2021-05-15 Show 1113 – How the Colonial Pipeline changed Ransomware forever

Craig Peterson: Hey, wherever you are, whatever you’re doing right now. I know you’re listening, and I appreciate you being with us. Of course, this is Craig Peterson. I’ve been in cybersecurity now for 30 years, and we’re going to talk about what’s really happening with this Colonial Pipeline ransom. 
[00:00:16]This whole hack, if you will, of what’s been happening with this Colonial Pipeline. Cyberattack is very upsetting to me. Let’s just really briefly because I’ve talked about it before. Talk about what happened. What is ransomware? Ransomware is software that the bad guys get onto your computers.
[00:00:40] Now it’s changed over the years. When ransomware first started hitting, I think most people still have this in mind, and the software gets onto your computer. Usually, you click on something. You download a zip file, and you open it up. Maybe it’s a Microsoft word document and embedded inside that document.
[00:01:00] Is a piece of nastiness, and that nastiness is the ransomware. And what it’ll do on your machine is it’ll start looking for files that it can encrypt. And those files typically are things like your word documents, your Excel spreadsheets, all that sort of stuff. And. They would encrypt it and then pop up on your screen, a nice little red warning message that all your files have been encrypted.
[00:01:31] And if you really want to get those files back, what you’re going to have to do is go to this particular website, send some Bitcoin to this specific Bitcoin wallet. And then hopefully, you’ll be okay. Now, back in the day, it was crossing your fingers cause you didn’t know what was going to happen.
[00:01:52] If I send the money while I get the decryption key, will the software work while I get all my files back. And frankly, the answer to most of those questions was no. In most cases, you would not get all your files back in this day and age. It’s changed slightly, but we’ll get into that and how it’s changed and who has changed the ransomware.
[00:02:16] Industry. I want to give you some tips on what to do and how to avoid ransomware in the first place. And there are some automated things you can do. You can do some things just as a human being that you should watch out for. And I want to also get into it, so what do you do after the fact? I got a call from a listener this week who had a real problem.
[00:02:41] Actually, she sent an email to just me@craigpeterson.com, and I got her phone number called her back, and I had my lead tech and myself on the phone with her for probably about 15 minutes going through. Okay. So here’s what you have to do to respond. So I think it’s essential for everybody to understand this.
[00:03:01] This Colonial Pipeline cyber attack was ransomware, but it wasn’t like that original ransomware that I saw all those years ago where you’re crossing your fingers, et cetera. It has advanced to the point where this company has now made this cyber attack business an actual commodity for lack of a better term.
[00:03:25] Quite literally, it was called the DarkSide. They’ve been around for about a year. And apparently, the people that are involved with the DarkSide have been doing ransomware for much longer than that. But what they’re doing now isn’t just, Oh, take a gamble, and maybe you’ll get your decryption key.
[00:03:44] Maybe the decryption will work. Nowadays, they have turned it into a truly professional organization. There are tech support people that you can talk to. You can call, you can have an interactive chat with them. The ransomware is very careful to make sure that you can still use the online chat features in your windows machine or whatever they might need to communicate with you.
[00:04:14] And the tech support people 
[00:04:15] will 
[00:04:15] Craig Peterson: say, Oh yeah, some, I’m sorry that happened to you. Let me help you fix it. What you have to do is go to this website and buy Bitcoin. First, you have to set up a wallet. All of this was just so complicated. People weren’t able to figure it out. So they now, with their tech support, will help you.
[00:04:34] Find a place to buy the Bitcoin help you set up a wallet, help you put your more money into that Bitcoin wallet after you bought some fractional, probably Bitcoin, because they’re worth quite a bit right now. And then. They’ll help you to send that money from your Bitcoin wallet to their Bitcoin wallet.
[00:04:59] And then they’ll help you run the software to decrypt your files. This is pretty complicated, and these guys, a DarkSide, understood that. And that’s why they did all of this tech support type stuff, but they’ve taken it. I yet a step further, this gang-like DarkSide in there. They’re not the only ones DarkSide.
[00:05:23] They’re just the guys that we think went ahead and hacked the colonial gas pipeline, but they’ve taken it to the step now where they are selling ransomware as a service. You can approach to them and pay them. And quite a while, you’ve been able to buy ransomware that you could use. You had to find the email addresses.
[00:05:47] You had to send it out. You had to do this, but now for a down payment and a percentage of your take this gang will go ahead and do everything for you. Including sending it all out. They’ve really professionalized this whole Industry of crime, of ransomware crime, of course. And we’ve talked about this on the show before they also will go the next step and what the next step is in this day and age is.
[00:06:19] When they get into your machine before they encrypt anything, they have a human being who looks at your machine. So the machine calls home. And I want to tell you how to stop them from calling home. Because that’s going to stop most of the ransomware, but it calls home and says okay. I got somebody.
[00:06:39] And so the bad guy now, because that connection’s opened up to call home. Can now hop on to your computer, unbeknownst to you. It’s not as though you’re going to see the mouse moving or screens changing. It’s all happening behind the scenes. And so they’re on your computer. They look for files. They think might be of interest.
[00:06:59] Those files get uploaded to them and they try and spread laterally. And a lateral spread means that they see, yeah, here’s some machine that we have compromised. This looks interesting. What other computers on the network? Is there an active directory server, some sort of a file server network-attached, storage, other computers what’s out there.
[00:07:25] They will probe your network, which again, if you’ve got good network equipment, you’re going to see that probe happening and you’re gonna be able to stop it. But most people don’t write. And including some of these big businesses that just aren’t paying enough attention to how the bad guys operate. Now more than they knew.
[00:07:45] The Colonial Pipeline huge multi-billion dollar company. Okay. You now know more than they do in what order we eight minutes into their show today. So they will look around the network, spread laterally, take control of other machines. And they try all of the known ways of getting in. And of course, if you haven’t patched your machines and haven’t kept them up to date lately, it seems like Microsoft is releasing patches a couple of times a week, just like the old days.
[00:08:15]Microsoft fixed that problem. So you no longer had to patch once or twice a week? Yeah. How did they fix it? No, not by fixing their software. I know. No, I haven’t forbid know what Microsoft fixer software. No, what they did is. They came up with this concept of patch Tuesday. So once a month, they’ll just release all of the patches for all of the vulnerabilities that have been found that they know about and that they could patch readily.
[00:08:44] Is that insanity or what? So on average, they were leaving. You exposed for one, let’s see, half of a month would be about 15 days. So there you go. About 15 days you were completely exposed. It’s this whole thing is insanity. I just, I don’t know why people aren’t paying attention to it. And I talked to small businesses, and basically, they have their fingers crossed, and they don’t think it’s going to damage the reputation, even if they do get hit.
[00:09:14] But these guys are gathering all of this data from all of your machines inside your network, including your home network. Although they’re not as interested in this. If it’s just a little home network, other than if you are working from home. Okay. Are you silly enough to use a VPN? That’s not configured right.
