Hide Techdirt is off for the long weekend! We'll be back with our regular posts tomorrow.

Britain Helps Children Learn From Home By Procuring Them Laptops Preloaded With Russian Malware

from the whoops dept

As the COVID-19 pandemic swept across the world, one of the main points of contention has been how to handle schools. Some countries sent all students home to keep them from spreading the virus. Other countries made schools the last thing they shut down, if they ever did, arguing that schools haven’t been a major source of transmission and teaching kids is too important to shut down. Here in America, most states did a hybrid model, choosing the absolute worst of both worlds. Teachers get hamstrung having to teach students both locally and remotely, which is basically impossible, while still having students and teachers come into schools to transmit the virus to one another.

Along the way, lots of schools took lots of actions meant to help students learn remotely, most of which were also quite dumb. Incorporating biometrics and AI to assist with remote testing sounds like a good idea, except these always go sideways. Privacy issues are discovered and kids learn how to game the AI-driven tests. Still other districts forced teachers to come into the school solely to teach kids who were at home and then told teachers to take their masks off if they were causing audio problems.

But to see the cake-taking, best combination for good intentions gone horribly wrong, you really have to hand it to the UK ordering a ton of laptops for remote learning… that also came pre-loaded with Russian malware.

The affected laptops, supplied to schools under the government’s Get Help With Technology (GHWT) scheme, which started last year, came bundled with the Gamarue malware – an old remote access worm from the 2010s.

The Register understands that a batch of 23,000 computers, the GeoBook 1E running Windows 10, made by Shenzhen-headquartered Tactus Group, contained the units that were loaded with malware. A spokesperson for the manufacturer was not available for comment.

This is almost certainly an instance of someone prepping these machines using an image that somehow was infected with the malware… but still. Not having any checks prior to the machines getting out to school districts for this sort of thing and nearly rolling the machines out to students sure feels like incompetence. Also likely factoring into all of this is the extreme lack of supply for laptops from the more traditional manufacturers, leading some schools to go find off-brand alternatives. The GeoBook is one of those.

But again, still, Gamarue calls home somewhere inside of Russia and allows nefarious actors to remotely access these machines. Machines that almost certainly have webcams on them. That’s… not good?

If the pandemic has exposed anything at all about humanity, it surely must be how wildly unprepared we were for it.

Filed Under: , , , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Britain Helps Children Learn From Home By Procuring Them Laptops Preloaded With Russian Malware”

Subscribe: RSS Leave a comment
This comment has been deemed insightful by the community.
PaulT (profile) says:

"Of the Geo brand, another source said: "I’d never heard of Geo before; it’s not a known manufacturer. There have been availability issues for a while now, the world has been buying lots of laptops and sometimes they are buying what they can get because the media and opposition parties are saying: ‘You’ve got to roll this out quicker’.""

"Sources told us reseller XMA sourced the kit but was not asked to configure it."

So, fairly typical UK IT project, then. Something was overpromised, people are scrambling to get things in place and cutting corners, while even the most basic common sense action to ensure that laptops possibly not being supplied new are fit for purpose (as indicated by another comment about these being 2019 models) is buried away in red tape where both parties can deny it was their responsibility.

The only surprising things here are that I’ve not seen any indication that the reseller involved is connected to some Tory MP’s relative or side project, or that the project is over budget by tens of million of pounds, but I wouldn’t be surprised to see those mentioned for a moment.

This comment has been deemed insightful by the community.
PaulT (profile) says:

Re: Re:

It’s good advice generally, and not to be argued with on principle. But, if you think that the main takeaway from fears of spying from government-issued laptops being infected with malware associated with hostile foreign powers is that kids should be expected to remember to cover up their webcam when not in use for school work, you might be missing the forest for the trees.

This comment has been deemed insightful by the community.
Upstream (profile) says:

Re: Re: Re:

No, not missing the forest for the trees. The comment was intended just as an aside. I guess I should have made that clear. I think the idea of government issued laptops is a bad idea to begin with, particularly given the British nanny-state / surveillance-state government. Throw in the Brand-X nature of the laptops, and you have double cause for concern.

