Sunday, September 26, 2021

Cyber Security Today: Weather report, jail time and a killer of a USB stick

Weather report, jail time and a killer of a USB stick

Welcome to Cyber Security Today. It’s Monday April 22nd. I’m Howard Solomon, contributing reporter on cyber security for ITWorldCanda.com

Cyber Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts

 

‘Be prepared for the weather‘ might be your motto when you step out the door every day. The Weather Channel certainly seems to be prepared for cyber attacks. One hit the cable network last week and knocked it off the air for about an hour and a half. The company put out a statement saying it had been hit by a malicious software attack, but was able to get back on the air through backup mechanisms. The FBI told the Wall Street Journal it was investigating a ransomware attack at the channel. Whatever the cause, apparently the company was prepared. Can you say the same for your firm?
This incident is a good example of risk management. Every organization has to decide what their tolerance is for being knocked offline by a cyber attack. Can you be without the Internet for five minutes? One hour? One day? Whatever the answer, prepare a disaster recovery plan with backup capabilities around that. And remember to practice the recovery plan at least once a year so staff know what to do and where resources are.

The city of Augusta, Maine is hoping to open city hall today after a cyber attack last week crippled the municipality’s systems. The city’s director of information technology insisted no personal data about residents was taken. But police, fire and ambulance dispatchers had to work by hand instead of with computers.

A New York judge has sentenced a Macedonian man to 90 months in jail after pleading guilty to access device fraud and aggravated identity theft. He also has to forfeit $250,000 and pay a yet-to-be-set amount of restitution. All this because he ran a website for selling data from 1.3 million stolen credit and debit cards, bank login credentials and personal information.

When I was a reporter with the Calgary Herald years ago we discussed making vistors wear identity tags so staff would know who in the building wasn’t an employee. At the time we urged management to reject the idea. Today, with easily accessible computers on every desk, companies have to think carefully about physical security. What brought this to mind was a news story last week about a man who pleaded guilty to destroying 59 computers and seven monitors at a U.S. college in New York state. A former MBA graduate from the college, he walked into at least one building and plugged in a USB stick called a USB Killer, which charges itself from the port — much like you’d charge your cellphone — and the fires an electrical current back into a device. A company makes these apparently to test a USB port’s resistance to attacks.

It may be hard for a college with many buildings and thousands of students to prevent outsiders from walking in. But IT administrators can do things like turn off USB ports or install physical USB port blockers. Computer manufacturers should make their devices resistant to this type of attack. By the way, this killer also works on the Lightning connectors on Apple devices. So keep your computers, iPhones and iPads close at hand.

The man will be sentenced in August.

That’s it for Cyber Security Today. Links to details about these stories can be found in the text version of each podcast at ITWorldCanada.com. That’s where you’ll also find my news stories aimed at businesses and cyber security professionals. Cyber Security Today can be heard Mondays, Wednesdays and Fridays. Subscribe on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker. Thanks for listening. I’m Howard Solomon

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication. Click this link to send me a note →

Jim Love, Chief Content Officer, IT World Canada
Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

Related Tech News