- Jul 27, 2015
- 5,459
- Content source
- https://www.bbc.com/news/world-us-canada-46713983
Cyber-Attack Disrupts Distribution of Multiple US Newspapers
- Thread starter upnorth
- Start date
- Jul 1, 2017
- 1,396
I'm trying to find out what OS they are running. My money is on Windows 7 with no AV.
I didn't think anyone still read a newspaper. I have not in many years.
Most corporations don't take precautions or cybersecurity seriously until something happens. They are very reactionary institutions and it can cost them millions and millions to recover from attacks. The fact is, we need regulations, audits and proper oversight. But don't expect much of anything to change in this country while relics from the Rotary Dial phone era in charge.
Also the USA is WAY behind many other countries. For example those little black credit card readers on devices are usually made by IDTech, and they are entirely plain-text without any security or encryption. A bad actor can load notepad on an embedded system and capture all of the swipes with no effort at all. Most gas stations also use them... It's pathetic.. Proper security is with OTI Readers encrypted at the head all of the way back to the processing agent and can't be intercepted. Overseas in most countries they use NAYAX and VPOS systems, encrypted end to end with mutating keys. It's actually illegal in most countries outside of the USA to use IDTech (or similar readers) Once again, the USA is way way behind in that area as well.
All corporations over 150 people should have a cybersecurity department IMO. They should use properly locked down standard user accounts in Windows. A good Antivirus package, along with a strong Email Filtration Package. Two Factor Authentication on all intra-corporate applications and cloud apps. In addition they should utilize geo-fence logins so anyone not within the corporate subnet can't even login to their applications/TFA. Quarterly external and internal pentesting and brute force analysis should be performed.
This is the bare minimum for any mid-size or larger corporation to ensure security. If things don't change fast it's only a matter of time before all of this becomes unmanageable.
Also the USA is WAY behind many other countries. For example those little black credit card readers on devices are usually made by IDTech, and they are entirely plain-text without any security or encryption. A bad actor can load notepad on an embedded system and capture all of the swipes with no effort at all. Most gas stations also use them... It's pathetic.. Proper security is with OTI Readers encrypted at the head all of the way back to the processing agent and can't be intercepted. Overseas in most countries they use NAYAX and VPOS systems, encrypted end to end with mutating keys. It's actually illegal in most countries outside of the USA to use IDTech (or similar readers) Once again, the USA is way way behind in that area as well.
All corporations over 150 people should have a cybersecurity department IMO. They should use properly locked down standard user accounts in Windows. A good Antivirus package, along with a strong Email Filtration Package. Two Factor Authentication on all intra-corporate applications and cloud apps. In addition they should utilize geo-fence logins so anyone not within the corporate subnet can't even login to their applications/TFA. Quarterly external and internal pentesting and brute force analysis should be performed.
This is the bare minimum for any mid-size or larger corporation to ensure security. If things don't change fast it's only a matter of time before all of this becomes unmanageable.
- Apr 2, 2018
- 1,721
Similar threads