[00:09:35] Or the wrong kind of VPN. Okay. Hey. Yeah. So what we’ll do now is we will spread laterally. Over to the business computers and all of the other people working from home that are also VPN in, in, properly into the business network. So they can just spread like crazy. It’s, it is absolutely amazing that we’re not doing more.
[00:09:58] I’m not calling for the feds to get involved with this cause they will almost certainly make everything worse. I’m just shaking my head here thinking about all of the potential problems they can’t even get. This whole net neutrality thing straightened out, but DarkSide then has your files. And they do what I talked about a couple of weeks ago here in the show, they hold your files ransom by threatening to release them.
[00:10:24] Look at what happened to Metro PD, the Metro police department in Washington, DC, just a couple of weeks ago. Yeah, they got into Metro PDs, computers, they spread laterally. Hey, look at what we found. They threatened to release these files. They had found of all of the confidential informants there, phone numbers, addresses names, cases that they’re involved with, et cetera.
[00:10:52] Yeah. Again, they’re not taking it seriously. There’s a lot we have to do.
[00:10:58]There is a huge problem out there right now. And the problem has to do with these ransomware gangs. And there are quite a few of these gangs out there, frankly. And one of them called DarkSide has nailed the Colonial Pipeline. What happened is the ransomware got into their network. We don’t know the details yet.
[00:11:21] I’ve heard a lot of rumors. I’m not sure. And it started spreading inside the network. Again, you don’t have a lot of details. I’m sure I’ll find them out. And when I do, I will share them with you, but it spread. And the guys over at Colonial Pipeline said we better shut down the pipeline. Because we don’t want the ransomware to cause serious problems thinking about what could happen with a pipeline, you could go overpressure, which could cause the pipeline to burst valves might not close that are supposed to be closed.
[00:11:56] It’s going to really affect the whole flow of everything in the pipeline. And remember too, you have one pipeline that carries multiple different fuels, so they stop it. From carrying gasoline, for instance, it switched to diesel, they switched to jet fuel. They switched to gasoline. They switched to home heating oil.
[00:12:16] All of those are carried by Colonial Pipeline. I’m not sure if they’re all in one pipeline, that’s just send-up. Okay, we’re sending gas now type thing. Or if there’s actually multiple physical pipelines inside, I’m not really sure, but there is a lot that could go wrong. Either way, just based on the fact that they don’t have the computers to control the vows, to control the flow, to monitor everything that needs to be monitored.
[00:12:44] Monitored. So DarkSide is at the very least holding their computers hostage. We don’t know at this point, if Colonial Pipeline is going to pay the ransom, we don’t know if there’s going to be a backend ransom. As I explained a little earlier, we’re seeing now these. Bad guys. Not only saying pay us now in order to get your files back, but pay us now, or we’re going to release all of your data.
[00:13:16] I’m not sure Colonial Pipeline has that much data because they. Probably only have a very limited number of customers. So something might not happen there. The obvious data that they’d be concerned about is what I was contacted about just this week bank accounts, what happens if the bank accounts broken into stuff is stolen, what do you do?
[00:13:40] And how do you deal with this? So these. Types of attacks are becoming much more frequent and it’s very concerning to all of us. For a couple of years, I ran the FBI InfraGard webinar program and we talked a lot about. Protecting our critical infrastructure, but the critical infrastructure is more than just the electric grid or the fuel pipelines.
[00:14:09] Frankly. It includes almost every business because if a business isn’t critical, how could it possibly stay in business? Okay. You might argue how about the tourism industry? Is that critical? I don’t know, ask the people that work in the tourism industry, if it’s critical to their jobs or not.
[00:14:29] We have to defend everything and ransomware attacks, according to commerce, secretary Gina Raimondo. Are what businesses have to worry about now. So it’s a real problem, but they’ve got a Homeland security involved in investigating this. They’ve got, of course, the FBI involved investigating it, and they’ve brought in some third parties.
[00:14:56] And w the one that looks to be the prime, I’m concerned about, cause this is not what they do, but they’re saying it’s an all hands on deck effort right now. She said we’re working closely with the companies, state and local officials to make sure they get back up to normal operations as quickly as possible.
[00:15:17] And there aren’t disruptions in supply. We already know. There have been some disruptions. I think it was South Carolina declared a state of emergency this week. There’s a more than 1800 fuel stations, gas stations that are out of fuel. Some of it is attributed to what we’re now calling the toilet paper response where people are saying, Oh no, there’s not gonna be any gas.
[00:15:43] I better go buy gas now. And some people are bringing cans and cans to fill up as always filling up all of their vehicles. So it is a problem. Now, I’m going to talk a little bit more here about how ransomware gets in so that we can then give you some solutions. And if you have to drop out, I understand you can listen to this whole show as a podcast, just go to Craig peterson.com/podcast, and you can get all of the details there.
[00:16:19] I even post. These automated transcripts, they’re not like an absolute type of transcript, but it’s pretty darn close. So again, Craig peterson.com/podcast, and you can listen there if you miss part of it today. Ransomware has to get onto your machine. Now there’s a few ways it can get onto your machine.
[00:16:42] There are a number of different types of attacks, but the biggest one that’s typically used is called a Trojan attack. And a Trojan attack is kinda as the name implies. You think that it is something other than what it is, the Trojan horse. So the software that supposedly your friend sent you by email that you’re downloading, it’s not really good software.
[00:17:08] It’s really ransomware disguised as maybe a Microsoft word document macro. There’s a lot of things that it could potentially be, but. That’s one of the ways and the most common way gets in there are other ways as well. They can exploit vulnerabilities in software that you’re running. So if you’re not keeping your machines patched up to date, it could get in using either a zero day attack, which.
[00:17:38] Yeah, there’s nothing much you can do about those other than having a great firewall. So that’s why I recommend having a real high end one, a good Cisco firewall. There are some other brands out there that are pretty darn good. And there’s reasons that I like the Cisco over some of the other ones and it is what we sell, because I think it’s the best out there.
[00:18:00] But having a real high-end firewall can talk. Stop these zero day attacks. Zero day attack is where thethe bad guys are using a vulnerability in your computer. That is currently unpatchable. The vendor, Microsoft, whoever it might be, has not come up with a patch for yet. So the bad guys say Hey, day, let’s just get into machines and then they can remote control your machines, install the malware, usually the ransomware nowadays and go off on their own.
[00:18:34] That’s the number one way they get in. Now, if you’ve been listening to this whole show so far today, that what has happened is once you have the ransomware that ransomware calls home, Now there’s a number of different pieces or classifications of software that call home. One of them is ransomware.
[00:18:57] So it gets on your machine. It calls the bad guys up and says, Hey, here I am. What do you want me to do? And usually the bad guys. If it looks like a decent target, hop on your machine, poke around, try and spread laterally. As I explained, in some cases, what it does is it just uses your machine, particularly if it’s just a home machine and there’s nothing particularly valuable on it.
