Podcast

Making Information Security Decisions with Context

Discussing the importance of context as it relates to making information security decisions. Without context, we rely on emotion, bias, and assumptions.

Evan is flying solo on episode 96 of the UNSECURITY podcast. This week, he discusses the importance of context as it relates to making information security decisions. Without context, we often rely on emotion, bias, and assumptions to make decisions—which can be catastrophic.

Protect Your Organization from Cybersecurity Threats

SecurityStudio helps information security leaders at organizations ensure they're protected against cybersecurity threats, stay insurable, and legally defensible with our risk assessment and risk management software. Schedule a demo to learn how we can help.

Podcast Transcription:

[00:00:14] Evan Francen: Good morning everyone. Thanks for tuning in. The date is september 8th 2020 and this is episode 96 of the un security podcast. I'm your host, Evan Francen and my buddy is out sick today. Normally Brad Nigh joins me as co-host. But he informed me early this morning that he might have the case of some food poisoning. Uh so we're wishing Brad a fast and full recovery be warned uh without bread. I might end up rambling a little bit. So first thing catching up regular listeners to our show. No, that brad and I normally start off with catching up with each other but no brad today. So I'll bore you with some of the stuff I've been up to uh degree weekend this weekend camping with my wife, my daughter, my good friend Ryan Cloutier. You might remember him from a couple of other episodes that he's been on. He's also a really, really important person over at security studio. Uh also a co host of mine on the security shit show if you ever watch or or listen to that. Uh We're also joined by his wife Amy Amy's cool too. So that was fun Bunch bunch of meetings last week, including 11 on Tuesday alone. Good meetings though with chubb, the insurance, the big, huge insurance company, very well known and very well respected. The cybercrime support network. If you haven't heard of the cybercrime support network, you should go go check them out. They're uh, they're pretty awesome. It's a great nonprofit with an awesome mission. Kristin Judge is the CEO there. Uh and founder um, remember her from the women in security series. She was one of the ladies who joined us there. Uh, so I had a meeting with them last week, were collaborating on some cool things together. Also another company called Schneider Downs, they made this thing called red lure, which is a really cool open source of fishing platform. Uh and when I saw the press release about red lure, that's why originally reached out to them only to find out that they're like awesome, awesome people, good security practitioners certainly have their heart in the right place. So shout out to the Schneider Downs, had a meeting with them a couple of meetings with them last week and I think we have some good things to do together. Lots of great work going on in both companies fr secure and security studio, new service offerings at both companies. Uh, security studios where I spend most of my time today, the fr secure team is so well managed with john harmon, the president there and everything else that it allows me to affords me the opportunity to work at security studio a lot more actively, things going on there. The S two Orig, if you don't know what that is, that's the organizational risk assessment tool, the simplified risk assessment tool and inexpensive but very very effective. Uh working on a global s to score which is an integration of S. two team and as to vendor and a few new deeper dive risk assessments all sort of integrated together. If you want to know more about that stuff, reach out to me and reach out to somebody at secure studio, we're not sales E type people so I'm guessing you probably won't be sold something and we'll just show you stuff. Just kind of cool. Also on the S. Two vendor which is another one of the tools on that platform. Working when some customized workflows, custom due dates, integration of something called the cow bell factor. If you've never heard of the cow bell factor, go check them out. They're a great company, We're really happy to be integrated with them, cowbell factor. It's cow bell uh cable dot insure. My belief is the U. R. L. And some vendor breach data, news that we've integrated into the S. Two vendor. So if you enter in a new vendor into that tool will parse you know, all the news sources we know of looking for any vendor breach data. Just kind of nice to know if you're doing work with a vendor that your vendor had a breach, you might want to ask him about it. So that's cool as to me, you don't know about that tool. That's the personal information security risk assessment tool. We're doing a redesign based on user feedback, uh, definition. Uh we really determined in working with users and listening to what they say that there are actually four. You might have heard me say before that there's information security people. And then what I call normal people, normal people are good. Uh some people take offense no matter what label you put on them, but normal is good. Uh so security language, normal language. And now we've figured out, I think that there are at least for dialects within the normal language, meaning we call them for now. We call them uh the tech dependent tech enabled, tech aware and tech challenged can afford dialects. Excuse me. And we also introduced a new character into the tool called SAM and SAM will be kind of the person that will guide you through that risk assessment tool. So kind of cool um, stuff that's going on. We also had the security shoot show last thursday night. The topic topic was negativity is bs um yeah, a whole bunch of other miscellaneous things. Now I don't get to ask brad what he did, but I'm sure you did a bunch of cool stuff. Um It appears though that the business is really picking up in the market sentiment just in general is more positive. Um, so that's good things. Hopefully you're finding the same thing in your business or wherever you work, that things do seem to be picking up. People do seem to be settling down with this new version of normal. Um yeah, so it's good stuff again, no brad to catch up with, hoping he had a great week and in weekend minus. Of course the food poisoning thing. Um Yeah, hopefully that's all it was. It's just food poisoning. Something that he ate. I don't know if you ever had food poisoning before? I've had it a couple times myself. Not cool. I don't dig it. Not at all. Uh so hopefully brad's getting back, getting back soon, get some rest, take care of yourself brad. Now onto the topic for today's show, the topic that I chose being that I kind of get to choose whatever I want when I'm the only one doing the show today. Uh his context. I want to talk about context and how it means a lot, if not sort of everything. Um so context is very, very important, certainly to our job. It's also I think very important to life if you know me. You know, I have many sayings and themes that I used to try to get my point across. And one thing I've muttered many times is one of the easiest tells for determining a good information security advisor, determining good information security advice from bad advice is using context. So if you can put a bit of advice or something that you're planning on doing in information security put it into context with all the other stuff that we have going on, if it still makes sense? Well then maybe it's good advice. If it doesn't make sense, maybe it's not good advice anyway. That's the saying I've used it's held true for me. Uh many times um, context is just important. I think the more you understand things in context, the better the decisions you make. And I also know that, you know, as a security professional, like many of you listening, we have a ton of stuff going on. I mean there's so many things you can work on in information security, from governance policies, procedures that can have really fun stuff too. You know, penetration testing to exploits and vulnerabilities to forensics incident response. I mean, you name it third party information, risk management, tons of things that we could be working on, but I think it's really important if you understand context that you'll be working on, the things that are the most important now and certainly spending your money on the most significant risks that are unacceptable to you or to the business ideally. So, context is critical, critical. If you think about it, you and I make decisions all day from a seemingly insignificant ones to the critical ones were always making decisions uh, and everything in between. So how does the lack of context them affect your decision making. Um, we find that without context, the quality of your decisions will certainly suffer. And I've got a few examples. If you go to Evan francine dot com, you can read the show notes and follow along and certainly reference any of the uh, that the articles or things that I've referenced there. I will get into some societal issues and I don't mean to do that. Uh, I don't want people to take it any other way than just as examples. You know, my heart is certainly in the right place in terms of wanting to help people, wanting to love people regardless of where you come from or what you believe in. That's where I come from. So as I get through today's episode, I'll talk about some of those things and they're touchy subjects, but I think they're subjects that just because they're touchy doesn't mean we don't talk about him. So first, you know, context uh without context, people certainly make crappy decisions at least. That's my my hypothesis that I oppose. So Recent conversation with James, I have an example here so you can consider James and Mike. Right? two guys talking about some security stuff. So James says we get the importance of risk assessment, but we're just not focusing on that right now, we're focusing on partnering with firms the forensics capabilities and setting up uh, you know, security operation center mike replies, These are most significant risk to focus on right now, James, we think so we don't have any forensics capabilities and we don't feel like we're able to identify events happening in our environment. So mike replies, what's the environment looks like? How many servers? How many systems, how many applications James says? Well we probably got 100 ish servers and a couple of 100 applications I guess. Mike replies, you guess so. The important part about that conversation is James for better or worse, you might be making the right decision, you know, in not having fuller context of the conversation, James is focusing on getting, you know, a firm engaging with a firm, a partner. Ah that has some forensics capabilities, which would certainly be helpful in the event of an incident. He's also setting up a security operation center. And if you don't know what a security operation center does, uh Security operation center does all sorts of different functions, primarily it's watching the environment and then reacting to certain events that are happening in the environment. Some of those events may be incidents which then would call on our incident response program or incident response plan uh to attend to those things. So there's certainly italian between the security operation center and these forensics capabilities. Mix. Question these are these the most significant risks for us to focus on right now. Well, the fact that James, uh he thought so or he thinks so make them challenges it a little bit. What's the environment, how many servers, how many systems, How many applications James replies with? He thinks he's got 100 servers and maybe a couple 100 different applications. And that's where mike leaves it, you know, you guess so. It's guessing good enough in this case, I'm not sure. Uh you know, like I said, this conversation itself could be taken into a wider context. Just based on the facts here though, the fact that James doesn't know specifically how many servers or how many applications there are in the environment. Maybe he needs to reference something else might be troublesome. We should always sort of be to be in a position to defend the some of the decisions we make a security operation center certainly isn't going to be cheap. Um so if you're going down that route, make sure it's the right thing to do. So sort of a little example there. I also referenced an article uh in the article is from zd net. Um and the title of the article is most cybersecurity reports only focus on the cool threats. The important part about this article is uh According to the article, only 82 of the 629 commercially or commercial cybersecurity reports, which would be 13 published in the last decade discuss a threat to civil society with the rest focusing on cybercrime nation state hackers and economic espionage. The point in this particular report is how most of the reports, most of the news that you read in information security really is focused on selling you something. There's always some sponsor to one of these reports. And if it's not focused on selling you something, then they're probably not going to fund the report. So having things focused on cybercrime nation state hackers, economic espionage, those are all good things that I can use potentially as fear tactics to get you to buy something from me focusing on civil society. Maybe not as much of an issue, Certainly not in the last decade, maybe more so now, but an interesting article. If you get it again, if you get a chance to go look at the show notes, you can review that. Some good information. Here's another just example discussion between Bill. Bill is the ceo and Mike Phil says, hey, mike, we need to stop everything we're working on and take care of this explode. I heard about from a friend. Mike replies, I've never heard of this exploit. Why do we need to stop everything and focus on it? Bill says, well, my body over at X, Y. Z. Company was just telling me about it and how his company got hit. So Mike replies, okay, we'll get right on it. So in this case we're lacking a lot of context. One we don't even know if the exploit applies to the company that bill runs. Uh, just because Bill heard about it from a friend doesn't necessarily mean it's the thing we need to work on right now. It doesn't necessarily mean the thing that we need to stop everything else. I'm assuming the things that are going on in the company. Yeah, Certainly with respect to information security were things that were planned, things that need to happen. Maybe. So the fact that we're going to stop everything because Bill heard about an exploit from a friend of his who is over at X Y Z company may not be good justification, uh, you know, for stopping everything and attending to it. We certainly need more context. And I think being in that habit of asking additional questions now, there's a lot of other things that we don't have for context and just a simple discussion like this, we don't know what the relationship between Bill and Mike is. It's obviously enough for, hey, mike, uh, in a discussion. So maybe there's a little bit more for asking some additional questions. Now, regulators and auditors are notorious for missing context. The office often take us down the road of compliance management versus risk management. And if you know what information security is. Information security is. Risk management. It's risk management in administrative, physical and technical controls to protect the confidentiality integrity and availability of information. So you've heard of the CIA before. One of the things that's missing in the definition sometimes of information security is the fact that it's about managing risk, not eliminating, but managing risk. So penetration testers, especially those who are newer to the industry are sometimes notorious for getting things out of context. Again, context is critical and I'll give you some tips that kind of as we get to the end of today's show on some of the things that I do and some of things maybe that you can do to help put things into context a little bit more. So the caine same concept applies. You know, there's so many crazy things kind of going going on are seemingly crazy things going on in the world right now. Uh, there's this big blurring. I think that's happening. So the same concept applies to the world around us. And so I'm going to use