Operation Desolation

Operation Desolation by Mark Russinovich

Book: Operation Desolation by Mark Russinovich Read Free Book Online
Authors: Mark Russinovich
Herlicher’s new message. His telephone had rung three times since he’d replied to the report and he’d not picked up, letting it roll over to voice mail. The German had nothing to say he wanted to hear.
    Walthrop sighed. It wasn’t the end of the world—at least, not yet.

5
    WASHINGTON, D.C.
GEORGETOWN
K STREET NW
3:21 P.M. EST
    Jeff Aiken stared at the computer screen as he eased back in his chair. Outside, a gray rain fell as it had all day, the streets dark and slick. He’d returned from Atlanta the night before, preferring the comfort of his home to another night in a sterile hotel, and had worked remotely, running the final tests of his fix.
    His financial sector client was a household name in the southern states. Malware had been detected by its in-house IT staff during a routine scan of the outbound network traffic from the servers. It had identified bursts of data directed at IP addresses somewhere in Russia. They had been unable to determine the origin of the traffic so Jeff had been summoned.
    He’d spent three days in Atlanta. There he’d made a virtual copy of the server using a tool that took a “live” system and produced an image of it. With his forensic tools he located a rootkit-based virus. Rootkit was an increasingly common and very troublesome technique for cloaking viruses from standard detection. They were increasingly popular with malware writers. It had been their prevalence in the attack code two years before that had made the Al-Qaeda viruses so difficult to identify.
    During his forensic investigation Jeff determined that the virus propagated from system to system employing a vulnerability, ironically in one of the major security suites, another household name, this one worldwide. He established that it was installed in all his client’s systems. The IT department had discovered the hole and patched it pretty quickly but, as was the case for most corporate IT staffs, they’d held off installing the patch to make certain it wouldn’t cause problems on their servers. The uninterrupted performance of the Web site and database was nearly always considered to be most critical. It was during that delay they’d been infected.
    The good news was that the virus was a generic botnet host, not one of the newer far more sophisticated versions designed to target the company specifically. It was the kind of broad digital aggressor every company encountered from time to time. They’d dodged a bullet because if a virus specifically targeted at them had penetrated their system, it would have caused financial havoc on the company’s customer accounts.
    Once he grasped the nature and extent of the infection Jeff had recommended that they utilize the best-case solution, which was to “repave” their system. This meant reinstalling the operating system and server applications, then restoring all the data from the uninfected backups. The CEO had balked at the downtime this would entail, calculating it would be both disruptive and expensive. Instead, Jeff had been told to cleanse the system.
    Though faster and cheaper, this was the least certain approach. The enormous size and complexity of the system meant there were countless digital holes in which malware might lurk. Jeff could never be certain he’d cleaned everything. But he understood the practicalities of a functioning business; this was not a laboratory situation. And he understood that taking the system down to rebuild it would have created significant issues of trust and reliability with the company’s clients.
    No antivirus signatures had been established for the virus as yet. This was how the usual antivirus programs uncovered malware. As a consequence, Jeff had to do it for himself by defining a series of steps to purge the virus from the system. This malware-cleaning solution then became a script that the company could run on their live server. It would seek out the

Similar Books

The Abulon Dance

Caro Soles

The Last Line

Anthony Shaffer

Dreaming of Mr. Darcy

Victoria Connelly

Spanish Lullaby

Emma Wildes

Tempted by Trouble

Eric Jerome Dickey

Exit Plan

Larry Bond