[00:19:20] It uses that whole machine now as part of a botnet, and it uses your machine that it’s taken over to attack other machines. And unless you’re paying a lot of attention, you probably don’t even know that it’s happened.
[00:19:37]What do you do here with ransomware? He gets in, it looks like it’s something that it’s not most often, it’s a Trojan. Sometimes what happens is the bad guys are sending it all in because of a zero-day or more than likely because you haven’t applied the patches to all of the software that you need to patch.
[00:20:01] So there’s a few different things here, right? That, that you gotta be careful of. So do those, you hear it a million times. The next thing you can do to help prevent this from happening is to make sure your usernames, email addresses passwords are unique for every site you go to. Because some of these bad guys just go to the dark web, they can download for free your email, address your password from hundreds of websites.
[00:20:35] Yeah, it’s available for them. It’s been stolen, and it’s been released in some cases, they have to pay for it, but, overall it’s well worth their money spent to find out your username and password. So if you are working from home, let’s say you’re a homeworker for, let’s say Colonial Pipeline here, making stuff up right now, a nonexisting company, and you’re at home.
[00:21:01] He was supposed to be monitoring the pipeline, make sure the right valves are open when they’re supposed to be open, make sure the fuel is flowing. Make sure all of the bills are getting paid invoices going out. And you’re just doing it from home. And in fact, you got a nice little laptop set up in the corner of the bedroom, on a table.
[00:21:20]It’s, it’s the life. And then. All of a sudden you’re losing control. Just what I, I know of two water systems where this happened. Yeah. Yeah. All of a sudden somebody finds your username and your password online and that email address. Yeah. Yeah.
[00:21:41] joe@colonialpipeline.com. Perfect. Okay. So let’s look in the dark web. Oh, here’s Joe’s. Password that he used over on LinkedIn back when we stole all of those LinkedIn usernames and passwords and emails and everything else. So let’s just try that because we see that at colonial pipeline. There’s this remote desktop server.
[00:22:07] And we know that. Yeah, because we scan them in. There it is today, remote desktop server, you know what they eat the named it remote desktop, RDP dot colonial pipeline.com. Of course, we’re talking about a fictional company here, but it’s only now God, I use their name and email address and a password that has been used by Joe on one or more other websites.
[00:22:31] So what do they do? They say. I’m going to try. Let me see. Let me see. I’m going to connect right now to the Microsoft remote desktop server at colonial pipeline. And let’s try and log in as joe@colonialpipeline.com and let’s cut, copy and paste the email address that he was or a password he’s using it.
[00:22:51] LinkedIn, you know what I just noticed he uses the same. Password even a few years back over at Facebook. So let’s just try it. Oh, look at that. I’m in. I’m in. So what’s the next step? The next step is, of course, they start to poke around a little, can I take control of this machine? Let’s download my ransomware onto the machine.
[00:23:13] And of course this fictitious company known as colonial pipeline. They don’t have a really great firewall that looks at it. Everything that’s being put onto a machine downloaded. So it’s not even going to notice that we’re installing the most common form of ransomware on the internet today. So let’s get that on his machine at work.
[00:23:35] Okay. At Tonya’s machine at work and off. Okay. We got it. We’re the remote controls working. So let’s just connect from the remote. Desktop server and okay, so we’re in now, let’s see what other machines we can find on their network and off they go, this fictional company now because Joe had a username and a password that he has used before on another website, they were able to get into our fictional company.
[00:24:06]Does that make sense to you? So now they’re inside, they’re moving around. They’re taking control. They’re finding the computers that are used to control the valves, the flow of oil, or whatever’s in the pipeline. This. Day and okay, so we’re all set. So let’s go ahead now because we’ve got all of their files, including all of their banking information while we were in there and 
[00:24:31] we 
[00:24:31] Craig Peterson: grabbed all yeah.
[00:24:33] All of the account numbers, all to their customer info. So let’s let it loose. And now they start encrypting all of the data. And by the time this fictional pipeline company has figured out that they’re on there. Guess what? Yeah. In fact, what happened was they found out that they had been hit with ransomware because the ransom messages came.
[00:25:03] So that is how it could happen. And that could happen to almost any company out there. And the reputation damage is enormous. The amount of money that is going to cost them is enormous. It’s more than doubled in the last year. The cost on average now is over $1.2 million because of a breach and ransomware.
[00:25:29] And so now they’re in big trouble. Really big trouble. So how could you have stopped this? That’s where life gets interesting. And I have done a number of webinars on that very thing we’ve delved into in some detail, it’s been about a year and I’m thinking what I’m going to do is just put together some little courses that if you’re on my email list, you’ll find out about just little free things in order to help you guys understand this a little bit better.
[00:26:00]So I’ll make sure you’re on my email list. Craig peterson.com/subscribe, and I’ll explain it all. So here’s what you can do. First of all, get a various smart, next generation firewall. Now, one thing about cybersecurity that you’ll find is there are a lot of criminals out there. A lot of criminals and.
[00:26:25] I’m not just talking about the people that put ransomware on your machine. I’m talking about the people that are telling you to buy their VPN product because it’s going to make you safe, and they’re lying about it. And they’re really lawyering their words. So that, that perception that you have is somehow you’re going to be safe.
[00:26:43] I’m talking about the people that will sell you this. Anti-virus software that not only do not need but could potentially open you up to even more security problems, just like the VPNs can open you up to more security problems. It is full. Of criminals. They just haven’t been convicted yet. Okay. So it, it’s definitely a problem, a very major problem for so many people and you just don’t know.
[00:27:14]So that’s why I want to make sure you guys understand why it’s happening and the how it’s happening to can. Then go on to the next step and what do I need to do to keep it out? So a really good next generation firewall, by my definition, means that firewall is going to examine all data coming in and going out.
[00:27:40] So it’s going to be able to look at anything that’s encrypted at websites that are encrypted at data that’s being downloaded at zip files that are being downloaded and check the payload to make sure. That it is legitimate traffic. Okay. It sounds easy, but again, there’s so many criminals in the cybersecurity business.
[00:28:03] You have to look very closely stick around.
[00:28:06] So if the bad guys have control of a machine and they are trying to download some malware, in this case, ransomware, the firewall is going to see that and stop it right there.
[00:28:20]Most firewalls, all they’ll do is block certain ports, or they will stop as someone on the outside from getting. To the inside, but what about you going to a website and downloading accidentally, or maybe purposely downloading some software? That’s malicious. Or what about some guy the got onto your computer via your VPN connection or your remote desktop or team viewer, et cetera.
[00:28:51] And now has control of your computer. You have to watch all of the data coming in, going out, and it all needs to be checked for. Any sort of malware. So that’s one of the first things we always do. Now. The next thing has to do with your computer. I’m going to focus in on windows because that’s what most people have.
