc cissp sscp iseb itil ism cpm juniper jncia jncis legato lcaa lcea lotus clp lpi lpic level 1 lpic level 2 lpic level 3 macromedia mcafee mcdata csnd microsoft crm mbs mcad .net mcdba mcdst mcitp mcp mcpd mcsa longhorn mcsa 2003 mcsa 2008 mcsd .net mcse mcse 2000 security mcse 2000 to mcse 2003 upgrade mcse 2003 mcse 2003 messaging mcse 2003 security mcse 2008 mcts microsoft business solutions microsoft partner competency mile2 cnsa network appliance nac-na nac-nie naca nace nacp network general sniffer certified professional nokia nokia security administrator nortel ncde ncds ncse ncss ncts novell5 cna 5 cne 6 cna 6 cne 6.5 cne cne upgrade omg ocup oracle 10g dba 10g oca 11i 8i dba 9i dba 9i internet application developer oca ocp8 to ocp8i dba upgrade exam pmi project management professional polycom pcve redhat rhce rhct sair sas institute sas scp saas scp snia snia certified architect snia certified professional snia certified systems engineer snia storage networking certification program administrator professional associate symantec scse scsp scta scts teradata tca v2r5 tcad v2r5 tcda v2r5 tcis v2r5 tcm v2r5 tcp v2r5 tia ccnt ctp tibco tcp trusecure ticsa veritas infraguard chamber of commerce vcp vmware certified professional webex linkedin facebook myspace Professional page layout, image editing, vector illustration, and print production Website design, development, prototyping, and blogging Creation of rich interactive content Industry-standard visual effects and motion graphics Video capture, editing, and production; DVD titling; and digital audio, Adobe Photoshop CS3 extended, Adobe illustrator CS3,Adobe indesign CS3,Adobe Acrobat 8 Professional, Adobe Flash CS3 Professional, Adobe Dreamweaver CS3,Adobe Contribute CS3,Adobe Fireworks CS3,Adobe After Effects CS3 Professional, Adobe Premiere Pro CS3,Adobe Soundbooth CS3,Adobe Encore CS3,Adobe OnLocation,Adobe Bridge CS3,Adobe Version Cue CS3,Adobe Device Central CS3,Adobe Stock Photos, Intel Pentium 4 (1.4GHz processor for DV; 3.4GHz processor for HDV), Intel Centrino, Intel Xeon, (dual 2.8GHz processors for HD), or Intel Core, Duo (or compatible) processor; SSE2-enabled processor required for AMD systems Microsoft Windows XP with Service Pack 2 or Microsoft Windows Vista Home Premium, Business, Ultimate, or Enterprise (certified for 32-bit editions) 1GB of RAM for DV; 2GB of RAM for HDV and HD; more RAM recommended when running multiple components 10GB of available hard-disk space (additional free space required during installation) Dedicated 7,200 RPM hard drive for DV and HDV editing; striped disk array storage (RAID 0) for HD; SCSI disk subsystem preferred Microsoft DirectX compatible sound card (multichannel ASIO-compatible sound card recommended),1,280x1,024 monitor resolution with 32-bit color adapter Blu-ray burner required for Blu-ray Disc creation OHCI compatible IEEE 1394 port for DV and HDV capture, export to tape, and transmit to DV device QuickTime 7.1.2 software required to use QuickTime features Broadband Internet connection required for Adobe Stock Photos* and other services