Laptops given to British school kids came preloaded with malware
February 05, 2021
Laptops supplied to British schools by the Department for Education came preloaded with malware. Yes you read that right...
With the UK going under lockdown and school kids having to learn remotely there needed to be a program to get computers to the students, that program being the UK government's Get Help With Technology (GHWT) plan, which started last year. The problem is the laptops came pre loaded with malware. Although the Department for Education says 'We believe this is not widespread', a batch of 23,000 computers came bundled with the malware known as Gamarue. School employees warned in an email that "Upon unboxing and preparing (the laptops) it was discovered that a number of the laptops are infected with a self-propagating network worm ... that looks like it contacts Russian servers when active.".
What is Gamarue?
Gamarue, also called Win32/Gamarue Malware by Microsoft Software Security, is a very intrusive and severe malware. When first run, W32/Gamarue-BJ connects to a foreign site to download updates and further instructions. Gamarue works to take over an infected computer by changing its security settings, downloading malicious files, and installing them onto the computer.
Which CMMC practice would help prevent the Gamarue malware?
CMMC Practice SI.1.211 would "Provide protection from malicious code at appropriate locations within organizational information systems". Essentially CMMC Practice SI.1.211 would help to protect your workstations and servers from malware by using anti-malware software. Anti-malware software scans your systems for malicious files such as the Win32/Gamarue Malware. It also helps prevents malware from taking control of your systems. You can learn more here: CMMC Practice SI.1.211
Discover Our NIST SP 800-171 Solutions:
For contractors seeking compliance
For IT service providers
Supply Chain Verifier
For contractors seeking to verify partner compliance