Computer Virus Fells Russian Stock Exchange

azav wrote to mention the New Scientist story detailing the computer virus that brought down the Russian Stock Exchange. From the article: "As the world waited for one computer virus to strike on Friday, another wriggled its way into the Russian stock exchange and knocked it offline. Computer experts had warned that 3 February could bring gloom for many as a computer virus called Nyxem was scheduled to start deleting files on machines it had infected."

Re:What stock exchange?

[ktulu182]

Are you living in a cave? Russian stock market almost doubled last year. It was the most profitable stock market in the world in 2005.

Re:Groupthink (was: the obvious response?)

[Gary+W.+Longsine]

Agreed, in general they tend to work very well. Like the Space Shuttle -- which doesn't involve Windows so the example may allow you to see past the particulars of this incident, to my point.

Note that one of the groupthink articles I mentioned discusses a Space Shuttle accident (Windows not implicated). A characteristic of that event was that there were plenty of warning signs that were ignored, "hey maybe it's not such a good idea to have a jet of burning gas flaming out of the joints of the solid rocket boosters and pointed at the hydrogen tank". It seems obvious in retrospect. When a worm disables the computer systems of a warship in battle that might seem pretty obvious in retrospect, too. But hey, for now they are working very, very well!

It's also worth noting (I thought it was obvious, but apparently not) that there exist well-known examples of failures in many if not all of these systems, due to Windows security vulnerabilities including nuclear power plants. Many such incidents were coincident with worm attacks. Less-critical but very expensive failures of cash register networks, airline ticketing systems and so forth are also well known. Although perhaps not life threatening, they are very, very important to the businesses involved -- business critical is the phrase the MBA types use -- and can result in extreme financial damage to a business.

The question so many people ask is why? The answer, I suggest, lay partly in the decision making process of organizations.

I hope that clarifies the fact that I'm not blindly bashing Microsoft here, I'm mere suggesting that they have a long, long track record of quality and security issues which are not completely considered in the decision making processes which lead critical systems to be based thereupon.

The Yorktown

[westlake]

Except when the computers on the warship crashed and forced the Navy to tow it back to port. But, you know, other than a catostrophic crash everything is running great

This has become tiresome.

The Yorktown (CG-48) was in 1997 a test-bed for the Navy's Smart Ship program. USS Yorktown (CG-48) Test-beds are driven to failure. In 2004,the year of her retirement, Yorktown was assigned to Strike Group Wasp, a vote of confidence, I would think, in the vessel and in the technology. USS Yorktown Deploys as Part of Expeditionary Strike Group

I develop trading software for RTS

For obvious reasons I am posting anonymously.

I am heading a group of developers building interoperability solutions for an RTS subsidiary - Saint Petersburg Exchange. Before we were able to connect our testing server to the RTS's internal network we had to sign about three pounds of papers, certify the server and the network. Among other things, the server that we were allowed to connect to their network was absolutely forbidden to connect to any other network (even to our firewalled up the wazoo intranet). What amaizes me the most is that while the RTS guys made us jump through so many hoops, they thought nothing of just connecting their (oh so protected!) network directly to the Internet.

By the way, their trading system is written as a set of stored procedures for the MS SQL Server 2000. Until last Fall their primary VPN software ran on WinNT 4.0 only. Daily reports are sent to subscribers as FoxPro files.