cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Caute_cautim
Community Champion

Draw some parallels with the Coronavirus as it develops

Hi All. Everyone is alert and watching for the Corona Virus, and many nations are evacuating their citizens from China.   What parallels can we learn from a cyber security context from this developing situation?

 

https://www.thinkadvisor.com/2020/01/27/5-ways-the-new-coronavirus-may-already-be-affecting-u-s-insu...

 

Regards

 

Caute_cautim

6 Replies
CISOScott
Community Champion

What better way to spread the virus than to unleash it so that it infects people, then spread panic so people start leaving, taking the virus with them and thereby increases the spread of the virus?

 

rslade
Influencer II

> Caute_cautim (Community Champion) posted a new topic in Industry News on

> Hi All. Everyone is alert and watching for the Corona Virus, and many nations
> are evacuating their citizens from China.   What parallels can we learn from a
> cyber security context from this developing situation?  

I'd been idly thinking about this very thing. But, since you asked:

Face masks are not useful (unless you actually are infected with the virus).

Actually, this does bring up an important point: there are a lot of myths that the
general public holds about security. People assume that, for example, Macs are
inherently safe and Mac useres feel they don't need to take further precautions.
Misinformation about 2019-nCoV is spreading faster than the virus itself, leading
to alarming racist incidents and other problems. Integrity of information is
always important and we need to protect it with all we've got.

Don't install Chinese software on your computer.

Again, this does bring up an important issue: do you *really* need that app, game,
or filter on your social media?

Isolate your computer or device for 14 days after it has connected with a Chinese
server.

Once more, a significant issue. Malware lasts for a long time. Just because the
media interest has died away on a specific security issue doesn't mean the hreat has
disappeared.

Wash your hands, or use isogel, when you use your computer. (Hmmmm. When
using a public computer, this might actually be important ...)

====================== (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca slade@victoria.tc.ca rslade@computercrime.org
If you're not part of the solution, you're part of the precipitate
victoria.tc.ca/techrev/rms.htm http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/
https://is.gd/RotlWB

............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
Caute_cautim
Community Champion

@CISOScottI agree, it could have been handled far better than it has.   Isolating China in a deeply distributed, highly connected world may work on people.   But the bad timing of the Chinese New Year propagated the infection and possibly this has caused it to grow in epidemic proportions within a few days.   But would it work on a malicious infection, borne by technology, which also took out critical infrastructure, utilities - each an every company/organisation would literally been on their own. 

 

Could they have applied resilience techniques in preparation for such events? 

 

To take an example the Citrix issue at the moment, was literally a zero day in our world, and many people were caught out, because the perpetrator managed to sneak into many organisations, leave their tool kit in preparation for a later time and then left.   Organisations have been closing the backdoor the perpetrator used originally, and now the organisations themselves are going through costly investigations forensically to work out the how, what, when and where issues, which is ongoing.

 

Regards

 

Caute_cautim

Caute_cautim
Community Champion

@rslade   I have to agree with you, and the Apple Mac issue came home to me last week - nothing is 100% secure, having had to go through a period of 24 hours myself resulting in a total re-image due to a cascade of issues - which started out with not being able to remotely connect.  There were other indicators, which were only discovered going through the recovery phase and no it was not compromised, more software fatigued I believe over time - and badly needing a refresh to clean out the re-occurring problems.

 

Your analogies are brilliantly articulated.   I am sure there other parallels which will come of this too, I am sure we can think of many more.

 

Regards

 

Caute_cautim

Beads
Advocate I

First thing to come to my mind was the old adage that, 'People are our greatest asset as well as our greatest liability.

 

Not only that but if you watch how people move about you will see similar patterns to, at least old, PC virii moving from machine to machine back in the 'sneakernet' days. No real difference there, people will avoid risk by dispersing from apparent danger, taking new risks with them regardless of said risk to others.

 

- b/eads

Caute_cautim
Community Champion

@BeadsA very good point indeed - nice old adage.

 

Regards

 

Caute_cautim