As the Shamoon and NotPetya disk wiper malware have shown, an infected computer in a business context can be so compromised that it’s effectively destroyed.
In many documented cases, organizations that have been victims of disk wiper attacks have disposed of their infected computers (either in whole or in part) rather than return them to service.
- Shamoon: When it hit Saudi Aramco in 2012, the company discarded over 30,000 hard disk drives and bought new ones on the open market, temporarily spiking prices around the world.
- NotPetya: In 2017, Maersk completely replaced hundreds of laptop computers in the process of rebuilding their company’s network.
Another consideration: As malicious code gets more sophisticated, and is able to re-write firmware to survive a “wipe and reinstall” strategy, what’s the risk of continuing to use the same hardware that was originally infected?