A malware antipattern

I like antipatterns – they’re more common and you can learn more from them than from most anodyne ‘success stories’. In a past life, I was in internal control in a big merchant bank, and I well remember trying to convince people that security was a ‘people issue’ rather than a technology one.

So I was tickled by an almost laughable farrago of overreaction, reported here, around responding to a possible malware threat, where the response probably did more damage than the malware ever could. 

To my mind, controlling the malware threat is a business-continuity thing involving people, process and technology; and you have put at least as much effort into planning (and testing, or simulation-testing) your response process, and into managing the (possibly dysfunctional and panic-based) reactions of your people, as you do into buying clever technology to detect malware. And your response should be planned in advance, not thrown together in a panic when you get a threat warning.