When The Chips Are Down

Ever had that feeling that someone is watching you, like the door is ajar and folks just passing by the office can see everything on your desk? Have you felt that way for the last seven years? If so, you’re not alone, especially if your computers use Intel chips with vPro technology. According to a recent Ars Technica report, Intel has only recently provided a patch to a backdoor in your network that has been open since the year Facebook was launched. Think about that.

(more…)

Introverted Social Media

Even if we could isolate the recent activity of Russian hackers, imagine a mainstream marketplace for nefarious services provided by invisible people paid in Bitcoin.The information you seek is mined from the personal profiles and accounts of your target audience, whether that audience is a cheating spouse or a rebellious teenager with a hidden social media presence. It’s a complete violation of privacy, and we feed our own vulnerability with every trace of our digital footprint. (more…)

Is That Toaster Listening To Us?

In the interest of your organization’s OPSEC, step away from the microwave before you answer this question. There is no telling who might be listening right now. And if you’ve ever had Russian dressing on your salad, be sure you state that explicitly. Denial is not just a river in Egypt. Here’s the question: How confident are you that your cybersecurity practices are up to speed? (more…)

Who’s Baking Your Cookies?

So you say you’re not a Yahoo user, that the news of their latest breach is no concern of yours. That sound about right? Well, you may be right, but consider also that the exploit used in the latest breach (early February) has far-reaching implications for anyone who takes even the first step onto the Internet. (more…)

Who’s Watching The Watchers?

It’s been a strange month or two in the world, and that’s not simply a political statement. There is a very real sense that somebody’s watching, all of us, all the time, and that we should take that for granted. Increasingly, it seems, that voyeurism extends beyond our digital footprint and into our everyday physical spaces. While novelists and science fiction authors have been seizing on the approach of these days for decades, the Luddites are always the last to know. But, you might ask, who is watching the watchers? Apparently, that would be Wikileaks. (more…)

Now You See It, Now You Don’t

Hacker trying to hack into phoneStand against the wall. That’s the common advice given to tourists when they start to make calls on their smartphones in foreign lands. It’s not the roaming charges you have to look out for any longer. It’s now the roaming thieves who want to steal your phone in broad daylight and compound the pain by phishing your account information to unlock, wipe, and resell the phone. By standing against the wall, you limit the access and cover your blind side. Sadly, the stories are anything but rare. (more…)

Bundle Up To Avoid The Cold

Forest covered in snowWith every passing week, it seems, cyberthreats and hacks inundate the news cycle and bring home the absolute insecurity that most of us experience (or should) when we take even the smallest of baby steps with our digital footprints. Of late, it’s the Russians who seem to take center stage, hacking our politics and manipulating our elections. Though we could debate the extent of the success, nobody seems to doubt the intent any longer. If those chilly diplomatic breezes seem to intimate a second cold war, will cyber be the weapon of choice? Is it already?

(more…)

Hook, Line, And Sinker

Fishing reels on a laptopSpring may well be upon us, and soon the sportsmen will be casting lines into the lakes and rivers and seas in search of the great bounty that awaits them there. To that end they will deploy any manner of temptation, or bait, that will facilitate the biggest possible catch. But it’s not as seasonal a pursuit as you might imagine. (more…)

Cybersneaky Russians

Hacker TypingRemember, back in college, when you got away with things the older, more responsible, adult version of you would never even try? Now think back to some of your friends that were also involved. You know the ones. But if you decided one day that you were going to seek public office and expose yourself, your family, and your staff to all sorts of scrutiny, would you think twice about nostalgically adding one of your old buddies to the staff, knowing that the past would probably come back to visit you? (more…)

A Cyberhand On Your Wallet

Hacking reaching for walletYou’re an entrepreneur building a good business, perhaps, or a senior executive leading an organization with both impact and momentum.
Either way, you’re building value through your network and data and making a good faith effort to protect those valuable assets. You’ve got an IT staff, maybe, or a CTO that knows your infrastructure like the back of his hand. You know the value that your network and data add to your balance sheet, even if they’re not explicitly listed there. But sometimes a little clarity is helpful.

(more…)

A Treasure Map To The Goods

treasure in a mazeHow would the security of your house be affected if you printed a map of your hiding places for all of your valuables and taped it permanently to the front door? Probably wouldn’t work in your favor in the long term, even if you argue that the burglars would still need to be targeting your house to exploit your little treasure map.

(more…)

All The Bells And Whistles

Person locking his carIt’s a new year, and one way to celebrate is to buy a new car, even if it’s only “new to you.” The used car market is a vibrant one, and delaying gratification often allows consumers to forego the immediate depreciation of a new car once it’s driven off the lot. And, in may cases, the car retains all the bells and whistles that were attractive when the model was new. The problem, though, is that all that technological prowess doesn’t know the car has changed hands.