a couple of examples there to see if it hits a little bit more on just the importance of context. Now when I talk about COVID-19 and I talk about some of the social justice issues of the day, I don't want you to thank any more into it. Then what I'm talking about, I'm using these examples because there are things that everybody can relate to right now, not because I'm biased one way or the other and I don't want to take you down that path. I just want to share these things. So the information security is unique for sure, but it's not unique in the fact that human beings are the ones making decisions context works the same way. So take COVID-19 for instance, I'm going to use one that's actually personal a little bit because for some of you, you know that I went to Sturgis and I went to Sturgis at the beginning of august, that's a big, if you don't know what that is, it's a huge in from uh information security is a huge uh motorcycle rally. So I ride Harleys like Carly's Uh and me and my wife went out to Sturgis the big rally, 460,000 people estimated um to have been there and there was a lot of worry about if this was going to be a super spreader event, meaning we go there, uh other people have Covid and we all share, you know, covid and then go home and spread it to other places. Now, one of the things that I preached often before I went to Sturgis while I was at Sturgis and after Sturgis was the importance of self isolation and quarantine after getting back from surges. The reason why I think that was really important because I wouldn't know if I was sick and the last thing I want to do is get somebody else sick because I'm not being respectful, right, I don't in worst case God forbid somebody dies. Um so I took those precautions myself, myself and my wife did as well as my friends that I went with, but I read this headline recently, I've been checking, you know often about, you know, what happened from Sturgis did it actually um result in a super spreader event and this is so the headline that I found reads South Dakota dismisses elite class in quotes, elite class of so called experts carries on with the state fair. After surges after Sturgis rally fueled Covid 19 search. So the words that stuck out to me where Sturgis rally fueled COVID-19 surge. That's a troubling statement. So if we if we made a decision, if we made the decision just based on those words, it might be different than a decision with some context. So if you read Sturgis rally fueled Covid 19 surge, you would immediately think holy crap. So it was a super spreader event and any decision I have related to it would be different than maybe reading a little bit more in getting some context. So the article goes on to say buried in the 6th paragraph of this article Nationally about 300 cases have been linked to the reality to the rally. So for some context, there were an estimated 460,000 attendees, 300 cases then out of 460,000 attendees works out to be about .065 granted, there will likely be more, but the rally was a month ago now. So putting it into context is important because I will react differently if I were just to read the, you know, I think the the title of the article, I would react differently than actually reading some context into it. Hopefully that's making sense. Now another headline reads new challenge, new challenges in U. S. Battle against Covid 19. Come with the approaching fall season. The article goes on to say the holiday crowds mark the unofficial end to a devastating summer across the country With COVID-19 infections surging to more than 6.3 million and deaths topping 189,000. Now, the word devastating is not only subjective, it lacks context. So a single and I want to point out truly a single infection and a single death is bad, but in context it seems a little less devastating. 6.3 million people is about 1.91% of the us population. More than 640,000 people die each year from heart disease and almost 600,000 die each year from cancer. Just to put that in the context. I'm not minimizing the fact that 189,000 is a hell of a lot of people and it is terrible. Uh but to put it into context, it I think it evokes more logic and maybe a little less fear. Mhm. So it's important. COVID-19 is a pandemic and it's very serious. I don't mean to minimize the coronavirus in any way, but I do want to put it into context. Be courteous to others wear a mask and follow the CDC's guidelines or guidance and speaking of the CDC, there's a great source that is by itself. CDCs are great source for context. They put out weekly updates, which I've been following Almost from the beginning because I do want to have knowledge. I am concerned. I do want to know about COVID 19 but I want to make good decisions about it as well. So again, in the show notes, there's a good link for a great source for context on that. Alright, so another hot button issue certainly is racism and police violence. Judging from some of the news and reactions from some of the public, you'd certainly think this was worth burning down the establishment. I'm not going to say it is or it isn't that those are decisions for people to make themselves. But I am someone who wants to fix broken things. So if I'm interested in fixing broken things, I need to make good decisions. I need to make good decisions in context. So here's some context. Uh and I provide a a link are a picture, a graphic of the number of police, Number of people shot to death by police in the United States from 2017 to 2020 by race. And so it's