BOFH: The Mandelboat virus
A handy excuse
If there's one thing a lifetime in computing teaches you, it's how to cover up your mistakes...
"Oopsy," the PFY says in a casual tone mid-keypress - the sort of casual tone which, by its very casualness, means it's not casual at all.
"What did you do?" I sigh, fully expecting to hear that some poor user now has a vast amount of space available where their files used to be.
"Ah... a little problem with one of my VBS scripts," the PFY says. "I think I may have changed everyone's address book surname to 'Chutney'."
"Well I was just writing a quick script to change the Boss's surname randomly to something mildly offensive every day."
"Well it's just a surname," I say. "Fix yours and mine and tell anyone else who asks that it's a known problem with Service Pack 3. No! Make that Service Pack 3a - it sounds more plausible."
"Service Pack 3a of what?" the PFY asks.
"Now let's not get technical, SP3a should be enough for them."
"And how do I explain the missing files?"
"What missing files?"
"Well I was moving all the Boss's files into a folder called 'Ferret' - only I moved everyone's files there."
"And then clicked on 'Yes to all'?"
"So you've mixed everyone's files up in a folder called Ferret and potentially overwritten a stack of them?"
"Yeah. The original plan was that you'd have to look at your surname and work out the second half of the offensive phrase to locate your files. Like a combination lock. Only it looks like everyone's affected."
"OK. Drop the core router," I say decisively.
"Move your network to the ghost facility LAN, drop the company core router and we'll say it's a major network outage. Then just restore the files from the early morning backups."
“Though we didn't run a backup last night," the PFY says as an afterthought.
"It was a pay day - we never run backups on a pay day so that there's no bank payment data trail in case the auditors..."
"Oh yes, of course. Yesterday morning's backups then."
"But people will notice their files have changed."
"The Mandelboozer virus!"
"The Mandelbrot virus - it reverts the last set of changes in a document."
"You called it the Mandelboozer virus before!"
"Yes, that's another thing the virus does - changes its name."
"There's no such thing!"
"There will be once you get into Wikipedia and create it."
. . . moments later . . .
"I think the network's down," the Boss wheezes, redfaced from the 20-metre dash from his office.
"Yes, it's the Mandelbank virus," I say.
"Make up your bloody mind!" the PFY interrupts.
"It reverts files to previous versions, which causes network spikes which can lead to router reboots," I continue.
"If only we'd installed Service Pack 3a," the PFY says, not wanting to miss an opportunity.
"Mandelbank - I've never heard of it," the Boss says.
"It's in Wikipedia, look it up," I respond.
"I can't, THE NETWORK'S DOWN!" the Boss yells.
"Use your cellphone browser."
While the Boss is devoting 50 per cent of his mental CPU to working out how to use the browser on this phone (the other 50 per cent being remembering the way back to his office), the PFY completes the Wiki entry and starts the recovery process.
"Bugger," the PFY says.
"When we took the network down it looks like a nagios script has fired off about a million messages then kicked off an automated recovery of all our crucial server images to the virtual environment."
"I can't. The switch on the admin vlan is isolated when the router's down."
"Reboot the router!" I snap.
"But then people will be able to access their files."
"Not now the Mandelboober virus has infected the building management system. >tap< >tappety<" I say, logging into the building management system. "It's back-purging the dust filters into the aircons and turning on the heating which has >clickety< tripped the fire alarms!"
. . . The next day . . .
"So this virus thing is all taken care of then?" the Boss asks.
"Yes," I say. "We managed to isolate the affected building components and clean the virus out of them all."
"Yes, it was a pity you didn't find them all before the security system shut the basement doors on my car as I was exiting."
"We didn't know the security system was infected till then," I say, barely suppressing a chuckle.
"And you're sure it's all fixed now?"
"Absolutely," I say. "We've run a security scan over the entire network, top to bottom and it only has a couple of small recommendations."
"So why did the doors slam on my car again this morning?"
"A booting glitch," I say, as the PFY coughs loudly to cover a snicker.
"So what were the recommendations?"
"It's technical," I say.
"Apparently we're supposed to install SP3a and run a VBS script to tidy up any problems it might cause - but frankly I'm not too keen on doing it."
"We can't risk it happening again," the Boss snaps. "Do it."
"OK, if you insist."
. . .
. . .
Sponsored: 2016 Cyberthreat defense report