Reply to post: Re: We need a malware vaccine environment.

This ransomware gang is a right Royal pain in the AES for healthcare orgs

doublelayer Silver badge

Re: We need a malware vaccine environment.

"would [...] making everyone's PC run a full anti-virus check on the disks, every time they open an email while slowing network access down to 1200baud until they are seen as clean, be like getting a vaccine?"

No. It might be a good idea for secure environments with some modifications, but it doesn't make sense to use vaccines as an analogy. Vaccines are preventative. Antivirus is reactive. If we're getting very pedantic, the vaccines are causing the immune system to be reactive like the antivirus software would be, but your immune system, if functioning well, doesn't interrupt things until it's pretty sure the antigen is dangerous (those with allergies see that going wrong). My recommendation is that we proceed with cybersecurity recommendations but drop the analogy.

As for checking every email and dropping the network until it scans clean, that would sometimes help, as would blocking infection vectors of many kinds. There are two general problems that come up. The first is that many organizations don't have admins capable of setting up and administering the systems, which is a bit tricky to fix en masse. The second is that a lot of these organizations operate in such a way that being too secure hampers their productivity. People who, for example, process many attached PDFs won't work as quickly if you take enough actions to be certain that no PDF-based malware is possible, and until you actually get infected, the bosses care more about speed and efficiency of the revenue-generating activities than the security risk described by people like me who are dismissed as paranoid. Those organizations that have admins capable of setting up a secure environment are frequently told that the recommendations are unnecessary and unproductive by people who have the ability to prevent their installation and who don't at all understand the risks.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon