If you're behind a router it adds a decent layer of protection against the more casual intrusion attempts, with the virus scanner backing that up. But, ultimately, it's also about being aware there are people out there who are very good at getting through your defences. Being careful with USB drives, the links you click on, and restricting who you let into your wireless network is important.
Last edited:
As I understand it the problem is that the ransomware encrypts files in place and installs OS hooks that decrypt on the fly, so to the users it all looks OK and everyone continues working and backups are made. But they're backing up encrypted files and eventually the extortionists tell the OS hooks to stop decrypting and everything fails at once.
One place where I worked used various methods of security. The system we had was behind a firewall, which itself was inside another firewall. Qualys zero day detection appliances were used for monitoring and penetration testing of our systems. If authorized (which very few people were), remote connection was though a VPN tunnel. At one time I had a time-of-day-synchronized number generator dongle that looked like a pager for two factor authentication. It didn't connect to the computer so had to enter numbers manually. All this was to protect medical information...
Last edited:
Worked on a system used by the UK defence dept. in the mid 80's. This was in the days of CRTs. All their monitors were shielded so no EMR escaped at the back, they had large side screens to prevent people other than the operator from viewing them, received all their data through fibre optic cables and, finally, were used inside a faraday cage.
One time we received a bug report and we asked for a dump of the data. We got back a couple hundred pages of 132 character fanfold line printer output hex/character memory dump. Someone had gone through it with a marker pen blanking out all the secret stuff to the extent that the marker pen had pushed through the paper. There was more marker than data. A guy I was working with said he'd once received something similar where they'd actually cut the secret bits out and the listing looked like a doily.
One time we received a bug report and we asked for a dump of the data. We got back a couple hundred pages of 132 character fanfold line printer output hex/character memory dump. Someone had gone through it with a marker pen blanking out all the secret stuff to the extent that the marker pen had pushed through the paper. There was more marker than data. A guy I was working with said he'd once received something similar where they'd actually cut the secret bits out and the listing looked like a doily.
Evri have a dreadful reputation in the UK. They were called Hermes up to about a year ago and had such a poor service record that they rebranded. By all accounts it's only the name that's changed, the service is allegedly as bad as ever.
Hello All,
As a person who has been involved with IT and administration for years I, like many of you, have seen these things rip through our infrastructure both subtly and voraciously. What always comes up is human error as if there is nothing to be done at that point. I also have seen a lot of "hind sight is 20 x 20" type of excuses.
Entities that use computer systems unfortunately need to change there culture when implementing systems. In the past it has been a culture of "how do we make this work." This is not a bad culture in fact it is a culture of problem solving. Now the culture has to be "how do we make this secure."
It seems that every problem mentioned in this thread also had a solution mentioned in this thread. I wonder how many system designers had open discussions like this about vulnerabilities and solutions.
And to you sysadmins out there.
Good luck this remote work thingy promises to be adventurous.
Jeremy
As a person who has been involved with IT and administration for years I, like many of you, have seen these things rip through our infrastructure both subtly and voraciously. What always comes up is human error as if there is nothing to be done at that point. I also have seen a lot of "hind sight is 20 x 20" type of excuses.
Entities that use computer systems unfortunately need to change there culture when implementing systems. In the past it has been a culture of "how do we make this work." This is not a bad culture in fact it is a culture of problem solving. Now the culture has to be "how do we make this secure."
It seems that every problem mentioned in this thread also had a solution mentioned in this thread. I wonder how many system designers had open discussions like this about vulnerabilities and solutions.
And to you sysadmins out there.
Good luck this remote work thingy promises to be adventurous.
Jeremy
This reminds me of what happened to the shredded "secret" documents when the US Embassy in Teheran was seized in 1979. The Iranians had children trained to reassemble the shredded bits to ascertain knowledge of persons working with the CIA.
Never accept a "free" thumb-drive, probably another good malware, ransomware bit of advice.
My home-owners/auto insurance company offers "ransomware" insurance for a small additional premium.
It was something that caused a change in the intelligence community and crosscut shredders were used from then on. I had a google and found there's actually a DIN standard for document shredder particle size
. P-7, the most secure, has an area of no more than 5mm2. There seem to be lots of shredders offering 0.8x5mm particle sizes.USB drive thing can be partly negated by making sure that your OS is set not to automatically run software on thumb drives. Something as simple as having autoplay switched off by default would have saved thousands of computers from infection.
Incidentally, how many people ensure their old HDDs are unreadable before they dispose of them? How many even realise that deleting a file is nowhere near enough to ensure that it's gone?
Just throw your old backup CDs or DVDs into the bin? Lots of secret information has been leaked from old PCs sold S/H or sent to landfill.
A bit of humor from years ago... Back in the day, I wrote some BASIC programs for audio and acoustics calculations. But then, VisiCalc came along, and then Lotus 1-2-3. I got so good at 1-2-3 that organizations would have me teach classes. One of the things I did, just for fun in an 'introduction to macros' segment, was to have attendees write a simple macro that would destroy the spreadsheet. It was simple, like four characters. They'd run the macro, and "poof", their spreadsheet was gone.
Anyone here remember tickertape parades?
Was one of those things they did on New York where they had a parade and threw streams of old tickertape.
Somewhere about 20 years ago some brokerages threw out shredded paper from some high widows during a parade.
The paper could be re-assembled and then you had client data.
A change in policy about shredding and disposal of shredded material happened.
Was one of those things they did on New York where they had a parade and threw streams of old tickertape.
Somewhere about 20 years ago some brokerages threw out shredded paper from some high widows during a parade.
The paper could be re-assembled and then you had client data.
A change in policy about shredding and disposal of shredded material happened.
Sorry, I didn't mean to be a harbinger of doom, just to suggest DHL, FedX or one of the others might be a safer bet. I'm sure your PCBs will arrive.
Part of the motivation for people to write down their passwords is that the requirements get more and more onerous with time.
For example, one system I interact with requires:
a minimum of 14 characters;
a capital (but not for the first character);
a number;
a special character (not * though, and not for the last character);
a hieroglyph; and
the blood from a freshly sacrificed goat.
Ok, the last 2 they haven't enacted yet, but you get the point.
The password lasts 4 weeks and cannot be the same as any previous 10. And so people write their password down to remember what it is that particular month.
Apparently a better system is several random words of decent length that are nonsense as a sentence but can be more readily remembered. They are less likely to be written down (although some users will always write their passwords down no matter what) and a lot more secure than Password123*.
Ah, here is an article:
National Cyber Security Centre
https://xkcd.com/936/ of course I would not recommend 'correct horse battery staple' for any password now it's out there.