broken down by white black hispanic, other and unknown. And it's just interesting data. You know, I would, I would encourage you to go look yourself. Um and there's other really good sources of information just about what the issue really is and where we need to focus on things. So spend some time reviewing the statistics. If you have a chance to go review the graph, do that as well. But don't jump to conclusions yet. There's absolutely 100%. There is a significant issue here. But I prefer to use logic versus emotion to drive my own reaction. Now there's a couple more things to think about. The risk of being killed by police. So I have another source. The risk of being killed by police. Use of force in the United States by age race, race, ethnicity and sex. This is from the Proceedings of the National Academy of Sciences of the United States of America. So really good analysis. Uh Great analysis, good data and according to the analysis about one in every 1000 black men can expect to be killed by police over the course of their lifetime. That's too much. You know. Absolutely. Uh in my again I I said I wasn't going to talk conclusions but I sort of did there. I think one in any number being killed, certainly sad and something we need to do something about. So there's another um another article that I psyched here for some more context. It's deaths Percent of total deaths and rank order for 113 select causes of death and in terra rosa colitis due to a bunch of big words from uh dr people. But anyway it's by race and hispanic origin and sex in the United States from 2015 to 2017. These are mortality tables from the C. D. C. Now. Really really interesting information for sure and I'm not going to draw any conclusions for you. Racism is a thing and it's a very bad thing. Decisions about what we're going to do about the problem will be more effective almost guaranteed with context. Um And again important racism is real. And I'm praying for the constructive solutions. I'm praying for constructive solutions to end uh to end racism versus destructive solutions that will probably make it worse. And the point in all of this is just how important context is without context. What are my decisions typically um going to come from I mean they're going to come from bias. They're gonna come from um emotions any number of other things but having decisions come from context. Um if you look at one news source and just get that data it may you can easily take you down a different path. So educating yourself. Getting context is really really important, not just the decision making but also to problem solving. So if we want to solve some of these difficult problems, context is going to be very very important for us. So here's another saying I use very often and it's empty spaces get filled and I usually use this for a couple of reasons. One in an incident response. If my communication isn't effective if I'm not getting my point across the empty spaces that I'm leaving in my communication, those gaps will get filled. So without context, what do we really rely on? What do we rely on to make our decisions? Usually it's assumptions, it's bias and or its emotions or it could be a mix of those things now where we lack information to make good decisions. Some of us have a tendency to make up our own information to fill the gap and you know what they say about assumptions, right bias by definition is prejudice in favour of or against one thing, person or group compared with another. Usually in a way considered to be unfair. Now that doesn't sound like a good base for decision making. Emotions are variable. They always play a role in decision making, but it can become a problem when it's a dominant role. Emotions always play a role somewhere, but it's it's about there's sort of a balance right between your left brain and your right brain. Emotions typically live in that right side of the brain. Logic using facts, context, things like that usually come from the left. So getting those things, getting those things sort of in balance I think is really, really important. So emotions like fear, anger and frustration can easily easily be played against you and drive you to make a decision, you'll come to regret later. All right. Hopefully drove home something about context and it's weird talking uh you know, to a microphone and not having my buddy brad to talk to. So uh yeah, hopefully that all made sense, context, context, context. It's really, really important. So what do you do about it? Excuse me first understand that information security. So in our jobs first I'll start with our jobs and then I'll go into the worldly things. I think in terms of advice and you can take my advice and screw it. You know, just not want to follow it. That's up to you. So what do you do first understand that? Information security is about risk management. Risk itself is the likelihood of something bad happening in the impact if it did. So you can't do risk because likelihood and impact require context. So you can't do information security. Well without context, they can't be separated. Slow down. Think about the data you're consuming and ask yourself if there's more to the story. Sometimes this take this comes with education. Sometimes this comes with just experience. Sometimes it comes with, you know, checking with others, right? Different perspectives. This is where diversity and information security becomes really, really important. I have my perspective on information security. Somebody else will