Words of Advice:

"If Something Seems To Be Too Good To Be True, It's Best To Shoot It, Just In Case." -- Fiona Glenanne

"Flying the Airplane is More Important than Radioing Your Plight to a Person on the Ground
Who is Incapable of Understanding or Doing Anything About It." -- Unknown

“Never argue with stupid people, they will drag you down to their level
and then beat you with experience.” -- Mark Twain

"Colt .45s; putting bad guys underground since 1873." -- Unknown

"Stay Strapped or Get Clapped." -- probably not Mr. Rogers

"Let’s eat all of these people!” — Venom

"Eck!" -- George the Cat

Wednesday, May 12, 2021

DarkSide

Krebs has a good article on what is going on. It's not really tech-heavy, most causal computer users should beable to understand it.

CDR Sal recommends deeming cyber-kidnapping to be a form of piracy and treating it accordingly. One form of attack might make paying digital pirates a fairly serious crime in and of itself.

One might argue that nothing of this geopolitical significance could be carried out in Russia without at least the tacit approval of the Russian government. Which, arguably makes this episode an act of war.

Digital security is expensive; the beancounters of companies don't like paying for security of any form. On top of that, there are the IT10T users who mindlessly click on links. That might be countered by good security software that detects phishing links, but again, that costs money. Might a case be made that managers who don't employ good cyber-security practices are being negligent and should be held liable to shareholders, if not criminally liable?

6 comments:

J4rh34d said...

In the tech industries (waves hand), the most valued item, after keeping a skilled workforce, is their intellectual property. Patents, trade secrets, copyrights, and trademarks. Everyone at my company has several training sessions a year on protecting.intellectual property, including IT security. Just last month, I received a phishing email sent by a firm retained to test our IT security awareness. I reported it appropriately. I'm not going to go into all the details I have go through to get access to various remote sites, but a login with a frequently changed secure password is just the start. As a shareholder, I expect no less.

Tod Germanica said...

There is is every incentive for these criminals to extort every entity they can because despite the damage they do they are apparently never caught and thrown in jail for 20 years. There is no consequence for these gangsters so look for mounting escalation. They really are pirates, at war with the world. And like England was the power behind much of the 18th century piracy, Russia is running the cyber piracy these days. With no evident blowback.

Eck! said...

Hoist the Jolly Roger and have at em.

I suggest the a letter of marque and reprisal with the
pirates named and targeted.

We have done this before.
Send them to the deep with their ports of safety.


Eck!

Ten Bears said...

Has the tech industry so deteriorated since I retired that we can't mount an appropriate response? Ten years ago we were successfully sabotaging Iran's nukes (stux-virus), today we can't shut Russia down? The Saudis? Israel?

This is bigger than a bug, there's moles in that mound.

Tod Germanica said...

Except no Port Royal style earthquake, liquefaction and tsunami will ever submerge the walls of Putin's beloved and mighty Gremlin, itself. Nor the Royal Navy.

Glenn Kelley said...

If the answer is Russia the question is what is Putins cut .