(more…)

Better Take That Call

Person using smartphoneHacking is a double-edged sword, in many ways illustrated by the roles of white hat and black hat hackers. Our intrusions into our own digital spaces can facilitate preventive maintenance of our digital footprint as well as morph into the digital boot on our own necks. That’s the nature of the beast. (more…)

Ransomware Is Not Randomware

Ransom ExchangeAfter being hit three times in the last year, a luxury hotel in Austria is tired of paying a ransom to get its data back. The Romantik Seehotel, according to Motherboard, recently paid about $1,600 in Bitcoin to regain access to its computers and data. At the heart of the issue was their inability to create the magnetic key cards that have become all but ubiquitous in today’s hotel experience. Again, the third time seems to be the charm, because the hotel owners have reported that they will be converting the security system back to old school locks and keys as a result of this third ransomware event. (more…)

Hacking the Hollywood Star

Reel of FilmSo you style yourself as some sort of tech guru. Maybe you’ve pulled a kitten from a tree under pressure. Maybe you’ve seen the dark side of the dark web and emerged, once again, into the light to move the needle for all humanity. Or maybe you’ve wandered the cubicles late at night, when it was your turn at the tip of the On Call spear, and maybe the shadows cast by the buzzing fluorescents cast you in the starlight you deserve. And now you fancy yourself kneeling at your star on the Hollywood Walk of Fame. Easy there, Cochise.

(more…)

It’s Yesterday Once More

Employee using technologyYou are a cybersecurity warrior, a veritable scion of security. You spend many waking hours, and some sleepless nights, worrying about the health and robustness of your network and data. Are they as impenetrable as you think they are? Could you be doing more to protect them?

The answer to that last question is always yes, but we’ll get to that in a second.

(more…)

Executive Orders

great sealLots of talk about Executive Orders these days. They’ve been issued in such a flurry that it can be difficult to keep track of what’s being ordered and who’s being affected. On the drafting table, according to CyberScoop, is an EO that initiates President Trump’s efforts on cybersecurity. It doesn’t seem to have the aggressive edge that the others have had, if protests are to be used as a gauge. Nobody seems to be protesting the cybersecurity orders so far, and even former Obama administration officials have indicated that they agree with the order. Still, what does all this mean to folks in the trenches? (more…)

The Internet of Misfit Toys

Inherent to the narrative about the Internet of Things has been the assumption that greater efficiencies would save consumers time and money. It stands to reason that if your toaster talks to your watch, it would know that about 15 minutes after waking up, you would want your toast to pop up and be plated. Further, it goes without saying that your life would be dramatically improved if your thermostats were in on the conversation, so that the kitchen and breakfast room could begin to warm at about the same time as the toast. (more…)

A Good Defense is the Best Offense

Let’s say you’re the DNC and you’re really upset about the recent hacking perpetrated by the Russians. Or, we could imagine you’re the US Government, and you’re feeling vulnerable and diplomatic and vengeful, all at the same time. A recent NY Times article expands on the President’s feelings along these lines, and the frustration he feels at having a mighty cyber arsenal at his disposal when revenge only makes matters worse.
(more…)

A Secret History of Bad Relationships

Have you ever been THAT guy, the one who is only trying to be honest when everybody turns to him to point out the flaws in the system? You’re the one who remembers the office party everybody else wants to forget, down to the details that are all but lost to the ages. You’re there to remind Chuck in Sales & Marketing that numbers are down and click-throughs and conversions are sure to follow, even when Chuck didn’t ask. What? It’s the truth. You’re just putting it out there. Now imagine you simply harbored all this information and people sought you out and analyzed your memories. (more…)

Bold New World

Cybersecurity is approaching oxygen and water on the list of things we need to survive in this crazy world of ours. The threats are very real, whether deployed by governments around the globe or 400-pound hackers in their bed or the window booth at the corner coffee shop. The technology we create to make our lives easier now requires extraordinary vigilance, but it’s not the machines we should fear, as science fiction writers originally thought. The biggest threats seem to be the humans manipulating the good technology for bad purposes, and we can never completely isolate ourselves from them. Or can we? (more…)

You Will Save the World Several Times Today

This one goes our to all of the IT professionals our there sporting haute pocket protectors filled with government pens and .5mm mechanical pencils; the troops at the front lines of cybersecurity where the CAT 5 clicks into the road, and the hum and warmth of the server room gives indication to the heat and fire of network significance. You were the heroes of calculus and band camp, but your swagger has been under-appreciated by popular culture for years. That is until now. (more…)

Somewhere Between Sliced Turkey and Santa Claus

 

Working SantaYour organization has weathered some storms, am I right? The valleys between the peaks, when sales slow and payroll weighs heavy on the mind. You’ve hired through the good times and had to cut back in the lean times, but you’ve steadied the ship and there’s quite a bit to be thankful for as you try to recover from Aunt Eunice’s cornbread stuffing. And how about some steady quarterly earnings and revenue growth to go with that maize? That would be the best gift of all to slide down the chimney in a couple of weeks. (more…)

Wait, Is It Monday Already?

 

Cyber MondayCyber Monday. The masterful creation of marketing professionals, designed to tap your wallet before the turkey and dressing settle in your tummy. Think of the sheer volume of sensitive consumer information that wafted through the ether on that day, searching out bargains and tantalizing hackers. Imagine the millions of people walking through a big mall with their purses and wallets wide open and you begin to get the picture. But who doesn’t love a deal? And in today’s digital, global, Internet-of-Things, consumption-driven economy, who are we to argue with the ease with which we transact? Apparently 2016 set a new record for cyber-grab. Go team! (more…)

Veterans Day

Millions of American military veterans have honored us with their service.  Tomorrow, we set aside a special day to honor them and thank them for all they have done.

 

As an Air Force veteran, I have seen and experienced firsthand the demands and rewards of military service.  Frequent and extended periods of separation from their families, challenging compensation levels and demanding work schedules are difficult for everyone – especially our veterans.   Despite these challenges, I saw the deep patriotism, pride, and commitment these men and women have made to protect our freedom.  On Veterans Day, we honor and thank our colleagues, clients, friends, and family members for their dedicated service to our nation. (more…)

And In Other News

circusWhile the world has been watching the American political circus over the past several years, a recurring question put forth by all parties has been, “Can this or that person be trusted with the nuclear codes?” This is an important question, no doubt, but one that overshadows an even more significant question. Granted, the President is the single gatekeeper to the national arsenal, but enemies foreign and domestic seem to be making their own keys to nuclear infrastructure these days. (more…)

REM and the Lyrical State of Cybersecurity

Way back when, in a world before the Internet, when information moved by postal truck and mere facsimile, there strode upon the earth an alternative rock band whose words were even more prescient now than when they first uttered them. And while REM exited stage left, their pronouncement that “It’s the end of the world as we know it” enjoys fresh relevance with each wave of technological advance. (more…)

Dyn-A-Mite!

dynamiteA closer look at recent chaotic events surrounding the DDoS attacks on Dyn DNS reveals some frightening things about our rapidly growing dependence on the Internet. A recent NY Times article does a great job of explicating the events in layman’s terms, including the warning, “And the threats will continue long after Election Day for a nation that increasingly keeps its data in the cloud and has oftentimes kept its head in the sand.” (more…)

All Motivated with No Place to Go

Using digital tablet double exposureAn election cycle is great for reminding citizens what they’re looking for in a leader, a party, and a government. Granted, we don’t need endless election cycles, but a democratic republic depends on an educated and motivated citizenry. So we’ve got that going for us.

 

As IT professionals, you might have a vested interest in the actions and attentions of government. At some level, investments in infrastructure and mechanisms can only be made by governments, and the responsibility for maintaining that infrastructure falls to them as well. Think of roads and bridges. And the Internet has evolved into a really complex infrastructure, a road that bridges cultures around the globe. Without legislating the access and traffic, at some level governments need to do what they can to facilitate safe and steady flow of information and opportunity. (more…)

Blue Skies and Fireflies

Businessman using his tablet phone on airplane. Business travel and communication concept.If you have flown lately, you might have noticed a new wrinkle in the use of cell phones in flight. In addition to limiting use to airplane mode on those devices so equipped, the crew currently prohibits the use of or charging of any Samsung Note 7 device at any point while aboard the plane. CNET offers a brief explanation here for why that message has been added to the mix with making sure your tables and seats are in the upright and locked position. (more…)

Be Driven to Be the Driver

Mad Max Rolling Thunder

American truck speeding on freeway, blurred motion.Have you ever been passed by a big rig and thought to yourself how glad you were that somebody was at the helm of that rolling bundle of death? Have you ever seen a roadside littered with billboards advertising legal services for victims of crashes involving big rigs? Maybe seen the ads on television? If so, you probably take little solace in the idea that big rigs are evolving toward autonomous operation only slightly more slowly than cars, and most new cars already come equipped with the required hardware. Put on a hockey mask and crank a chainsaw, cause you got a real massacre on your hands. (more…)