I think it is extremely fortunate that the malware was immediately detected. According to The Register:

"In all known cases, the malware was detected and removed at the point schools first turned the devices on.

That makes it sound like maybe some pre-installed anti-virus software picked it up, which would indicate a pretty lame attempt at malware propagation, not to mention the fact that the malware was ancient, by malware standards.

All in all, it looks like it was probably just sloppiness on the part of Geo (or whoever) rather than an actual attempt at maliciousness.

This comment has been deemed insightful by the community.
PaulT (profile) says:

Re: Re: Re: Re:

True, this is more incompetence than anything else, but it suggests a number of larger issues. The laptops were apparently 2019 models, which already suggests they were either not from new stock or had some other reason for being left on the shelf. Sure, the AV software apparently found the malware – but the botnet involved was killed in 2017, 2 years before the laptops were manufactured.

So, even if the whole thing was an accident, it raises major questions about the rest of their ability to supply properly working software overall. What other malware is in there that hasn’t been noticed? Is the actual build any good, or is the whole thing as it is because they’re using some dodgy licence or other workaround? Are they going to be supported and updated correctly in future? What about when a reinstall is required, do those images contain the same malware, or does the local image have another trojan waiting?

Whenever I find a compromised system at work, I don’t just remove the known compromise and put it all back online. I destroy and rebuild from a known good backup, because once a system is compromised you don’t know what else is in there that you didn’t spot. But in this case, it seems you can’t even trust the original materials.

Anonymous Coward says:

and i’ll bet it wont be the fault of the laptop supplier, or the person who was supposed to check that the laptops were clean, or the person who suggested buying them, or even the politician who got a backhander from agreeing to spend government money on buying them! it will be the fault of the person(s) who installed the Russian Malware! typical of all governments, it’s never their fault, whatever the problem, but in the case of the UK government, just another example of it’s complete ineptitude!

This comment has been flagged by the community. Click here to show it.

PaulT (profile) says:

Re: Would love

"The Name of the tech company making this suggestion and being the middle man."

That’s explained in the linked article. The GHWT project has hired 3 contractors, of which XMA seem to be the ones involved here. XMA is a regular UK government contractor involved with a wide range of government projects.

"People who DONT SHOP AROUND, or AT LEAST look on amazon and COMPARE."

Shop around is good, but if you think that it’s just a case of bulk buying at retail from Amazon at the moment you need to procure something for a government contract, then you might want to do a little research into how these things do (or at least should) work for bulk supplies. At the very least you don’t want to be basing your bulk supplies on what happens to be available on Amazon at any one time, even if there wasn’t an issue with funnelling off government money to foreign corporations instead of British based retailers/suppliers.

"GO FIND a Son of someone thats a GEEK. PLEASE."

Oh, God, FFS no! That’s why UK IT projects are always such a huge mess, the Tories usually give them to some minister’s son’s shell company or someone they went to Eton with rather than finding the most competent contractors. The reason for this stuff being so bad is usually that someone’s profiteering, not because they didn’t look for people who could do the job efficiently.

ECA (profile) says:

Re: Re: Would love

as to amazon, use it as a resource to see whats current, and the avg consumer prices. What they paid for a Celeron, even the newest version, is Garbage. I found the company and looked up the specs. 1.1 ghz. Then they could have called AMD, Intel, any of the major companies and delt with them.
As to kids and geeks, I say geek with a Meaning, to compare the current products if you have Nothing to base things on, MOST kids probably know What hardware is current.
Having Anyone except a PRO, IT person is ignorant. Let alone to confuse everyone, The Person that will CARE and distribute the laptops, SHOULD install the basic software ANYWAY.

PaulT (profile) says:

Re: Re: Re: Would love

"as to amazon, use it as a resource to see whats current, and the avg consumer prices"

Which is great for single retail purchases. If you think this is applicable to mass purchase agreements for thousands of items, I hope for the sake of your company that you’re not involved in them.

"Then they could have called AMD, Intel, any of the major companies and delt with them."

So, you don’t know how laptops are manufactured?

"MOST kids probably know What hardware is current"

Most kids know the popular Pokemon and internet memes too, that doesn’t mean you base your business decisions on them.

"The Person that will CARE and distribute the laptops, SHOULD install the basic software ANYWAY."

You think the person making the business decisions on purchasing thousands of laptops, or the person responsible for the logistics of distributing them to thousands of end users, is the person responsible for setting them up?

Have you ever held an actual job?

Add Your Comment

Your email address will not be published.

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Tech & COVID is a new project by Techdirt, with sponsorship from

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...
Older Stuff
12:00 How Smart Software And AI Helped Networks Thrive For Consumers During The Pandemic (40)
12:10 Chinese Government Sentences Journalist To Four Years In Jail For Reporting On The Spread Of The Coronavirus (16)
15:38 Instructors And School Administrators Are Somehow Managing To Make Intrusive Testing Spyware Even Worse (51)
09:33 WHO Is Blocking Commenters From Even Mentioning Taiwan On Its Facebook Page (26)
20:03 Not Just America: CEO Of Esports Org In India Says COVID-19 Resulted In Explosive Growth (9)
12:00 How To Fix Online Education In The Covid-19 Era (6)
15:48 COVID-19 Is Driving The Uptake Of Chess -- And Of Surveillance Tools To Stop Online Players Cheating (20)
20:44 How Linus Torvalds Invented Today's Work From Home Paradigm In 1991 (38)
19:38 Esports March On: Nike Jumps In With Glitzy Ad While Forbes Ponders If Esports Will Be Our New Pastime (6)
06:37 As COVID Highlights U.S. Broadband Failures, State Bans On Community Broadband Look Dumber Than Ever (24)
03:21 US Patent Boss Says No Evidence Of Patents Holding Back COVID Treatments, Days Before Pharma Firms Prove He's Wrong (40)
03:21 Congressional Republicans With No Strategy On Pandemic, Healthcare, Societal Problems... Have Decided That The Internet Is The Real Problem (35)
05:57 Cord Cutting Has Utterly Exploded During the Covid Crisis (80)
09:42 Collaboration Houses: How Technology & A Pandemic Have Created Entirely New Ways To Go To College (16)
13:30 Techdirt Podcast Episode 253: Post-Pandemic Tech (5)
13:34 Has The Pandemic Shown That The Techlash Was Nonsense? (12)
19:54 England's Exam Fiasco Shows How Not To Apply Algorithms To Complex Problems With Massive Social Impact (32)
10:51 AMC Theaters: Risk Death And Disability To Watch Movie Reruns For 15 Cents! (46)
06:33 Congress To Consider National Right To Repair Law For First Time (42)
13:26 Georgia School District Inadvertently Begins Teaching Lessons In First Amendment Protections After Viral Photo (77)
13:30 Techdirt Podcast Episode 250: Modeling The Pandemic (5)
06:20 It Only Took A Massive Pandemic For Hollywood To Ease Off Stupid, Dated Movie Release Windows (14)
19:40 Tech And COVID-19: Stop Using Video Game Graphics For Fake Crowds, Fox (24)
13:40 How Technology And The Pandemic Are Bringing People Closer Together, Even As We're Physically Apart (12)
19:42 Tech And COVID-19: MLB Rolls Out Remote Cheering Function In Its MLB App (6)
19:08 R&A's The Open Golf Tournament This Year Will Be Virtual In Multiple Ways And It's Going To Be Amazing (10)
10:43 When Piracy Literally Saves Lives (16)
19:49 'The Sims' Becomes An Outlet For Would-Be Protesters Who Cannot Attend Protests (18)
15:26 Internet Archive Closing National Emergency Library Two Weeks Early, Due To Lawsuit, Despite How Useful It's Been (106)
11:07 Two Cheers For Unfiltered Information (6)
More arrow