-
Omertà -
Re: FBI Security Alerts
Although many people, corporations included, feel safe sitting in back of their firewalls, problems can walk right in the front door.
In the early 2000 there was a fast spreading internet worm that exploited a Microsoft Windows vulnerability. For most corporations, their corporate firewall protected them while their IT personel were busy patching all their computers. I got a call about 6 AM from the IT supervisor of a local heart hospital where I serviced their dictation system who needed me to come in ASAP and install the patch on NT servers that ran the recorder and the database for the recorder. It seems that an ER doctor had brought in his laptop an connected it to the network. That laptop within seconds had found ever computer in the hospital that was powered on and infected them.
Another front door entry is every mobile device that you let connect to your network to use your printer(s).
Speaking of mobile devices, many people are lazy and use the same login credentials on their mobile devices as on their computers. If your mobile device gets hacked.....Comment
-
Re: FBI Security Alerts
I use an encryption and a different password for every site.
We had a problem at my last job.. the CFO's older sister infected every PC on the system because they liked to remote in after hours... Well
Clara came in with her lapper hooked it to the in-house network and went on PORN SITES... we caught a node jumping worm ... I came in @ 0830 and they are screaming the net is down... ( we had suspected her for other viri ) I went to her desktop and traced the infection back to her lapper @0300.
We had to wipe every HDD in the shop. (fortunately Tony OpMgr backs up each HDD to a set of externals) he came in @ 1000 between we had every one back up n in four hours... we sent them home while fixing the problem.. Tony put SITE restrictions on her login.. she was pissed when she came in the next day,
Comment
-
Re: FBI Security Alerts
Area codes are no longer Area codes – but they can be used for scamming
The area code displayed when you receive a phone call tells you from what location the call was placed, right?
Wrong.
While we still commonly speak of “area codes” – a legacy term that implies a connection between a particular three-digit prefix and the physical location of the communications equipment associated with it – the truth is that area codes have long since been transformed from representing physical places into simply the first three digits of our new, standard, 10-digit telephone numbers.
There are official tables showing which three-digit codes are assigned to which locations under the North American Numbering Plan, but technological advances and policy changes have dramatically diminished the meaningfulness of these relics of a bygone era.
Online communications services like Google Voice, eFax, and other offerings let people choose their own area codes, people signing up for phone lines utilizing Voice over IP technology (eg, Vonage) get to pick their area codes, and mobile-phone service providers usually let people choose their full ten-digit numbers as well.
A scammer seeking to build confidence and trust among victims for a financial scam, might, for example, acquire a number with a 212 area code – instilling even before his or her intended victim answers the phone a perception that the caller represents a long-established New York financial institution.
Similarly, scammers calling from outside of the United States can easily establish US-based numbers in order to reduce the suspiciousness of intended victims. Clever crooks may even call people from numbers that appear to be local to the victims – and establish a bond by referring to local sites – something about which they can easily learn online or by viewing social media postings.
There is a reason that technology companies located far from California have been known to obtain phone numbers associated with the Silicon Valley area.
So, the next time you receive a call from an area code that you recognize as tied to some particular location, keep in mind that the call may be from there – or from anywhere else on the planet.
... I was attacked by this scam three times today all saying that if I did not immediately pay $400.00 I was in some sort of big trouble. Plus I think it was an autodialer.Comment
-
Re: FBI Security Alerts
Scammers have been using spoofed phone numbers for years. One trick they were using for a while was to spoof a number with the same area code and prefix as yours so you think it might be a neighbor. I have had them tell me it was the IRS, IRS does not call first,Comment
-
“I think you should treat good friends like a fine wine. That’s why I keep mine locked up in the basement.” - Tim HawkinsComment
-
Re: FBI Security Alerts
Colonial Pipeline cyberattack shuts down pipeline that supplies 45% of East Coast's fuel
The attack highlights how ransomware and other cyberattacks are increasingly a threat to real-world infrastructure.
"In response, we proactively took certain systems offline to contain the threat, which has temporarily halted all pipeline operations, and affected some of our IT systems," the company said in a statement.
Colonial said Friday that it's "taking steps to understand and resolve this issue."
"At this time, our primary focus is the safe and efficient restoration of our service and our efforts to return to normal operation. This process is already underway, and we are working diligently to address this matter and to minimize disruption to our customers and those who rely on Colonial Pipeline," the company said.