A Made-for-TV Reality

Cable News is Not Enough

Mixing the newsThis election cycle will go down in history as one of the strangest in American history. Both candidates face low favorability numbers and they remain statistically close in most of the polls. This is widely known to anyone who watches cable news programs, mainly because those networks tend to recycle the news over and over again, day after day, and week after week. No reason to blame the networks, though, because that’s the business model. And, quite frankly, there is only so much human activity that is newsworthy, though they seem to always push those boundaries as well. (more…)

Going Rogue

It’s Not Just for Sarah Palin

citiBack in the day, when heartless senior management pointed out the flaws of the working man, the most retribution he would reasonably fear is that his car would get keyed in the parking lot. Sure, it’s a 1972 Corvette Stingray, but it’s still just a car. And that’s about as far as it would go. Nowadays, disgruntled employees swing a much bigger hammer, and the key they carry now slides down your network and leaves a scratchy mess the size of Texas. Literally. (more…)

The Golden Age of Cyber

zerodaysHave you ever been watching an action/adventure film and noticed the lag in technology? Like Tom Cruise suspended above a top-secret console pulling a floppy disc from his bag of tricks, or some other actor who knows nothing about cybersecurity delivering well-scripted lines that ring hollow? Maybe, generations from now, people will look back at our current relationship with the digital world with the same wonder with which we view science fiction. 2084 may make 1984 look quaint and anachronistic, but shouldn’t popular culture facilitate the general public’s understanding of the risks in the ether? Shouldn’t Hollywood do a better job of revealing cybersecurity experts to be the rock stars that you are? Am I right? (more…)

Get Your Head in the Game

helmetRemember the old days, when military pilots wore wool-lined leather helmets and big, clunky headsets? Probably not, since those practices tapered off after World War Two. By the time fighter pilots came into your field of vision, it was probably Tom Cruise singing “You’ve lost that loving feeling” while Goose couldn’t eject from the backseat. It didn’t end well for Goose, but you have to remember ICEMAN and MAVERICK in bold print on the helmets as the frosty colleagues pulled together to fight off the Russians and save the day. In addition to the monogram, the helmets had been upgraded to include oxygen masks and room for the really cool aviator sunglasses. Negative, Ghost Rider, the pattern is full. (more…)

Jackware In The Box

carjackFans of this blog — and let’s be honest, who isn’t a fan? — will recall a recent post that detailed the carjacking of a Jeep Cherokee from several miles away. It was an effort to demonstrate the security vulnerability of cars equipped with wireless access points and other IoT equipment. And it worked. Cars were recalled, security issues were addressed, and we now have an additional lens through which to view rapidly advancing car technology. But what if the car is advancing beyond us, the drivers? (more…)

Open Says A Me

2faPasswords are the first line of defense for critical network infrastructure. Building an organizational expectation for strong password use in no longer seen as an option. It is now a requirement. If you can get your staff to deploy 8-12 characters randomly selected from all varieties available, that’s $uPer GrE@+. (more…)

Bond. Cyber Bond.

cyber bondsCapitalism is a wonderful thing. Free markets have helped humans identify and meet demands by supplying the products and services that envelop an economy. It is also worth noting that necessity is often called the mother of invention, and cybersecurity is not removed from the influence of this type of thinking. (more…)

At the Crossroads

crossroadsRobert Johnson is believed to have sold his soul to the devil at a crossroads in Clarksdale, Mississippi. Legend has it the devil offered Johnson in trade a well-tuned guitar and a peculiar gift for singing the blues. His songs have been made famous by Muddy Waters, Eric Clapton, and The Rolling Stones, among others. Despite this oft-intoned gift, Johnson suffered an early departure from this world, though one shudders at the thought of such talent descending eternally southward into fire and brimstone, a musical fate we’d more readily assign to boy bands and pre-pubescent pop stars. (more…)

Politics as Unusual

Regardless of your political affiliation or your favorite — or least unfavorite — candidate, the 2016 election cycle has been anything but predictable. If this were a circus, it would be a very good one. Instead, though, it is the pinnacle of the democratic mechanism by which we choose our leadership. That is a sobering reality that could make you reach for the bottle. (more…)

Organizational Climate Change

CrisisPlanning is part of business, and the emerging changes in our physical world certainly play into that. Unexpected rains and flooding seem to strike different regions of the country with increasing frequency, and the usual threats like hurricanes and tornadoes haven’t completely resigned the stage. (more…)