have a different perspective and usually somebody of a different gender, somebody of a different race, somebody of a different background. So we have different education. They'll have vastly different perspective than I will. So getting other people involved in some of these things. Certainly the more critical decisions is really, really important because then you get that other context. Another view. Um you get that other perspective. So always ask yourself if there's more to the story, if you know, and then ask yourself is the new export, your boss, your boss read about the most critical thing. You should be attending to feel comfortable and it takes time. But you know, in time you'll start to feel more and more comfortable asking additional questions about challenging you know, some some of the thought processes. If someone asks you what your most significant risk is, would you have an answer? And if you did have an answer, could you defend your answer? If you were challenged, that's important, takes a little bit more work. But as you get better and better at it, it certainly helps. So things to do about the context. For information security. First understand what information security is. Slow down. Think about the data you're consuming, get other people involved, other perspectives on information on major decisions. You're going to make, feel comfortable challenging the status quo and know what you're most significant risk is if information security is risk management, which it is. What is your most significant risk. That should be something you have an answer to and then be able to defend that answer when you're challenged? All right, about the world stuff in short? Well, Covid 19 by the end of the world. No, It's highly unlikely. COVID-19 is a pandemic and all panda. All pandemics come to an end eventually is Covid 19 serious. Absolutely. People get second people die. It's 100% serious. We should all do what we can to help ourselves and help each other be safe If you're a black man in America, are you going to die at the hands of police? Even even by the most credible research I could find there's a 99.9% chance that this will not happen Even .1% is way too high. We need to do everything we can to drive this number much lower in context. The problem goes beyond the police though. There's a lot more to it then we can solve it. All right. So I hope this helped remember to put things into context as much as you were able brad. Can't wait for you to get back next week so that you can keep me from getting into trouble with this stuff. Right. So let's move on to some news topics. First news topic I have I have three today. That's probably gonna be a little bit shorter episode because I don't have a conversation to have. But the first one comes from security affairs. So security affairs dot ceo And the title is hackers use overlay screens on legitimate sites to steal outlook credentials. This is an interesting article that was published last week. It's interesting. but sort of not, this is just a play on existing attack vector that's been out there for a long time. The difference here is the overlay screens are displayed on top of legitimate web pages um as opposed to, you know, just the phishing attack being a mimic of the legitimate web page. But the focus here is to steal outlook credentials from targets that's always been a very lucrative target for Attackers is Microsoft outlook, whether the outlook web access Or be um your office 365, log in or whatever you're using to get to your mail. Super popular. The target that because people love one, people love their mail so they don't don't mess with. My mail is usually the thought process, so it's easy to kind of play on that emotion easier anyway, um to get credentials. So the fix for this at least the fix for most. Again, risk management, not risk elimination, there's always a way around everything. But the risk mitigation strategy would be to do multifactor authentication, You don't have multifactor authentication at this point into in the year 2020, if you don't have multifactor authentication on everything that's externally accessible, meaning something that anything that's accessible from a non trusted network, you've got to secure it with multifactor authentication. You're asking for trouble if you're not and usually the places that Attackers will go well after email, they'll go after your VPN, they'll go after RdP and any kind of terminal services that you have set up, so those are great places, you know, to focus first anyway. The again, the thing here is, you know, hackers are using overlay screens on legitimate sites versus using uh their own web server to host the helps host a web pages a little different but same victor. Alright. And the next one I've got for news is could CeoS could be held personally liable for cyber attacks that kill this comes from threat post. Again, the title is CEOS could be held personally liable for cyber attacks that kill interesting 75% of top brass at companies will be personally on the hook for cyber physical security CSP now we have another um Acronym incidents by the year 2024, this is according to Gardner uh and this is a prediction. So nothing has actually happened. Do you haven't you don't have any new laws on the books or anything like that? As far as I know, there are no criminal cases um pending or um resolved. The holding Ceo is responsible for these types of attacks, but it seems like this is where we're heading because people are dying now, I