Wednesday and Thursday I slipped back into usual routine and went to the CBS office in the afternoon. Then I had a call from Father Graham Francis in a panic because he's downloaded an unusual email offering a voicemail attachment to the message. Curiosity led him to forsake his usual caution. He hit on the attachment and released a package which hijacked his desktop PC.
The trouble we now have with all these competing user interfaces on Windows, Mac, Android and Linux systems is all kinds of messaging options with different names - is it a text or a hangout, or an email, or an IM or a tweet message? What is a voicemail? In reality it could be a vocalised text or email, or a plain audio message file or a robotic spam message relayed to either your phone your tablet or your PC.
It's a confusing mess, especially if you haven't pared down your systems to exclude every gizmo except the ones that actually work best for you. It's like walking through a street market with lots of different voices competing for your attention. Will you notice which voice belongs to the thief after your wallet? The lack of consensus and consistency about these things on the part of system designers, and the lack of clarity about managing the options presented does the user no favours whatsoever.
Anyway, I hunted out a couple of anti-virus rescue CDs from my collection of emergency tools and went over to St Mary's Vicarage after work. When I booted up his nine year old Compaq with Windows XP, it quickly revealed that the malicious payload belonged to the 'Ransomware' category, blocking internet access, flagging up every system call as a malware threat and urging the user to place an order through a nag screen for the Anti-Virus Scrutiny product that would banish the ills it had introduced, for a hundred quid. Graham said there had been a news article during the week in the local paper about a business which had fallen prey to this, or a similar scam.
Well, that evening, I tried live rescue CDs from top security providers F-Secure and AVG. With over a half a million files to scan, each took two hours to run on such ancient hardware. Both detected a couple of infected files, but failed to remove them. I went home by taxi at half past eleven, pondering my next move. I still had a CD with the latest monthly Windows Malware removal tool to try, if but I'd have to find out how to get into 'Safe Mode' on such an old piece of kit.
Friday morning I attended the press briefing for the city centre Christmas policing initiative 'Operation Mistletoe' in St David's Hall. It was an odd sort of gathering with separate huddles of police and council officers, and politicians, and just a handful of people moving between them. The local sector Inspector gave a brief presentation. She should have been followed by a speech from the boss of the St David shopping centre but he stood them up, so the meeting was mercifully brief and pretty pointless, as there was only one junior reporter present.
One local security professional remarked last week that to launch 'Operation Mistletoe' in the first week of December was too little too late, as the thieves had already been out in force throughout November, collecting merchandise to sell on eBay or in pubs. By now they were ready for Christmas, so the only value of enhanced policing in December was to curb alcohol induced anti-social behaviour during party hours. That's not to be sniffed at, but it's an indication of the lack of serious interest shown by the police when it comes to acting on business crime intelligence provided by people working in store security day by day. There is, so say, a reduction in retail crime and we're supposed to be grateful for that. The sad thing is that unreported retail crime has increased because the store security teams are not getting the consistent and speedy level of support from the police they need to be effective.
After the meeting and a brief visit to the office, I returned to the afflicted PC, ran the Windows Malware removal tool, which found several more infected files, but appeared unable to remove them as there was no change in state of the machine after reboot. Meanwhile Graham had tracked down another Microsoft free malware removal tool called Microsoft Safety Scanner. We downloaded it and burned it to a CD, booted the machine into safe mode and ran it with complete success. It still took two hours, making a total of eight hours machine minding over two days. I thoroughly recommend a visit to the on-line Microsoft Malware Protection Centre, given the variety of clear explanations, tools and strategies it offers beleaguered users with hijacked PCs.
While scans were running, I help Graham install his first powerline network plug set and hook them up to his Sky On Demand box. The former I'm familiar with, but the latter's a complete mystery to me, as we're still on our first digital TV with free to air channels. For the rest iPlayer suffices. Not that much time for entertainment these days. Glad to be retired.
No comments:
Post a Comment