In fairness, this article is just as applicable to basically anyone with a phone or Internet connection. We all can use a reminder on how to best deal with these threats. Enjoy the article and share it with your friends.
So I find myself writing my first blog post in a very long while sitting in a very strange location. It’s filled with nice office furniture, a comfortable chair, multiple monitors and computers, and a standing desk. I have a distant memory, even a vague notion I have been here before. And then it hits me – I remember! This is my office…at work…and not my basement.
Like so many Americans and so many people around the world, I went hope last March amid the chaos that was the start of the COVID-19 pandemic. I am entirely grateful to work for an employer who saw the value of protecting and isolating its employees and to work in an industry that was already quite flexible and mobile. We never really lost a step in terms of customer support or project work, but as a team of engineers working together and supporting one another, everything changed.
Microsoft Teams and Cisco WebEx and webcams and headsets became our new best friends. Meetings became video calls. Basements became offices. Lunch table conversations became chat sessions fueled by home kitchen refrigerator raids. Breaks became….well they kind of just faded away. Work and home sort of blended together, but we survived and we worked hard and customers kept running and projects got done.
In the middle of all that, my blog did not get pushed to the back burner. It got propped up on the back ledge of the stove and at some point fell off behind the appliance to become covered in dust and grease and largely forgotten – at least until now. I am back in the office. I am spring cleaning and prepping and getting back into the groove of things. I talk to humans in person again which is a little awkward when you have to fight the urge to press a mute button or turn off your camera only to discover you cannot control the realities of human interaction. And with this newly discovered energy and encouragement, I am going to rededicate myself to sharing my thoughts on security and security news.
Its great to be alive and healthy and able to work. Thank you for your patience! More to come soon!
This is yet another example of the cybercriminal bad guys taking advantage of a crisis situation and attempting to catch us with our collective guards down. I know many in the business world are now nearly completely reliant upon Skype, Teams, WebEx, and Zoom to function on a daily basis, but that need to stay connected cannot supersede the sound security practices that protect data and keep us safe.
Remember this simple truth – if you get an email message regarding an issue with an online service or tool, stop and don’t click any email links. Go directly to the website you know and trust from a browser. Any messages or alerts sent via email will be there on the website waiting for you. President Reagan’s montra is applicable and not cliché, Trust but verify.
This is the logical evolution of the ransomware threat in terms of data loss. No longer is the fear only the loss of access to data. Now we need to fear data being stolen and sold or leveraged in new and frightening ways. Please be aware!
We often want to approach IT security from a detached and somewhat clinical position, evaluating threats and vulnerabilities with an objective logic devoid of an understanding of the motivations employed by the cyber criminals involved. Now is not the time to take that approach to IT security.
Our nation faces a very real and immediate threat in the form of cyberattacks from foreign nations motivated by anger and revenge. As IT security professionals, we cannot prepare and defend our networks and computer resources in a vacuum. We must remain aware of the sociopolitical situation in order to understand the potential nature of the attacks to come and timing of those attacks relative to political decisions and military actions taking place around the world.
Financial institutions has begun to receive alerts from the Federal Reserve based on information provided by the Department of Homeland Security concerning potential threats from Iran and Iranian proxies motivated to disrupt networks, services and social feeds in the United States. Specific IP address information is being provided as a first step to content filtering and threat identification.
Please remain diligent in your defensive posture during this period of immanent threats. Educate your users as to the situation and the possibility of social engineering attacks associated with these threats. Stay abreast of the situation and monitor multiple news sources. Be cognizant of the fact that a week from now, Windows 7 and Windows Server 2008 will reach end of life and security patching for those products will cease. Devices running those operating systems will, for all practical purposes, have large targets painted on their chassis. If you find yourself with devices that you have not been able to update yet, take steps to properly isolate these devices and restrict access to the Internet.
Now is not the time to assume that you or your organization will not be a target. Be prepared and aware.
Given the nature of these vulnerabilities, please review your environment and make sure your version of Chrome is up-to-date.
This post is intended to be a little more than simply a stroll down memory lane in the IT security world of 2019. Take a moment to consider each one of these incidents and how each could affect you and your organization. Have you executed on any lessons learned? Have you mitigated or remediated all associated vulnerabilities? Are you monitoring for future activity? We need to learn from these types of incidents and strive to continually get stronger. Enjoy the read.
This is not unexpected. Cybercriminals are fairly smart and they are motivated to target the resources with the greatest and/or most effective access. As more and more of the world moves their respective Exchange and Active Directory resources to the cloud, O365 and Azure administrators move up the valued target list.
This article simply points out something we have known for some time. We must take phishing threats and associated awareness training seriously. This must become a priority for every organization, large and small. This issue also places a brighter spotlight on the security associated with service providers and 3rd party administrators. Make sure your security controls take those resources into consideration as well.
Spear phishing has long been a serious concern for organizations battling the constant onslaught of social engineering attacks pointed at their users. This post from the team at KnowBe4 sheds some light on a new form of spear phishing that often focuses in on technology firms and other high value targets. The depth and level of sophistication associated with these attacks should raise red flags. The more accurate and relevant the phishing content, the higher the likelihood the end user will fall into the trap and click the link.
Please be diligent in your awareness training and notifications to end users. These threats are very real!