From: mea culpa (jerichoDIMENSIONAL.COM)
Date: Fri Dec 10 1999 - 01:37:05 CST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Forwarded From: Anon

(Received anonymously :-)

(I've added some comments at the bottom)

> -----Original Message-----
> From: Sr VP, IM & CIO - Bob Napier
> Sent: Saturday, 4 December 1999 7:10 AM
> Subject: The Real Y2K Threat to Compaq
>
> To: Worldwide Team
>
> Hacker chat rooms on the web are full of talk about the millennium and the
> havoc that they want to spread throughout the business world. We take
> this threat seriously because we know the impact that the Melissa and the
> Worm viruses had on our company earlier this year, as well as this week.
> The latest worm virus was also disruptive to our business. Recently we
> also had issues that did not involve viruses, but were just as disruptive
> as a major virus outbreak might have been.
>
> About three weeks ago, a Compaq employee intentionally initiated an e-mail
> storm that generated more than 500,000 messages and 4,000 terabytes of
> data-all within 36 hours. This e-mail hoax put a severe strain on our
> corporate e-mail network, delaying the delivery of internal and external
> e-mail by up to six hours and threatening our ability to continue normal
> business operations. Our IM and Security teams worked hundreds of hours
> in an intensive effort to deflect this threat. Compaq terminated the
> employee who initiated the e-mail storm and a European contractor who
> forwarded the same hoax to thousands more people in the company. After
> that, we had another potential virus situation initiated by a Compaq
> employee who sent a message to all Compaq employees in an entire country.
>
> As disruptive as these events were, their effect was compounded by many
> well-meaning people in the company. Fifty-six people responded to the
> first hoax message by clicking on "reply all," immediately creating
> thousands of e-mail messages that, in turn, prompted thousands of
> additional replies that created the vast bulk of the e-mail storm .
>
> The good news is that we have the power to greatly lessen the impact of
> any deliberate or inadvertent e-mail storm. It will take the
> understanding and cooperation of everyone in the company. Please keep
> these guidelines in mind:
>
> * Chain letters of any kind are prohibited. Delete any chain letter
> you receive.
> * Sending e-mail hoax letters is an offense that could result in
> administrative action up to termination.
> * Forward to the IM Help Desk any e-mail that you suspect to be a
> hoax.
> * Forward to the IM Help Desk any virus alert that you receive from an
> external party so that it can be evaluated and so that proper actions can
> be taken for the entire company.
> * Please do not hit "reply all" when you receive a message with a
> massive distribution list.
>
> The hackers will be making their end-of-year attacks on companies like
> ours, but we do not want to suffer a network crash or significant systems
> outages when we are making a strong push for end-of-year revenues. If we
> all follow these simple guidelines, we will weather any "storms" and have
> a great Q4.
>
> Regards,
>
> Bob Napier
>

Dogcow's comments:

Well, of course it's those evil hackers... It could never be a
disgruntled employee and 56 cluebies with a "Reply All" button at their
disposal, could it? It could never be a company with a single platform,
with a single email client, with a single email server platform, could it?

*sigh*

When will companies learn that totally homogeneous IT systems fail alot
harder than heterogeneous ones, especially with simple threats?

Apparently the virus itself was making all MS Office files zero-length...

ISN is sponsored by Security-Focus.COM

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]