Skip to content

What Happened to the Other 5?

February 11, 2013

BEEEP, BEEP-BEEP, BEEEP

What a weird sound to hear in this field of daisies.

BEEEP, BEEP-BEEP, BEEEP

No, not daisies. What a weird dream to have during that sound.

BEEEP, BEEP-BEEP, BEEEP

Hang on, that’s not in my dream. . .dream. . .bed. . .Where was I again?

BEEEP, BEEP-BEEP, BEEEP

Okay. I’m awake now.

BEEEP, BEEP-BEEP, BEEEP

Funny, that sounds just like the fire alarm. . . and now I’m up, robe on and headed out down the hall, my wife following close behind.

Our house has one of those “integrated” systems where every fire alarm in the house is wired into the same circuit. So, running into the living room simply meant a new alarm RIGHT NEXT TO MY. . .

BEEEP, BEEP-BEEP, BEEEP

Okay, think. (Not any easy process at 3:00am.)

Smoke. Do I smell any smoke?

sniff, sniff. (Stupid cold!) Sniff?

No smoke. Good

BEEEP, BEEP-BEEP, BEEEP

Ah. . .next. . .FURNACE! As I’m fighting my way down the stairs to the furnace room, I pass three very sleepy children headed up.

“Daddy, why is the fire alarm going off?”

“Mommy’s checking the kitchen. Upstairs, right now!”

BEEEP, BEEP-BEEP, BEEEP

Okay, that’s getting REALLY annoying. Stop at the alarm at the bottom of the stairs. Push frantically at the buttons on the front.

Maybe that got it. . .

Ah. . . .

BEEEP, BEEP-BEEP, BEEEP

Argg! The red one, push the red light. That did it.

20130328-132435.jpg

Furnace looks fine. No smell of gas or smoke. Back upstairs to see how the kitchen checked out.

“Anything?”

“No, the kitchen is fine. Nothing.”

“Well, it takes a while to learn the quirks of a new house, I guess.”

“If there’s no fire, I’m going back to bed. Come on kids. False alarm.”

I’m too keyed up to join her. I recheck the furnace, gas stove, the garage. I even open the door and poke my head outside to see if maybe there’s a fire nearby. After about 20 minutes I’m finally calm enough to lay down. As I drift off to sleep a thought hits me. . .We have EIGHT children at home. What happened to the other 5?
———————

My other five were fine. But, it was a reminder that maybe we needed a few more family fire drills. ..but not at three o’clock in the morning.

At the time of crisis is the wrong time to develop your crisis plan.

———————-

A new email popped up in my Outlook client:

SUBJECT: Meet exciting Singles in your area.

Uh oh. Those messages were supposed to be blocked by our spam filter. Maybe it was just a single. Before I could open it, another email arrived.

SUBJECT: Meet exciting Singles in your area.

This is bad. Clicking open, I could see that the email contained nothing except a link.

“JAMES!!”

“I’m on it! Just about done!”

I was up to 10 requests for meeting excited singles.

“DONE!”

By now, we had network security guys swarming our area.

I’m in charge of the Microsoft Exchange email system for my company. It was brand new and we were coming up with processes and procedures. One of the first ones our team came up with was the idea to create a “AA Canary” email address. It was the first entry in the address book and it’s only purpose was to forward any email it received to my messaging team and to network security. Many spam attacks “walk” their way through your address book. The first message I received was the first one to hit the network.

Spammers will combine with virus writers to get inside your network and then send hundreds of messages. We had 30,000 entries in our address book. That’s thirty thousand people who did not need to spend part of their day dealing with an email virus.

“What’s the damage, James?”

“Looks like it hit about 800 people. We’re currently killing all messages in transit with the subject of “Meet exciting Singles in your area.” Nothing is getting past the transfer agents. We’ve also locked it out at the perimeter spam filters. It must be a zero day virus or ProofPoint would have caught it. We’re also blocking the web address of the link. I think it’s contained.”

“Okay, nice work. Let’s get a process started to scrub the 800 mailboxes that got infected. Oh and someone monitor Twitter and Reddit. I’d like to know how many other companies got hit.”

One of the second processes we set up was a a system rule that allowed us to kill all email with a particular subject line. We just had to drop in the subject line and click execute and those messages were stopped. It was most useful for combatting “Reply-All” storms, where a large number of people all reply to a message at the same time. Normally, they are saying, “Stop using Reply-All, it’s clogging the network.” But the rule works well for virus and spam attacks as well.

I was really glad that unlike my fire alarm experience the team and I had anticipated what problems we might face and had not only developed plans, but practiced them as well.

Preparation for a fire drill is just as important in business as it is at home.

From → Uncategorized

Leave a Comment

Leave a Reply