This blog posting represents the views of the author, David Fosberry. Those opinions may change over time. They do not constitute an expert legal or financial opinion.

If you have comments on this blog posting, please email me .

The Opinion Blog is organised by threads, so each post is identified by a thread number ("Major" index) and a post number ("Minor" index). If you want to view the index of blogs, click here to download it as an Excel spreadsheet.

Click here to see the whole Opinion Blog.

To view, save, share or refer to a particular blog post, use the link in that post (below/right, where it says "Show only this post").

Hacking Continues.

Posted on 26th August 2021

Show only this post
Show all posts in this thread (Cybersecurity).

Several recent stories show that hacking (and rasomware) attacks, and security vulnerabilities, are part of every day life in the modern world, and not just some passing phase. They also show that the problem is being exacerbated by a lack of the appropriate paranoia about the risks, and by general stupidity.

Earlier this year the Solarwinds hack came to light, which mainly targeted U.S. government agencies, although it went undetected for many months.

More recently there was the Kaseya attack, which affected companies around the world. Many companies were much more seriously impacted than necessary, because they were using Kaseya's backup service, meaning that the backups, which were also compromised, could not be used to recover from the hack. A friend who runs a small to medium sized company in Munich was impacted by this hack (and he is totally paranoid about cybersecurity!), and will not be using Kaseya's backup service any more (he didn't actually realise that his backups used this service, because his backups were handled by one of his service providers, who in turn used Kaseya).

Crypto-currency traders and repositories were also hit recently. There was an attack on Poly Network, in which about $600M was stolen, although bizarrely, most of the funds were later returned by the hacker. Then there was an attack on Japanese crypto-currency exchange Liquid. where the hackers stole around $100M.

There was a hack which stole data on more than 40 million of T-Mobile's U.S. customers (and people who had merely applied to be customers).

Microsoft continues to be the greatest cybersecurity risk in many people's everyday lives; Adobe is a close second. After the PrintNightmare vulnerability came to light, there is now a new security hole which would let hackers take control of your systems, without needing an administrative password. This article on Tom's Guide really says it all: "Boneheaded recent change to Windows just makes it too easy". It's like I always say, you can't trust Microsoft.

We need to accept that this problem affects everyone, and all systems, and to apply some common sense and paranoia, to reduce the risks and impacts. The problem is not going away. Security needs to be designed into systems from the ground up, not added as a bolt-on fix. Do your own backups, and store them off-site; update your systems frequently (but vet the updates before rolling them out); use firewalls which only allow essential access, and review the settings regularly; use dissimilar systems where possible (e.g. Linux servers with Windows clients); use quality malware scanners (more than one); block your users' access to dangerous web-sites; provide your users with a quarantine environment where they can open suspicious email attachments and visit suspicious web-links; control the connection of removable media/devices (USB drives, mobile phones, etc.) to company systems; and trust no-one.