BREXIT and The Unbearable Lightness of Leaving

UK flagYour organization is an island of traditional values and modern technology. Your staff speaks a language that is unique to the industry and has a shop culture that has evolved from the first day you opened for business. You’ve conquered the universe, winning large contracts and making connections that have ushered in waves of revenue and progress. You’ve forged alliances with others in our global economy that strengthen both parties. You’ve faced unruly vendors and cut ties when necessary, and you’ve battled the mighty when compelled to do so, especially when industry momentum was threatened. (more…)

The Ubiquity of Remote Access

remote accessForget about the Internet of Things. Yeah, like that’s possible. But set that aside for the moment. Another stark reality of our new global economy and digital footpath is the flourishing of remote access. Road Warriors access their office PCs from business travel hotels from Scranton to Sacramento while small businesses choose NAS over cloud services, reaping the many benefits of local data control and network accessibility but facing the daunting reality of localized vulnerabilities. (more…)

Crazy Cousin Guccifer

Every family’s got at least one, a crazy uncle or distant cousin who adopts a scorched earth perspective when exiting the reservation or joining the circus or moving to Iowa to invest in an earthworm farm. You don’t hear much from them for a while, but the names and stories get opened up at family weddings and funerals, reunions marked by distant sadness and curiosity. Guccifer, aka Marcel Lazar, is a Romanian hacker who may seem new to the family, but his name should sound familiar very soon if not already. (more…)

I’m with the Government, and I’m Here to Hold a Hearing

dcWe hear a lot about homeland security, both the pursuit and the official government department. The TSA is probably the latter’s most visible, and often most toxic, representative, especially when you see the little old lady victimized by the random full body search. The work they do is important, but a lot of it never sees the light of day. That can be good or bad. On a slow day, though, you can witness the machinations that propel our homeland into great security, because a recent Senate Homeland Security Committee meeting was recorded and is viewable here. Granted, it’s a couple hours of your life you’ll never get back, but whatever inflates your balloon. (more…)

It’s Graduation Season

The waypoints on our life journeys are marked by ceremony. Weddings, funerals, births and Baptisms, and, from time to time, graduations. High school and college seem to be the major events, but the zealous have introduced kindergarten, grade school, middle school, and traffic school to the mix. So congratulations to those who wiped the points off their driving record with 8 hours of vehicular remediation, Your future is, indeed, bright. (more…)

Ransomware Exposed: Sextortion

Ransomware is not new. It’s been around for a while, and clever hackers have found ways to extort just the right amount of money to make it worth your while to settle. The balance is somewhere between what the data is worth and what it would cost you to recover it through normal machinations. Traditionally they’ve kept the number low enough that is was cheaper to pay up and walk away. An easy decision, perhaps, when the data is just that. Data. (more…)

Hackers Prove Patient But Swift

Breaching a global bank network is no smash and grab operation. As organizations focus and fund their cybersecurity resources with even greater alacrity, the bad guys have to continue to polish the edge of their sword, patiently waiting for the right opportunities to score bigger and bigger hits. Such is the case with the recent — and second — attack on Swift, the global messaging network banks use to move money around. If you think you’re covering all your bases and keeping your data out of harm’s way, you may be giving yesterday’s news and last week’s security protocols too much play. Hackers, in one small way, are like PGA Tour Pros: These Guys Are Good. (more…)

A Coppertone Moment

It’s the official beginning of summer, and hundreds of thousands of tourists from the far reaches of North America are making their way across the USA in a Chevrolet, migrating to the seasonal climes and exotic beverage offerings of coastal communities across the Southeast. Escaping the more — perhaps presumably — mundane and pedestrian challenges of their normal lives, many tourists engage in atypical behavior, casting inhibitions to the wind and embracing the larger world in various stages of sobriety and dress. It’s all umbrella drinks and beach reads, kids running amok and minivans loaded with folding chairs and inflatables. Now imagine your data sitting next to that family in Denny’s. You know the one. (more…)

Authentic Intelligence

Over the last holiday season, around the IT water cooler, the talk inevitably turned to the cool new gadgets that impressed the mortals and blew the minds of Luddites everywhere. That talk was all about Artificial Intelligence and the need to more efficiently sell shoes. IT folks are way too immersed in AI to get bogged down in practical application, but Marketing and Sales were all over it, both in search and point of sale.  (more…)

Page 1 of 41234
Veteran Owned Small BusinessCMMI Maturity Level 3CISSP® - Certified Information Systems Security ProfessionalCertified Penetration TesterITIL IT Service ManagementCertified Ethical HackerProject Management Institute CertifiedUS Department of Homeland SecurityDisaster Recovery Institute CertifiedCertified Information Systems Auditor