Category: Security

After Colonial Pipeline (paid $5 million), JBS Foods, and some hospitals were hit by ransomware, the Biden administration has asked companies to be alert and do their part to prevent these attacks.

“A memo to business leaders said the administration is working with allies to shore up defenses, disrupt hacking networks and hold countries accountable if they harbor criminal organizations responsible for ransomware attacks.”

https://www.washingtontimes.com/news/2021/jun/3/white-house-companies-do-your-part-prevent-ransomw

Today’s announcement from the White House:

White House pushes for companies to take ransomware more seriously after high-profile cyberattacks – CNNPolitics

This is an excellent feature showing how ransomware evolved and why not to pay the ransom. Paying leads to a ~80% chance of a repeat ransom:
https://www.newyorker.com/magazine/2021/06/07/how-to-negotiate-with-ransomware-hackers

I know some say we shouldn’t use the phrase cyber attack at the risk of hyperbole (This public service website lets you see whether an event in the news is a cyber attack The Colonial Pipeline Ransomware Incident | Is This a Cyber Attack?), but I think there is not enough alarm sometimes. Here’s another big one: https://www.washingtontimes.com/news/2021/jun/1/jbs-usa-major-meat-producer-reeling-from-organized

What’s your opinion, is there enough education for the general population for cyber?

You cannot have 100% security or zero risk. So protecting your digital assets and privacy are never perfect either. Business goes on and you have to accept some level of risk on the internet (and in real life). You need a level of security that fits your needs, security controls that will vary according to your acceptance of risk.

1. Start with a list of assets you want to protect, e.g. a laptop.
2. Determine what are the threats to those assets, e.g. theft or compromise.
3. Determine the consequences of a successful attack/loss/compromise of assets (including privacy or anonymity), e.g. damage to reputation or identity.
4. Select and apply security controls, starting with greatest risk, e.g. a hardware lock for the laptop, encryption of data at rest on the laptop, or using a VPN connection to protect your online activity on the laptop.
5. Do the controls work? And how well? e.g. verify encryption is working, update VPN settings, apply patches. If there are weaknesses in the controls, go back to (1).

The Amazon (or other retailer) brushing scam is going around a lot today(mainly since July 2020). Beware if you receive free Amazon packages. Your customer info (name, shipping address, phone, etc.) could be exposed and scammers can create bogus reviews for themselves. Worse, the scammer seller could send illegal materials and you could be charged. There could also be financial implications for you.

1. Change your passwords, especially for banking or credit cards.
2. Check your credit card and bank account statements
3. Report the scam to Amazon or to the other retailer

Do you want anonymity, privacy, pseudonymity, or some combination—and for what digital resources?

How important are your emails? How much privacy should your identification have? Are you off the grid? (Or think you are?) Whether you realize it, your digital assets all have security settings to them and possibly to different levels.

The security triad is Confidentiality – Integrity – Availability. Concerning the confidentiality of a resource (such as a file or directory), you will determine what level of access to your content you’re OK with, what level each person or group you know should be assigned, and which content to keep secret as a whole.

Continue reading “Decide the Security Levels You Need”

The Institute for Security and Technology (IST) put together [a] coalition teaming up more than 60 software companies, government agencies, cybersecurity firms, financial services companies, academic institutions, and nonprofits to combat ransomware problem. Among the members, Amazon Web Services, Center for Internet Security, Cisco, Citrix, CrowdStrike, Ernst and Young, Deloitte, FireEye, Microsoft, and government organizations including the U.S. Department of Justice, Europol, and the U.K. National Cyber Security Centre(NCSC).

This follows the January takedown of the Emotet botnet by the FBI and law enforcement in Canada and Europe. A similar coalition was unsuccessful in permanently taking down the TrickBot botnet in late 2020.

Bitdefender has reported that APT group NAIKON targeted military organizations in Southeast Asia between June 2019 and March 2021. With cyber-espionage and data theft as its goal, NAIKON used a backdoor named Nebulae and the RainyDay backdoor as parts of the attack:
“NAIKON is a threat actor that has been active for more than a decade. Likely tied with China, the group focuses on high-profile targets such as government agencies and military organizations in the South Asia region.”

The Hacker News has reported on Chinese hackers targeting military orgs specifically in Vietnam.

https://thehackernews.com/2021/04/chinese-hackers-attacking-military.html

I have long thought China needs more focus in security. I hope to have a feature based on the threats posed by the CCP and corporate actors soon.