[00:29:14] Nowadays. If you have a Mac, you’re relatively safe. If you have a Google Chromebook again, You’re relatively safe. Just keep them up to date. All right. But windows, windows is a whole other world and you know how much I love windows. Yeah, not right. And I worked on it way back when in the empty days.
[00:29:39] Anyhow. Microsoft Windows has built into it. Now, some very good software that can help protect you. Windows defender, make sure windows defender is turned on and is up to date. If you have windows. And it’s a recent version, and you need to be running a recent version of windows. Then you have access to windows defender, turn that on.
[00:30:08] And windows defender again, keeps an eye out for malicious software. Oh, really? Who knows windows better than Microsoft? I would argue there are some people, but as a general rule, Microsoft understands what they’re doing here. They have kept it up to date, right? They have had major security problems in the past with windows, the vendor itself, but most of those are fixed now.
[00:30:33] And to me, the measure of success isn’t, Hey, it’s a hundred percent secure because you and I both know that’s a load of cow stuff, because nothing’s a hundred percent secure. And whether it’s made by Microsoft or it’s made by Cisco. There could potentially be problems. So Microsoft has fixed the known problems anyways, in windows defender.
[00:31:00] So make sure that is turned on. That’s the first free tool I wanted to mention, and it is huge. The next one is, of course, make sure you’re up. Dating your machine. I don’t mean just windows, make sure all of the other software in your machine is being updated. If you’re using a browser like Firefox or even Google Chrome, I have issues with Google Chrome from a privacy standpoint, but at least both of those browsers and many others that are based on either one of them, the both of those browsers do.
[00:31:36] Update themselves automatically. So that’s like a huge win. So they’ll keep themselves up to date, but most of the Adobe software won’t keep itself up to date. Most other third party applications that you might’ve bought and installed on your computer or downloaded. They’re not going to keep themselves up to date.
[00:31:56] So keep on top of that. That’s the second thing you can do. That’s usually free. I would say usually because Microsoft does sometimes charge you for upgrades. I’m not sure they’re going to do that anymore. The whole naming scheme and everything else, numbering scheme for windows indicates that maybe they’ve dropped that idea.
[00:32:18] Yeah. But some of these other vendors might charge you for new release. So let’s say Microsoft really decides I’m working on our climb down. We’re not going to let this malware continue to give us a black eye. And so they changed the way parts of the operating system work. And so that software you’re using for your customer management billing, whatever might be requires an upgrade, which of course that vendor’s going to call a major upgrade.
[00:32:45] And now you’ve got to do the app. Great. And you’ve probably got to pay them in order to get your hands on that upgrade. So that’s why I said usually free, not always free. Microsoft also comes with a firewall, and I use that term very loosely because it’s an old style firewall. It is just protecting data on certain parts.
[00:33:10] And Microsoft does a very poor job of configuring that firewall. Basically, Microsoft doesn’t want any tech support calls. So they pretty much turned on all of the features that you could possibly have. And when it comes to the firewall, they just leave them all wide open. To me, that’s a huge problem. So yeah, the firewall is turned on by default on windows.
[00:33:38] It is by the way off by default on your Mac. And both of those companies take much different approaches on the Mac. Nothing is enabled that doesn’t, isn’t explicitly turned on. So there’s not a whole lot of reason for a firewall because you don’t have a file server running on your machine. SMB file sharing.
[00:34:00] You don’t have a way a web browser running on your machine, et cetera, et cetera, all of that stuff you have to turn on manually. So on windows. I’ve I have a course that I haven’t released yet. That talks about how to harden windows. I did my improving windows security course. I released that in April of 21 and a lot of you guys signed up for it and I’ve had nothing but great feedback, a few legitimate.
[00:34:28] Questions people have, but great feedback over the course. So I’m going to have to do one on specifically the firewall on, on windows and maybe the windows defenders as well, but you’re going to want to turn off any services you’re not using. And I do describe that in the improving windows privacy and security course.
[00:34:50] So if you took that. You’ve Oh, and you did it. You’ve got really your mission locked down. Noah came anyways. I’m rambling. Next up. Remember I said that the malware calls home, both ransomware malware, calling home to say, Hey, look what I found. You want to have a poke around. And another piece of nastiness called a botnet.
[00:35:18] Where the button that will again, call home to the bad guys and say, here I am, let me know what you want me to do. And very frequently they’ll use your computer. It might be a home computer might be a business computer. They love business computers because usually they have a better internet connection.
[00:35:37] And they’ll use your computer. Just send out a hundred million pieces of spam to any email address they can find. And once they’ve done that, of course, what’s attached to that email while ransomware or other nastiness that’s out there. So how do you stop them from calling home? Again, the non-paid or the paid, I should say option is a really good next generation firewall.
[00:36:05] So we had a client that has an office here and an office that’s out of state. And what happened was one of their of state offices had connected in via a VPN that we had warned about. And being in properly set up and configured and protected. So they came in on that VPN, the bad guys did because they had control of these out-of-state computers and they found accounting files, and they started to upload them.
[00:36:38] So we had a really good next generation firewall from Cisco in place of firepower firewall. And we’ve got all kinds of equipment in our data center that, that controls all of that, but it saw, wait a minute. There’s data being exfiltrated we’re seeing in their account information potentially. So I would shut it right down.
[00:37:01] So they got a few megabytes worth of data out and that’s it. We shut it right down. It was all automatic. And then it informed us, Hey, look at what we just did. You might want to have a closer look, which of course we did do. So having that next generation firewall that can recognize data coming into your network and going out of your network is crucial.
[00:37:27] The other thing that you can do, and you can do it for free or paid, the $50 a month charge that we have for endpoint computers. In other words for desktops is includes a paid version of this. Which is more advanced, but you can get it also for free. And it’s obviously it’s not as good and as many options, et cetera, et cetera, not men really for business, but checkout open DNS online.
[00:37:58] You can go there right now. Just open D N s.com. Open-domain name server.com. And you can find out how to do it there, but it is as simple as setting your name servers to the addresses. You’ll find right@thebottomoftheopendns.com homepage. So you’d set it to two Oh eight 67 two two two-dot two, two, two.
[00:38:26] And. Let it do its thing. So what happens now, once you’ve set up your DNS using open DNS, and again, you can get it for free and the low end. And then at the higher end, it’s called Cisco umbrella and a lot more features, but when the bad guys trying call home, they need to convert the name of their server.
[00:38:48] Into an internet address and open DNS is updated quite frequently. I know the commercial versions that we have are updated instantaneously 24 seven, whenever anything is discovered. And I think the free open DNS is pretty close to that. So put that in place. Do some of these other things I’ve been telling you about, and you’re going to be 95% ish safe.
[00:39:17] That’s pretty good. Isn’t it for nothing plus the firewall, which can cost you some real money. Some of these real fast firewalls can cost over a hundred grand for a very large business, you can start at just a few grand anyways.
