The Lake Washington School District is in the middle of dealing with a rather nasty outbreak, and it’s nothing like influenza or pink eye. It’s an outbreak of the Goblin virus, and it’s wreaking havoc on both the school’s network and its IT budget. With 50 schools in the District and around 25,000 total machines in service, they’ve had to call in additional techies to help contain the outbreak.
No one’s quite sure how Goblin found its way onto the network in the first place, but some are pointing fingers at the LWSD Mobile Access for Students program. Under the program, middle and high school students were given netbooks — some of which were signed out for use at home. IT staffers believe that some of those systems had unapproved games and apps loaded onto them, and that the Goblin virus may very well have piggybacked on one of those downloads.
The district’s Lenovo netbooks reportedly all run Sophos anti-malware software, which has had definitions that recognize Goblin for some time. It’s possible, however, that a new variant managed to avoid detection — and once Goblin has access to a network with accessible shares, it’s off to the races. Unsurprisingly, Microsoft’s Premier Support team is now involved. You’d expect the company to get its hands dirty when a problem like this pops up at a major school district right near the Redmond home base (and where numerous Softies send their children). Between Microsoft and Sophos, the outbreak should be neutralized fairly quickly.
If the investigation ultimately does trace the source back to a student’s netbook, the school’s IT administrators will no doubt be kicking themselves for not locking down the loaner systems properly. It’s easy to underestimate the importance of things like a well-executed group policy and software like DeepFreeze, but an acceptable use agreement only goes so far towards controlling what students (and staff, for that matter) do with their systems.
More at KOMO News and Patch