Simon R Knight (srk@tcp.co.uk)
Thu, 18 Jun 1998 01:22:02 0000
On 17 Jun 98 at 14:26, bram wrote:
> On Wed, 17 Jun 1998 mgraffam@mhv.net wrote:
>
> > it is important to note that viruses have yet (in my opinion) to be
> > established as a threat to privacy and communications security. This is
> > a key concept: the viruses that get found are mostly of the
> > prankster/vandal variety. As I am sure most of us here have come to
> > realize, viruses can potentially be deployed in a much more sinister
> > manner.
> >
> > I'm waiting for the virus that spreads to crack 40-bit SSL.
>
> I'd be more interested in seeing one which remained harmless until it
> breached the security of a specific target company, then snarfed the root
> password and posted it encrypted to a usenet newsgroup.
Like a "harvester" virus ?
I recently read that a number of UK and European banks had been
attacked by a sophisticated kind of virus/program. This virus
apparently worked by encrypting the banks more important files, and a
fee of 10 million was reportedly required, before the perpetrators
would provide the decryption key. As the cost of downtime to such
banks can quickly exceed a figure of 10 million, they pay up. The
UK police said that banks weren't reporting such incidents, and
making there job very difficult.
Simon R Knight
The following archive was created by hippie-mail 7.98617-22 on Fri Aug 21 1998 - 17:18:38 ADT