Urban Fantasist
Menu
Picture
Follow @ChristianUncut
We're living in dangerously weird times... smart people just shrug and admit they're dazed and confused

Cybersecurity Comment: Don't be lazy, the perimeter will always be vulnerable 

2/12/2016

0 Comments

 
Picture
Yesterday it was reported that both TalkTalk and Post Office broadband customers have had their online access cut by an attack targeting certain types of internet routers. A spokeswoman for the Post Office told the BBC that the problem began on Sunday and had affected about 100,000 of its customers. Talk Talk also confirmed that some of its customers had been affected, and it was working on a fix. It is not yet known who is responsible for the attack. (It would also appear that local telco KCOM in Hull suffered similar problems last Saturday.)

In the light of these developments, Andy Green, a senior technical specialist at Varonis, comments: The lessons that should be learned from these ongoing Mirai attacks is just how vulnerable we were as a result of our own IT laziness. Sure, we can excuse harried consumers for treating their home routers and IoT gadgetry like toasters and other kitchen appliances – just plug it in and forget about it. So what excuse do professional IT types have for this rookie-level behaviour?

Not much! Unfortunately, default-itis still plagues large organisations. As long ago as 2014, the Verizon DBIR specifically noted that for POS-based attacks, the hackers typically scanned for public ports and then guessed for weak passwords on the PoS server or device – either ones that were never changed or were created for convenience, “admin1234”. This is exactly the technique used in the Mirai botnet attack against the IoT cameras.

Even if hackers use other methods to get inside a corporate network (phishing, most likely)  they can still take advantage of internal enterprise software in which defaults accounts were never changed. For those organisations who think that the Mirai botnet incident has nothing to with them, or have to convince their board of this, here are two points to consider.

1.       The lesson of the Mirai botnet attack is that the perimeter will always have leaks. For argument’s sake, even if you overlook phishing scenarios, there will continue to be vulnerabilities and holes in routers, network devices, and other core infrastructure that allow hackers to get inside.

2.       Human nature tells us that IT will also continue to experience default-itis. Enterprise software is complicated. IT is often under pressure to quickly get apps and systems to work. As a result, default accounts and weak passwords that were set for reasons of convenience – thinking that users will change the passwords later – will always be an issue for organisations.

You have to plan for attackers breaching the first line of defences, and therefore have in place security controls to monitor and detect intruders. In a way, we should be thankful for the “script kiddies” who launched the Mirai botnet DDoS attack: it’s a great lesson for showing that companies should be looking inward, not at the perimeter, in planning their data security and risk mitigation programs.
0 Comments

Your comment will be posted after it is approved.


Leave a Reply.

    Fun and High Strangeness in Weird Times
    Urban Fantasist is here to inform and entertain you with tales of storytelling, geek, pop culture, history, folklore and the weird. "Fun and high strangeness" is how one reader described it. Prone to sarcasm.

    Curated by Reuters correspondent and barrister turned writer, podcaster, radio show host, award-winning tech journalist and sometime werewolf hunter Charles Christian. The site also has links to Charles Christian's books and latest reviews, plus his Weird Tales and Americana Music radio shows.
    Picture

      Get weird now! For all fans, readers & writers of weird tales, weird facts & weird fiction (plus special offers) subscribe to our new look Weird Times newsletter.

    GET WEIRD NOW

    Vital Statistics

    The Americana Music Radio Show is syndicated to over 50 radio stations globally reaching a total weekly audience of 3.4million.

    The Weird Tales Radio Show is available on all podcast channels & syndicated to over 30 internet & FM radio stations globally reaching a total weekly audience of 1.2million.
    Picture
    Click the <Play> button below to hear the latest show. Follow this link Weird Tales Radio Show to access archive.
    Picture
    Picture
    Click the <Play> button below to hear latest show. Follow this link Americana Music Radio Show to access archive.

    ​"One of the Top 10 best Americana radio shows"

    Charles Christian Radio & Writing
    Tweets by ChristianUncut

    Diary of a Writer

    Diary of a Writer #18: Why Snoopy never got a book deal

    If only Snoopy had read Number #1 in Elmore Leonard's 10 Rules for writing.

    Contact Details

    Email: christian.uncut@icloud.com
    ​Tel: +44(0)1986 788666
    Tel/Txt: +44(0)7786 738172
    ​WhatsApp: +44(0)7786 738172
    ​Skype: ChristianUncut
    Twitter: @ChristianUncut

    Quote, Unquote

    "Charles Christian... a man of paranormality" ...Howard Hughes, Talk Radio UK

    "Had a great time chatting with the wonderful Charles Christian about my work as a composer and songwriter on his fab Americana music show."

    "A great witty intelligence in the world. We need more CC and less monkey-brained politicians" ...Julia Bohanna

    "Just found the show, absolutely love it. Will be tuning in regularly and catching up."

    "The witty and knowledgeable Charles Christian." 

    "Charles is a fantastic host, and I really enjoyed listening to the other artists on the show. Very meaningful, uplifting and fun music."

    ​"We poled our fans on their favorite podcasts and that's how I heard of Weird Tales Radio. You are well loved by the geekiverse, and fans of folklore history and monsters!"

    "Charles Christian is really out there cool."
    ​
    ​"Check out Urban Fantasist for more fun and strangeness."

    ​"Charles Christian defiantly makes my world a brighter, funnier place."

    "    Wonderful show tonight full of all the usual delights we've come to expect."
    ​
    "The legendary Charles Christian at his eclectic best... his insight and humour alone make this a must-read blog."

    "Charles Christian is my inner spirit animal, thank you for making me laugh."

    ​"You always make me laugh! Thank you for brightening my day with your dark humour."

    ​"the funny, wonderful and slightly cantankerous Charles Christian"

    "Carlsberg don't make clients, but if they did... they'd be Charles Christian"

    "His tech journalism is always witty. He has a talent for pricking the overblown claims of suppliers."

    "Charles Christian does awesome!"
    Picture

    Charles Christian's Books

    Picture
    https://www.amazon.com/dp/B087N3NB7M
    https://www.amazon.co.uk/dp/B087N3NB7M
    Picture
    ​https://www.amazon.com/dp/B00MELTC84
    Picture
    http://www.amazon.co.uk/dp/B07DKCKPT

    RSS Feed

Picture
Copyright © Charles Christian 
& WordsandVision Limited 2020
Tel: +44 (0)1986 788666
Tel/Txt: +44 (0)7786 738172
​WhatsApp: +44 (0)7786 738172
christian.uncut@icloud.com
Contact Address: Oak Lodge, Darrow Green Road, Denton, Harleston, Norfolk IP20 0AY, United Kingdom
Urban Fantasist is fuelled by green tea, dark chocolate and sarcasm.

Until the next time you visit the Urban Fantasist... stay well, stay weird, stay different

  • Home
  • Weird Tales Radio
  • Americana Radio
  • Charles Christian Bio
  • Interviews & Speaking
  • Charles Christian Books & Reviews
  • * Fiction
  • * Non Fiction
  • * Poetry
  • The Grievous Angel
  • All My Links
  • Home
  • Weird Tales Radio
  • Americana Radio
  • Charles Christian Bio
  • Interviews & Speaking
  • Charles Christian Books & Reviews
  • * Fiction
  • * Non Fiction
  • * Poetry
  • The Grievous Angel
  • All My Links