Fairfax Tech Column

Fairfax Tech Column

30.6.2017 Fairfax Tech Column 49


Now it is serious. I sat down with my family during the week, turned on our streaming device and prepared to binge-watch a few episodes of the latest series that we have become addicted to. Accompanying this addiction was the other addiction in my life. Cadbury chocolate. A few pieces carefully distributed to the various family members – in perfectly measured even proportions complete with kitchen scales involved – to be slowly sucked on and consumed during the viewing. I am sure similar behaviour occurs in households across Australia every weekend (maybe without the kitchen scales). I then started to think of a scary world. One where this same picture existed minus the Cadbury chocolate – and I started to shiver.

After the second major global ransomware outbreak in as many months hit the world this week it suddenly became very real when it was revealed that production at a Cadbury chocolate factory in Tasmania was halted after becoming victim to the attack. This was no longer a story about an incident impacting some unknown organisation on the other side of the world in Ukraine or Russia. This was now serious. Imagine if my local supermarket exhausted their supplies of chocolate. Something needs to be done about this now!

The Petya cyber attack is the latest ransomware attack to hit the world following the WannaCry virus last month. Like an organic virus, the form of computer viruses has constantly changed and been modified over the years.

The Brain boot sector virus, released in 1986, is generally regarded as the first virus to hit IBM-compatible personal computers. It was written relatively innocently. Two young Pakistani brothers had a medical software package that was being illegally copied so they wrote software that infected floppy disk drives and they included their full address details and phone numbers to allow people infected with the virus to contact them for vaccination. When they started receiving angry calls from people across the world they realised that it may have been a little too effective.

Other people with slightly less scrupulous motives started writing code to infect computers on a mass scale – initially helped by distribution of software on floppy disks but then the speed of infection went up dramatically as the little thing called the Internet started to become more popular. Some virus writers want boasting rights that their virus became famous. Think of Jan de Wit, the Dutch programmer who released the Anna Kournikova virus on the world. Anna was more famous for this virus than her exploits on the tennis court. Anna never won a singles title and only played 338 matches with a 61.8 per cent winning record. When you compare those statistics to players like Margaret Court (192 titles / 1287 matches / 91.7 per cent wins) or Martina Navratilova (167 / 1661 / 86.8 per cent) or Chris Evert (157 / 1455 / 90.0 per cent) her tennis doesn’t allow her name to be mentioned beside some of the greats of the game but she is possibly more famous across the world because Jan de Wit decided to name his virus after her. And as far as viruses go, this one was a pretty innocent one. If you clicked on the attachment (which purported to be a picture of Anna) it simply sent an e-mail to all users in your address book – complete with the attached virus so that it could spread further. You can imagine how quickly it spread with this pyramid-like approach.

In the same way I have never found a windscreen repairer that pays kids to smash windscreens in a car park, no anti-virus company has ever been found to spread viruses to encourage more people to buy their software. Instead, most viruses today are written with sinister outcomes as the motivator – usually revolving around money. Keystroke logger viruses track every keystroke you make with the main objective being to discover your passwords – specifically banking passwords – and have access to your finances. Some viruses target specific companies to stop their Web site functioning therefore giving competitors an advantage. The virus attacks that we have seen this week – and that we will see more of – are quite simple in their approach. When your PC is infected, your entire computer is encrypted to make the information useless to you – and the only way to have the data unencrypted is to pay a ransom to the virus creators. In much the same way as any ransom situation, there is no guarantee that the code will be supplied after the amount is paid.

What can you do to prevent an attack? There are a few simple steps to take. Firstly, make sure you have up to date anti-virus/malware software installed on your PC. Renew this as necessary and make sure it is set to automatically update to the latest signatures. Keep your operating system and application software up to date with the latest patches and updates. Use an element of common-sense in how you use your computer – particularly with e-mail. The lady in Nigeria didn’t leave you her estate so you can delete that e-mail. Lastly, ensure you have an offline backup of all of your data – preferably multiple copies – so that if the worst outcome occurs you can simply wipe your computer and restore from the most recent backup knowing that it has been stored offline. Hopefully Cadbury have a read of this article and I can keep sucking on my chocolate for years to come.

Mathew Dickerson