Colonial, founded in 1962, says it transports about 45% of all fuel consumed on the East Coast. The pipeline system that spans more than 5,500 miles has two main lines: one for gasoline and another for things like diesel and jet fuel.
Colonial said it engaged a third-party cybersecurity firm to launch an investigation into the "nature and scope of this incident" and also contacted law enforcement and other federal agencies.
Comment
-
Re: FBI Security Alerts
In Wake Of Pipeline Hack, Biden Signs Executive Order On Cybersecurity
President Biden signed an executive order Wednesday boosting America's cyberdefenses following a ransomware attack on a company that operates a pipeline that provides nearly half of the gasoline and jet fuel for the country's East Coast.
The broad order, which the administration had been working on for months, aims to strengthen cybersecurity for federal networks and outline new security standards for commercial software used by both business and the public.
"Recent cybersecurity incidents such as SolarWinds, Microsoft Exchange, and the Colonial Pipeline incident are a sobering reminder that U.S. public and private sector entities increasingly face sophisticated malicious cyber activity from both nation-state actors and cyber criminals," the White House fact sheet says.
In a briefing with reporters Wednesday, a senior Biden administration official said that the order "reflects a fundamental shift in our mindset from incident response to prevention, from talking about security to doing security."
As NPR first reported last month, the order lays out a series of new requirements for companies that do business with the federal government.
The administration's goal is not only to boost federal defenses but also to use the purchasing power of the government to get those higher standards to trickle down to the private sector.
The administration also wants to pilot a program like those Energy Star ratings on appliances so consumers know if software was developed securely.
"We see small companies being forced to pay a ransom to get their business back up and running," Anne Neuberger, the deputy national security adviser for cyber and emerging technology at the White House, told NPR's Dina Temple-Raston in a recent interview. "You know, we see school systems' networks down due to criminals. So those risks touch everyday Americans' lives, as well as at the national level."
Biden's order requires companies to report certain information about cyber breaches. It updates security standards on government networks, including mandating multifactor authentication and encryption. And it creates a playbook for cyber-incident response by federal agencies.
It also establishes a Cybersecurity Safety Review Board to analyze incidents. It's modeled on the National Transportation Safety Board, which reviews airplane crashes and incidents with other modes of transportation.
The order comes in the wake of the Colonial Pipeline hack and after other recent cyberattacks. (Colonial had just restarted its pipeline earlier Wednesday.)
A focus on Russia
While cyberthreats come from all over the world, the pipeline attack brought focus back to Russia, because Biden says the alleged criminal group has ties to the country.
Biden expects to meet with his Russian counterpart soon. He suggested this could be a topic of discussion.
"I'm going to be meeting with President [Vladimir] Putin, and so far there is no evidence based on, from our intelligence people, that Russia is involved, although there's evidence that the actors' ransomware is in Russia," Biden has said. "They have some responsibility to deal with this."
The two are expected to meet during Biden's trip overseas to meet with European leaders next month.
Matthew Rojansky, director of the Wilson Center's Kennan Institute, who is close to the administration, said both governments are vulnerable to cyberattacks.
He said it's in both of their interests to start a conversation on rules of engagement, which he added could be part of larger plans to discuss arms control and security.
"And you can start just by laying out red lines and talking about deterrence," he said. "You know, 'If you do X, we do Y, and you don't want Y, so don't do X,' but you can move from there eventually, build a little bit of working trust and possibly establish an actual framework that looks like arms control."
The administration has made clear, though, that the cyberthreat goes well beyond Russia.
"It's not specifically a bilateral problem; it's also a China problem," said Ari Schwartz, who served as cybersecurity director in the Obama White House. "It's a problem with Iran and North Korea, and it's also a problem with a criminal issue. It's all of those things, and the Biden administration said that very directly on several occasions."
The Biden administration says for too long the government and the country have failed to take the necessary steps to boost defenses.
"These are systems that we use to run government and conduct commerce — systems that are used to deliver our power and our water, to help manage traffic on our roads," the Biden official told reporters. "The cost of the continuing status quo is simply unacceptable."
.... I fully expect print vendors to jump onboard with this quickly to gain a competitive advantage. It will be just like Energy Star II ratings on copiers. Everybody has to have it.Comment
-
Adversity temporarily visits a strong man but stays with the weak for a lifetime.Comment
Comment