[00:39:32]Colonial pipeline. Of course it hit the East coast hard. It particularly hit the Southern state, some of whom declared States of emergency because of what was happening, panic buying. I don’t know if you saw the pictures of people with a gap, with a gas in.
[00:39:51] Trash bags, clear trash bags, people buying every fuel can, they could fill it up with gasoline, somebody dangerous things. I remember back in the sixties, a friend of my dad’s had this beautiful Corvette. I’d love to have one of those nowadays, and he needed to get some gas for the lawnmower. So we went down to buy it, and he had a gallon jug that he filled up with gasoline.
[00:40:17] Oh, my gosh. And we had this glass one gallon jug in the back with me. This was the Corvette where there was that little, a two piece window in the back. And that’s where I was just a little kid. What happens if you’re in an accident? It just, these people who are doing this are crazy. Plus the gasoline is almost guaranteed to break down that trash bag.
[00:40:43] This it’s just not true. What people have been doing. No man, no wonder people have been calling it the latest toilet paper fear, right? Where everybody went out to buy toilet paper, but this is a real. Problem. We’ve got Saudi you do remember this Aramco. They were probably hacked by Iran about a decade ago, and we’ve seen hacks against all kinds of other utilities, these public service, if you will utilities that provide us with.
[00:41:14] Pretty much everything that we need for our daily lives. And colonial apparently had a cyber health assessment about five years ago, give or take. Now it sounds like it was the same thing that we do for businesses, a paid one versus the free ones. And I’ve got. A checklist that you can use.
[00:41:36]I’ll send it to you. All you have to do is ask me for it. And you can use that to get an idea of what are the things you should be doing to prevent this. What are the things you can do as well? And if you listen to the first hour today, show of course, I went through some of the free things you can do as well to help prevent all of this sort of thing.
[00:41:56] So they did go through a cybersecurity analysis. Apparently, they did not follow through on all of the recommendations. And as I started out this segment today, one of the things that’s really probable, probably behind this is because they didn’t know what they needed to do. So many of us are using people who are great people.
[00:42:22] They love computers. They’ve been learning a lot about cybersecurity, but none of the snow, everything. And unfortunately, so many of us just don’t know enough. And we’re talking about over one, 1 million to 2 million open jobs in cybersecurity. So everybody’s hanging up their hat. Everybody’s putting out a shingle saying I’m a cybersecurity expert person.
[00:42:47] I’ve got months, even, maybe even years worth of training. That’s all well and good, but you still need to have a third party come in and look, and then you have to follow the recommendations. That’s the other big problem I found is businesses just not following the recommendations. And then we get calls back in on average.
[00:43:08] I think we figured it out a couple of months back. It was like eight months after we do a cyber health assessment for someone they come to us and say yeah, we got hacked. Can you fix this for us? And in some cases, we’re able to close things up and help them out. Just like the phone call we had this week.
[00:43:25] And they had taken some of the right steps to make sure that they shut down these hackers. But there’s a lot of things I just plain didn’t do. And that’s a problem, right? We have government contractors that are subs, and sometimes these guys have the primary contracts, and they’re out there in the front line.
[00:43:48] They have potential prison terms. If data is stolen, Now this last week, this week, right this week. Okay. It’s Saturday now, president Biden signed an executive order that is starting to put teeth into these laws. If you even sell something to someone that ultimately has a contract with the federal government, you’ve got some serious liability now.
[00:44:18] If data is stolen and we could get into a lot of details because it happens all the time and people have businesses and they say I just make X product, but the only customer for product X is the government. And you just had all of the purchase orders stolen. And think about Hogan’s heroes, right?
[00:44:40] If you remember that show back in the sixties and early seventies and in the whole Cogans heroes, what ended up happening is they were looking at it all saying what should we do? What can we do? When we’re were to get a little bit of information and they do everything they possibly could to get that information back to London.
[00:45:00] And sorry about that. A little phone ringing here. So they’re trying to get all that information back to London. Some of it, they got back, some of it, they didn’t get back, et cetera, et cetera. But just that little bit about wait a minute, now they just bought 50 of these. Therefore we’re thinking that the military.
[00:45:19] Is now starting to expand and is going to be doing this or doing that in this area, that area, right? Those little bits of information are valuable, not just to someone like Iran or to Russia or to China, it’s valuable to competitors. So president Biden’s latest little executive order is really starting to.
[00:45:44] Bite into all of these contractors that have been, as we call a pencil whipping forms. Now the SPRs forums as the type of form, they have to go online. They have to report about what their compliance is for their cybersecurity maturity. They don’t know what they’re doing. They don’t know what they’re filling out.
[00:46:01]I’m thinking maybe I should go ahead and. Put one more little trick into this whole thing. And that is have a a service where we help businesses fill out their paperwork and understand it. But the reason I haven’t done that is because the businesses that I know that have been lying on these forums, pencil whipping the forums, they don’t really want to know.
[00:46:29] Cause then they have plausible deniability. So how do we solve this problem? It really bothers me, frankly. When we come back, I’m going to talk about these five urgent actions that are happening right now, where these 65 businesses, nonprofits, and NGOs have formed this ransomware task force.
[00:46:51] What this is about, what it’s hopefully going to help everybody out with. But I want to really emphasize again, do you guys. Make sure you have a good cybersecurity health assessment. You have to have that. And if you get a cha cybersecurity health assessment, I’m more glad this end of the paperwork, you can do it yourself.
[00:47:14] Okay. The basics and you know what else I’m going to do. I’m going to have a training on this. That’s available for free. I’ll put that up on my website so that you know what each one of those questions really means. It’s so that you can now. Have a good look at your cybersecurity. Cause I know a lot of you guys you’re retired.
[00:47:34] You have some money that you’re trying to protect from these bad guys. A ton of you guys are small business owners like me, right? I’ve owned and run small businesses for decades now. And. We just are focused on our businesses and just don’t know everything we need to know. We don’t even know what we don’t know right.
[00:47:56] About cybersecurity. So I’m going to help you with that. But when we get back, we’re going to talk about these fights. If you want to reach out to me, if you want a copy of any of these cybersecurity health assessment forms. I’ll send them to you. No problem. Just email me. M e@craigpeterson.com or reply to tomorrow’s email.
[00:48:17] If you’re on my email list, I’ll be glad to get that off to you. No problems, no questions asked. I’m not going to be harassing you. If you want us to do a deeper dive, where we look at your systems, we scan them all. We help you prioritize it. We put together a series of steps that you can take to make sure all of the  is done in the order that it really should be done in.
[00:48:42] Yeah. Be glad to do that, to that, to pay the assessment. There are a number of companies out there that do it. There’s about 1200 nationwide. So you should be able to find somebody if you don’t trust me, I get it. That’s fine. But get one done, get a very good one done and go deep into it. We’re also hopefully going to be able to get into some of the other articles, and you’ll find all of these, of course, in tomorrow’s newsletter.
