Feeds

Reg HPC man relives 0-day rootkit GROUNDHOG DAY

Okay, campers, rise and shine, and don't forget your booties...

Maximizing your infrastructure through virtualization

Rebuilding my tattered life

The next steps were straightforward, albeit hugely tedious. The first was to call Big Security Company, cancel my security subscription, and get a refund for my initial payment. Then began the process of going to my backups, putting an image on a clean hard drive, then testing to see if this new image had the same virus as the old one.

The virus’s erratic behaviour – sometimes starting right up with the inane audio, other times waiting for as long as an hour or two before tormenting me – made a long job longer. Couple that with not being able to pin down exactly when the virus first emerged, and you end up with a long and tedious job.

Fortunately, I have firm backup procedures in place. Every key system is backed up incrementally daily, with a clean image saved weekly. All of these backups are stored for 60 days just in case of, well... this.

It took what seemed like forever to find an image that didn’t have the virus on it. I ended up going back several weeks, which made quite a bit of work and raw materials (video, notes, etc) disappear. Those files had to be brought in individually and tested, just in case one of them was the virus carrier. That process accounted for another long period of time... sigh.

Targeted or unlucky? Plus lessons learned

I kept wondering how it happened and how I could prevent it in the future. Since this was a new virus, according to Big Security Company, why were my well-protected computers the first to get hit?

Did the Trilateral Commission finally decide to even the score with me? Or the Yakusa? Russian mobsters? Or someone who was just looking to mess with me? It could have been all of the above, or maybe it was just my time to be a zero-day guy. I do have some slight grounds to suspect that I was targeted and if I find out more, I’ll let you know.

What did this experience teach me? To be more fearful than ever. I still don’t have any idea what I was infected with, how I picked it up, or how to prevent it in the future. According to third-line tech Jedi at Big Security Company, this is the world we live in today. Our cyber safety is under constant attack, and the bad guys have the first-mover advantage.

The most valuable lesson? It pays to back up, and an investment in fast and solid NAS boxes (shout out “Thank you, Synology!”) is worth every penny. My terabytes of backups saved the day and got me back in business. Without them, I’d be looking at clean installs of everything and then a file-by-file inspection and test of all of my stored data. Yikes.

I don’t want to think about how long this process would have taken if I were trying to do this number of restores via the cloud. I have a fairly fast pipe into the home office; it typically tests out at 20Mbit per second. But when you’re talking about full-sized images of around 150GB, it would take anywhere from 15 to 18 hours to complete a single download. My local NAS was able to copy these images over in half an hour or so.

Now that I’m back, it’s time to start dealing with the backlog. I have plenty to tell including some interesting and compelling experiences at the SC13 supercomputing conference, stories on my trip to the second annual South Africa Student Competition, info on the upcoming ISC’14 Cluster Challenge, and the usual HPC industry happenings. Stay tuned. ®

The Power of One eBook: Top reasons to choose HP BladeSystem

More from The Register

next story
Sysadmin Day 2014: Quick, there's still time to get the beers in
He walked over the broken glass, killed the thugs... and er... reconnected the cables*
Auntie remains MYSTIFIED by that weekend BBC iPlayer and website outage
Still doing 'forensics' on the caching layer – Beeb digi wonk
SHOCK and AWS: The fall of Amazon's deflationary cloud
Just as Jeff Bezos did to books and CDs, Amazon's rivals are now doing to it
BlackBerry: Toss the server, mate... BES is in the CLOUD now
BlackBerry Enterprise Services takes aim at SMEs - but there's a catch
The triumph of VVOL: Everyone's jumping into bed with VMware
'Bandwagon'? Yes, we're on it and so what, say big dogs
Carbon tax repeal won't see data centre operators cut prices
Rackspace says electricity isn't a major cost, Equinix promises 'no levy'
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Application security programs and practises
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Securing Web Applications Made Simple and Scalable
Learn how automated security testing can provide a simple and scalable way to protect your web applications.