Page 1 of 3 123 LastLast
Results 1 to 15 of 31

Thread: The Internet Attacks!

  1. #1
    Join Date
    15th October 2009 - 17:33
    Bike
    2014 Honda NC750X
    Location
    Auckland
    Posts
    827
    Blog Entries
    4

    The Internet Attacks!

    So these cyber attacks that have been in the news lately seem to be exposing some possible flaws in the ‘I’ve got a great Idea, let’s put everything on the internet’ business / government approach.

    How vulnerable are we really? Will they become a regular occurence? Will paying ransoms become a cost of doing business in future? Or worse?

    H-ack! Ack ack! Ack ack ack ack ack!
    Moe: Well, I'm better than dirt. Well, most kinds of dirt. I mean not that fancy store bought dirt. That stuffs loaded with nutrients. I...I can't compete with that stuff.
    - The Simpsons

  2. #2
    Join Date
    3rd February 2004 - 08:11
    Bike
    1982 Suzuki GS1100GK, 2008 KLR650
    Location
    Wallaceville, Upper hutt
    Posts
    4,564
    I know of one government organisation that is closing it's data centre in Wellington and putting everything up in Amazon.

    Apparently the financial benefits of outsourcing are more important than having control of your own data, in your own secure location.
    Of course if the link(s) go down, there goes your access.

    The fact that an American company is subservient to the US PATRIOT act i.e. all your data are belong to US (Goverment) has escaped notice. Or has that law been repealed?
    it's not a bad thing till you throw a KLR into the mix.
    those cheap ass bitches can do anything with ductape.
    (PostalDave on ADVrider)

  3. #3
    Join Date
    31st March 2005 - 02:18
    Bike
    CB919, 1090R, R1200GSA
    Location
    East Aucks
    Posts
    10,313
    Blog Entries
    140
    As someone that works in IT, I just want the aerospace approach to the attacks, rather than traffic collisions. IE, report on the facts, highlight how it occurred. Or, y'know, focus on who to blame, without anyone learning from it.

    Ultimately, we can build the most secure system, but if a user gets tricked into (or willingly) provides their details we're going to be fighting an uphill battle. Like a user that infected the network with ransomware two Fridays in a row, a few years back. MFA goes a long way to restricting breaches because a username and password isn't enough (as a Microsoft partner, and having access to multiple systems that give us high level access across all clients, we're ending up MFA'd to the hilt) but we have users that struggle to remember their username and password. Now they have to remember their mobiles, which code to use... and switching on MFA comes with licensing costs...

    Besides that, depends on budget (and I bet this is a big factor in the DHB issues). The right kit costs money. It's like trying to explain a door lock being picked 24/7. You'd sure notice on your front door, but not on the internet.
    Quote Originally Posted by Jane Omorogbe from UK MSN on the KTM990SM
    It's barking mad and if it doesn't turn you into a complete loon within half an hour of cocking a leg over the lofty 875mm seat height, I'll eat my Arai.

  4. #4
    Join Date
    9th January 2005 - 22:12
    Bike
    Street Triple R
    Location
    christchurch
    Posts
    7,875
    one of our mission critical software services is apparently going to be migrating to Amazon servers. All the rest of our stuff lives in a datacentre (I imagine a battery hen farm, but for electrons) in Auckland and one in Christchurch with backups offshore. Not so keen on the Amazon idea
    In the white room, with black curtains, at the station

  5. #5
    Join Date
    3rd February 2004 - 08:11
    Bike
    1982 Suzuki GS1100GK, 2008 KLR650
    Location
    Wallaceville, Upper hutt
    Posts
    4,564
    THe Covid / let the users work from home thing hasn't helped. People home computers are invariably less secure (basic free AV software, if any at all) compared to the work environment, but with the lockdown, giving home users access via VPN was deemed important and hastily thrown together. Home user browses some dodgy links / clicks on an email link, next thing malware is lurking in the home PC, and the next time the home user connects to the work LAN via VPN, boom.
    it's not a bad thing till you throw a KLR into the mix.
    those cheap ass bitches can do anything with ductape.
    (PostalDave on ADVrider)

  6. #6
    Join Date
    25th June 2012 - 11:56
    Bike
    Daelim VL250 Daystar
    Location
    Pyongyang
    Posts
    2,177
    I think a lot of these things are fake news used to sell fear/agendas/antivirus software...

    Get some IT nerd blackmail him over his porn collection and tell him to flick the off switch etc...

    And why is a hacker only asking 4 million for ransomware. You’ve just successfully crippled a non functioning crippled healthcare system already in decline in a developed country and you only ask 4 million dollars.....
    And what kinda hijacker doesn’t ask for hard cash on a park bench... all electronicctransactions are fully traceable ....
    The only real hackers are the CIA NSA and they already just use the intel “ inside “ factory installed backdoors ....
    I e had no antivirus for 8 years and nothing happens to my electronic gear.

