Information Security News mailing list archives
The Real Y2K Threat to Compaq
From: mea culpa <jericho () DIMENSIONAL COM>
Date: Fri, 10 Dec 1999 00:37:05 -0700
Forwarded From: Anon (Received anonymously :-) (I've added some comments at the bottom)
-----Original Message----- From: Sr VP, IM & CIO - Bob Napier Sent: Saturday, 4 December 1999 7:10 AM Subject: The Real Y2K Threat to Compaq To: Worldwide Team Hacker chat rooms on the web are full of talk about the millennium and the havoc that they want to spread throughout the business world. We take this threat seriously because we know the impact that the Melissa and the Worm viruses had on our company earlier this year, as well as this week. The latest worm virus was also disruptive to our business. Recently we also had issues that did not involve viruses, but were just as disruptive as a major virus outbreak might have been. About three weeks ago, a Compaq employee intentionally initiated an e-mail storm that generated more than 500,000 messages and 4,000 terabytes of data-all within 36 hours. This e-mail hoax put a severe strain on our corporate e-mail network, delaying the delivery of internal and external e-mail by up to six hours and threatening our ability to continue normal business operations. Our IM and Security teams worked hundreds of hours in an intensive effort to deflect this threat. Compaq terminated the employee who initiated the e-mail storm and a European contractor who forwarded the same hoax to thousands more people in the company. After that, we had another potential virus situation initiated by a Compaq employee who sent a message to all Compaq employees in an entire country. As disruptive as these events were, their effect was compounded by many well-meaning people in the company. Fifty-six people responded to the first hoax message by clicking on "reply all," immediately creating thousands of e-mail messages that, in turn, prompted thousands of additional replies that created the vast bulk of the e-mail storm . The good news is that we have the power to greatly lessen the impact of any deliberate or inadvertent e-mail storm. It will take the understanding and cooperation of everyone in the company. Please keep these guidelines in mind: * Chain letters of any kind are prohibited. Delete any chain letter you receive. * Sending e-mail hoax letters is an offense that could result in administrative action up to termination. * Forward to the IM Help Desk any e-mail that you suspect to be a hoax. * Forward to the IM Help Desk any virus alert that you receive from an external party so that it can be evaluated and so that proper actions can be taken for the entire company. * Please do not hit "reply all" when you receive a message with a massive distribution list. The hackers will be making their end-of-year attacks on companies like ours, but we do not want to suffer a network crash or significant systems outages when we are making a strong push for end-of-year revenues. If we all follow these simple guidelines, we will weather any "storms" and have a great Q4. Regards, Bob Napier
Dogcow's comments: Well, of course it's those evil hackers... It could never be a disgruntled employee and 56 cluebies with a "Reply All" button at their disposal, could it? It could never be a company with a single platform, with a single email client, with a single email server platform, could it? *sigh* When will companies learn that totally homogeneous IT systems fail alot harder than heterogeneous ones, especially with simple threats? Apparently the virus itself was making all MS Office files zero-length... ISN is sponsored by Security-Focus.COM
Current thread:
- The Real Y2K Threat to Compaq mea culpa (Dec 09)
- <Possible follow-ups>
- Re: The Real Y2K Threat to Compaq mea culpa (Dec 13)
- Re: The Real Y2K Threat to Compaq mea culpa (Dec 13)