Someone Is Trying To Take Entire Countries Offline

[rangerrebew]

Someone Is Trying To Take Entire Countries Offline
 
 
By Jim Edwards
28 Dec 2018, 16:00

Gatwick Airport is Britain's second busiest by passenger volume, and Europe's eighth. And yet it was brought to a standstill for two days by two people and a single drone.

Its vulnerability reminded me of a conversation I had two years ago, at the Web Summit conference in Lisbon with cybersecurity investor Sergey Gribov of Flint Capital. He was talking up one of his investments, an industrial cybersecurity firm based in Israel called CyberX. Half-bored, I girded myself for his pitch. They usually go like this: "The internet is full of hackers! They want to steal your data and your money! If only companies used my company's awesome product, we would all be safe!"

I have heard hundreds of pitches like this.

https://www.iflscience.com/technology/someone-is-trying-to-take-entire-countries-offline/

[ConstitutionRose]

More than a decade ago I managed a couple of software testing and quality control labs for a very large insurance company.  Some manager noticed that my labs had never been down due to a virus infection.  When asked how I managed that I explained that I (il) checked each machine every day to be sure the  antivirus software was updated and scans were running; (ii) made sure the firewall was updated and that it was blocking questionable sites; and (iii) monitored the end users for inappropriate behavior. 

That wasn't what the manager wanted to hear, looking for a magic bullet I guess, but it is STILL the best way to protect your endpoints and thus your network.  Eternal vigilance applies to you computers as well.

[Restored]

It only takes one user with admin rights on their machine to mess up the world. The higher the user is up the ladder, the more it is your fault. The VP of Finance at one company demanded admin rights to his machine because he couldn't install a game for his kid. He eventually ended up ransoming the NAS. My friend was the sysadmin and he took another job rather than deal with the fallout.

[ConstitutionRose]

It only takes one user with admin rights on their machine to mess up the world. The higher the user is up the ladder, the more it is your fault. The VP of Finance at one company demanded admin rights to his machine because he couldn't install a game for his kid. He eventually ended up ransoming the NAS. My friend was the sysadmin and he took another job rather than deal with the fallout.

That's exactly what happens.  Almost every single instance of network "infection" can be traced to an endpoint device and user.  My partner is a security expert.  He keeps saying, "There is no technical solution to protect you against a stupid end user".  Training and monitoring end users is not a popular protection option, but it is starting to catch on.  Also, I've replaced foreign sourced software, particularly from Asia, Russia and there satellites.