November 2021 News & Tips | FBI Email Hack & Ransomware How-To's
Welcome back to the TCE Strategy monthly technology and cybersecurity newsletter! The mission of this publication is to cut through the clutter of cybersecurity news stories and provide you with the most important, relevant and actionable cybersecurity information.
You can have this newsletter delivered straight to your inbox each month by subscribing here.
This Month's News in Review
Cyber Security Basics: Do our nation’s most vital agencies employ cybersecurity best practices?
The breaking story this month came to us just days ago with the news that the Federal Bureau of Investigation faced a hacked email server due to a vulnerability in one of the Bureau’s software infrastructures. The threat actor sent a fake email to thousands of email addresses that the Bureau had on file in connection with the Law Enforcement Enterprise Portal (LEEP) that serves to aid individual government agencies. So what happened here? It seems something as basic as a misconfiguration allowed the hacker access, with relative ease, to the FBI’s external email infrastructure. While the Bureau was quick to convey that no internal systems were breached, it still begs the important question of how cybersecurity basics and best practices can be followed. Ironically, the bug appears to be that the website leaked one-time passwords that are supposed to be used to validate that a new account “owns” the email address it claims to be coming from. In an amazing twist of irony, TCE Strategy has found this same vulnerability in two recent website vulnerability assessments we have run for our clients. It’s always preferable to have vulnerabilities pointed out by a proactive penetration test rather than by a hacker.
Next, we discovered this article on 5 Ways to Approach Ransomware Negotiations by James Coker from Infosecurity Magazine. If you’ve ever wondered how you or your business might negotiate in the (hopefully) rare chance of a ransomware attack, these steps are incredibly insightful to follow. We’ll break them down for you here:
1. "Be respectful." It may seem counterintuitive, but Coker emphasizes the importance of being kind, even to those not being so kind to you. It's already bad enough that you're dealing with a ransomware attack. Best not to make matters worse by cursing your hackers out and making them even more hostile towards you.
2. "Ask for more time." Though you may be bullied into paying the ransom by a certain day, if you ask for more time "this can give victims more opportunity to assess their options, for example, if they are waiting to see if they can get backups for the stolen data," says Coker.
3. "Promise to pay a small amount now or a large amount later." Collectors are out to do one thing: collect. Waiting is not in their skillset or mindset. "Adversaries are likely to want to conclude the negotiation as quickly as possible. Therefore, victims should try and take advantage of this mentality during negotiations."
Recommended by LinkedIn
4. "Convince them you cannot reach the ransom amount." Offering to pay a much smaller amount of their demand may seem risky but if you're able to convince them that what they're asking for is too astronomical, you may very well get away with it.
5. "Don't tell them you have cyber-insurance." Hack advised: “keep the fact you have cyber-insurance secret, keep the files off your network. You might even want to go as far as making an agreement with your insurance company that they also keep it a secret on their end.”
Robinhood Data Breach: On (cyber) Wall Street, Robinhood, one of the world's leading apps for trading disclosed on Monday, November 3rd that it discovered a data breach in its system that affected nearly seven million of its customers. Personal information including email addresses, names, and for a small amount, even DOB’s and Zip codes were revealed. How do we secure our credit and trading privacy? We need to have financial penalties in place that make it in Robinhood’s best interest to prevent data breaches. In the absence of laws with stiff fines, I’d recommend taking your trading business elsewhere. Here are 10 alternatives to Robinhood.
Until next month, stay safe!
Cybersecurity Tip of the Month: Why Cybersecurity Matters
It’s safe to assume that if you’re reading this newsletter, it’s because you care a great deal about cybersecurity. Both for yourself and for your business, you understand why cybersecurity matters. But what about your friends, family, and co-workers? Do they care as much as you do? And because it is really that important, do we know the things to say to make them believe it too? Here are some tips to help others understand the importance of cybersecurity:
- Read the news. Outside of politics and COVID, cybersecurity is easily the #3 most popular new theme of the past few years. This isn’t a coincidence.
- Talk to your friends and family. Cybersecurity attacks have become like car accidents -- we all know someone who has been seriously impacted by one, if we haven’t ourselves.
- Knowing about cybersecurity makes you cool. You will be the envy of your neighbors. Cybersecurity awareness makes you more attractive to your existing or prospective significant other. It will make you lose 10 pounds. It will regrow hair where you want it and will remove it from where you don’t. It will raise your gas mileage and lower your cholesterol.
OK, #3 may be a bit over the top, but cybersecurity awareness will help keep your money and your personal information safe. That’s a big deal.