Happy and Grim Anniversary


If you've been in IT for more than 16 years you may remember a little worm called "ILOVEYOU." That event was 16 years ago today.

I vividly remember running from office to office on our floor violently unplugging machines from the network ports on the wall. As I heard more people call out "What the hell?!" I changed approach and rushed into the server room and unplugged the core switch.

This worm was nasty. One of the worst impacts before Stuxnet. In fact, "ILOVEYOU" was credited with $5.5 Billion in losses. For anyone who never saw this and are curious you can watch a video of a guy replicating the attack here on YouTube.

The worm mailed itself to everyone in your contact list with a title of "ILOVEYOU." When people opened the email it replicated itself again like wildfire. With shocking speed, mail servers were overwhelmed and people's inboxes around the world were flooded with these messages. It was quickly modified to attack certain file types and overwrite data in order to replicate itself.

IT departments were being crushed trying clean and protect against the tidal wave of malware flooding their desktops, servers and email systems. In some cases companies were kept offline until certain countermeasures were put in place.

What we learned

The silver lining to this story is that it was one of the early events that demonstrated to businesses how serious cyber security was. We humans are often great at ignoring the risk around things that we can't see, touch, or otherwise visualize. On occasion, we need these events that shock us from our norms and ensure that we understand the impact of our assumptions and standards.


Today is also a great anniversary in geek history. May the 4th celebrates "May the 4th be with you" An annual day to celebrate our love for the star wars universe.




The Panama Papers - How were they hacked?

The Panama Papers. The largest data leak in history. How did such a massive breach occur on a law firm dealing with high profile politicians, celebrities, and sports stars? Was it a sophisticated attack? Did it require months of planning and a super smart secretive hacker team? The truth is a shocking negligence to manage IT basics. In most cyber-security breaches, the attack vector is actually a known vulnerability. In the case of Mossack Fonseca, the firm where the data was pulled from, a hacker would have had a wide range of vulnerabilities to choose from. As noted in this wired article, their exchange server hadn't been patched since 2009, their corporate portal was very poorly configured and was also not being securely maintained. Mossack Fonseca has confirmed that this attack, was not an inside job and that the likely attack vector was through the poorly maintained Exchange server. Their corporate portal hadn't been updated in months and the configuration allowed you to browse the backend folders if you guessed a folder name. Small and mid-size businesses often do not give sufficient thought to what would happen in the event of a security breach on their infrastructure. In some cases they do not believe they are at risk as a target, others simply do not understand the level of risk that is presented. It's shocking that the law firm at the center of the Panama papers was not more aware of the risk being presented by their lack of due-diligence in managing their IT infrastructure. A law firm deals with a laundry list of private information and not taking effective action to defend that information is inexcusable. Businesses that are mindful of their security risk, often think too big about their needs. As demonstrated by the Panama papers, the risk is often much more elemental than people think. Having sophisticated intrusion detection, advanced digital rights management, and encryption doesn't address a simple issue like patching your systems regularly. It's like installing laser trip wires and steel reinforced doors on your house, but leaving the garage door open. Fancy measures won't protect you when you ignore the basics.