Business Management, Technology

It’s not just four letter words that are problems. Cyber is a 5 letter one.

2 Comments
No Gravatar

I just don’t get it.

Microsoft Exchange Server updates in March- and is exploited for ransomware via backdoors left in the software.

SolarWinds uses a wimpy password, which lets hackers infect government and private networks during an update.

Colonial Pipeline gets whomped, shutting down fuel deliveries to the Northeast US.

JBS (multinational meat supplier) gets hit with ransomware- which leads to beef shortages and price escalations.

Kayesa Fixes

Now, Kayesa- which produces software to manage IT installations-  has a vulnerability exploited by the same folks [REvil, a Russian protected hooligan group] who attacked JBS. (Maybe I should explain this better.  Kayesa sells its software to what are called “IT Managed Service Providers”.  Those firms promise a slew of small and mid-sized companies that they will keep their networks safe from attack and failure.  Oops. They relied on Kayesa for much of that protection- which means a slew of small and mid-sized entities have been screwed, blued, and tattooed.)

2021 Ransomware Attacks

In the meantime, our electrical grid is still not protected.  (I’ve been bitching about this for years!)  Well, it’s not just that critical infrastructure element- our water systems are not protected either.  (Here’s but one example of where I warned you about this vulnerability.)

What?   You think that’s all?

Just imagine the Blackout hits.  Not just the Northeast- but 40% of the US.  Now, that also means that the water and wastewater systems are now down in those areas, since they run off electricity.

To add insult to injury, the terrorists attack water systems NOT part of the Blackout region.  Leaving more of the US without water.

Your local banks- they’re not running since they have no electricity.  No ATM’s to deliver cash.

Maybe now is the perfect time to scare the rest of the s… out of you.

When the six largest banks appeared before Congress in May and were asked what was the biggest threat to their success, do you know what their answer was?  CYBERSECURITY.

(Consider this- JP Morgan Chase has 3000 employees do nothing but cybersecurity, with a budget of some $ 600 million a year!)

Our financial system can probably withstand an attack on one firm- but multiple firms????

This reminds me of a project we worked on a long time ago.  Back when our corporate headquarters was in Charlottesville (VA).   One of the biggest international banking infrastructure units was building a big data center.  Underground.   Quietly.

It needed water and air systems capable of recycling (with no outside interference) for 30 days.  To withstand a bomb or nuclear attack.  We didn’t think about cybersecurity- because the internet only existed for the DOD and universities back then.  (Yes, this was even before AOL stopped being a gaming company and provided dial-up connectivity services to some bleeding edge folks.)

We succeeded.   And, if you drove by the facility, you’d have no idea it wasn’t a cow farm on a hill. Unless you looked just a little bit more closely and saw those fences were electrified and of barbed wire, and there was a small security station off in the distance.

That was easy protection  when compared to being attacked by cyberterrorists.  Because we- that’s you and me- are too freaking lazy to be diligent all the time.  We leave our passwords out in the opne.  We open eMails without considering the threat they may impose on our networks.  (Many companies only let their eMail systems use text view [even that isn’t perfect], so that sophisticated network attacks are blocked.   [Once the mail is vetted, it’s possible to open the mail via the visual interface.])

It’s time we address this.

Upgrade our electrical grid.  (Please write your elected officials and demand passage of the infrastructure bill NOW.)   Fix our water and wastewater systems.  (That bill has money for this, too.)

But, most importantly, let’s all be more diligent as we peruse our mail and traverse the web.  (Do you use a virtual computer to peruse the web?   If so, when you are done, no changes to the operating system or browser are saved- so there can’t be any permanent damage.  [It also requires off-line updates so this concept works for months at a clip.])

Oops- I passed the 600 word mark.  I’ll discuss one more issue tomorrow.

Stop Hacks in their Tracks

Share this:
Share this page via Email Share this page via Stumble Upon Share this page via Digg this Share this page via Facebook Share this page via Twitter
Share

Related posts:

  1. There’s a gap, all right
  2. Cyberwarfare… It’s no longer science fiction
  3. Woops, there goes another kilowatt dam…
  4. Your number has been disconnected or is not in service
  5. Infrastructure problems are NOT going away

2 thoughts on “It’s not just four letter words that are problems. Cyber is a 5 letter one.”

  1. You wrote a downright scary post – GOOD FOR YOU! So many people need to be woken up. So many companies are NOT training their people. It has to be constant training and we are warned, at work, that anyone can slip up if they are off their guard for even a minute. Few of us in the United States seem to care just how real, and deadly, this threat is. As you point out, we are one blackout away from disaster. It isn’t science fiction.
    Alana recently posted..Winds Floods and Raspberry Applesauce

Comments are closed.