Welcome back to the TCE Strategy monthly technology and cybersecurity newsletter! The mission of this publication is to cut through the clutter of cybersecurity news stories and provide you with the most important, relevant and actionable cybersecurity information.
If this newsletter adds value, fantastic! That is the goal. Please forward it on to friends/colleagues. If not, no hard feelings. Please look to the bottom for an easy to click "unsubscribe" button.
It has been a BUSY month in the world of cyber security, so strap in and let’s get moving.
Honda has some egg on their face, or more specifically, on their keyfobs. A researcher has found a way to simulate wireless openers and can unlock Honda cars at will. Thankfully, this hack doesn’t let the criminal drive off with the car, but it does let them open the doors and trunk. The best remediation is to not leave valuables in your vehicle, which is good advice for any make/model of car.
The meltdown of the crypto currency market has investors fuming, but it is also allowing a number of really smart people that have been calling out some of the fundamental technology behind cryptocurrency to be heard. We need more regulation in this space, or scammersaregoingtokeepscamming. I’d recommend that anyone who is invested in crypto or is considering doing so take some time and give this a read.
On the ransomware front, a group that TCE Strategy has had to tangle with is called “BlackCat”. I came across this article about them, but the most interesting part isn’t the BlackCat info – it’s that the researchers claim that by 2031, ransomware is going to become the world’s largest “shadow economy, causing more total damage than natural disasters,” which is saying a lot given the increase in natural disasters as the world continues to warm up.
As cyber war and kinetic war continue their merge until one becomes indistinguishable from the other, we have a rare example of CCTV footage that caught a cyberattack taking out a steel plant. If you work in the manufacturing space, your network needs a “SCADA” environment. “SCADA” environments harden the controls around the equipment in the plant that can cause plant disruption or life safety incidents. The same thing goes for many of the heating/cooling systems that I come across when doing network scans. Many of the “HVAC” panels in buildings are horribly insecure. If they are left on your internal network, they can be a launching point for cybercriminals to make attacks on other systems.
Does your contract with your vendors include cybersecurity requirements? "A ransomware attack on an accounts receivables management firm affects more than 650 covered entity clients - including dental practices, physician groups and hospitals".
IoT security at its finest: "The research also found that the GPS tracker comes with a default password of “123456,” allowing anyone access to GPS trackers that have not changed their device’s password. BitSight found 95% of a sample of 1,000 devices it tested were accessible with an unchanged default password, likely because device owners aren’t prompted to change the device’s password on setup."
Why did he choose to represent himself in this trial? Why? I have mixed feelings on his actions. Does the government have the right to surveil whomever they choose with electronic backdoors? I thought the USA was founded on the exact opposite.
Cybersecurity Tip of the Month
Using a VPN to Protect Your Public Wi-Fi Use
Why Use a VPN?
Public Wi-Fi is convenient for many reasons: you can work away from home, it is often free, and you can use apps on your phone or tablet without using cellular data. However, public Wi-Fi is often unsecured and can provide an opportunity for cybercriminals to access personal information like login details, credit card information, and email communications. Hackers can also potentially inject malware into devices connected to unsecured networks.
One way to protect yourself from these threats is through the use of a Virtual Private Network (VPN) whenever you are connected to public Wi-Fi. VPNs protect your privacy by encrypting your Internet connection so that no one else is able to access the information you send over the network and are one of the best ways to protect yourself and ensure your public Wi-Fi use is secured.