The following constitutes a general disclosure of operating protocol in the disaster area. Please understand that while protocol is being disclosed, teams in exposure areas are given wide latitude to execute protocol as they see fit, and specific operational matters will not be compromised. With aggressive malware in play, and the risk of other exposure due to potential failures in containment systems, disaster response teams are expected to be able to operate in isolation to reduce the spread of contaminants.
Currently, efforts by IKAME and our partners are being siloed into three general operational areas.
The first operational silo is security and containment, currently headed by our Director of Operations Parious Mehoff. At this time, his work is focused primarily on progressive repair and decontamination work. Response teams are deployed as needed to affected areas first to secure a perimeter, to ensure safe operation within the zone, to contain and then eliminate contaminants barring any necessary and suitably-contained samples, and to repair affected station systems to provide for normal function. As a given contaminated zone is cleared, a new team leapfrogs to the next zone to continue the operation.
Observation of the area will continue well past initial clearance, and restoration of standard traffic will only occur after approval by Zainou and Watch authorities.
Depending on personnel availability, fatigue, and other factors, the response team may then be provided a recovery cycle, or assigned a new zone. Naturally, teams will be themselves be isolated until verification that they are not themselves carrying contaminants, though a comprehensive plan to prevent contamination is already in place.
The second operational silo is triage and medical response, currently headed by our Director of Analytics Jaret Victorian. While most cybernetics-induced injuries were reported aboard the Aliastra facility, and much of our medical response has been seconded to Suresha Bataav for work aboard that facility, we are also attempting to address casualties aboard the Zainou facility. Many of those we’ve encountered so far result from systems failures and malfunctions, such as artificial gravity fluctuations, transit mishaps, and so on. However, there have been some reported cases of cybernetics-induced injury aboard the Zainou station. We are also staging to prevent potential outbreaks if biohazard containment fails on a biological pathogen, which we have not yet seen verifiable evidence of.
In any case, triage is being managed near the zone by appropriate personnel, though I’ll admit our primary background is research and so our trauma and surgical experience is limited. Much of the medical treatment is essentially at a first responder level, being accomplished by our security personnel in keeping with their disaster training. Use of AIMeds or other aids is currently out of the question, until we can be certain that AIMeds will not be compromised by inadvertent exposure to malware. We will be relying heavily on Zainou for assistance in emergent medical situations.
At the same time, some of our areas of research interest dovetail well with operational needs, given extensive study of Jovian cadavers, Drifter- and Sleeper-derived implant technology, and their medical intervention to restore functionality in compromised biological matter. In cases of neurological damage, our first course is to use an induced coma to prevent further damage, alongside ‘sleeping’ any affected implants if possible without risk of exacerbating the injury. Cryostasis remains another viable option, though we hesitate to use it as an option of first resort in a malware-compromised environment; it may be a second stage intervention once a patient can be safely transported from triage. Development of a personalized treatment plan is necessary in these cases, with elements including restoration of firmware to verified clean versions, hardware replacement in case of physical damage, synapse modeling and restoration, and so on. Needless to say, the credo, ‘first, to do no harm,’ remains an important one. Our effort is to prevent further injury or death, and then to provide therapeutic work in keeping with the needs and desires of the patient, the patient’s designated interlocutor, and Zainou Biotech or the Watch. We expect that this work will have a significant tail, and may carry on for some time.
The third operational silo is that of the investigation itself. For obvious reasons, operational security remains essential. As an active criminal or terrorist incident, we are not yet at liberty to discuss specifics. Suffice it to say that IKAME seeks to provide its expertise and any information, samples, or so on to Zainou Biotech and the Watch
Please note that while I posit these as operational silos, the evolving situation and cellular nature of our team deployment allows for a significant degree of interoperability. This, combined with a mission-oriented approach, should enable flexible responses to emerging situations.
Also, appended is an initial treatment by Trii Seo on the malware. Please note that this analysis is, uh, colorful, and is based on a limited sample. At the same time, I do have faith in Ms. Seo’s abilities, however colorful she tends to be in her presentations.
Trii Seo report, "Poking it with a stick"
Worm:ZA:Chatty.A
Until established as a variant of a known worm, this instance has been codenamed “Chatty” and given the designation A as its first variant.
While its analysis is still pending, Chatty has, so far, revealed a few interesting clues. Firstly, significant effort went into its creation. The worm spreads by exploiting a previously unknown vulnerability within the discovery function of a short-range chat and coordination implant. So far, the implementation has been noted only in Zainou implants.
As this is effectively a zero-day attack, we are not going to disclose any further details of this vulnerability until a patch is released.
What makes Chatty.A a remarkable worm is its rather sophisticated method of targeting victims. Rather than spread across all vulnerable entities it encounters, it operates using a predetermined model of infection. Each propagated copy gains a new instruction set according to which it will behave.
As an example, the copy carried onboard the transport would have aimed to target the receiving warehouse staff. The affected personnel would carry a copy that would target, for instance, a specific set of external implant identifier addresses.
With a Zero-Day hit, fancy targeting code and a lot of polish – a lot of RnD went into this thing, so either Guristas or a megacorp.
Virus:ZA:Surma.AE
With actual physical symptoms like that, what else could it be. Of course, it was a Surma.
I will put it straight to you people: This does not implicate Lai Dai. While they totally did not develop the Surma virus some decade or so back, they also totally do not update it on a regular basis.
For those not in the know, the Surma or “Sudden demise” got its name from a case of a cybered up corporate security guard who suddenly pulled a gun on some brilliant aeronautics engineer and riddled him full of holes. As her body was falling to the ground from an excessive dosage of lead applied by other security personnel, her brain quite literally exploded into a slushie.
Since then, this thing has been flung around in various variants and mutations across the universe. The virus is fairly simple, it contains a set of instructions that the victim will carry out.
Here I’m leaning against Guristas as they totally don’t have the Whitebunny which is totally a myth. That said, if you want to frame Lai Dai you drop some variant of Surma on people and call it a day, hope the big media with their knowledge of malware picks up on this.
This is the interesting part. The infrastructure part acts like a SysHobo variant and is nicely obfuscated. Fair warning, this is one of the nasties, riddled with a metric ton of safeguards – so whomever dropped it wanted to engage local ops.
Conclusion? System sabotage with a hobo meant to attract attention of local ops, possibly a new worm in play with a rather nice targeting system and someone who had the guts not to include a kill-yourself order in a Surma routine. It’s a big boys league play, but jury still out on the whom.