Editorial: A gigabyte of prevention is worth a server farm of cure

Prevention is important, whether we are talking about disease or drugs or crime. It is easier to extinguish a match than to put out a house fire.

It’s the kind of thing that frequently is said and frequently ignored on a host of topics. The most obvious and timely might be the advice every doctor and health organization gives during flu season. Wash your hands, keep your distance, stay home if you are sick, cough into your elbow, etc. What works to reduce the risk of influenza is much the same advice regarding covid-19 and other easily spread bugs. Preventing a pandemic would be preferable to reliving one.

But on Wednesday, another example came up.

The U.S. Department of Justice announced an operation to disrupt a malware program from the Russian government. In Pittsburgh, the FBI and U.S. Attorney’s office were leading efforts to counter the program, “Cyclops Blink.”

“The Russian government has shown it has no qualms about conducting this kind of criminal activity, and they continue to pose an imminent threat,” said FBI Director Christopher Wray.

In this instance, the malware was installed, coincidentally, on network security devices — exactly the kind of thing someone uses to protect their systems. They were manufactured by Seattle-based WatchGuard and ASUS, a Taiwanese company that is a major leader in production of motherboards and laptops.

They fell victim to Sandworm, a Russian intelligence operation. By extension, so did the thousands of small to medium businesses — including the home offices that have become more prevalent during the pandemic — that purchased the compromised devices that would have allowed Sandworm the keys to their digital kingdoms.

Malware allows all kind of threats, including the devastating hijackings caused by ransomware or the more invisible hacks that might never be detected.

While this was a program affecting hardware, it is worth taking as a word of caution regarding the more communicable kind of computer contagion that can show up in anyone’s inbox. In the midst of Russia’s war in Ukraine and increasing pariah status on the world stage, the danger of seemingly innocuous cyber attacks should not be underestimated.

That makes preventing risks more important than ever. Don’t open emails that might be suspect. Don’t download attachments you aren’t expecting. Beware of links that seem out of place. Yes, it might be from your credit card company telling you about suspicious activity, but it would be safer to call the number on your card than to click a message that could open a digital door to hackers.

Our computers and phones are more connected and integral to our lives than ever. Preventing attacks on them can be a critical step to heading off an entirely different kind of pandemic.