Laptops given to British schools came preloaded with remote-access worm A shipment of laptops supplied to British schools by the Department for Education to help kids learn under lockdown came preloaded with malware, The Register can reveal. The affected laptops, distributed to schools under the UK government's Get Help With Technology (GHWT) scheme, which started last year, came bundled with …
Some schools are on networks shared with local authorities.
Local authorities have network links into central government departments.
Hitting schools is a low cost, low risk supply line attack so well worth doing even if the chance of a big payoff are low as well.
If nothing else hitting schools causes a general disruption especially if kids going home affects industry, government and decreses general trust in the goverment as a whole.
Hmmm, let's see - a "...number of the laptops are infected with a self-propagating network worm ... " Now what could you do with a network worm on a child's laptop? Maybe propagate to dad or mom's computer that connects to their work network? Or that they use for banking? Seems like a possibility to me.
It is a very good education indeed. The young ones have to be taught that getting Pwned is a fact of daily life and work and certainly not to be confused with contradictory to privacy and independent thought. Its like the old motto: "Get'm while they're young".
The ministry and the chain of command has been effective in setting up the future of computing and the next generation of voters. Today it is only calling Moscow to test the back door links to other three and four letter agencies. Next up, automatic thought correction by subliminal computing.
Aka : It only affected a small number of customers.
Yeah. it affected at least 23000 children.
How on God's Green Earth did you order stuff from children without bothering to order from a properly vetted supplier ?
Oh, right, stupid me. It would have cost more.
Well, enjoy your savings now.
Another one to add to the pile for Good Law Project?
“ Oh, right, stupid me. It would have cost more.”
Nope, that’s not how this Tory government works. Contracts go to Tory donors for way above market value, and the donations aren’t that big, typically around £10,000. [1]
[1] As alleged by The Good Law Project. Court case pending.
I would have thought this was in the base image, all or nothing. One assumes as it has been found then it is all.
Utter incompetence on the part of the people procuring them. Presumably the came by the container load and were broken done for distribution without anyone even checking what was in the box.
I love the phrase about Antivirus software. There appear to be Windows 10 so there is Defender built in by default. It just is limited in the protection it gives compared to other products. If they have installed something else then one assumes that it is a freebee so who knows what it is doing.
Putting a tinfoil hat on, is this a case of plausable denability or maybe just too much conspiricy theory?
Either someone in UK Gov is incompetant for giving out comprimised machines OR They are not comprimised and instead contain UK gov approved malware pre-installed with the target being in Russia (rather than GCHQ or similar) for plausable denability purposes.
This post has been deleted by its author
not every malware relies on vulnerabilities. A vulnerability, if at all, you only need as part of an attack vector to infiltrate a system. But as well you can implement a RAT or whatever malware targeted and manually if you can get hold of the machine(s) in question. That doesn't employ a vulnerability.
Thanks for explaining what I was missing instead of just posting a smug reply. I presume Windows Defender would block this 10 year old known malware, so whilst it shouldn't have happened it's still a slight non issue (rather than the articles implication that these laptops are all sending data to Russia)
Apparently only some builds are infected, Windows Defender does detect it, and the recovery partition does not contain the virus so if your build has it then reinstalling from recovery would be the way to go. Read on from here.
Here in the US, smartphones given out through the government's "LifeLine" assistance program come with preinstalled malware that also calls home to Russian (and Chinese) servers:
https://staging-blog.malwarebytes.com/android/2020/07/we-found-yet-another-phone-with-pre-installed-malware-via-the-lifeline-assistance-program/
The phones also contain a backdoor that can grant any app any permission, install apps remotely and runs as SYSTEM.
The Register - Independent news and views for the tech community. Part of Situation Publishing
Biting the hand that feeds IT © 1998–2021
