Dislikes: 0
Keeping in mind that this sort of thing tragically happens the way it does, don’t be too quick to criticize IT admins who seem too be overly intent on security, making your job tougher in the process.
I’d rather see network admins be overly than underly active with security.
Realize that they are protecting their “domain” (pun intended) from evil doers. They are also securing their jobs and their futures by being protective of what they hold near and dear.
“I think you should treat good friends like a fine wine. That’s why I keep mine locked up in the basement.” - Tim Hawkins
Originally Posted by tsbservice
... this thread throws light on the very sophisticated, well funded cyber bad actors who are trying to extort money from your customers everyday 24/7, just one click away.
These bad actors face very little threat from prosecution and can be unworldly clever at how to devise new attack methods.
You need to know the cyber defences of the products you service and how they keep pace with the constantly threat environment.
You need to change the the default Admin passwords of all devices you service to a consistent different password that you have written down and stored in two places.
My brother in law brought me his new computer yesterday with a password lock on it. The only way he could get it to unlock was to call a 1(800) Scammer to unlock it for $ and who knows what downloaded onto your computer searching for passwords and bank account numbers.
I tried for an hour to defeat this but in the my advise was to take it to a tech repair shop where they will probably format the SSD and reinstall Win 10 Home.
Everyday now copiers are viewed as part of the defence/weakness against/by hackers and malware.
Smart dealers have expanded their product portfolio to include Off Site data storage and Cyber defence products.
In every sales quote that I make, I always add in some cyber defences as a monthly fee. You can get a lot for $50.00 month. In many way it is like a Surge Suppressor, if it saves one attack in five years, it pays for itself.
The risk you run is making sure you have some kind of rider in your agreement stating that even with extra security there is still the risk of attacks.
Technology is at the point where an antivirus or antimalware software isn't as effective as it used to be. Most attacks now leverage out of date software or unpatched vulnerabilities to then make an attack leveraging another vulnerability. Antivirus is just one level of defence, along with robust patching, software control, and principle of least privilege for any user system.
Even third-party antivirus will soon be a thing of the past, just like software firewalls back after Service Pack 2 of XP. The AV engine of Windows 10 is the same as Microsoft's pay product which merely allows for a central management console, on-demand remote scanning, and reporting. Plus, even antivirus software has been used as a means of attacking systems because of the kernel level hooks they often need.
Standard in all of our support is that any computer with an end of life operating system or software will not be covered without some kind of verifiable compensating controls (no internet access, separate network, limited access, etc).
The biggest challenge is often the tech people understanding the need for security, but the purse strings are controlled by people who don't see the value of something that doesn't immediately show a return on the company's balance sheet.
Sent from my BlackBerry using Tapatalk
... the best IT Admins in the world quickly admit that they can no longer guarantee that their Networks will not be hacked. The goal now is to rapidly identify and isolate the attack.
Oldsmar?!?
What are you doing over there BSM?!?
Why would you try to taint your own water supply?
Or is this just an attempt to “get back” at DeSantis? Lol!
Omertà
There are 10,000s of municipal water commissions in the world. Do you think a terrorist organization would think twice about hacking into some computers and threaten to poison the water supply if a ransom is not paid?
They wouldn’t think twice, this is true.
What is also true is that the perpetrator KNEW the internal supervisor password to gain access to the system. That fact alone makes investigators wonder if it could have been someone who works or used to work at the facility.
They have still not said if it was someone local, someone within the state or country, or a foreign actor abroad.
I’m just giving BSM shit because that’s his neck of the woods, and because he claims to be some kind of “IT guru”. Lol.
Omertà
Although many people, corporations included, feel safe sitting in back of their firewalls, problems can walk right in the front door.
In the early 2000 there was a fast spreading internet worm that exploited a Microsoft Windows vulnerability. For most corporations, their corporate firewall protected them while their IT personel were busy patching all their computers. I got a call about 6 AM from the IT supervisor of a local heart hospital where I serviced their dictation system who needed me to come in ASAP and install the patch on NT servers that ran the recorder and the database for the recorder. It seems that an ER doctor had brought in his laptop an connected it to the network. That laptop within seconds had found ever computer in the hospital that was powered on and infected them.
Another front door entry is every mobile device that you let connect to your network to use your printer(s).
Speaking of mobile devices, many people are lazy and use the same login credentials on their mobile devices as on their computers. If your mobile device gets hacked.....
I use an encryption and a different password for every site.
We had a problem at my last job.. the CFO's older sister infected every PC on the system because they liked to remote in after hours... Well
Clara came in with her lapper hooked it to the in-house network and went on PORN SITES... we caught a node jumping worm ... I came in @ 0830 and they are screaming the net is down... ( we had suspected her for other viri ) I went to her desktop and traced the infection back to her lapper @0300.
We had to wipe every HDD in the shop. (fortunately Tony OpMgr backs up each HDD to a set of externals) he came in @ 1000 between we had every one back up n in four hours... we sent them home while fixing the problem.. Tony put SITE restrictions on her login.. she was pissed when she came in the next day,
Thanks: 
Likes: 
Reply With Quote
Bookmarks