Tag Archives: SolarWinds

The New business

The BBC informs us(via another route) that there is a new business in town, this business works on the old premise of the bully and the backstabbing method called Ransomware. Now, this method was not unknown, we have seen it before, yet the article (at https://www.bbc.co.uk/news/technology-57946117) called ‘Ransomware key to unlock customer data from REvil attack’ gives us “US IT firm Kaseya – which was the first to be targeted earlier this month – said it got the key from a “trusted third party”.” Yes, this might sound true, but I still have an issue here. And the quote “Kaseya’s decryptor key will allow customers to retrieve missing files, without paying the ransom. The company’s spokeswoman Dana Liedholm declined to answer whether Kaseya had paid for access to the key”, I get it, Kaseya accepts that there is a cost to doing business, without the key they are helpless, but in this instance they have also given voice to the new business. This is not on Kaseya, ransomware is a much larger stage and the law is not ready to deal with it. So when we get “But members of the group disappeared from the internet in the days following the incident, leaving companies with no way of retrieving the data until now”, I think that it was not merely fear. I think that they found a weakness in their armour and they needed to fix it, perhaps the FBI and NSA got too close? It is speculation, but I reckon that any hacker inviting the wrath of the NSA has something to fear, only the stupid do not fear that hunting machine. So when we get to the jewel of the article, a setting that describes a few elements by Joe Tidy (Cyber reporter), we see “Firstly, giving away the key now is far too late for most of the victims of this massive ransomware attack. Secondly, the mystery gifter was most probably linked to – or working with – the criminals directly.” I feel that he is on the right track, I get that Kaseya prefers the term ‘trusted source’, but that does not put Kaseya in the clear, moreover, as I reported the massive bungles that were made and the lack of oversight within Kaseya gives them a reason to cooperate with organised crime, but not a right, a right to do that is a form of treason towards ALL their customers and as Joe said it “giving away the key now is far too late for most of the victims of this massive ransomware attack”, if you doubt that call Coop (at +46107400000) and ask them the damage of 500 supermarkets shutting down, as well as a loss of data. And then Joe gives us the gem at the heart of this “I’m told by a hacker who claims to be a part of the inner circle that it was “a trusted partner” who gave the key away on behalf of the group’s leader, who calls himself Unknown. My contact says it’s all part of “a new beginning”.” I understand that this is hard to swallow and optionally it is a form of bragging, but I am not convinced that this is the case, as Joe gives us “it could well be the start of something else”, yes that has the ring that sounds true. It is the start of a new business venture and Kaseya is merely the pilot. In this we have two sets of minds, the first is that the shortsighted greed drive of Kaseya (as I discussed it in ‘Dream number three’, at https://lawlordtobe.com/2021/07/06/dream-number-three/) needs to have consequences. The dominant sales types with their ‘we’ll fix it down the road’ can no longer be allowed in this industry. The second part is that we have no choice but to return to a stage of targeted killing, and I do not care whether one of the hackers is a poor little 16 year old person hiding behind  ‘minor protection laws’, they guilty they get the $0.17 solution (price of a 9 mm bullet). We have no choice, the law did nothing for too long, giving hackers pass after pass as they ‘claimed’ that it was the only way. Well, so far it did nothing for a lot of people spanning a timeline that is a little over a quarter of a century, it is like an armistice race with too many casualties and the law merely shrugging at the damage that was not theirs. With Kaseya a large corner is turned and Kaseya partially has itself to thank for that. And in all this is has become time to recognise that Kaseya is not merely a victim (no matter what Dana Liedholm tells us), it did this to themselves as the source in the other article “were helping Kaseya plug the hole long before the hackers found it”, as such the ‘we’ll fix it down the road’ no longer holds water, especially as we take tally of the victims that are victims because of the shortsightedness of Kaseya. And they are not alone, there is every indication that the Microsoft exchange group and Solarwinds are part of that same stack. I have personally seen how the needs of proper testing took a back seat to Marketing and the board room drive of greed in more than one instance and that too needs to be addressed, yet I feel that the media will paint over that part with articles in emotional ways, their stake holders will not allow that to be any other way, adhering to their bonus whilst relying on marketing and sales to set out a new path based on ‘we’ll fix it down the road’, should Joe Tidy be correct (and I believe he is), we will soon see a new wave of REvil attacks and the law will be on the sidelines, as will governments all pointing at one another, all whilst keeping their ‘friends’ out of the line of fire.

It is merely my look on things, and I expect to be proven correct before the end of 2021. 

Leave a comment

Filed under IT, Science

The devil rang

This is too good, I had just finished yesterday’s article and the Guardian gives me ‘Spyware can make your phone your enemy. Journalism is your defence’, in this that I have some troubles accepting that journalism is my defence, they are al about circulation and satisfying their shareholders and stakeholders (optionally advertisers too). But the article came at the right moment, even as this is about Pegasus and the NSO group. Whenever I look back at the title ‘Pegasus’ I think back to Pegasus mail and windows 3.1. It is a reflex, but a nice one. So, the article gives us “The Pegasus project poses urgent questions about the privatisation of the surveillance industry and the lack of safeguards for citizens”, which is nice, but Microsoft, Solarwinds and Cisco made a bigger mess and a much larger mess, so pointing at Pegasus at this point seems a little moot and pointless. (Microsoot’s Exchange anyone?)

Yes, there are questions and it is fair to ask them, so when we see “This surveillance has dramatic, and in some cases even life-threatening, consequences for the ordinary men and women whose numbers appear in the leakbecause of their work exposing the misdeeds of their rulers or defending the rights of their fellow citizens”, yes questions are good, but the fact that millions of records went to the open air via all kinds of methods (including advertiser Microsoft) is just a little too weird. And it is not up to me, it was The Hill who asked the people (5 days ago after the Kaseya hack gone public, the larger question that actually matters ‘Kaseya hack proves we need better cyber metrics’ and they are right, when we see “Once “infected”, your phone becomes your worst enemy. From within your pocket, it instantly betrays your secrets and delivers your private conversations, your personal photos, nearly everything about you” we read this and shrug, but at this point how did a third party operator (NSO group) get the data and the knowhow to make an app that allows for this? Larger question should be handed to both Google and Apple. The fact that the phones are mostly void of protection comes from these two makers. This is a setting of facilitation and a lack of cyber security. The NSO group decided to set a limited commercial application (more likely to facilitate towards the proud girls and boys of Mossad) and they took it one step further to offer it to other governments as well, is that wrong?

So when we see “All of these individuals were selected for possible surveillance by states using the same spyware tool, Pegasus, sold by the NSO Group. Our mission at Forbidden Stories is to pursue – collaboratively – the work of threatened, jailed or assassinated journalists”, if that were true, we would see a lot more articles regarding the 120 Journalists jailed in Turkey, not to mention the 60 journalists that were assassinated (read: targeted killing exercise) there as well. The papers are all about a journalist no one cares about (Jamal Khashoggi) but the other journalists do not really make the front page giving pause and skepticism to “the work of threatened, jailed or assassinated journalists”, my personal view is that the advertisers and stake holders don’t really care about those lives. Then I have issues with “This investigation began with an enormous leak of documents that Forbidden Stories and Amnesty International had access to”, was it really a leak, or did one government take view away from them (by Amnesty International) and handed it towards the NSO group? A list of 50,000 numbers is nothing to sneer at, as such, I doubt it was a leak, it was a tactical move to push the limelight away from them and push it somewhere else. As we consider Kaseya, Solarwinds, Microsoft and Cisco, the weak minded democratic intelligence players from the Unified Spies of America come to mind, but I admit that I have no evidence, it is pure speculation.

And then we see the larger danger “But the scale of this scandal could only be uncovered by journalists around the world working together. By sharing access to this data with the other media organisations in the Forbidden Stories consortium, we were able to develop additional sources, collect hundreds of documents and put together the harrowing evidence of a surveillance apparatus that has been wielded ferociously against swaths of civil society”, who did they share access to? Who reports to another faction that is not journalism or is purely greed driven? In this, the article (at https://www.theguardian.com/world/commentisfree/2021/jul/19/spyware-can-make-your-phone-your-enemy-journalism-is-your-defence) gives us one other gem, it is “not to mention more than 180 journalists from nearly two dozen countries”, as such we see 0.36% of the data is about journalists, so if I was to look at a slice and dice dashboard, how will these 50,000 people distribute? So when we see “If one reporter is threatened or killed, another can take over and ensure that the story is not silenced”, yes, how did that end up for those journo’s in Turkey? What about outliers in data like Dutch journalist Peter R. De Vries? He is not getting the limelight that much in the last three days, you all moved on? You pushed the limelight towards Jamal Khashoggi for well over a year, who achieved less than 0.01% compared to Peter R. De Vries. I reckon that this article, although extremely nice is there to cater to a specific need, a need that the article does not mention (and I can only speculate), but when we see all this holier than though mentions and we see an inaction on Turkey’s actions, as well as a lack of news regarding Peter R. De Vries, I wonder what this article was about, it wasn’t really about the NSO group and Pegasus, they are mentioned 4 and 7 times, the article was to push people towards thinking it is about one thing and it becomes about the 0.36% of journalists in a list of 50,000, all whilst the number is mentioned once in the article without a breakdown. Someone else is calling, when you answer, just make sure the local number is not 666.

Leave a comment

Filed under IT, Military, Science

The Lawyer wins, the law loses

Yes, it is a stage that we will be seeing soon enough. As the lawyer wins, the law loses and tht is just the beginning. As we see ‘Apple loses appeal in Fortnite court battle’ (source: Australian Financial Review) there is a secondary stage that comes up. It is not immediately clear, but someone gave the reader by Jeff Dotzler in GC Consulting in 2019 ‘Will You Get Sued if Your Business is Hacked?’ There we see “Even though the company was able to restore the records, one of the affected clients, Surfside Non-Surgical Orthopedics in Boynton Beach, sued Allscripts in federal court. Surfside accused Allscripts of not doing enough to prevent the attack or lessen its impact and sued on behalf of all affected clients for “significant business interruption and disruption and lost revenues.”” Now consider that ‘significant business interruption’ can be replaced with ‘game score disruption’, a stage I saw coming a mile away. Epic Games did not  consider the stupidity of their actions and now, should they win they will soon face several, if not well over a dozen class cases. They cannot make some ‘we are not responsible draft’, the moment ANYONE at Google or Apple squeals the setting of the hack and it comes with the accompanied ‘We could have prevented that’ Epic Games is lost, it will cost them billions in settlements and lawyer costs. If you doubt that, consider ‘SolarWinds says unknown hackers exploited newly discovered software flaw’ (at https://www.reuters.com/technology/solarwinds-says-unknown-hackers-exploited-newly-discovered-software-flaw-2021-07-12/), so they just got out of one mess only to land in a new one and these people have a decently simple system, Epic Games will have to spend on protection that is several levels higher and I feel decently certain that it is not enough. The moment any profile is transgressed on whilst there was a purchase, that is the game, loss Epic Games and loose they will, a lot. 

Even as we are told “SolarWinds said the flaw was “completely unrelated” to last year’s hack of government networks”, it will not matter, another flaw is found and there is every chance that more than one will still be found. In this Forbes gives us ‘Why SolarWinds Is The Wakeup Call No One Heard’, it comes with “everyone talks a good game, but the very structure of American (and other businesses around the globe) makes it nearly impossible to, for example, deliberately and significantly reduce EBITDA to prepare for cyber warfare” and when you consider that EBITDA is Earnings Before Interest, Taxes, Depreciation, and Amortisation. You see the problem, it is not all, it is earnings before interest and depreciation that bites, earnings before interest is all earnings with cost diminishing this and too many corporate players tend to cut cost. In some cases they have no choice in the cloud a lot does not matter but it is transgressed on (according to some numbers) for almost 90%. And when you add that Amortisation is merely anther view of  depreciation the path is clear. Steve Andriole also gives us “The number of severity of cyberattacks will explode in 2020.  Cyberwarfare has now levelled the playing field in industry, in government, and in national defence:  why spend ten or fifteen billion dollars on an aircraft carrier when you can disable it digitally?” You think that this is about defence? Do you have any idea what 50 million whining gamers can do? EVERY ransomware player will target Epic Games and with an open Android and iOS setting they will succeed. I saw this when this all started in 2020 within 5 minutes, the short sightedness will hit Epic Games and others in a few ways. Think I am BS’ing you?  Consider that several sources gave you a month ago “Hackers Stole 780GB Data Including FIFA 21 Source Code in EA Hack” and EA has been in this game a lot longer than Epic Games has been. That is not evidence, but it is a setting that we need to consider and when Epic Games loses that data the class actions start, and it is not something that they can keep quiet (apart from that being a crime), the people will talk and the parties involved, including government parties will find a nice letter making claim to financial losses. The law source (see above) also gives us a link to the Ohio Data Protection Act. There we see “Under the law, damages cannot be imposed if a state court finds your company had a reasonable cybersecurity plan when a breach occurred and followed it to the best of your ability. Or, as the legislation puts it, the law is “an incentive to encourage businesses to achieve a higher level of cybersecurity through voluntary action.”” In this I offer ‘reasonable cybersecurity plan’, was it followed through? Was there a backup if it fails, was there consideration for cross platform transgressions? In this last part I offer to the older programmers 

IF(clipper)
  
ELSE

   …
ENDIF

Those who know will nod and consider what else Epic Games and others have forgotten, what happens when someone exploits a Sony flaw over the entire system, and at that point these companies have little to no protection. 

Which gets us to ‘when a breach occurred and followed it to the best of your ability’, but the suing side will argue that the breach could have been prevented on day zero, or even day -1, which will be their way of saying that they opened the system when they were not ready and that is another billion in class actions right there, and I agree with the stage that there will be enough cases that have no bering (just like the loot box cases in the media), yet Epic Games will have to hand to their lawyers to investigate them all, the hours alone will rake up millions and that is merely year one. The lawyer wins his bread and butter for a year (at the very least) and the law is up the creek without a clause. The law was never ready for this, so the going will be good towards the coffers of Epic Games, a looting box that requires time, not money. 

So when we go back to Forbes and consider “When I took the results to the CFO (to which technology weirdly reported), his only question was, “what’s all this going to cost me?,” which of course was the wrong question.” We see there setting, but I wonder who gave that same question to the Chief Legal Officer (CLO) with the question ‘What will this cost the firm?’, a question that he can decently predict when he considers 1-5 class actions and that result has to be scary and any consideration of future profit goes straight out of the window, not merely the legal costs, marketing will have to offer a whole range of products and services to stem the tide of people leaving for the next safer harbour, the most dangerous of all settings, and that is merely the beginning of year one as Android and iOS stores open. Forbes also gives a reference to Andy Greenberg (Wired Magazine, 2019) said about why governments have been unwilling to deal with cyberthreats: “More fundamentally, governments haven’t been willing to sign on to cyberwar limitation agreements because they don’t want to limit their own freedom to launch cyberattacks at their enemies.  America may be vulnerable to crippling cyberattacks carried out by its foes, but US leaders are still hesitant to hamstring America’s own NSA and Cyber Command, who are likely the most talented and well-resourced hackers in the world.” And this is not a government setting, Epic Games will be hit be greed driven and vengeance driven hackers as well as organised crime, a %5 billion company? With the state of cybercrime convictions? They are definitely on board. A stage Epic Games could have prevented from the start, but someone saw 30% of $5,000,000,000 and did the math, but whoever did the math was not ready for the tidal wave they would be inviting through that choice. In this, Forbes had one more gem, it comes from Nicole Penroth and ‘The hubris of American exceptionalism’, when we see “More hacking, more offence, not better defence, was our answer to an increasingly virtual world order, even as we made ourselves more vulnerable, hooking up water treatment facilities, railways, thermostats and insulin pumps to the web, at a rate of 127 new devices per second”, now consider that Fortnite is on Windows, MacOS, Switch, Sony, Microsoft, iOS and Android, they drew more than 125 million players in less than a year, do you think that there will be no flaws? And how many devices a second will that add to the equation? Do you have any clue what level of protection is required, even as Sony, Solarwinds, Nintendo and Microsoft have all been hacked even though they had nowhere near that level of complexity required. This was a dangerous situation from the start and gamers will soon have to seriously consider to remove any program that has an ‘open’ store, the cost will be too high for a lot of them. 

And that is not all, as Nicole spoke about ‘an increasingly virtual world’ the danger that open stores will mean that you either have a dedicated computer, or healthcare and safety products will not be considered to be insured in your house, when that happens we get a whole new level of nightmare, I can only imagine that setting, but I am clueless as to the impact, we cannot oversee that, not with an evolving IoT and 5G evolving before our very eyes.

Leave a comment

Filed under Gaming, IT, Law, Politics

Dark side of the Jedi

Yes, I guess that George Lucas really had no idea that this would hold for well over 45 years, but that happens when you become the real innovator. In this we recognise innovators, but the path of one is often dangerous, perilous and it only works when the competition is at your heels. Consider that Star Wars came out when we had The Omen, Taxi Driver, All the presidents men, Rocky, Saturday Night Fever, the Duellists. All excellent movies, all driving the others to do better, that is why it works, so when I see “reversing the Trump-era award to Microsoft Corp and announcing a new contract expected to include its rival Amazon.com and possibly other cloud players” I merely wonder how stupid Trump actually was. To give $10,000,000,000 to Microsoft when they screw up their console position and hand the number two place to Nintendo with the weakest of all consoles, only to likely lose again in the future to the Amazon Luna and possibly even to Netflix? How delusional can you become? Microsoft tried to attack the Apple tablet market and failed miserably again and again, they blew their mobile market and they are trying to create waves for their Azure market, that is the player we want for the U.S. Defense Department? This all whilst we get a day ago “Microsoft has “paused” SQL Server in its Windows Containers project. Microsoft advises anyone interested in running SQL Server in a container to use the Linux root instead”, so basically the two non entries (Google and Amazon) were a better solution off the bat?

So, this Jedi (aka the Joint Enterprise Defense Infrastructure) is off to a rocky start. I had never expected to be any commander in chief so delusional that they would hand the contract to one player, all whilst better solutions (in the worst case merely equal) would be considered without proper vetting? I am not stating to merely give it to Amazon or Google, that is why vetting is an important process, yet in all that, Reuters (at https://www.reuters.com/article/us-microsoft-pentagon-jedi/pentagon-hits-reset-on-trumps-10-billion-cloud-deal-welcoming-new-players-idUSKCN2EC1YY) gives us “The company cited a 2019 book that reported Trump had directed the Defense Department to “screw Amazon” out of the JEDI contract”, is this how Americans see their national defence, as an ego driver? It would be one thing if Microsoft is the better party, but that hasn’t be the case for some time. 

So when I see “the plan would likely involve a direct award for “urgently needed” capabilities and then a “full and open” competition for multiple suppliers by early 2025”, which we get from John Sherman, acting chief information officer for the Defense Department. My issue here is that when I see ‘urgently needed’, I also remember the joke (not a funny one) that the Zumwalt class represents and the billions spend there, then there are a few more projects, all with pressing needs. And whilst we are getting towards it, the entire Kaseya and Solarwinds debacle shows the larger pressing matter. Security matters! And the matter of security can never be properly investigated if it is appointed to one player, one debatable player mind you. I am not stating that security at Google or Amazon is better, but the Exchange issues, which we get from ZDNet in April shows us “Four zero-day vulnerabilities in Microsoft Exchange Server are being actively exploited by state-sponsored threat groups and others to deploy backdoors and malware in widespread attacks”, this doesn’t mean that Google and/or Amazon is better. But the debate is on and Microsoft lost top dog and pole position years ago, they are merely in it to remain mediocre, all for the good of the board of directors. They lost to Apple (tablets), then they lost to Google (with Bing), then they lost to Amazon (web services and SaaS) and now surpassed by TikTok (video against China), that is an impressive fail rate. Consider that Bing has a market share of 2.71%, which against Google with 91.95% is slightly too funny for words. 

