Posted on 12/18/2017 7:22:58 PM PST by Innovative
North Korean nuclear weapons programs, with funding made possible by your most popular operating system.
That’s what I was thinking also.
Our intelligence agencies are amoral and have screwed the pooch.
I receive on average one suspicious email a week that makes it through our corporate filter. One week though, I had one or two daily.
I contacted our I.T. dept for every one of them, had I.T. access my terminal to see its path etc, and then deleted the emails.
It’s a no-brainer that if you get ANY email from an unknown source, you NEVER EVER EVER click on any link inside unless you are in contact with your I.T. folks. Even then, you let THEM do the actual clicking so that you are NOT responsible for the potential consequences.
When in doubt, delete.
I think half or so of all the infections is greenies/environmentalists seeing and clicking on emails using words like Green, Environmental, Planet, Trump, Climate, and so on in their excitement to be abreast of the latest aspects of their religion. Telling them not to open those emails just makes them angry ...
Yes, if you search on Eric Schmidt (Google) and Bill Richardson , they went over there a few years ago.
Google is tutoring NK about how to run a police state.
Very good advice. But you have to also be careful with known sources as well.
Just this morning I got an email that was from someone I know, FWIW gmail did put it in the spam folder and are very good about filtering these out of my inbox, but it contained a strange subject line and nothing but a link. I deleted without opening. Its not the first time Ive gotten suspicious emails appearing to be from this person I know.
At my previous job at a small payroll service provider, some years ago they got hacked and the resulting data breach nearly put them out of business.
As a result, they are super vigilant regarding emails. For one thing we have an add on to our Outlook to report suspicious emails to IT a phishing alert button. We also have monthly IT security training. As to the emails, we can only send and receive emails containing confidential client information and attachments via a secure encrypted email service.
They also used a security service who will send out fake phishing emails to random employees to see whether they open and click on any links or report it to IT.
But even with that, hackers have gotten more and more sophisticated.
We would sometimes get suspicious emails from a clients email addresses with attachments and or links and fortunately most of the time someone reported it, but once or twice, even with all the training, someone would fall for it, and soon, sometimes within minutes we were notified by IT not to open it if we received it and also confirming that they had contacted the client to tell them that their email had been hacked or was being spoofed.
About a month ago at work I got an email from what looked like Pizza Hut, very convincing looking, logos looked real and the email address came from what appeared to be from Pizza Hut, and with the subject line of something like, Company Name Loyalty Reward and a picture of a coupon for a free pizza, but inviting you to click on it to redeem. I reported as phishing and it was a phishing email.
At another job, I would occasionally get an email from someone internally, typically the CEO or company president, instructing me to initiate an emergency wire transfer to some vendor or open a link to a vendors unpaid invoice. Of course I knew right away it was a scam because I worked in PR/HR and not in AP. But a couple of times I got emails that looked very much like they came from our payroll provider ADP, sometimes saying Urgent Action Required or Unpaid Invoice Attached.
One thing that can be helpful is to look at the senders email address, while it may look legit and even contain the companys name, it is often not the real companys email. So an email from Pizza Hut might be pizzzahut.@pizsa.co. Note the extra z and the fake domain name.
You can also hover over a link without clicking on it to see that it is a fake link. But when in doubt, delete it and call the sender.
Also be aware of phishing phone calls. Ive been getting a lot of these lately, including from utility slammers. And in the last two days a phone call purporting to be from my bank saying there was a problem with my account and asking me for the last 4 digits of my SSN and my date of birth for security purposes. I said no and hung up and called the legitimate 1-800 number of my bank and they confirmed there was no problem with my account and that it was a phishing scheme.
The human interface is ALWAYS the most vulnerable. That will never change.
Maybe if we get enough MAGA congressits/$inators in office for President Trump.
They can declare cyber attacks like this, as acts of war similar to the attack on Pearl Harbor!
Then, President Trump can ask the new CIA and his military to to take out the cyber criminals regardless of where they are located.
>>My impression is that 95% of these breaches are caused by idiot users who click on attachments or links in their personal email.
That, plus web sites. The malware and the delivery systems are very sophisticated. They use our own patterns of use against us and there is a balance of security and useability. People want easy access to the internet and connectivity across all their platforms. Easy access goes both ways.
Almost everyone is an idiot when it comes to information security. Back in my early IT days in the 80s, we had a saying that User is a computer term that means idiot. I used to have a coffee mug that said that.
Crying Mugshot Girl is upset.
But WAIT!
There’s MORE!!!
Yup—way past time we can trust anything from .gov sources on this topic..way too easy to fake..and NK isn’t the only one who knows how to lie..
Yes, China is preventing it nowadays, but Kim has an accomplice:
On October 1st, 38North and Dyn Research reported that Russia began providing an internet connection to North Korea. The Russian-provided infrastructure gives Pyongyang 60% more bandwidth and a second connection to the outside world ; Chinas Unicom company had been North Koreas sole internet provider since 2010.
The construction of the new internet connection follows a September 27th meeting between DPRK and Russian foreign ministry officials in Moscow. Russias extension of an internet connection to North Korea, as well as its reopening of a ferry route between the two, may indicate that Russia will seek sanction loopholes to strengthen their partnership.
This info is used to put pressure on NK. The info was in the public domain already in June:
British security officials believe that hackers in North Korea were behind the cyber-attack that crippled parts of the NHS and other organisations around the world last month, the BBC has learned.
Britain’s National Cyber Security Centre (NCSC) led the international investigation.
Security sources have told the BBC that the NCSC believes that a hacking group known as Lazarus launched the attack
http://www.bbc.com/news/technology-40297493
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.