[00:49:09] And you can get that by just going to Craig peterson.com/subscribe by Google, wants people to use two factor authentication, which I think is a great idea. So it’s going to start turning it on for you guys. App tracking. Apple has just gone above and beyond yet again in helping to keep our data secure.
[00:49:30] Thank goodness, not just secure, but. Private Peloton man. They’re hurting again. Total mess up on their part again, cybersecurity, absolutely cybersecurity problems.
[00:49:42]Now we’ve mentioned here in the last hour about DarkSide ransomware, and these are groups. Both bad guys that have been doing ransomware for a long time and more lately, they’ve gotten together and built a company and this company actually sells ransomware services. Now I don’t mean that if you’ve been hacked to go to the DarkSide and say, Oh my gosh, we got ransomware.
[00:50:10] Fix it for us. No, they are selling. Ransomware as a service and the hers there. There’s a huge problem with this. It’s just absolutely amazing, but there’s some security researchers out there who have been trying to find out okay. Who. Is using them. So let’s give you a couple of numbers here. So you have an idea of how much money DarkSide is making by selling this as a service.
[00:50:40] So they, they do everything. They write the software that holds your stuff ransom. They go ahead on that software, and we’ll do tech support, not just for the people that have licensed their software, but tech support for you. The poor ransom me. Okay. All of that stuff, but according to what is in, let me see ZD net.
[00:51:05] They went and had some researchers check out the DarkSide, ransomware variants website, and there’s some forum posts there that indicate that affiliation with DarkSiderequires 25% of the cut for ransomware payments under 500,000. And it has a sliding scale. So if you can ransom somebody. For more than 5 million, all they want is 10% of the money.
[00:51:36] Can you believe this talking about a real business? It’s just incredible. So they are out there and they are really rampant now. And they’ve been doing it since last summer, this whole double extortion tactic and something they’ve really fine tuned where they say pay us. And we will decrypt your data. At least we’ll give you the key and help you decrypt it, or don’t pay us now, but pay us later.
[00:52:03] So we don’t release your data. As I mentioned, that’s what’s happened with the Metro DC Washington DC police department that got the data out of the police department, and they’re threatening to release it. If the DC police don’t pay the right money to them. So these guys, these researchers and this particular cases, fire, I said, they have found five groups that are doing rants that are linked with the DarkSide, bad guys.
[00:52:36] And they’ve got these letters, numbers. It’s not real names. It’s just what they’ve been labeled. But the, I wanted to go through here. What these. Different affiliated DarkSide, ransomware gangs are doing so there’s one where there’s was to start with one we’ll run through all five and what their tactics are.
[00:53:00] But this first one, which is identified as UNC 26, 28 has been active since February this year. Now, remember how I mentioned how they’ll get into your network and then they’ll start to move. Laterally within the network, they’ll try and infect other machines. If they get onto your home machine, they’ll go through the VPN that you’re using to connect to the office.
[00:53:21] And. Once they’re there, they’ll start spreading between office machines. And there’s some thinking that has actually happened in the case of the colonial pipeline. We’ll know more details. I hope fairly soon I’ve been watching what the FBI has been saying. They send me updates, but I haven’t seen anything.
[00:53:41] That’s publicly shareable at this point in time. Anyways. So this lateral movement is where they’re really going to kill you. And this first group tends to move quickly from the initial infection where they get the software on your machine. And they’re only lurking on your network for two, two to three days before they start the encryption.
[00:54:06] That’s all the time it takes for them to find all of your machines. Now they use suspicious authentication attempts, brute force attacks. Spray and pray tactics, all common spray and pray means they’re just looking for anybody out there. They’re not going after a specific target. They’ll find your home, the computer and bam they’re in and they’ll just take bank account information, or they might use your machine for attacking other people, including by the way, attacking governments and governments don’t take well to having your computer attack them.
[00:54:40] Okay. So they. Apparently, I’m just trying to summarize all of this as we’re going, but they get their initial access through legitimate credentials for corporate virtual private networks. What have I been telling you for a long time? VPNs are not the panacea. Most people think they are, and they purchase it from other criminals.
[00:55:02] Next group, 26, 28. Is thought to partner with other of these services besides DarkSide and includes revival and net Walker. Another one has been active since at least January, they moved from initial access to ransomware deployment at an average of 10 days. So it used to be about two weeks. And that’s where I’ve been saying for a long time, that most of the time when you get ransomware, They’ll be in your network, poking around for a couple of weeks, but it’s been so profitable.
[00:55:36] They may well hire more people and spread more quickly. So instead of 14 days is now down to three to 10 days. According to this report, I’m looking at right now, from what FireEye has said and fire, I do do investigations of these types of things. And in fact, they got involved in some political stuff, not too long ago as well.
[00:55:57] Team viewer home. My gosh, Microsoft team viewer. It’s abused to maintain the persistence in connections. That’s where they can continue to be on your machine. Get on a compromised machine, and then they exfiltrate your files before they encrypt them. Next one here, dating back for a little over a year.
[00:56:20] They use a phishing name. Emails to deliver this DarkSide ransomware, and they use a smoked ham net backdoor. So there go here. This group can wait on your network and lurk for months ahead of when they actually fire up their ransomware and our friends. Over at Sofo said that they’ve been called in to assist on five different instances of DarkSide ransomware infection.
[00:56:52] So there’s a lot to know there’s a lot to be concerned about, but remember they get in blocking them. The way I told you in the last hour is really going to help. It’s going to stop more than 95% of them, and it doesn’t have to cost you a dime. Mind you, the paid versions are going to be better, but that’s the way that is.
[00:57:13] And we also now have these 65 businesses, which includes some nonprofits, government organizations, and formed this ransomware task force. So that’s, I think good. News to all of us world economic forums involved in this as well. And they’re just trying to really help. Now, what I get concerned about is the government’s involvement, and it’s one thing for the government to follow up after an attack.
[00:57:44] Okay. And it’s another thing for the government to provide general information. In fact, you can find it. The small business association has quite a bit of stuff, not as detailed. I don’t think it’s anywhere near as good as the free cyber health assessment forms that I can send you. But they, we do have it.
[00:58:01] A lot of places have it, and it is well worth looking into. I, so yeah, here we go. Average downtime due to ransomware attacks, 21 days, get that thorough cyber health assessment done. Now whether you do it yourself, you hire somebody to come in and do it. Or we did 1100 of these last year for free for listeners and their businesses.
[00:58:29] So more than glad to do it as well. Just email me@craigpeterson.com and I’ll get all the info out to you.
[00:58:36]Look at what’s happening right now with.
[00:58:38] The whole colonial pipeline thing, and I am more than glad to help you guys out. And all you have to do is just go ahead and email me M e@craigpeterson.com. All right. Getting down to it here. Two factor authentication. A lot of people have started using. Text messages as part of two factor authentication.