  7. #7
    Join Date
    3rd February 2004 - 08:11
    Bike
    1982 Suzuki GS1100GK, 2008 KLR650
    Location
    Wallaceville, Upper hutt
    Posts
    4,564
    When REvil infects your employers systems you'll find it's no fake attack. As far as traceable electronic transactions,you've not heard of Bitcoin? TOR routers?
    it's not a bad thing till you throw a KLR into the mix.
    those cheap ass bitches can do anything with ductape.
    (PostalDave on ADVrider)

  8. #8
    Join Date
    25th March 2004 - 17:22
    Bike
    RZ496/Street 765RS/GasGas/ etc etc
    Location
    Wellington. . ok the hutt
    Posts
    18,572
    Quote Originally Posted by R650R View Post
    I think a lot of these things are fake news used to sell fear/agendas/antivirus software...

    Get some IT nerd blackmail him over his porn collection and tell him to flick the off switch etc...

    And why is a hacker only asking 4 million for ransomware. You’ve just successfully crippled a non functioning crippled healthcare system already in decline in a developed country and you only ask 4 million dollars.....
    And what kinda hijacker doesn’t ask for hard cash on a park bench... all electronicctransactions are fully traceable ....
    The only real hackers are the CIA NSA and they already just use the intel “ inside “ factory installed backdoors ....
    I e had no antivirus for 8 years and nothing happens to my electronic gear.
    I hear birth control is a myth and God will decide who gets pregnant. Also condoms give people cooties and there is no such thing as aids or herpes it's just a marketing ploy from durex starting in the 80s. All those weird std pictures floating around were photoshopped old school with airbrush.
    I've been told. Dreaming`s free.
    Think I'll go, back to sleep.
    Everybody listen, voices in my head
    Everybody listen, do yours say, what mine says?

  9. #9
    Join Date
    8th January 2005 - 15:05
    Bike
    Triumph Speed Triple
    Location
    New Plymouth
    Posts
    9,500
    Blog Entries
    1
    Quote Originally Posted by pete376403 View Post
    The fact that an American company is subservient to the US PATRIOT act i.e. all your data are belong to US (Goverment) has escaped notice. Or has that law been repealed?
    When I was looking at installing a VPN recently, geoblocking pisses me off, one recommendation was to avoid brands hosted from the US. The US Govt, whichever acts they are using, has too much control over US companies.

    IIRC the FBI went after Mega Upload because they used some servers in the US. Otherwise they would have had zero justification to act against a Hong Kong registered company owned by a German/Finn citizen resident in NZ.
    There is a grey blur, and a green blur. I try to stay on the grey one. - Joey Dunlop

  10. #10
    Join Date
    7th January 2014 - 14:45
    Bike
    Not a Hayabusa anymore
    Location
    Not Gulf Harbour Either
    Posts
    1,112
    Quote Originally Posted by R650R View Post
    I think a lot of these things are fake news used to sell fear/agendas/antivirus software...

    Get some IT nerd blackmail him over his porn collection and tell him to flick the off switch etc...
    As another IT professional - I can tell you guys horror stories about things that I've sen.

    The most common causes of any exploits are the following:

    Users being stupid (Phishing, Social Engineering, Bad Passwords etc.)
    Systems not being patched
    Misconfigurations

    The first 2 account for the overwhelming majority.

    I think in my professional career, I've dealt with 1 or 2 Spam Attacks that have been the result of a technical issue. I've dealt with too many to count websites being hacked because of an out-of-date Wordpress version or similar CMS, but Users with crap passwords is still the biggest culprit.

    I've never had anyone try and gain access to any of the systems I have, by targeting me directly. To put it simply - if you've managed to gain enough remote access over an IT Nerd's devices that you have enough evidence to Blackmail them, why would you bother? You've already got enough access to get onto the privileged Network and interact with the File System - you'd just get on with accessing the juicy stuff.

    If anything, it would be worse trying to Blackmail the employee - afterall, if they don't know you are there, they aren't looking for you.

    TL;DR - keep your shit up-to-date, don't click on dodgy links and password123 isn't a wise choice.
    Physics; Thou art a cruel, heartless Bitch-of-a-Mistress

  11. #11
    Join Date
    15th October 2009 - 17:33
    Bike
    2014 Honda NC750X
    Location
    Auckland
    Posts
    827
    Blog Entries
    4
    So basically it just takes one user to do something stupid and you can bring down a DHB or a pipeline?

    Yikes.