But this is not about Microsoft, it is about Jedi (all these funny acronyms). So when we consider the dark side of that forceless solution (by Microsoft) and we need to wonder about “the Defense Department also announced its plans for a new multi-cloud initiative known as the Joint Warfighter Cloud Capability, or JWCC. It must provide capabilities at all three classification levels — Unclassified, Secret and Top Secret — and parity of services across all classification levels; integrated cross-domain solutions; global availability including at the tactical edge; and enhanced cybersecurity controls, according to the Pentagon”, not the intent, but the investigative presumption of ‘enhanced cybersecurity controls’, both Solarwinds and Kaseya showed us that and this field is still widely in development, and sources like business wire are setting the Marke that cloud security will double over the next 4 years, a stage of increased visibility will both increase security and criminal activities, the winner remains unknown at present, even if we acknowledge that REvil has the upper hand, we have no way of knowing what happens tomorrow,  if security comes from innovators there is every chance that Amazon or Google will get there before Microsoft will, even Apple has a better chance of showing innovation than Microsoft in the cloud atmosphere at present. The fact of what happens next will be out soon enough, yet my mind wonders why anyone would be stupid enough to award national defence to anyone without proper vetting.  So when we accept that it was meant as “part of a broader digital modernisation of the Pentagon aimed at making it more technologically agile”, wouldn’t you want to vet to broaden the application of data, the security of the system and the application of security towards data, users and access? There is a reason that SELinux had roots going back to the NSA, this they all wanted to throw away? And the media is merely reporting the news, not questioning that time line? Why is that?

Only the agile and versatile remain superpowers, and the former president was willing to hand over 50% of THAT equation? So consider that what was JEDI (Joint Enterprise Defense Infrastructure) could have become the Darth (Defence Application Reprehensive Technology Hype) defence system. 

Leave a comment

Filed under IT, Military, Politics, Science

Dream number three

I am trying to remember something. Yesterday I came up with short story number three, I dreamt the story and the big lines were done, but now I forgot the dream, only fragments remain. A stage where it is about one thing leading to another, I see the ending but I can no longer see the beginning. It is a shared setting that eludes me, and every time I my mind moves back to the story, it is overwhelmed with other facts. It takes me back to yesterday as I was writing the Kaseya story. The BBC is giving us “Researchers from the Dutch Institute for Vulnerability Disclosure found the problem and were helping Kaseya plug the hole long before the hackers found it”, yet if we are to believe ‘long before the hackers found it’ I wonder why Kaseya was continuing on the path they were. More important, if that was really true, why was Kaseya not monitoring the situation 24:7? In my case the story is not completed, I am creating it (almost) on the go. Kaseya is seemingly in a stage where they are in denial. First a few, then up to a 1,000 and now, after other sources give us a stage that sets the premise to up to 100,000, some sources give us ‘Between 800 and 1,500 companies potentially affected by Kaseya ransomware attack’, I get it, it is optional a seesaw that is balancing between optionally managing bad news and the speculative media on the other end of the seesaw. Neither side is overly reliable in my personal view. Yet the BBC gives us “the way the cyber-security world has pulled together to reduce the impact of the attack has been incredible”, you see, I have been involved in IT work since 1982, I have never seen competitors pull together, so the story of ‘the cyber-security world has pulled together’ remains debatable. They are all scared, they wanted solutions faster, automated and cheaper, it is like the house where you can choose 2 out of three, now the choice is nil, because the underlying factors are haywire. In this setting, and yes, this is all speculative. We have a solution that is faster/slower, automated/manual and cheap/expensive. They wanted it fast, but that requires matching hardware and software. This is where ‘plugging the hole’ is a problem, as such there was never a cheap solution. Then there was the automated setting, that is the one that they could pull off, but in a stage where there is too little security, and if ‘long before the hackers found it’ is to be believed, I speculate that the need was manual when the wrong parties opted for automated. And in the third we have cheap and expensive. They needed a solution that was cheap, but they needed a lot more expensive elements. This is ALL speculation, but the setting where we see system after system fail, in my personal opinion is all a setting towards shortcuts and that led to the weakness we now see exploited. I personally believe that players like Kaseya are too plenty and when we see ‘the cyber-security world has pulled together’, we see a stage where they all have a seemingly fat meal, they all get to set a field of limitations for all others and that will have long term repercussions. Microsoft, Solarwinds, Kaseya are examples that how us that the hackers are gaining more and more advantage and that is the larger stage. In this setup hell will get one happy resident and it is not the ruler of hell, I will let you consider who I am talking about and it is not a player that is mentioned in this article, neither is REvil, they seemingly found a gap that they exploited hoping to bank $70,000,000 but the stage is out there and the snippet “were helping Kaseya plug the hole long before the hackers found it” is merely a factor, so how long did the plugging take and why was it not successful? The words ‘long before’ should be an indication. So why are we (clearly) seeing several facts and the hack was still successful? The article is (at https://www.bbc.com/news/technology-57719820) merely one factor, the amount of MSP’s are another and the lack of alarms is a third part. A dangerous setting of cheap, seemingly fast and proclaimed automated systems in a stage where no one was the wiser. Consider a fast automated system without proper alarms and without logs, and that is merely one player using (or claiming to have) cloud solutions. A stage that is no solution (ask COOP in Sweden if you doubt me) and one that hands over cash to organised crime. How much risk are you willing to take with your business?

1 Comment

Filed under Finance, IT, Science

Your data or your life!

It is not the dream, not this time. I was persecuted by a Construction AI with diminishing reality capacity, but in the humour side there were a few criminals trying to get away with a golden car (like Goldfinger) and they got in the middle, so there. No, today is about Ransomware. Reuters gives us ‘Ransomware breach at Florida IT firm hits 200 businesses’ (at https://www.reuters.com/technology/200-businesses-hit-by-ransomware-following-incident-us-it-firm-huntress-labs-2021-07-02/). Like the solarwinds issue we see “The attackers changed a Kaseya tool called VSA, used by companies that manage technology at smaller businesses. They then encrypted the files of those providers’ customers simultaneously” and no one, most visibly the media is asking the questions that needs asking. The Microsoft Exchange issue, the Solarwinds issue, now Kaseya. We understand that things go wrong, but as I see it the hackers (read: optionally organised crime) have a much better understanding of matters than the lawmakers and police do, we see this with “encrypted the files of those providers’ customers simultaneously” and that is before we consider that ‘an American software company that develops software for managing networks, systems, and information technology infrastructure’ has the kind of security that can be trespassed upon. And why do I think this? It is seen “The attackers changed a Kaseya tool called VSA, used by companies that manage technology at smaller businesses” and contemplate the issue that this had been happening for the last 5 months. A lack of larger systems as well, and all this continues as the law is close to clueless on how to proceed on this. We see statements like “In their advisory and further incident communications, Kaseya said that only a few out of their 36 000 customers were affected”, yet CNet gives us “REvil, the Russia-linked hacking group behind the attack on meat processor JBS, is linked to the Kaseya attack, The Wall Street Journal reported. Security firms Huntress Labs and Sophos Labs have likewise pointed to REvil”, which gives the law the problem that a member must be a proven member of REvil and that is largely not the case, moreover they have no clue how many members are involved. When one player gives us “We are in the process of formulating a staged return to service of our SaaS server farms with restricted functionality and a higher security posture (estimated in the next 24-48 hours but that is subject to change) on a geographic basis”, all whilst one of the victims is the largest grocery store in Sweden (COOP), the setting of “only a few out of their 36 000 customers” becomes debatable and it will affect the retail stage to a much larger degree, especially when you consider that they are cloud based. I stated in the past (based on data seen) that 90% of the cloud can be transgressed upon. And they are all servicing the larger stage of people dealing with IT requirements on a global scale. Now consider that cloud systems remain largely insecure and beyond the fact that ITWire was giving us “SolarWinds FTP credentials were leaking on GitHub in November 2019” and it was a direct results from someone who thought that ‘solarwinds123’ was a good idea. Oh, I remember a situation involving Sony and stated that there might be an issue that someone (I implied the Pentagon) had a router with password ‘cisco123’, I did that in ‘The Scott Pilgrim of Technology’ (at https://lawlordtobe.com/2019/05/23/the-scott-pilgrim-of-technology/) in MAY 2019, and did anyone learn anything yet? It is now 2 years later and still we see these levels of transgressions? Some might say that IT firms are helping REvil get essential revenues, some might say that these IT firms got themselves in this mess. So when we look at some firms relying on ‘Five years of experience for an entry-level job’, or perhaps “Any of the following will be grounds for immediate dismissal during the probationary period: coming in late or leaving early without prior permission; being unavailable at night or on the weekends; failing to meet any goals; giving unsolicited advice about how to run things; taking personal phone calls during work hours; gossiping; misusing company property, including surfing the internet while at work; submission of poorly written materials; creating an atmosphere of complaint or argument; failing to respond to emails in a timely way; not showing an interest in other aspects of publishing beyond editorial; making repeated mistakes; violating company policies. DO NOT APPLY if you have a work history containing any of the above” (source: Forbes). All this in a stage of age discrimination and narrow minded thinking of HR departments. Yes that is the dynamic stage of people that have bad passwords and a stage of transgressions. So whilst we might think it is a stage of ‘Your data or your life’, there is a larger stage where the law has a bigger issue, it has the issue of IT firms cutting cost and having a blasé approach to the safety of their systems, and more important their customers. And whilst ABC New York gives us “The number of victims here is already over a thousand and will likely reach into the tens of thousands,” said cybersecurity expert Dmitri Alperovitch of the Silverado Policy Accelerator think tank. “No other ransomware campaign comes even close in terms of impact” (at https://abc7ny.com/amp/ransomware-attack-4th-of-july-cyberattack-kaseya/10859014/) we see a first stage where the statement ‘only a few out of their 36 000 customers were affected’ is as I personally see it marketing driven panic. And that is a much larger case. I get that the firm hit does not want too much out in the open, but between a few, 2% and optionally a stage that could go beyond 27% is a setting too many are unable and too uneasy to consider. And when we see that 27%, do I still sound too ‘doomsday’ when I state that there is a much larger problem? And when we see the media go with ‘MSPs on alert after Kaseya VSA supply chain ransomware attack’, all whilst I stated a few issues well over 2 years ago, they should have been on the ball already. I am not blaming the MSP’s, but I do have questions on how their systems are so automated that an attack of this kind (the stated 1000+ customers hit) all whilst some sources state 50 MSP’s, there is a stage where triggers would have been there and the alarms were set to silent because some people might have thought that there were too many false alarms. This is a different stage to the larger playing field, yet I believe it needs to be looked at, especially when the damage can be so large. I am not certain what work lies ahead of the hit customers like COOP that had to close down 800 supermarkets, but in all this something will have to give. 

Leave a comment

Filed under IT, Science

SET trust = 0.

Yup, we all have a stage when there is no trust, there is no confidence and we wonder the why part. In this, I had questions, so I asked the agency, but they did’t know, then I asked the FBI, I asked Langley and I asked Commander Andrew Richardson, they all gave the same story, there is No Such Agency, so I Googled them and Yes! There they were, complete with phone number (+1 301-677-2300) and all, yup, we got them, so now we get to their story (at https://breakingdefense-com.cdn.ampproject.org/c/s/breakingdefense.com/2021/04/nsa-about-to-release-unclassified-5g-security-guidance/amp/).

Via the BBC, we get ‘NSA About To Release Unclassified 5G Security Guidance’ and I started to read, the article makes a lot of sense. Which gave me “Noble’s speech highlighted the importance of zero-trust architecture in 5G networks”, and it got me thinking, the approach makes a lot of sense, just like SE-LINUX, the setting of ‘no-trust’ makes sense, especially in a world where Microsoft keeps on fumbling the ball, not merely their exchange servers, but the (what I personally see as greed driven) push towards Azure, it comes with all kinds of triggers and dangers, especially as they are ready to cater to as many people as possible, the no-trust rule is pretty much the only one that makes sense at present. I have written about the dangers more than enough. So when we are given “it’s reasonable to expect that future NSA 5G security recommendations will emphasise zero trust as a key component”, I believe that the approach has a lot of benefits, especially when such a setting can be added to anti viral and Google apps, it could increase safety to well over 34% overnight, and option never achieved before and we should all applaud such a benefit. There are a few thoughts on “NSA has characterised zero trust as “a security model, a set of system design principles, and a coordinated cybersecurity and system management strategy.” It’s a “data-center centric” approach to security, which assumes the worst — that an organisation is already breached or will be breached.” A choice that is logical and sets the cleaning directly at servers and ISP’s, and they are the backbone in some cases to close to 75% of all connections, so to set a barricade on those places makes sense, there is no debating, the choice of calling themselves No Such Agency wasn’t their best idea, but this is a game changer. 

I have been critical of the US government in all kinds of ways for years and on a few topics, yet I have to admit that this is an excellent approach to prevent things going from bad to worse, moreover, there is every chance that it will make things better for a lot of us overnight as such a system deploys, it will have a trickle down effect, making more and more systems secure. 

That one thing
Yup there is always one thing and we see the dangers when we consider Solarwinds and Microsoft (their mail server), the one part is when we rely on rollbacks and we see rollback after rollback creating a hole and optionally a backdoor, the most dangerous system is the one deemed to be safe, ask Microsoft, or their exchange server. When you believe all is safe, that is when the most damage can be made. And as the article looks at 4 parts, we see ‘Improved network resiliency and redundancy’, yes it makes sense, but rollback efforts are possibly out of that equation and when we get some people tinkering there, there is a chance that the solarwinds paradox returns, yet this time with a dangerous seal of approval by the No Such Agency, it will be the one part all criminal minds are hoping for, in this I personally hope they fail, but these buggers can be resilient, tenacious and creative, the triangle that even the Bermuda Triangle fears and that is saying something.

Leave a comment

Filed under IT, Military, Science

An almost funny thing

I saw an article at the BBC and I will get to that in a moment, but it reminded me of a situation that happened in 2010. I needed a new laptop and I was looking in a shop at their Collection of laptops. A man came to me and was trying to convince me just how amazing this laptop was. My inner demon was grinning, I get it, the man was enthusiastic, he was giving the numbers, but in all this, did he realise what he was saying? I am not doubting the man’s skills, he was doing a good job, I was however in IT and had been there for 30 years, so I have pretty much seen it all, and there it was, my little demon, on my right shoulder calling me ‘pussy’. So as the man stated ‘this laptop has a one terabyte hard-drive, can you even imagine ho much that is?’, I could not resist and my response was ‘Yup, that would fit roughly 10% of my porn collection’, his jaw dropped to the ground, his eyes almost popped, the demon inside me stated ‘Nice!’ Actually, it was not quite true, it would only fit a rough 0.32114%. It was the impact of the shock factor. You see, there is a hidden agenda there, when you (appropriately) use the technique, you get to see the real salesperson and that was what I needed. He was thrown, but he recomposed and continued giving me the goods on the laptop, I bought that laptop roughly 132 seconds later.

So today I saw ‘The Rise of extortionware’ (at https://www.bbc.com/news/technology-56570862), here I notice “where hackers embarrass victims into paying a ransom”, it is not new, it is not even novel. I will also give you the second game after the people involved get arrested, they will demand anonymity and any bleeding heart judge will comply. I state that these people will be handed the limelight so that the people that faced ransomware attacks can take their frustration out of these people. But that remains wishful thinking. So next we get “Experts say the trend towards ransoming sensitive private information could affect companies not just operationally but through reputation damage. It comes as hackers bragged after discovering an IT Director’s secret porn collection.” I have the question was it a private or a company computer? You see, sone focus on the boobies, just what the advertisers on Twitter hope for, they want the click bitches, it makes them money. It is time that we set the larger stage, you see the entire mess would be smaller if Cisco and Microsoft had done a proper job. OK, I apologise, Cisco does a proper job, but some things slip through and in combination with Microsoft exchange servers it is not slipping through, it is a cyber hole the size an iceberg created on the Titanic and we need to set a much larger stage. So when we see “Thanks God for [named IT Director]. While he was [masturbating] we downloaded several hundred gigabytes of private information about his company’s customers. God bless his hairy palms, Amen!”, it seemingly answers that he might keep it on a corporate computer, or he uses his private computer for company stuff. Yet in that same light the hacker should not be allowed any anonymity, we all get to see who the hacker is. If there is something to be learned it is see with “Hackers are now actually searching the data for information that can be weaponised. If they find anything that is incriminating or embarrassing, they’ll use it to leverage a larger pay-out. These incidents are no longer simply cyber-attacks about data, they are full-out extortion attempts” There are two sides

  1. The station of ALWAYS ONLINE needs to change, there needs to be an evolving gateway of anti hack procedures and a stage of evolving anti hack routers and monitoring software. You think that Zoom is an option?
    Tom’s Guide gave us less than 2 weeks ago “More than a dozen security and privacy problems have been found in Zoom”, as well as “Zoom’s ease of use has made it easy for troublemakers to “bomb” open Zoom meetings. Information-security professionals say Zoom’s security has had a lot of holes, although most have been fixed over the past few year”, so whilst you contemplate ‘most have been fixed’, consider that not all are fixed and that is where the problem goes from somewhat to enormous. Well over 20% of the workforce works at home, has zoom meetings and that is how cyber criminals get the upper hand (as well as through disgruntled employees), a change in mindset is only a first station.
  2. Remember that Australian? (Julian Assange) We were told that soon there would be some leaks on issues on banks (Wall Street) then it suddenly became silent, now some will say that it is a bluff, but in light of the meltdown in 2008, I am not so certain, I reckon that some have ways to show the hackers who they are and they profit by not doing that. Can I prove this? Absolutely not. It is speculation, but when you look at the timeline, my speculation makes sense. 
  3. The third side is optionally the second side as the second side might not be a real side. When we see “Hackers are now actually searching the data for information that can be weaponised. If they find anything that is incriminating or embarrassing, they’ll use it to leverage a larger pay-out. These incidents are no longer simply cyber-attacks about data, they are full-out extortion attempts”, the underlying station is ‘information that can be weaponised’ and the IT sector is helping them.

How did I get there? The cloud is not as secure as some state, and the salespeople need to take notice. Business Insider gave us about 6 months ago “70% of Companies Storing Data With Cloud Companies Hacked or Breached”, see the link we are now slowly getting presented? 

In the OSI model, we see layers 3-7 (layer 8 is the user). So as some have seen the issues from Cisco, Microsoft and optionally Zoom, we see a link of issues from layer 3 through to layer 7 ALL setting a dangerous stage. Individually there is no real blame and their lawyers will happily confirm that, but when we see security flaw upon security flaw, there is a larger stage of dangers and we need to take notice. And here the dangers become a lot more interesting when we consider the Guardian yesterday when we saw “Intelligence value of SolarWinds hacking of then acting secretary Chad Wolf is not publicly known”, what else is not publicly known? How many media outlets ignored the Cisco matter, how come ZDNet is one of the few giving us “it’s not releasing patches for some of the affected devices that reached end of life” less than 8 weeks ago. Again I say Cisco did the right thing by informing its customers close to immediately, yet when we see “More than 247,000 Microsoft Exchange servers are yet to be patched against the CVE-2020-0688 post-auth remote code execution (RCE) vulnerability impacting all Exchange Server versions under support” (source: bleepingcomputers.com) as far as I can see, a lot of the media ignored it, but they will shout and repeat the dangers of Huawei, without being shown actual evidence, and I state here, that unless we make larger changes, the extortion path will evolve and become a lot larger. With 70% of cloud systems getting hacked or breached, a large chunk of the Fortune 500 will pay too much to keep quiet and who gets to pay for that? There is a rough 99.867765% chance that its board members will not, it might be speculatively, so please prove me wrong.

