- Nov 5, 2018
- 2,504
- 2,079
Next week I am compelled to attend an hour long presentation conducted by Shawn Henry, Founder and CEO of CrowdStrike.
I like to keep up with what's going on, and ransomware is definitely the thing these days. Unfortunately a group from the Middle East has chosen to make large health care facilities their targets lately.
Now if you trace all these exploits back to their roots, one thing is common among all major infections. Some worker received an email with a payload attached and they willingly opened it and BANG! Don't get me wrong, evidently there have been some major exploits found in Office 365 which allows the attackers to use what appears to be a valid business email that the receiver is familiar with (and in reality is), the recipient's email address was harvested from the compromised email account so the recipient has had trusted communications in the past.
So back to the subject. No matter what security measures you take short of what some government agencies do, that is a computer in a bubble or only virtual computing is permitted on the network NOTHING from outside the network is stored locally without being screened by first a program and finally eyeballs. No USB sticks, passing files, etc.
So you know and I know the problem isn't really the computer or the operating system, blah, blah. It's the operator and their willingness to be seduced by some social engineering scheme that promises them something that can't resist. Fix that, and you fix the whole damn system.
With that, I am dying to hear what this guy has to say.
Everyone in my company was mandated to take an online security course. So far I am the only one who even started it, it's good for a few poops and giggles. Just so you know and I know is all we really need to know. Other than keep this in mind in our activities, not much else we can do. Chasing exploits is a game of whack-a-mole.
I like to keep up with what's going on, and ransomware is definitely the thing these days. Unfortunately a group from the Middle East has chosen to make large health care facilities their targets lately.
Now if you trace all these exploits back to their roots, one thing is common among all major infections. Some worker received an email with a payload attached and they willingly opened it and BANG! Don't get me wrong, evidently there have been some major exploits found in Office 365 which allows the attackers to use what appears to be a valid business email that the receiver is familiar with (and in reality is), the recipient's email address was harvested from the compromised email account so the recipient has had trusted communications in the past.
So back to the subject. No matter what security measures you take short of what some government agencies do, that is a computer in a bubble or only virtual computing is permitted on the network NOTHING from outside the network is stored locally without being screened by first a program and finally eyeballs. No USB sticks, passing files, etc.
So you know and I know the problem isn't really the computer or the operating system, blah, blah. It's the operator and their willingness to be seduced by some social engineering scheme that promises them something that can't resist. Fix that, and you fix the whole damn system.
With that, I am dying to hear what this guy has to say.
Everyone in my company was mandated to take an online security course. So far I am the only one who even started it, it's good for a few poops and giggles. Just so you know and I know is all we really need to know. Other than keep this in mind in our activities, not much else we can do. Chasing exploits is a game of whack-a-mole.
Last edited:
