CALL US: 216-397-4080  | CLIENT HELP DESK: 216-539-3686

Thoughts From Abbott’s Inbox July 9th, 2021

Thoughts From My Inbox

July 9th, 2021

Supply Chain Attacks, Terror Pigs, and Spin Rates

My inbox this past week has been dominated by news of last Friday’s REvil ransomware attack on Kaseya. You’ve probably seen the news about it, as the ransom request is $70 million, and business have been affected around the world.  While I do have one item on Kaseya this week, I was able to dig up a bunch of other good stuff, as well.  I hope you enjoy!

Something About…

 

Radioactive Terror Pigs

The headline is the best part of the article about wild boars taking over the exclusion zone surrounding Japan’s Fukoshima nuclear reactor site. First it was Murder Hornets and now cesium filled hybrid pigs.  What’s next?

 

 

Supply Chain Attacks

As mentioned above, you’ve probably heard something by now about last Friday’s REvil supply chain ransomware attack against Kaseya, the tool that technology providers like Ashton use to remotely monitor and manage client networks. This follows similar attacks against Solarwinds and Connectwise, and comes as no surprise; The FBI quite some time back put out an alert that hackers were targeting managed services providers, and has now released an update with recommended precautions, many of which have been discussed here in the past, including multifactor authentication, patching, and properly backed up and recoverable data (note; this is a great time to ask your technology partner what they’re doing to secure not only YOUR network, but THEIRS.  You are a target, and so are they).  In this case, neither Ashton nor any of our clients were affected, but many MSPs can’t say the same.  The ransom stands at $70 million, and the depth and breadth of the attack is still being determined. The most recent news is that Kaseya hopes to have a patch released by Sunday (that timeline has been backup multiple times), and that there are already phishing emails making the rounds, using said patch to steal user credentials. 

.

 

 

LinkedIn

Personal information for 92% of LinkedIn users (700 million people) was posted on line last month. This means that it’s a good time to change your password, and beware of phishing and business email compromise (BEC) scams that use personal information gleaned from your LinkedIn profile.

 

 

 

Business Email Compromise

Reading this article, I was taken back to 9th grade algebra and trying to solve for X and Y. Back then, in what was lovingly referred to as ‘dummy math’, my teacher Ms. O’Donnell (who called everybody ‘honey’ leading to all of her students being known as ‘honey bears”) would’ve been shocked that I had any knowledge of X and Y.  If she were still alive, she’d be amazed that I’d passed enough math classes to graduate from college.  Anyhow, this piece about a former employee creating email forwarding rules to spy on his former boss is a pretty good example of how business email compromise (BEC) works.

 

Spin Rates and Sticky Stuff

Keith Olberman, before he turned to politics and became unwatchable, used to say of a double play, “that’s a 6-4-3 double play if you’re scoring at home.  Or even if you’re by yourself.” I wonder what he thinks of spin rates and MLB banning the sticky substances that many pitchers use for better grip.  Since the league started checking pitchers for banned substances, spin rates have bottomed out, and it’s rather comical to watch how pitchers are dealing with it. The Washington Post put together quite an analysis of statistics from before/after the new rule went into place.

 

Email Fatigue

94% of malware is delivered via email, and 80% of security incidents stem from phishing.  And as my son likes to remind me, 82% of statistics (or 75%, depending on the day) are made up. Which also reminds me of a quote attributed to former Indians third baseman Toby Harrah (I had his autograph model glove in 3rd grade); “Baseball statistics are like a girl in a bikini- they show a lot, but not everything.”  But I digress.  As email volume continues to increase (feel free to look at my inbox for proof), people become lackadaisical when clicking.  Too many emails, not enough attention paid to what you’re doing.  That’s exactly what hackers are hoping for.  This piece has some good reminders as to how to protect yourself and what to look for when opening your 117th email of the day.

 

 

 

Real Estate

We have a cottage on an island in Northern Ontario that we haven’t been able to visit since October 2019.  So, it’s probably not wise for me to be looking at real estate listings of other Canadian properties, which only serve to remind me that I can’t enjoy ours. Regardless, this listing in British Columbia was sent by my friend Sarah Messenger of our security partner, Sophos.  Looks like an awesome place, right on the water!

Speaking of BC, this listing for a ‘micro-unit’ in Vancouver was pulled after only 48 hours.  It seems that a 160 SF. bathroom with a bed does not meet code.  And I know that my wife is reading this and very disappointed that I’ve not included a clip from the movie Wanderlust as Jennifer Aniston and Paul Rudd buy a microloft (there just wasn’t a good clip available for that scene).

Finally, we have an underwater lot on the northern shores of Lake Erie.  It’s 19 acres and is on the market for$99,000.

 

Cyber Liability

 This piece on rising reinsurance rates for cyber liability coverage had so many good comments and stats that I didn’t know what to include in this paragraph! It could be the one about rates having increased by 40%. Or maybe this gem; “cyber insurance has not helped organizations improve their cybersecurity and is actually facilitating the behavior of cybercriminals…” Or maybe I’ll just stick with a couple of statistics; “…ransomware incidents represented 41% of all cyber insurance claims filed in the first half of 2020. The company said there was a 260% increase in the frequency of ransomware attacks among their policyholders, and they found that the average ransom demand increased 47% –Claims ranged from as low as $1,000 to $2 million.”  Last but not least, a reminder regarding security awareness training; “Organizations must increase employees awareness of cybersecurity so that they can be the first line of defense and recognize malicious activities.”

 

Finnish Baseball

 The Finns are known for ice hockey and ski jumping, right?  It turns out that they have their own form of baseball, too, called pesapallo. The pitcher stands next to the batter and tosses the ball straight up in the air, for the batter to hit (kinda like when I was playing soft-toss with the nine year old baseball team I coached). There are four bases but they run in a zig zag pattern around the field, which happens to be half as wide as an American ball diamond.  Here’s a video if you’d like to learn more.

 

Cleveland

It was suggested to me during a sales meeting last week that there’s enough random Cleveland info to post an item each week.  As it happened, I’d already planned an item on the USS Cod submarine, now retired and docked downtown. During that same meeting, I was presented with a book on Russia’s biological weapons program (anthrax, smallpox, Ebola, etc.) and told that the author and man who ran the program is now a scientist living in Cleveland and doing great things. I haven’t had a chance to read the book yet (thanks, Don!),as I’d just started a new one. But my colleague here at Ashton, Pete Bunevich, said it’s an absolute page turner.

Contact Lenses

Here’s your oddity of the week.  I won’t give anything away, so you’ll have to click on the link to the article.

 

The best thing about a long weekend is the short week that follows.  I hope you had a great Independence day and a productive four day week.  We’re getting out and seeing more people face to face, which is awesome.  Still looking to take some of you out to lunch to find out what your best B2B customer experience has been.  Just say the word and we’ll get something on the calendar!

 

 

Have a great weekend, 

Jim

 

Related Posts