A Novel Way To Deal With Malware Infection

[Maestro]

How would you have dealt with it?

April 30th, 2013, 11:00 GMT · By Eduard Kovacs

German Ministry Cleans Up Malware Infection by Throwing PCs in the Trash

There are multiple ways to get rid of a malware infection, but a German Ministry of Education has come up with a way that would shock many experts.

The Ministry of Education in Schwerin determined that it would cost them €130,000 ($169,000) to clean up 170 computers infected with the notorious Conficker malware.

So, instead of cleaning them, officials have decided to throw them in the trash and buy new ones.

Read more: http://news.softpedia.com/news/German-Ministry-Cleans-Up-Malware-Infection-by-Throwing-PCs-in-the-Trash-349658.shtml

[JetsetBkk]

Depends if the machines were old and ready to be replaced anyway.

British Telecom did the same thing many years ago when I was working there as a contractor. They didn't have a malware problem, but needed to upgrade all their PCs - so the PCs were - literally - thrown out the window onto a pile in the car park. Great fun!

[innerspace]

$1000 per PC to clean malware.... and thats with a bulk discount.

Couldn't they have just formatted all the machines including MBR, then reinstalled.

3 staff with a little production line, maybe 5 days work for 170 machines.

An hourly per person cost of $200 which is excessive would only be $24,000.

Whoever was in charge of obtaining these quotes should be fired!

The only reason that costs could get that high is if they are factoring in bits like staff downtime due to no computers, new licenses for software, reinstalling custom software or if the machines are spread across a large geographic area.

If these were the case, then the costs would apply to brand new machines too, eliminating any savings!

Do the German Government need any new computer technicians?

Im available for only €130,000 per month.

[aarn]

just take out the infected HDD, bin it, put in a new ssd, load it with linux from a usb, best/cheapest upgrade going. AA

[Chicog]

Should have quoted the relevant part of the report:

Heise reports that the State Court of Mecklenburg-Vorpommern now condemns the decision, arguing that spending €187,000 ($244,000) on new devices and their installation is not “up to the principle of efficiency and economy.”

The court also blames the ministry, which catalogued the infected computers as “faulty equipment,” for not understanding basic IT security concepts.

In other words either they are witless idiots or someone was trying to make some coin from a contractor.

In answer to the question:

How would you have dealt with it?

Re-imaged them, using a properly patched image.

[draftvader]

All IT staff on over-time pay for a long week-end. Multiple copies of DBAN and a set of slip-streamed windows images pre-configured.

DBAN all computers on Friday at 17:00 using 170 copies burnt to CD-ROM. By Saturday morning you have clean computers. Saturday pay over-time for the IT staff with 170 copies of the windows image to get the install process started. Sunday morning have them come in and check all the computers turn on and off without errors. If there are errors then they will be working through Sunday and Monday.

Total cost?

IT Dept on over-time. 170 blank CD-ROMs, 170 blank DVD-ROMs. Potentially a few new hard-drives.