With the UK going under lockdown and school kids having to learn remotely there needed to be a program to get computers to the students, that program being the UK government's Get Help With Technology (GHWT) plan, which started last year. The problem is the laptops came pre loaded with malware. Although the Department for Education says 'We believe this is not widespread', a batch of 23,000 computers came bundled with the malware known as Gamarue. School employees warned in an email that "Upon unboxing and preparing (the laptops) it was discovered that a number of the laptops are infected with a self-propagating network worm ... that looks like it contacts Russian servers when active.".
What is Gamarue?
Gamarue, also called Win32/Gamarue Malware by Microsoft Software Security, is a very intrusive and severe malware. When first run, W32/Gamarue-BJ connects to a foreign site to download updates and further instructions. Gamarue works to take over an infected computer by changing its security settings, downloading malicious files, and installing them onto the computer.
Which CMMC practice would help prevent the Gamarue malware?
CMMC Practice SI.1.211 would "Provide protection from malicious code at appropriate locations within organizational information systems". Essentially CMMC Practice SI.1.211 would help to protect your workstations and servers from malware by using anti-malware software. Anti-malware software scans your systems for malicious files such as the Win32/Gamarue Malware. It also helps prevents malware from taking control of your systems. You can learn more here: CMMC Practice SI.1.211
Quick & Simple
Discover Our Cybersecurity Compliance Solutions:
Whether you need to meet and maintain your compliance requirements, help your clients meet them, or verify supplier compliance we have the expertise and solution for you
NIST SP 800-171 & CMMC Compliance
Become compliant, provide compliance services, or verify partner compliance with NIST SP 800-171 and CMMC requirements.