Perhaps the single biggest mistake people make in computer security and in keeping themselves virus-free is that they take for granted that viruses spread in ways that look harmless.

In fact, the virus writers play on that very fact: they hope you're going to take for granted that an email, a link, a web page, or even a USB thumb drive / memory stick contains a virus by making it look like it's perfectly normal.

Meanwhile, they've hidden their insidious virus or other malware inside the shell of something trustworthy and harmless looking.

Such was the case in fact in London recently when the Ealin council was forced to "cut Internet and phone links to preserve 'core systems and data'., according to the London Evening Standard's site, ThisIsLondon.co.uk.

In the piece on the USB thumbdrive-based virus attack, the article's author, Felix Allen, goes on to say,

"Further shutdowns followed when the network was reinfected twice in the next week, and all terminals had to be rebuilt or replaced.

"This left cash-strapped Ealing with a [Over $820,000 US] bill for the emergency recovery and in lost revenue. But a report being considered by councillors tonight warns the final cost could top £1.1 million if a new computer security system is needed."

Yikes.

All this because someone inserted a keychain drive into the network and no doubt because it wasn't properly scanned by antivirus software first.

Here's a partial list of the damage to the network:

Over £501,000/$820,000(US) in actual damage As much as £1,100,000/$1,600,000(US) in possible damage Entire computer network was disabled in its entirety for four days Services weren't restored fully for 'several weeks' 1,838 parking tickets had to be cancelled Rent couldn't be collected Repairs were re-ordered because contractors' invoices couldn't be validated. Libraries lost £25,000 (a full month's worth of income) since they couldn't take any fines and booking fees £14,000 in overtime was paid to take care of the housing benefit claims backlog.

I'm sure the responsible party is no doubt embarrassed and very, very sorry. This doesn't let either the IT people off the hook for insufficient antivirus firewall software or the responsible user off the hook for failing to ensure their memory stick was virus-free.

As seen here, when it comes to computer viruses, you definitely cannot trust things just because they look harmless.