    Moe: Well, I'm better than dirt. Well, most kinds of dirt. I mean not that fancy store bought dirt. That stuffs loaded with nutrients. I...I can't compete with that stuff.
    - The Simpsons

  12. #12
    Join Date
    16th January 2010 - 17:09
    Bike
    VFR400, Frankenbucket
    Location
    Otorohanga
    Posts
    2,511
    Quote Originally Posted by nerrrd View Post
    So these cyber attacks that have been in the news lately seem to be exposing some possible flaws in the ‘I’ve got a great Idea, let’s put everything on the internet’ business / government approach.

    How vulnerable are we really? Will they become a regular occurence? Will paying ransoms become a cost of doing business in future? Or worse?

    H-ack! Ack ack! Ack ack ack ack ack!
    There are good products on the market to protect businesses from this available which should in 90% of the cases do the job. These will protect against the casual hacker who is sending out emails hoping someone is stupid enough to open them.
    Essentially they use a layered defense approach to pick up on these attacks and isolate them if they get through. All of these are licensed in someway so the businesses need to see the advantage of paying for it over the basic router/antivirus package you see in most SME businesses. I managed to get one in at a car dealer that had been crypo'd twice historically, only for their desktop provider to ask me to open up heaps of ports to get their emails going to their old windows server (it's getting migrated soon thankfully).

    With Enterprise sized deployments like the WDHB you'd hope they'd have the best of everything, I was involved briefly at the DHB the other night and they seemed to be making really good progress on rebuilding their whole infrastructure. The key now will be to reverse engineer whats happened then put processes in place to protect from this. I'm guessing the kind of hacker that has a go at a government agency is probably pretty smart though so nothing is fail safe.

    What it comes down to is that the internet is a huge place and there's most likely millions of would be hackers out there hoping to get lucky. I've seen hackers hit a phone system within seconds of a port being opened up in a router, so it goes to show the magnitude of the what we're dealing with.

    The cheapest solution is to teach everyone what a phishing attack looks like, but in such a large organisation that's tricky.

    Fuck this I'm moving to a cave

  13. #13
    Join Date
    16th January 2010 - 17:09
    Bike
    VFR400, Frankenbucket
    Location
    Otorohanga
    Posts
    2,511
    Quote Originally Posted by nerrrd View Post
    So basically it just takes one user to do something stupid and you can bring down a DHB or a pipeline?

    Yikes.

    Yup pretty much.

    Run the wrong .exe file and boom, she's gunna have a field day on the network until its stopped

  14. #14
    Join Date
    25th June 2012 - 11:56
    Bike
    Daelim VL250 Daystar
    Location
    Pyongyang
    Posts
    2,177
    Quote Originally Posted by TheDemonLord View Post
    As another IT professional - I can tell you guys horror stories about things that I've sen.

    The most common causes of any exploits are the following:

    Users being stupid (Phishing, Social Engineering, Bad Passwords etc.)
    Systems not being patched
    Misconfigurations

    The first 2 account for the overwhelming majority.

    I think in my professional career, I've dealt with 1 or 2 Spam Attacks that have been the result of a technical issue. I've dealt with too many to count websites being hacked because of an out-of-date Wordpress version or similar CMS, but Users with crap passwords is still the biggest culprit.

    I've never had anyone try and gain access to any of the systems I have, by targeting me directly. To put it simply - if you've managed to gain enough remote access over an IT Nerd's devices that you have enough evidence to Blackmail them, why would you bother? You've already got enough access to get onto the privileged Network and interact with the File System - you'd just get on with accessing the juicy stuff.

    If anything, it would be worse trying to Blackmail the employee - afterall, if they don't know you are there, they aren't looking for you.

    TL;DR - keep your shit up-to-date, don't click on dodgy links and password123 isn't a wise choice.
    When I say blackmail the employee I’m talking in the realms of a special
    Ops/deep state hit job not some random hacker

    I don’t do updates but I’m very selective about what I click and good passwords.... although apparently a high level hacker with good computer can hack any password in 38 mins or something. Also businesses that for e employees to constantly change passwords creates environment where they use shortest one available....

  15. #15
    Join Date
    3rd February 2004 - 08:11
    Bike
    1982 Suzuki GS1100GK, 2008 KLR650
    Location
    Wallaceville, Upper hutt
    Posts
    4,564
    The blackmail being referred to in the (eg) DHB case is just another point of force the crypto people use
    1. We have locked up your systems , give us money and we will unlock (maybe)

    if the victim says no, we will rebuild from backups, then

    2 We have also copied alot of your sensitive data. Give us money or we will release this to the internet
    it's not a bad thing till you throw a KLR into the mix.
    those cheap ass bitches can do anything with ductape.
    (PostalDave on ADVrider)

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •