OK, I’m a prepper

I bought some extra water because of recent events. I know, cyberattacks may not hit infrastructure–though there are cyberattacks right now in Ukraine, reportedly Russian state actors have not yet attacked infrastructure–but that’s the extent of my prepping. Things over there have continuously escalated, with Russian attacks on civilians, so no one knows what’s going to happen.

Biden: we will “use every tool to deter, disrupt, and if necessary, respond to cyberattacks against critical infrastructure.”

Slightly comforting.

Biden: There is “evolving intelligence that the Russian government is exploring options for potential cyberattacks.”

The government claims to be ready, but your enterprises and SMBs may not be.

https://www.cnn.com/2022/03/22/politics/analysis-biden-warning-putin-cyberattack-us/index.html

There is something that you should be doing right now as an SMB or enterprise:  MFA should no longer be optional. It’s a comparatively small measure considering what could be in way of an attack.

The government made these suggestions, which are a good summing up:

– Deploy modern security tools on your computers and devices to continuously look for and mitigate threats
– Make sure that your systems are patched and protected against all known vulnerabilities, and change passwords across your networks so that previously stolen credentials are useless to malicious actors
– Back up your data and ensure you have offline backups beyond the reach of malicious actors
– Run exercises and drill your emergency plans so that you are prepared to respond quickly to minimize the impact of any attack
– Encrypt your data so it cannot be used if it is stolen
– Educate your employees to common tactics that attackers will use over email or through websites
– Work with FBI and CISA to establish relationships in advance of any cyber incidents

https://www.zdnet.com/article/white-house-warns-do-these-8-things-now-to-boost-your-security-ahead-of-potential-russian-cyberattacks

LokiLock ransomware

So now these crooks are using a new ransomware called LokiLock, that wipes your device. This has already happened in Ukraine and “The US government fears destructive malware could target organizations in the West in retribution for sanctions against Russia.”
‘Everyone loses’: This new ransomware threatens to wipe Windows PCs if its victims don’t pay up | ZDNet

How can you negotiate when they destroy your machine in the process? It’s clearly like NotPetya, where Ukrainian systems were attacked by Russian actors. That’s what is currently

A colleague said that he prefers the U.S. having separate agencies in lieu of a centralized authority. He’s right about centralized authority in general, but I think we need a single federal agency in this case–in the name of readiness for a war perhaps coming soon to your local water company.

Raking it in

I’ve noticed that Trump supporters are paying to see speakers like Tucker Carlson and Charlie Kirk to the tune of $20 to $5000(!) I remember my relative saying “there’s no way [Trump] lost.” So 40-odd law suits later, they still think that. There is something akin to delusions of grandeur here–but with crowd size supposedly indicating where the nation is.

Reddit emotion; Psycho-physical pain

Two mental health articles.

A Dartmouth study found that major depressive, anxiety, and bipolar disorders can be recognized by the emotions of Reddit posts; the posts can reveal an “emotional fingerprint” for a user. They didn’t examine the content, just the emotion–so the study is an incomplete look at emotional disorders in my opinion. Also, what about the bomb throwers and trolls? Online mass movements?
https://home.dartmouth.edu/news/2022/03/ai-model-detects-mental-disorders-based-web-posts

Continue reading “Reddit emotion; Psycho-physical pain”

Cyber war through Anonymous

Just learning more about what Anonymous is doing. Can we cheer for them? MSNBC updated us on the events about attacks on Russian targets, but made note that this could lead to cyberwar.  The NYT had the other side: there are attacks by Russian operators on Ukrainian targets.  Opinion | I’ve Dealt With Foreign Cyberattacks. America Isn’t Ready for What’s Coming. – The New York Times (nytimes.com)
Ukraine is fighting back with a volunteer cyber army. What will you do when the water and power are out? There is no central agency in the U.S. Frightening.

Return

And the biggest realization from this event was:
I am not my sin.

I am too hard on myself on some things. I met so many guys who prayed for me and gave me advice. The event was such a blessing and eye-opening. I’ve made some numerous friends at Awaken Balboa, where I have been on the sidelines too long. Something was moving me to challenge myself and what a blessing it was. I won’t look back.

Pro-Ukrainian Memes

Interesting how many people are emoting about Ukraine. The question is, how long will this last?

This reminds me of something I learned from Ken Burn’s Civil War documentary. The series spoke of how when the war first started, people were not taking it seriously; some were watching the first battles like an amusement. Years later, the gravity of the conflict was evident.

Social media has that common emotional outpouring that gives some people meaning. But hopefully these pro-Ukraine memes will prove not weary, but genuine(and lasting for democracy).

NotPetya2 – Cont.

So significant ransomware attacks on Ukraine right now. Dark Reading notes that 77% of organizations have poor segmentation, 70% have exposed Industrial Control System connections and 44% shared credentials:
https://www.darkreading.com/attacks-breaches/ransomware-trained-on-manufacturing-firms-led-cyberattacks-in-industrial-sector

Most of last year also saw scans of TCP Port 502, which is used by a protocol called Modbus, the transportation systems of Ukraine. (That is SCADA devices as well.)

Significant was the use of a new data wiper called “HermeticWiper” (aka KillDisk.NCV) with evolving attacks over the past two months. Over 121 unsuccessful cyber attacks took place last month, one which was called “WhisperGate.”