A stage where the needs of the consumers changes in a stage where the corporations are not ready to adjust and all whilst the IT salespeople have that golden calf that does everything and make you coffee as well. Adjustments are needed, massive adjustments are needed and we need to make them now before the cybercriminals are in control of our IT needs and that is not mere speculation, when you see flaw after flaw and too little is done as too many are the victim of its impact is a serious breach and it has been going on for some time, but now it is seemingly out in the light and too many are doing too little and as we laugh at “God bless his hairy palms, Amen!” Consider that stage, and now consider that they invade a financial institution, these are clever criminals, they do not empty your account, they merely take $1, perhaps $1 every other month, this implies that they are looking at a $16,000,000 every two months. And this is merely one bank, one in a thousand banks, some a lot bigger than the Australian Commonwealth bank and lets face it, the fact that layer 3 to layer 7 is leaky in hundreds of thousands of customers, do you really think that banks are off-limits? Do you really think that this is a simple hick-up or that the scenery is changing this quickly by people claiming that it will be fixed in no-time? 

We need massive changes and we need them a lot sooner than we think.

1 Comment

Filed under IT, Law, Media, Science

The wide net

We all have the idea to go phishing, we want trout, we want salmon and we use the biggest net possible to get at least one. So when AP gave us ‘Casting a wide intrusion net: Dozens burned with single hack’ (at https://apnews.com/article/donald-trump-politics-europe-eastern-europe-new-zealand-f318ba1ffc971eb17371456b015206a5), not only was I not surprised, I had been warning people about this for a few years, that setting is apparently upon us now (or at least some are admitting it now). There we see “Nimble, highly skilled criminal hackers believed to operate out of Eastern Europe hacked dozens of companies and government agencies on at least four continents by breaking into a single product they all used” this does not surprise me, this happened in the late 80’s as well when someone used Aston Tate’s DB3 to introduce a virus, it is simple find something they all use and hamper its function, a basic strategy that an Italian (Julius Caesar) introduced 2000 years ago, there he hampered the roads and not servers but you get the idea, the classics still work.

When we are given “The Accellion casualties have kept piling up, meanwhile, with many being extorted by the Russian-speaking Clop cybercriminal gang, which threat researchers believe may have bought pilfered data from the hackers. Their threat: Pay up or we leak your sensitive data online, be it proprietary documents from Canadian aircraft maker Bombardier or lawyer-client communications from Jones Day.” It might seem rash but the people relied on others to keep their data safe and whilst we see more and more that they cannot contain the bacon the clients are suffering, this is not a simple station and we get it, but package solutions tend to come with flaws and that has been a truth for 20 years, so why are you all crying now? It is the final part that has more bearing “Members of Congress are already dismayed by the supply-chain hack of the Texas network management software company SolarWinds that allowed suspected Russian state-backed hackers to tiptoe unnoticed — apparently intent solely on intelligence-gathering — for more than half a year through the networks of at least nine government agencies and more than 100 companies and think tanks. Only in December was the SolarWinds hacking campaign discovered by the cybersecurity firm FireEye. France suffered a similar hack, blamed by its cybersecurity agency on Russian military operatives, that also gamed the supply chain. They slipped malware into an update of network management software from a firm called Centreon, letting them quietly root around victim networks from 2017 to 2020.” This is important because of what happened in the last two years, remember how ‘stupid’ American people started to blame Huawei for all the bad whilst offering absolutely no supporting evidence? Huawei does not need to bother to aid whichever government there was, silly software developers are doing that for them, we see an abundance of intrusion problems that include SolarWinds, Accellion and Cisco. A stage where thousands of systems are at risk, but no, the ‘silly’ people kept on blaming Huawei. Even I knew better and as Sony gave me the idea for an intrusion method called ‘Plus One’ (a viable way to drive the Pentagon nuts) with an alternative direction that I call ‘Vee One’, but that one has a few hiccups I reckon. Then I got creative and saw a new parameter in play. One that is based on a little part I read in a Cisco manual, the text “When You Add A Hard Disk To A Virtual Machine(VM), you can create a new virtual disk, add an existing virtual disk, or add a mapped Storage Area Network (SAN) Logical UnitNumber (LUN). In most cases, you can accept the default device node. For a hard-disk, a non default device node is useful to control the boot order or have different Small Computer System Interface (SCSI) controller types. For example, you might want to boot from an LSI Logic controller and use a Bus-logic Controller With bus sharing turned onto share a data disk with another VM.” You see that small text indicates that there is a nice workaround in Cisco CMX and it opens up a lot more than they bargained for, that in conjunction with the share issues thy were already facing gives out a whole new meaning to the phrase ‘Copy me I want to travel’, n’est pas? (for the French victims)

It is a much larger stage, most laws aren’t ready for this, prosecuting the guilty parties is close to impossible and any quick fix they make will only make things harder, the setting was and has for always been the makers of software, time constraints and lack of deep testing makes for a lousy solution and in most cases these players have a pushy marketing department (example: Ubisoft), and yes ‘You be soft!’ because the small tidbit that AP gives us with “Attackers are finding it harder and harder to gain access via traditional methods, as vendors like Microsoft and Apple have hardened the security of the operating systems considerably over the last years” yet it is a small stage and not a correct one. Weaknesses in Azure, issues with advertising in apps and a larger stage of programming, we see it clearest in .NET, but it goes way beyond that, for example “The problem of memory leaks is not uncommon in any technology. Simply put, the framework doesn’t release the memory that it no longer needs. .NET is frequently criticised for memory leaks and memory-related issues. Although .NET has a garbage collector for this sort of problem, engineers still have to invest additional efforts into proper resource management. And the leaks keep on growing as the application scales.” (source: Altexsoft) and it shows the smallest part, if there is a leak in one place, there will be in other places too and the leaks are not the real problem, getting it to semi-crash and taking over its right on a network are a quick way into any system, I saw the example with an accounting program (censored name), I got the program to crash (took about 20 seconds) and I ended up with the administrator rights to the entire mainframe from ANY location running that software. I get it, there will always be a bug in any place and the makers were quick to fix it, but for a few weeks there was an entrance point that took minimum efforts and that setting is only increasing with routers and cloud systems, these companies rely on marketeers that are ready to push for the investors sake and leave the client swimming in a swamp, I have seen it more than once and it will happen again, and this setting has been going on since 1989 and over the next 3-4 years it will grow to 150%, the push to billions and to quickly get to billions will be overwhelming for too many players all whilst the law will not be able to protect the victims, they will merely point at torts law, even though that you are the victim, most contracts are offered as an ‘as is’ solution and for the most software makers can avoid prosecution for the longest time, long enough for the hackers to get away with your data and sell it, what a lovely system you bought. Oh and before I forget, organised crime is way ahead of me, so for some it will already be too late.

Leave a comment

Filed under IT, Law, Media, Science

Greed v Agony: 1-6

We see the set, we see the result, yet we do not understand the equation. The media is mulling it over, it is in despair on what to do. They have so many voices to listen too, producers, executives, stake holders and share holders, none can agree on the story and more precise, most of them are clueless on what the story is. Reuters gives us ‘SolarWinds hackers accessed Microsoft source code, the company says’, the story (at https://www.reuters.com/article/us-global-cyber-microsoft/solarwinds-hackers-accessed-microsoft-source-code-the-company-says-idUSKBN2951M9), gives us plenty, but are they giving us what we need to know? Even as we are told “It is not clear how much or what parts of Microsoft’s source code repositories the hackers were able to access, but the disclosure suggests that the hackers who used software company SolarWinds as a springboard to break into sensitive U.S. government networks also had an interest in discovering the inner workings of Microsoft products as well”, a stage that is a lot bigger than anyone knows, some cyber experts have an inkling of thought on just how bad things got, but they do not know just how bad, because we do not know what was accessed.

Back in Time
So as we consider that on December 13, 2020, The Washington Post reported that multiple government agencies were breached through SolarWinds’s Orion software. So this is when the worm got out, yet I believe that the first instances were early August, I cannot prove this, but that is when the first event took place, they were merely not seen or identified as such. As far as I can tell (through unconfirmed and slightly dubious sources), there was a mapping phase in play and it was in play for weeks. This mapping phase was not contained or limited to the US, or to governmental players. It was also not the first time it happened, but it seems it was the most complete and most successful attempt, and it is about to get a lot worse. You see, people didn’t learn from 9/11, from all these people who went to flight school just to take off and learn how to fly into buildings, they didn’t learn the first time, and they are not learning now (at https://www.youtube.com/watch?v=lZAoFs75_cs), it gets to be funnier, the ethical hacker is topped by another advertisers, offering the same with 75% discount, and would you know it, all these ‘new’ ethical hackers, what are the chances that a few have their own agenda? Now these people are not ready to take over Solarwinds yet, but they are en-route.

A lot of hackers started as ethical hackers and then didn’t end up with a decent job, they had to make ends meet, and would you know it, they had just the education to make that happen. So as they didn’t get high paying positions at Google, Apple or Sun systems, they decided to take the reins themselves. They do have their competitors, people who graduated from London Poly, or Moskovski politekhnicheski universitet an a few others, all having graduates and the world had no positions for them, so they became the new managers of another version of Ransomware, or some other solution. It was only 5 years ago that we saw “Trend Micro released a research paper about sextortion: the means through which cybercriminals obtain compromising personal images or videos of Internet users – which they then hold hostage until their demands have been met” and that was if you were lucky, the idiots that most governments have include idiots that put the national security and defence issues on a USB stick. 

Time flies when greed is in charge
Over the last 5 years we saw an abundance of issues, yet the greed driven idiots all had a bottom line and cost is not part of that bottom line, it is actually against it, that was what some of these executives were screaming. And as things were pushed back quarter after quarter, the setting became that nothing was done, so when SolarWinds was transgressed upon the bulk of all corporations had no issue to see just how screwed they were, the sales people needed their bonus structure and so do the board members, as such there was for the most no defence. And it gets to be worse, even as we all want to blame SolarWinds, we need to realise that anyone with a lack of defence only has itself to blame. This is why I took certain defence matters into my own hands and even as they are not perfect, it beats no defence at all. When the Telecom Companies start to scream murder because usage is out of control and the numbers start showing that 100,000 people used 200 GB, all whilst the numbers showed that for the most the average of 50 GB, we will see another issue, the loss of telecom data and more important, our financial records will not match up, and at that point you will see a stage where our data is up for sale and there are plenty of interested parties who want that data. A setting of 5 servers that can be used multiple times and 25 customers all willing to pay $10,000 for the usage records of 100,000-350,000 people, and after the financial data is aggregated, they can collect a lot more from another 40 customers. It boils down to $250,000 for a month of work, and that is merely one segment, once these people hit companies (especially those with underfunded IT departments), The numbers will add up larger and faster, especially when IP data is made available, by the time the companies learn just how intense the pull of data was it will be too late and for the most the global police settings will not be able to cover it, the US has an FBI who can get to the matter to some degree, but they still think that North Korea did the Sony gig, so I am not holding my breath on that one. And that is before they realise that I devised another setting that explains the inside job part and I found a new way of exporting that data, which took less than an hour, the shareholders who needed a patsy in North Korea are that much in the dark at present and for the last 7-9 years actually.

So whilst the sales people are in the push for revenue, I reckon that only the companies that have a CTO on their board of directors will have a decent chance, the rest is cannon fodder, it is basically that simple.

The greed drive looks that good, but in reality they are losing 6:1 at present, SolarWinds is merely showing the agony that is out there, it is ABC News that gives a much larger timeline, with ‘Malware may have been installed in June’, which does give voice to my timeline, but it is not enough, we see the larger stage with “the hackers piggy-backed on the company that made software running on hundreds of thousands of corporate and government networks” and in all this, where was the security of SolarWinds? I believe that the damage is much larger and the players just do not know what to trust and who to trust, and that will stay with them for the larger extent of 2021, implying that their systems will not be properly cleaned for a much larger time, because they look at the larger setting, but this pass over will hit EVERY system, and it will hit a few systems in different ways, because they will get found out in a few ways, but not in all ways and that is why the agony score is so high and all this before someone realises that their cloud system could be just as infected and that is another piece of cake entirely, one that does not clean up so easily. 

So whilst we see the trivialisation of “it says patient information was not stolen” or “there was nothing to suggest customer data had been accessed”, it is the basic defence of any company or government organisation, but in reality they are decently clueless on what data was accessed and how it was copied or positioned in a place they can get to. For example it might not show, but when you realise that a person was using 12-17 GB of data during the day, so why is that person’s account using this data on his sick day? Odd is it not? There are a few more examples, but I let you simmer on this, because 2021 has a few more surprises for all of you, perhaps for me too.

Leave a comment

Filed under Finance, IT, Media, Science