The following article was prepared by Mike Taylor, C.P.M., for distribution to ISM affiliate newsletters


Computer Virus Threat - Zero Day exploits

We hear the term in the news all the time – but what does it mean and why do we care?

Here is one idea about how the computer protection industry works:

  1.  A [expletive deleted] hacker creates a computer virus and starts trying to infect our computers
  2. The [add your own adjective] hacker boasts about his new virus to all of his hacker minions
  3. All of the other hackers and miscreants - who weren’t smart enough to create the virus – try to use the virus to exploit our computers.
  4. At some point between steps 1 and 3 above – the good guys – find out about the new virus and start working on a cure.
  5. Once a cure is found – it’s uploaded into the anti-virus computer software and distributed to users like us.
  6. Smart anti-virus customers install the anti-virus software updates as soon as they can.

Here’s the problem:

At step 1 – only one dimwit hacker knows about the new virus. Thus the chances of him finding and infecting our PCs are slim. [probably more of a chance if you browse pornography or have dozens of online shopping accounts in Zekeestan– but that’s another story]

At step 2 – all of the hacker minions and wannabes learn about the virus and try to exploit it before you have a chance to protect yourself. Now thousands of idiots are trying to find you and your computer,  and more are trying every day.

Experts call these things zero-day exploits. That is virus infections that happen during the period of time when a new virus is created before the good guys can deliver a cure.

Issues we need to understand:

  1. Hackers and other lowlifes know the best time to find lots of computers to infect – is before the good guys develop and deliver the anti-virus updates. So immediately after a new virus is announced – there is a feeding frenzy of hacker activity.
  2. Some people never install the antivirus updates – amazingly, some people don’t worry about using up-to-date anti-virus software. Thus hackers know if they keep looking, they will find someone who is unprotected.
  3. New rogues, crooks and villains are born every day – and each one wants to give every old virus a try. That’s why we keep getting idiot requests from Nigerian Ministers - even though most of the world has already head the scam many times.

What to do, what to do?

  1. Install and use anti-virus software. Unbelievably I’ve had two friends recently tell me they think their anti-virus software didn’t install correctly (months ago) – “ What, me worry?”
  2. Install virus updates immediately – that is when the biggest threat exists and the longer you wait, the worse it gets.
  3. Pay attention. If you computer quacks and waddles, it’s a duck!  You are infected and it requires immediate attention. It’s too late to worry about the antivirus software. it’s time to pray for the miracle cure.
  4. Take the time to understand how to maintain a safe computing experience or pay someone to do it for you. Amazingly, people will watch TV commercials over and over about which oil to use in the car – but won't read information about computer maintenance.

Why am I excited about this subject [again]? In the last 4 weeks - three friends have offered themselves up as examples.

Friend 1 had an up-to-date antivirus program, got infected anyhow, but was astute enough to recognize the virus, immediately shut down and request help disinfecting before it did any damage. Awesome - kudos and accolades

Friend 2 said I think my anti-virus program broke about 6 months ago – and I’m wondering if/how I should fix it. Wow!

Friend 3 said – my computer has been acting strangely for several weeks, now it always takes me to the same web site offering a fix for $126 – I think that’s too much money – I ordered an antivirus program a few months ago, but never got it installed correctly. [I think this hacker was happy to find my friend] \

OMG! It's a computer virus - who'd have guessed!

I've published articles and information on my web site and distributed them to my friends about safe computing and computer virus threats - but I'm small potatoes. I'm not the expert - just an interested friend. Start with any of the good computer security web sites and you'll quickly find more detailed information and better explanations.  If you don't have any ideas - start here.

Mike Taylor

BuyTrain News Archive

Supply Chain Toolbox

MLTWEB is owned by Michael L. Taylor, C.P.M.  Mail:  
Materials prepared by Mike may be shared for supply chain education, provided that this source is credited and no fee is charged. The rights for any other use are withheld.
Copyright;  Michael L. Taylor, C.P.M.