The prep for the main event was overwhelming distributed denial-of-service (DDoS) attacks on Ukrainian government offices and banks. The Russian Main Intelligence Directorate (GRU) was fingered by U.S. and U.K. officials, with subsequent denial of course by the Kremlin.

The propaganda war is trying to sow panic and spread miss information.

“President Joe Biden said last month the US could respond with cyberoperations of its own if Russia conducts additional cyberattacks in Ukraine.”

This is not about websites. This is about basic economic processes and transportation.  ICS and SCADA systems are being compromised.
The attacks began Feb12. The second version of NotPetya? I have a feeling that we will know the damages more than anything ever before. Alarming is the data wiping that happened before the kinetic events.

Key Ukrainian government websites hit by series of cyberattacks – CNN

NotPetya 2

https://apnews.com/article/russia-ukraine-joe-biden-technology-business-hacking-5eadc06062f8c7acfc7b7302ec4c4478

Biden notes that a physical war could result from cyber breaches. In spite of NATO, Putin and crew could do some damages that would cost billions.

NotPetya was the largest and most expensive cyberattack ever and was perpetrated largely on Ukraine by Russian criminals working for the government. It caused more than $10 billion in damages in 2017. Is part 2 in order?

I’m hoping that now we will be ready and that NATO will act together. This is all new territory though. We haven’t seen physical war yet, but I think it will be tit-for-tat unless it takes down some infrastructure that is critical and/or relies on IRL human processes.

Will Someone Please Stop the Oversaturated Vendor Problem in Balboa Park?

UPDATE: Well, according to sources at the Balboa Park visitor’s center, someone put in a new rule that vendors there have to be 100 feet apart. Doesn’t mean a lot imho; street vendors have been a problem for business owners throughout the city, who have some of the same products, just without the overhead. But now the city council said they will vote on March 1 to rule on placing restrictions on vendors and prohibit them in certain parks, beaches, and places like Old Town: “The ordinance requires vendors to obtain a business license and vendor permit. It would define specific distance parameters around statues, art displays and other vendors.”

Though the park website says “The City of San Diego must issue a permit for any commercial filming for exterior areas in Balboa Park,” vendors, with hygiene requirements, don’t need a permit? I don’t see why this took so long to address.

—-

Ah, to get back to normal life. At Balboa Park, the museums are starting to open, the Spanish Village artists are back at work, and the rose garden is in full bloom.

But now someone needs to do something about the high number of what appears to be unapproved vendors who are in Balboa Park. They seem to have little food safety and basic hygiene, and poor trash management. The U-T interviewed Alexis Villanueva, senior program manager of economic development with City Heights CDC, who maintains that “micro-enterprise” vendors contribute to the economy. Yes, but they can also contribute other, unwanted things. There has to be a balance here between rules, regulations and freedoms.

 

Continue reading “Will Someone Please Stop the Oversaturated Vendor Problem in Balboa Park?”

Do you have a dark web presence?

Heard this radio interview yesterday with BorderLAN. Among the notes:
1. Don’t be lazy in getting your cyber. Don’t say “we’re just a small company and hackers are not after us.”
2. In order to get cyber insurance, you are first going to have to:
   A. Perform on/offsite backups
   B. Get effective anti-malware
   C. Have you even blocked certain IPs, like from North Korea?
“Do what you do as a small business and leave us to do our job, what we do to protect you,” said the company rep.
The dark web is filled with data. There are supercomputers out there doing continual scans for vulns. We can search for your data out there. It’s like Amazon/auction for hackers. Free hacking tools for script kiddies (no experience needed).
The government just spent $2-3 trillion but $5-6 trillion is already out there on the dark web (ransomware and other data hostage, things like free videos of porn, human trafficking, software serial numbers, free stuff!)

REvil stops momentarily but then…?

After Russian security forces arrested some of REvil’s operators, “You can hit the jackpot once, but provoke such a geopolitical conflict that you will be quickly found. It is better to quietly receive stable small sums from mid-sized companies.”
The up-and-coming local cyber provider for whom I am working is targeting its marketing toward SMBs, which are vulnerable more than ever now to ransomware.

Ransomware gangs are changing their tactics. That could prove very expensive for some victims | ZDNet

Pegasus and the Israeli Left

For those who think that Israel is some kind of right-wing regime, here the Israeli Left and right–and the public at large–are united in their alarm at police actions in using NSO’s Pegasus software to spy on top officials without a court order. Just more proof that Israeli politics are democratic, the worst kind of politics other than every other one.

Israel Police used NSO’s Pegasus spyware against top gov’t officials, journalists and activists – Israel News – Haaretz.com

 

Pegasus enables warfare

Cyber war is evolving to a state where there could be conventional warfare in retaliation for a cyber attack. You can use my paywall hack to view this article if you are not a NYT subscriber (https://www.digibrill.com/2021/10/14/hacking-paywalls/):
“Cyberweapons have changed international relations more profoundly than any advance since the advent of the atomic bomb. In some ways, they are even more profoundly destabilizing — they are cheap, easily distributed and can be deployed without consequences to the attacker. Dealing with their proliferation is radically changing the nature of state relations, as Israel long ago discovered and the rest of the world is now also beginning to understand.
“More than 75 years after the invention of nuclear weapons, only nine countries appear to have a usable one. But dozens of countries already have cyberweapons. ‘Everybody seems to want them,’ Mark told me, ‘and this gives enormous power to the countries who sell them and can use them for diplomatic advantage.’
“It has also led to a huge increase in government spying, for good and for ill.”