Originally posted by Old Greg
View Post
- Visitors can check out the Forum FAQ by clicking this link. You have to register before you can post: click the REGISTER link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. View our Forum Privacy Policy.
- Want to receive the latest contracting news and advice straight to your inbox? Sign up to the ContractorUK newsletter here. Every sign up will also be entered into a draw to WIN £100 Amazon vouchers!
Ultra secure cybersecurity company hacked
Collapse
X
-
-
Originally posted by Paddy View PostIn my own experience, most hacks are internal or done by disgruntled ex-staff
I guess with clown world we're now into the realm of top Trump password complexity. Though 'covfefe' was a tad harder to break than 'MAGA2020'Leave a comment:
-
Originally posted by rogerfederer View PostDeter?
Perhaps the US could send some digestive biscuits to the Kremlin and ask nicely? Short of continued tangible threats and action I don't know what deterrence would work. The main issue now is that if the US intelligence agencies receive authorization to disable many Russian core infrastructure assets, then it seems they may be able to reciprocate. One thing Russia doesn't have is good infrastructure and a plan B or C. I feel sorry for the people living there, having visited myself. It's a tuliphole, even in Moscow, unless you are well connected and rich. I'm only glad that nowhere in developed countries do we see such misinformation and poverty as they see in Russia. The average age of male death says all we need to know.
Throughout the world at transit interconnects, within carrier networks, traffic is monitred by UK's GCHQ and the USA's NSA. When the Russian government state they aren't a part of a hack, well, that part is difficult to dispute. However it is absolutely possible to prove that the packets used to complete the hack came from Russia. Given that multiple VPNs and TOR will have been used, it is a more complex task to piece the information together - but piece the intelligence agencies will and it will be demonstrable that the Russian government was involved in this, if that is indeed the case.
China has a flourishing private sector and I do not believe they would wish to have tit-for-tat attacks, especially towards private sector businesses. What does Russia have? I can count the tech and products I've used from Russia on one hand. Well, on one finger actually.
It's about time that the west considers cutting off Russia from the internet once the evidence is in on this longer term hack that has ocurred. Given most fair countries own the transit points and interconnects it seems the only way to resolve Russia behaving rogue. They are a fossiel fuel powerhouse, but that is it. They don't have much to offer other countries, the food is extremely poor and the populace seem happy to accept it being this way. A few years hard labour on the Russian government seems fair enough.Leave a comment:
-
Originally posted by Paddy View PostIn my own experience, most hacks are internal or done by disgruntled ex-staff
qhLeave a comment:
-
In my own experience, most hacks are internal or done by disgruntled ex-staffLeave a comment:
-
Originally posted by rogerfederer View PostLooks as if this is finally hitting the news ...
US cyber-attack: US energy department confirms it was hit by Sunburst hack
US nuke agency hacked by suspected Russian SolarWinds spies, Microsoft also installed backdoor
Maybe this is why Microsoft seem keen to get on the linux train (from linux layer in Windows to linux based servers in Azure, and that's just the publicly released stuff/news this year), better security by default.
Makes one wonder how deep that rabbit hole goes if the hackers have had months to do their thing before the sleeping giants discovered the intrusion.
Oh well, there should be plenty of contract work for those with the right skillset to help clean up the mess. For the rest of us, we can recommend they just rip out all the IT infrastructure and start again. Only way to be sure is to nuke it from orbit.Leave a comment:
-
Looks as if this is finally hitting the news, although it is absent from the UK sections and focuses on the USA.
Thing is, UK public sector and private sector have SolarWinds used across a lot of important infrastructure, including in finance and in, what is deemed, 'critical infrastructure'.
The solarwinds website has been updated to remove boastful customer lists, but this is just a handful of customers:
SolarWinds Customers
Acxiom
Ameritrade
AT&T;
Bellsouth Telecommunications
Best Western Intl.