[00:59:02] So for instance, you go to a website, you put in your username, which is usually your email address, which is a bad idea from these people that coded up this terrible software, right? You should be able to choose your own username, so you can have a different username on every website, and then you put in your password.
[00:59:19] And of course you guys. Best and brightest, you are using different passwords on every website, and hopefully you’re also using a password manager to keep track of it all. I were really surprised. I looked at it. I had 1200, 1200 different. Accounts on different websites. So then you probably have more than you realize, but SMS, text messages are not the best way to do two factor authentication.
[00:59:53] The idea behind a secure system, just a regular login security is, do have something, along with something you have. So there’s something, is your username and your password. Something you have. That’s a lot different, isn’t it? And having your phone with you that can receive a text message is not really going to protect you, especially if they are out to get you.
[01:00:17] So if you have a fair amount of money in investments, maybe you have some Bitcoin, et cetera, many. Times now there are a lot of examples I can cite of people who have had their phone number hijacked. So the bad guys remember the, all these data, leach data breaches, these leaks, where they’ve got your username, they’ve got your password, they’ve got your phone number.
[01:00:42] So if they really want to take over everything, all they have to do is. Grab ahold of your phone number, because most of the time, how do you recover your password on our site? Oh, I just go ahead and have it, send me a text message. What happens if instead of that text message going to you, that text message goes to a bad guy because they’ve taken control of your phone number.
[01:01:07] It happens. It happens every day. So Google has an idea that I think is a pretty reasonable one. And Google has for a long time, had an app called Google authenticator. And I used that when it first came out, and I played around with it a little bit nowadays I’ve been using duo, and I’ve got, go do all set up so that.
[01:01:27] I can put in a one-time password thing, but that changes every 30 seconds or so. And you might’ve used those before. Sometimes it’s a token, et cetera. But what Google has done for two factor authentication is they have it set up so that when you go to login. If you have a Google program on your smartphone, it will have you open up Google, for instance, the app on your smartphone.
[01:01:55] And then you confirm that yes, it is me who is logging in. It’s not a bad idea. They do it a little different on Android. Google’s prompt is a full screen. Popup is built into every Android device as part of Google play services. So it’s really pretty easy. This is going to be, I think, a good game changer because otherwise you’re in trouble.
[01:02:20] I just got a call. This is just crazy. Yeah. What a week, this week from another listener, who’s a church. This particular church had been basically hacked and their main email account was hacked into the bank account. It just goes on and on. And it smells like they may have access to his text messages, which are used for account.
[01:02:48] Recovery. So this type of two factor authentication thing that Google is pushing out. Yeah. I think is a very good idea. They’re becoming a little more proactive and it’s, I think it’s going to be good. Yeah. Overall we’ll see how this all goes. There are some other ways to do it. I think maybe some better ways, but this is not a bad way.
[01:03:14] Now speaking about privacy versus security, we’ve been talking so far about security. That’s what two-factor authentication is all about. And if you want a little privacy, Android slash Google is not the way to go. You know that already. I say every time that you should be using duck, Go, not Google to do searches online, to find stuff well, Apple released their newest version of iOS, which is of course the operating system for the iPhone and for the eye pad.
[01:03:48] And I guess the iPod, right? Like the iPod touch and stuff, but this operating system has now code in it that pops up and asks you if you want to allow an app to track your activity across other companies, apps, and websites. This I think is a very good thing. At least, that they’re trying to track you, right?
[01:04:13] So Facebook has been complaining about this for a long time. The experts said probably 40%, maybe 60%, let’s call it. 50% of people will allow the app tracking. It turns out that 96% of users in the us have opted out of app tracking. In this latest version of iOS, which to me makes a lot of sense. In other words, only 4% of people said, yeah, you can track me.
[01:04:44] What does this mean? Obviously to you as a consumer, it might be good. It actually might be bad. Again, if I want to buy an F150 pickup truck, I wanna buy an F150 pickup truck. Now, maybe you could try and talk me into buying a Dodger Chevy or something else. I get it, but I want a pickup truck. I don’t care about seeing ads for women’s pajamas or you name it.
[01:05:16] I’m looking for a pickup truck. So I want to see ads that are aimed at me for something that I want. I you’re probably the same way you remember those days on the internet, where you were constantly getting these male enhancement. Emails. And they went out to everybody because they had no idea who you were.
[01:05:38] They didn’t have any information about you. And when Facebook and Google and some of these others came along, all of a sudden you were getting more relevant information. By not allowing them to track you, you are going to be getting ads that maybe aren’t as relevant as they used to be. Now on the other side, it’s nice not having them track you because it’s none of their business.
[01:06:04]But it’s, I think it’s overall a good thing. Reminds me of Tom cruise in minority report where he’s walking past those billboards, and they scan his eye. As all that’s possible from that distance. And they recognize him as, what was it, Mr. Tadashi or something? Not definitely not him. And they were trying to sell him something that were tied into what Mr.
[01:06:29] Tadashi had purchased before. And the machines, just the billboard just thought it was Mr. DACI not the Tom Cruise character. So this is going to change quite a few things. If you are a. Business. You’re going to have a little bit of a harder time trying to track people, which also means, by the way, and not distract people, but, find people that are of interest to you.
[01:06:53]I want somebody that’s a white male in his mid forties who drives an F150 that is 10 years old, which means, okay, he’s probably going to buy another one. You’re going to have a little bit of a harder time with some of that tracking. So it’s going to cost you a little bit more for some of the advertising, but I think it’s also going to drive down the cost of ads on some of these platforms, because they’re not going to be able to target as closely as they could be for all right.
[01:07:20] really we’re everywhere. All you have to do is you can find the podcast. You can go to tune-in dot com and of course you can just ask your Amazon Alexa, Alexa, play. W G a N and off she’ll go, there are so many articles to talk about this week.
[01:07:36] You will find all of them in my newsletter. And what I typically do in the newsletter is not only do I go through hundreds of articles and put together a collection of what I think are the most important ones, the best ones for you guys to be able to follow. But I also send you right to the person’s website that put the article out.
[01:08:00] So they get a little bit of credit. Maybe they get a little bit of advertising revenue, that revenue we talked about in the last segment today. But I think that’s the way it only fair to everybody involved. Although obviously I’m adding a lot of my own commentary. So if you want to hear what I had to say about it, Subscribe to my podcast.
[01:08:24] Just go to Craig peterson.com/podcast. You can listen to them there, or if you are a podcast listener, I’d really appreciate a comment. Hopefully I’ve earned five stars from you. Just go to Craig peterson.com/itunes, and we will. At that point be able to track it a little bit subscribing to the podcast really helps us.
[01:08:49] And that’s how some of these podcasts are measured and I’m doing this all without any commercial content. On the podcast that I do, obviously here, there’s some great companies that are supporting us and trying to get this message out. And I appreciate them for advertising, but on the podcast has used subscribing that really helps Peloton.
