There have been numerous posts and tweets coming from the NonStop vendor community following RUG events worldwide: ETBC,...
The Ransomware World, NonStop, and NSGit
BY Randall Becker
I seriously doubt there is a self-aware business leader who does not know about Ransomware, but do we really know what it is and how it came about? Simply put, Ransomware takes your assets and encrypts them with keys that you don’t know. Over time, it gradually, and without you knowing, turns all of your information into unusable garbage. The thing is, if this happened immediately, the problem would be obvious and not really insidious.
It reminds me of the old saying:
If the common cold was really only contagious when the symptoms showed, it would have died out long ago, when cavemen killed the guy with the sniffles.
The effects of Ransomware depend on people not noticing that their assets got encrypted; pure and simple. If you noticed as soon as it happens, you would restore your computer to a previous backup, and done. Problem solved. Sadly, it doesn’t work that way.
This malady of IT hits every type of company, from the glaringly obvious (software development groups), to manufacturing and engineering drawings, to legal documents. Once in and hiding, there is little hope to stop the encryption, without an outside pair of eyes to protect you. Fortunately, the world has an awesome set of glasses you can put on to let you see your stuff with amazing clarity:
The world of Software Configuration Management, or SCM for short.
“But, But, I’m on NonStop. Can’t Happen to Me!”, you are probably thinking, and possibly adding “Yuck” to that with a little humour. In today’s world of mixed platform development, NSDEE, and RESTful data, I have news for you: Yes, it can. Just because your objects run on NonStop does not mean you are immune. New applications are being developed on workstations, ported from servers, moved through Network Shares. Sure, Ransomware has a hard time sneaking into GUARDIAN, but objects are increasing coming from Windows compilers. It is only a matter of time because viruses and worms slip through our nets, and then we have trouble. How can this happen?
Imagine a very simple condition: The cross compilers run under x86. They now generate L-series code for, yes, x86. It is not hard to build targeted viruses that infect cross compilers. As you upload code to your servers, the viruses pass unnoticed through your user id and get executed under Pathway owners. Oops.
But the thing about Ransomware and viruses, is that when they change code or scripts, they leave a foot-print under very specific conditions. Well, here’s the fun part: Advanced SCM systems, like git – the system used to develop the LINUX-operating system and billions of lines of software worldwide – translate your assets from the form on your computer to something slightly different – a set of changes. As you change your source code, object releases, configuration scripts, or data files, a decent SCM system, like git, will take those changes and put them into a different form that can be detected, reviewed, and checked. It happens as soon as you make the change too – or in the case of the scourge that is Ransomware, as soon as it is encrypted. What this means is that if you get hit with a Ransomware virus, and it changes a document, git is going to see the change to the file and tell you that there is a difference. When NSGit comes in, is that it is a GUARDIAN extension to git that knows about all the proprietary artifacts under ENSCRIBE including POBJ files, and non-Native objects. Between NSGit and git, files anywhere on a NonStop can be monitored for change detection.
Randall Becker | ITUGLIB Engineering Team
Nexbridge Inc. | Richmond Hill, Ontario, Canada | www.nexbridge.com
© 2017 – Randall S. Becker, All Rights Reserved.