Blue Cross Blue Shield
Booz Allen Hamilton
Boston Consulting
Cable & Wireless
Cablecom Media AG
Cablevision
CBS
Charter Communications
Cisco
CitiFinancial
City of Nashville
City of Tampa
Clemson University
Comcast Cable
Credit Suisse
Dow Chemical
EMC Corporation
Ericsson
Ernst and Young
Faurecia
Federal Express
Federal Reserve Bank
Fibercloud
Fiserv
Ford Motor Company
Foundstone
Gartner
Gates Foundation
General Dynamics
Gillette Deutschland GmbH
GTE
H&R; Block
Harvard University
Hertz Corporation
ING Direct
IntelSat
J.D. Byrider
Johns Hopkins University
Kennedy Space Center
Kodak
Korea Telecom
Leggett and Platt
Level 3 Communications
Liz Claiborne
Lockheed Martin
Lucent
MasterCard
McDonald’s Restaurants
Microsoft
National Park Service
NCR
NEC
Nestle
New York Power Authority
New York Times
Nielsen Media Research
Nortel
Perot Systems Japan
Phillips Petroleum
Pricewaterhouse Coopers
Procter & Gamble
Sabre
Saks
San Francisco Intl. Airport
Siemens
Smart City Networks
Smith Barney
Smithsonian Institute
Sparkasse Hagen
Sprint
St. John’s University
Staples
Subaru
Supervalu
Swisscom AG
Symantec
Telecom Italia
Telenor
Texaco
The CDC
The Economist
Time Warner Cable
U.S. Air Force
University of Alaska
University of Kansas
University of Oklahoma
US Dept. Of Defense
US Postal Service
US Secret Service
Visa USA
Volvo
Williams Communications
Yahoo
....and that is less than a hundred of the 18,000 customers that were vulnerable.Leave a comment:
-
Arrest Put1ns money that he keeps in accounts of his multiple very well known frontmen - each hack to cost 2-3 bln dollars, until he runs out of money.
Pretty good start on deterring hostile activities, then it can be escalated if necessary.Leave a comment:
-
Deter?
Perhaps the US could send some digestive biscuits to the Kremlin and ask nicely? Short of continued tangible threats and action I don't know what deterrence would work. The main issue now is that if the US intelligence agencies receive authorization to disable many Russian core infrastructure assets, then it seems they may be able to reciprocate. One thing Russia doesn't have is good infrastructure and a plan B or C. I feel sorry for the people living there, having visited myself. It's a tuliphole, even in Moscow, unless you are well connected and rich. I'm only glad that nowhere in developed countries do we see such misinformation and poverty as they see in Russia. The average age of male death says all we need to know.
Throughout the world at transit interconnects, within carrier networks, traffic is monitred by UK's GCHQ and the USA's NSA. When the Russian government state they aren't a part of a hack, well, that part is difficult to dispute. However it is absolutely possible to prove that the packets used to complete the hack came from Russia. Given that multiple VPNs and TOR will have been used, it is a more complex task to piece the information together - but piece the intelligence agencies will and it will be demonstrable that the Russian government was involved in this, if that is indeed the case.
China has a flourishing private sector and I do not believe they would wish to have tit-for-tat attacks, especially towards private sector businesses. What does Russia have? I can count the tech and products I've used from Russia on one hand. Well, on one finger actually.
It's about time that the west considers cutting off Russia from the internet once the evidence is in on this longer term hack that has ocurred. Given most fair countries own the transit points and interconnects it seems the only way to resolve Russia behaving rogue. They are a fossiel fuel powerhouse, but that is it. They don't have much to offer other countries, the food is extremely poor and the populace seem happy to accept it being this way. A few years hard labour on the Russian government seems fair enough.Last edited by rogerfederer; 14 December 2020, 16:20.Leave a comment:
-
Yeah, of course it’s Russia, and why the heck not if risks are zero and reward potentially very high? It’s their fecking paid job to hack such targets and they are doing their job, and who isn’t doing the job of deterring such hostile activities? That’s the real questionLeave a comment:
- Home
- News & Features
- First Timers
- IR35 / S660 / BN66
- Employee Benefit Trusts
- Agency Workers Regulations
- MSC Legislation
- Limited Companies
- Dividends
- Umbrella Company
- VAT / Flat Rate VAT
- Job News & Guides
- Money News & Guides
- Guide to Contracts
- Successful Contracting
- Contracting Overseas
- Contractor Calculators
- MVL
- Contractor Expenses
Advertisers
Contractor Services
CUK News
- Streamline Your Retirement with iSIPP: A Solution for Contractor Pensions Sep 1 09:13
- Making the most of pension lump sums: overview for contractors Sep 1 08:36
- Umbrella company tribunal cases are opening up; are your wages subject to unlawful deductions, too? Aug 31 08:38
- Contractors, relabelling 'labour' as 'services' to appear 'fully contracted out' won't dupe IR35 inspectors Aug 31 08:30
- How often does HMRC check tax returns? Aug 30 08:27
- Work-life balance as an IT contractor: 5 top tips from a tech recruiter Aug 30 08:20
- Autumn Statement 2023 tipped to prioritise mental health, in a boost for UK workplaces Aug 29 08:33
- Final reminder for contractors to respond to the umbrella consultation (closing today) Aug 29 08:09
- Top 5 most in demand cyber security contract roles Aug 25 08:38
- Changes to the right to request flexible working are incoming, but how will contractors be affected? Aug 24 08:25
Leave a comment: