- Get link
- X
- Other Apps
- Get link
- X
- Other Apps
The COVID-19 pandemic bears striking resemblance to several examples of massive computer virus epidemics. We can distinguish similar infection methods and mechanisms for spreading the virus, as well as the sad consequences of its activity.
And while it is not entirely correct to compare human lives and computer systems directly, there is the possibility of gaining useful experience and fighting real-life and digital infections more effectively in the future.
Extension
Compared to computer malware, the Coronavirus pandemic is more reminiscent of the WannaCry and NotPetya ransomware epidemics:
- It propagates randomly, "jumping" to the nearest accessible facility.
- The most vulnerable are the previous generation of systems.
- To penetrate the system, WannaCry exploits vulnerabilities in the SMB protocol, and the Coronavirus takes advantage of the fact that most people's bodies do not know how to resist it. This is because the immune system is not familiar with a new infection.
Damaging effects
By encrypting files on the affected system, WannaCry blocks the ability to work and requires a ransom. The coronavirus does not require anything. However, its victims also lose the ability to function normally. By entering the cells of the body, the virus reprograms them and forces them to reproduce the infection.
Thus, the coronavirus resembles very popular ransomware among hackers that exploits zero-day vulnerabilities in the human body. And there is still no patch, there is no vaccine for this vulnerability (07-05-20). Just as the decryptor of the data blocked by the crypto-malware has not been found, an effective drug has not yet been created that guarantees the recovery of the sick person.
Now let's take a look at the tools that can stop the spread of unpatched computer malware and compare them to the measures taken in real life. In my experience with computer security, the most effective to combat massive infections are:
- Firewall
- Quarantine
- Antivirus
- Safe online behavior habits
Let's look at each of the tools in more detail.
Firewall
To protect the company's network from viruses, firewalls are installed at the borders with the outside world that monitor traffic and only allow allowed packets to enter. During the WannaCry epidemic, companies whose networks were protected by firewalls escaped the infection.
The closest analogy to firewalls in the real world is closing the borders between countries. Minimizing all types of passenger traffic, restricting entry and exit in cities, resembles the closure of computer ports. Monitoring body temperature and rapid coronavirus testing at local airports can be compared to deep packet inspection, DPI.
The process of configuring firewalls to stop the spread of COVID-19 is now happening around the world. The countries closed their borders to minimize the penetration of the infection, leaving a thin and fully controlled corridor. And so that the Coronavirus does not enter the country, newcomers are sent to quarantine.
Quarantine
If a computer virus somehow penetrates the network, all systems that are under attack or suspected are shut down so that the malware does not spread further. This allows us to calmly handle the situation, learn the details of the incident, and take steps to protect other computers and servers.
Quarantine in the real world helps stop the spread of infection by isolating sick people and those who came in contact with them. Given the relatively long incubation period for COVID-19, a few weeks is not the highest price for public safety.
Antivirus
An antivirus installed on the device protects against known viruses. In some cases, a heuristic scanner helps to identify and block unknown infections. However, no antivirus vendor, of course, can provide a 100% protection guarantee.
In a sense, free antivirus can be considered an analog to personal protection measures. A mask, gloves, antiseptic liquid, and handwashing also reduce the chance of contracting a coronavirus, but they do not offer an absolute guarantee.
Human factor
The similarity between the computer and the usual epidemic is even more evident if we study the influence of the human factor in the spread of infection. Let's compare:
-A careless employee opens a malicious attachment in a phishing email, and a large company loses access to its files that the ransomware has encrypted. Speaking of large corporations, losses can run as high as $ 100 million.
-A 68-year-old man comes to the hospital, goes through the building, sits in a general row to take an X-ray. After you are diagnosed with pneumonia, you also test positive for COVID-19. So the whole hospital is closed for quarantine.
Carelessness during mass epidemics, be it a computer threat or a real infection, is criminal negligence, as it is very costly. A single click on a phishing email causes a multi-million dollar loss for the business. A patient's visit to a medical institution stops his work, and dozens of people suffer from it.
When people believe in something, they follow this idea. So, if the social engineering worked at first, the victim obediently follows the scammer's instructions: install a fake Adobe update, don't notice malicious redirects, open an "important document," or enter a password on a dubious website.
Likewise, believing in conspiracy theories, people ignore virologists' warnings about precautionary measures. People believe that their immune systems are strong enough to resist any infection. And sometimes they are completely sure that there is no infection.
How to stop a pandemic?
While the patch that closes the vulnerability is not available, and work on the decryptor is still underway, there are not many options to deal with the computer infection. It is impossible to stop using vulnerable systems in the event of a human epidemic, as these systems are people. If you "disconnect everyone from the grid" by organizing a total quarantine, life itself can come to a halt.
Specific sets of rules help ensure an acceptable level of security and maintain overall performance. In the case of computers, we are talking about white lists, restrictions on the number of running programs, permission to install only those applications that are digitally signed, etc. When transferred to real life, these rules become special passes for workers, control is used with an expensive system of recognition and fines for violators of the regime.
Yes, these unpopular measures complicate our lives, but at the same time limit the spread of infection, allow additional time to heal the sick and reduce the number of new infections. In fact, unlike computers, such a wonderful feature as restoring from a backup is not available to people. Therefore, until a drug is created, the growth in the number of COVID-19 cases needs to be slowed.
During cyber epidemics, the factor that ensures a quick victory over the virus usually becomes the joint efforts of the vulnerable system vendor, leading companies, and information security experts. Unfortunately, each country struggles only with the Coronavirus pandemic.
A serious problem for real-life and digital epidemics is the human factor. According to statistics, companies that systematically train employees in safe online behavior skills are much less likely to be the victims of successful hacker attacks. Obviously, when entering the new paradigm, residents of all countries will have to change their habits and develop habits of safe behavior following the recommendations of the WHO.
- Get link
- X
- Other Apps
Comments
Post a Comment