[01:09:12] You do remember Christmas, was it last year or the year before Peloton running these ads and this guy was going to buy this exercise bike from Peloton for his wife. And it seemed like a great Christmas gift for her. She seemed to be very excited about it. And then all of these snowflakes started saying, Oh, that’s just terrible.
[01:09:35] I like it. Was you doing saying she’s fat. What’s going on? Obviously she wanted one of these Peloton bikes cause they are amazing. Peloton has done just a great job in tying it into internet training, and you’ve got a coach, and you’ve got some really good hardware. The only in the form of the bike and Peloton has some other things as well.
[01:09:57] So they really got nailed over that one and I think a little bit unfairly. And then we also had here within the last week, two weeks. Recall by Peloton on two treadmill models. And this was following the death of a six-year old child who was pulled under one of these treadmills is a terrible, I know I’ve gotten caught up in them before as well.
[01:10:24] And the consumer product safety commission said that the recall decision took some intense negotiation. Because they’re, Peloton, they didn’t want to get nailed for something and it wasn’t really their fault. But the CEO of Peloton did admit that there was a mistake here, but this is just, it’s a terrible thing to think of.
[01:10:48] In addition to this death, apparently Peloton received at least 72 other reports, according to ARS, Technica of adults, children, pets, and or objects getting dragged under. The tread plus treadmill 29 children suffered injuries. Second and third degree abrasions, broken bones, lacerations pretty bad all the way around, you’ve got moving.
[01:11:13] Parts stuff can happen. I don’t know. It’s do we really need a label on our lawnmower telling us not to use it, to cut our hair? It’s bad. It’s terrible in any of these things happen. Oh my gosh. I’m not going to read the details here, but this poor little boy’s three-year-old son.
[01:11:32] No, I’m the parent involved. I’m sure he felt feels this terrible. So there you go. That’s problem. Number one, Peloton had and within the last week obviously a major problem considering what happened, but also. Piling on to what happened at Christmas, with all of the snowflakes complaining.
[01:11:54]It’s now come to light the Peloton exposed sensitive user data and continued to expose it even after it knew about the leak. So it’s no wonder Peloton stock price closed down 15% on Wednesday. Now I’ve got to add to that, that because of the lockdown, starting to go away. A lot, fewer people I think are going to be exercising indoor on their Peloton, but it’s still going to happen.
[01:12:23] They’ve got a lot of stationary bikes got a lot of treadmills, but 3 million members, according to their stockholder report and the data exposed include the user IDs, instructor, IDs, group memberships workout stats, their sex and their age, their weight. If they’re in a studio or not There’s apparently another piece of personal data exposed that the Peloton still hasn’t secured.
[01:12:50] And so ours check Nicola where this article was published, said, we’re not going to tell you about it because it’s still being exposed. It’s pretty bad. Apparently again, this is just bad programming. It’s the API APIs, these application programming interfaces that are used by programmers.
[01:13:09] That are used to connect to cloud services, et cetera required no authentication before providing the information. I was reading an article this week, too. On an API might’ve actually been theirs, but again, no authentication says, okay, we’ll lock it down. We’re going to lock it down. So how do they lock it down?
[01:13:30]They put a username and password on it. Okay. That sounds reasonable. But if you had a username and password, you could access. Any personal information on any API call? I didn’t just restrict it to yours. Oh my gosh. Yeah. Totally barked fixed. In fact that it looks like it was Peloton who botched that fix.
[01:13:53] Okay. Move onto the next one. We’ve got a lot of stuff here I RRS is, has been for a long time. Warning people. Hey, listen. If you have an asset. And you sell that asset. You have to pay taxes, and we’ve got President Biden now saying, Hey, if you invest in a company and you lose money, it’s too bad, so sad. But if you make money, now you’ve got to pay taxes on it.
[01:14:19] And they’re saying the same thing about, of course, Bitcoin investments and not just Bitcoin, any cryptocurrency trades. Now they have the IRS been granted permission by federal court in the Northern District of California to issue a John DOE summons. And what they have done is they’ve sent us summons off to this company called cracking and cracking is a us facing arm of something called pay word ventures, according to ZD Net.
[01:14:56] And what they’ve said is they want information on any us taxpayers who conducted at least $20,000 or the equivalent in cryptocurrency trades between 2016 and 20. 20 now they’re not alleging that there’s any wrongdoing. Cause we know every last person that did a cryptocurrency trade and made money on it, paid the taxes.
[01:15:22] And we already know president Biden is planning on increasing those taxes to over 30% right now. Say lovey. What are you going to do? According to the IRS convertible cryptocurrency. In other words, cur cryptocurrency that you can trade for Fiat currency, your affirms, your dollars such as Bitcoin may have tax liabilities.
[01:15:46] All in fact it does. So keep that in mind, everybody. That you sell these things, you owe money on them, just like if you sold anything else, frankly. So apples, I mentioned the last segment here, but Apple’s new iPhone, anti-tracking feature. It is being called devastating for Facebook. And I agree with that.
[01:16:11] Absolutely agree with it. And this is from bgr.com. They’ve got a lot of great technical stuff up there. But Apple rolled out this new iOS update, and it’s forcing developers to ask for consent before tracking users across your Apple apps, which I think is really great. But what’s interesting is that Facebook is looking at a devastating loss in revenue.
[01:16:41] Lisa asked her, they’re saying at this point, both Facebook and Instagram have come out and said that they might no longer be free. And if you block the tracking there, he might start charging you. So we’ll see what happens obviously. Facebook and Instagram can still track you within their application.
[01:17:03] Although they’re supposed to tell you what they’re doing with your data, and if you go into the Apple app store and you pull up, for instance, the Facebook app, it will tell you right there in the app store, you scroll down a little bit. To the privacy section. It’ll tell you what it is Facebook is doing with your data right now, that self reported, but we’ll see what ends up happening.
[01:17:29] I’m looking at these opt-out rates cyst. It’s crazy. There’s a whole bunch of graphs here showing how people just don’t want to be tracked. So it makes a whole lot of sense, frankly, a whole lot of sense. Let’s see. And. Our last one here is really, I think the bottom line fought for the day. Ransomware is up dramatically.
[01:17:54] We’ve seen triple the amount of hacks ransomware hacks in the last year we have seen. Doubling of ransomware payments, the average business that gets ransomware, it takes them on average about nine months to get back to normal nine months. So I really want you guys to spend a couple of minutes. If you want me to send you, I’ll be glad to a checklist of what you can do.
[01:18:27] For a self, some self audited here, cybersecurity assessment. I’d be glad to do that. I can send it to you. If you want to have one done by a third party, by all means, do it and then follow the instructions. That’s something that we do as well. But I can send all of this to you. Just email me@craigpeterson.com please do it.
[01:18:50] An individual or a business. This is going to help you out so much. Just me, CraigPeterson.com. I got all kinds of free stuff. That’s going to help you out.
[01:19:00]

Listen to this episode