A digital preservation plan needs to be as robust and as flexible as the scale of the threats facing the business, and as proportionate as the potential harm caused to a business in the event of the worst-case scenario.
Some of the biggest companies in the world have been devastated by major data loss incidents, with consequences that are only escalating in scope. Data loss caused by a cyber attack left 40 per cent of Australian imports and exports stranded in ports in 2023, showing the tangible effect of a breach in data security.
With that in mind, security and data preservation experts have a lot of experience in managing data loss events, particularly those caused by computer viruses as well as user error, malfunctioning hardware or infrastructure outages.
Whilst the methodologies, motivations and strategies have changed throughout the years, many of the earliest widespread virus attacks can still provide some rather universal lessons in effective data security.
Pay Attention To The Slightest Change
One of the first major virus epidemics to cause significant, deliberate harm was Friday 13th, also known as Jerusalem by IBM’s virus research team.
A logic bomb virus, Friday 13th infects every executable file and on the day in question will delete all programs run that day, disconnect business workstations from their network and make printers all but unusable until they are reset.
It was such a major threat and caused such widespread damage that IBM expanded its internal antivirus team to create a commercial product to help prevent antiviruses, similar to how the Brain virus inspired McAfee VirusScan two years previously.
Preparation Efforts Are Never Wasted
In 1991, Michelangelo became one of the first viruses to garner international attention and create widespread fear about its potential to cause data loss on a significant scale.
The virus itself was not new; it was a variation on a virus known as Stoned, which in itself was the same type of virus as Brain, the first ever PC virus.
Michelangelo was relatively simple; it latched onto the boot sector of a computer and would lay dormant until 6th March, the birthday of the virus’ namesake artist.
After that, it would make data irretrievable for a regular user, leading to fears that thousands of computers were infected and would lose significant amounts of data, especially when a news story revealed that some major manufacturers had shipped driver disks and programs infected with the virus.
Ultimately, less than 20,000 cases of data loss were reported, which led to claims that the dangers the virus possessed were exaggerated.
Instead, it is more likely that the preparation efforts helped to limit the damage significantly and emphasises that success sometimes goes unnoticed until after the fact.
Have A Diverse Range Of Contingencies
In 1988, a virus was launched that infected thousands of computers in 15 hours. Whilst this figure is tiny compared to the biggest-ever virus attacks of the 21st century, it was a significant proportion of the computers connected to the Internet at the time, with a total economic impact of as much as £10m.
The Morris worm, as it was known, was created by Robert Morris, son of a cryptographer who worked for the NSA, allegedly just to see if it could be done.
Although he later claimed that the self-replicating virus was not meant to do any harm, the Morris worm would replicate randomly causing a denial of service attack.
According to Clifford Stoll, a system administrator, cyberattack investigator and author of the book The Cuckoo’s Egg, the worm showed the dangers of having too many computers running the same systems with the same vulnerabilities.
Whilst it is difficult to avoid the need to use a consistent operating system, it does highlight the need for a wide range of alternative plans for backing up core data required for the continued function of your business.