don't know if they are doing well. Yeah, they have to be. People do die when we get information security and correct certainly when it comes to IOT, certainly what comes to medical devices, certainly when it comes to our cars and vehicles are more and more technology driven. If there are bugs, if there are vulnerabilities in those systems, those systems are used to cause physical harm to somebody. I think we've crossed the line at that point. Um, people used to get all up in arms about, you know, the breaches that you'd read to get the breach notification letter in the mail and you get pretty ticked off about the fact that somebody just lost your financial information, whether your credit or debit card information or something. People are kind of tuned out to that now, I don't think they are nearly as concerned as they were, but this is emerging of, and I've said this as well for a while that you can't separate information, security, privacy and safety anymore. They're integrated. So your failure and information security can certainly play out in, you know, physical harm, a safety issue, uh, you know, for customers, for workers, whatever. So Gardner is predicting that CEOS will no longer be able to hide behind their corporate legal teams when things go wrong. Um, when somebody dies from something, uh, they may be held personally liable to be interesting to see what plays out there because, you know, by the year 2024 how is this going to affect innovation? How is this going to affect the price of goods? Um, lots of things in some respects would probably be nice to slow down a little bit in innovation because we're going so damn fast new things coming out all the time that people don't even know how to use, they don't know how to secure them that we don't know. There's just so removing so fast. So maybe if this does slow down innovation a little bit, maybe that'd be good for us just to let us let society catch up a little bit. Anyway, very interesting article. Uh, it seems to make sense. Uh, yeah, in context. Gardener certainly has better context on those things. The last article I've got is from HEc Read and the title is hackers delete by Kia. Database. Company avoids data loss due to backups. Yeah, this is good news. So here, uh, last week, uh, so far I don't think the hackers or the Attackers have been identified, but they did successfully infiltrated delete entire database. This is a Pakistani Pakistani vehicle for hire and delivery company called by Kiev B Y K E A. So you may never have heard of it, but in this case the Ceo confirmed that their services were effective are affected. Um, but the company had backups. They discovered the attack quickly contained it and were able to restore. So things were really minimized management of the company believes that the attacker wanted to exploit the servers, data and mine are actually the computers themselves and then use those to mine cryptocurrencies? Uh, I don't know if that makes a lot of sense because why would the Attackers then delete the database. Um anyway that we can all speculate on what the Attackers were actually trying to do. The important thing here is they were able to restore from backup. So Back up your data. This is the year 2020 I believe. And so I've been in this industry since 1992. Yes. Uh and we were preaching to do backups then. So here we are. Much later. And not just do your backups, test your backups, protect your backups, air gap, your backups. If somebody were if an attacker were to compromise your entire network, would they be able to still not get to your backups? Uh, test that stuff. Make sure that that's true. Um, so that you can restore data. I assume most companies are in business to make money. So that's the case with your company. It's easier to make money when you're services are working and when customers can use your stuff. So kudos to Baekje, the Pakistani company for having those backups and having them be effective for you listening. Make sure you got the same thing. All right. That's it. That's about it. Episode 96 is coming to an end lonely again without Brad, but hopefully useful to our listeners. I do have a shout out. I'm just going to give a shout out to uh Two ladies who mean a lot to me, my wife and my 15 year old daughter. You know, this was labor day and we were able to go out for the weekend and I'm just grateful that they were, you know, they put up the guy like me and make me better. So that's a shout out to them. We're grateful for all our listeners and we love hearing from you. So send us your messages by email at un security at proton mail dot com or check us out on twitter @UnsecurityP. If you want to socialize with me or brad directly. I.m @EvanFrancen and Brad @BradNigh. We work for people. And if you want to follow these people, security studios @StudioSecurity again, we're doing all kinds of really cool stuff there. Same with @FRSecure. So and we're social people don't I don't think that because you're gonna reach out to us, we're gonna send your bill or we're gonna try to sell you something we like, we like helping most of the most of the help. I think we do is it's free. So that's it'll talk to you again next week, tune in and make sure you catch Brad again. That'll be episode 97. So Brad. Get better. Thanks much. Thank you for listening to this episode of the Unsecurity podcast.

No items found.
Sign up for our newsletter

Receive monthly news and insights in your inbox. Don't miss out!

education
Industry insights
NEWS & EVENTS