Economist : They were hit so bad, they were forced to take orders by fax!
The big bad wolf : Qilin RaaS - Russian-speaking criminal group. Double-extortion specialists - steal data and demand ransom and also threaten to leak it. The group's toolkit is advanced and includes customizable encryption modes, anti-forensic techniques, and the ability to spread across networks
Investments in hacking tools have paid off big time for the Chinese apparently: In 2011–2012 Chinese-linked actors reportedly penetrated major Israeli defence contractors and exfiltrated data related to Iron Dome / missile systems.
NPR: Why this is China's golden age of hacking
Rosie Blau: So what should companies be doing?
Alex Hern: It’s difficult to say a lot of businesses did the easy stuff and stared at the hard stuff, be that embedded systems in robotic arms, or even things like the room booking screens that companies like The Economist have around the office, and went, oh, maybe we don’t have to do that. And it turns out you do. You have to fix everything because anything can be a way in. The other problem is that, to draw an analogy from the pandemic, we learn when everything went to crap, that actually having a little bit of slack in the system is good, having resilience is good and that maybe having run parts of society on outsourcing to the cheapest provider didn’t work so well when you really needed extra resilience. What I think some businesses are learning is that outsourcing core parts of their IT security to the cheapest provider is similarly having a problem. And it seems like one of the popular ways into ransomware in general is to call a large outsourced IT security hub and just keep going until you find the 40th, 50th call center handler who follows the script the wrong way and hands over credentials when they shouldn’t. That can often be the toehold that an attacker needs to break into the wider network. So perhaps not looking for the cheapest way of running your IT can be one of the things that businesses should learn.
 |
| VPV Vs TOR |
Eg. https://duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/
No comments:
Post a Comment