Jul 3, 2019
Craig is in the WGAN Morning News with Ken and guest host Erik Lusk. This morning we talked about Apps and how bad they are, Why you should not use Android, Backups why they are really important now. and what could happen in the future?
These and more tech tips, news, and updates visit - CraigPeterson.com
---
Related Articles:
Be Careful What You Browse - Drive-By Malware on the Rise
Are You Ready? Iranian Cyber Counter Attacks
Cyber Breaches - How far does your liability extend?
What We Know About Apollo Missions After 50 years
We Will Need 3.5 Million Cybersecurity Professionals by 2021 and They Won't Come Out Of Our Colleges
Mac Non-Vulnerability Vulnerability
During Travel Is Your Data Safe from Snooping Eyes?
Who Is Your Biggest Cyber Liability? Maybe It Is Not Who You Think
---
Transcript:
Below is a rush transcript of this segment, it might contain errors.
Airing date: 07/03/2019
---
Craig Peterson
Hi everybody, Craig Peterson here. Oh my gosh, Independence Day. I
want to say Happy Independence Day to everybody out there. Happy
Canada Day to everybody who, of course, is from Canada. Some grand
celebrations are coming up in France this summer, as well as the UK
and all over the world. So, you know, let's give peace a chance as
they say, right. Today I was on with my friends Ken Altshuler and
Eric Lusk, and I gave Eric a bit of a kidney punch. I talked a
little bit about an email I got from the FBI this week and talking
about some of the security problems with Android. I am afraid I
went on a bit of a rant here, you know, the whole 76% of mobile
apps having flaws, security flaws, the Iranian cyber attacks
against the United States. And we got into it today. At least I
did. They could hardly get a word in edgewise. Anyways, here we go.
Have a great week, guys, and I'll be back on Saturday. Bye-bye.
Ken Altshuler
And it's 738 on Wednesday Morning News. Eric is sitting in for Matt
Gagnon, who is taking a few days off. Jeremy Fisher 'll join you
after the eight o'clock news with an eye on politics but as usual
on Wednesday, 738 none other than Professor Craig Peterson, our
tech guru joins us. Good morning, Mr. Peterson, how are you?
Craig Peterson
Hey, good morning, doing well. I love this kind of weather. It is
why I live up here. It's just like you were saying. Right?
Ken Altshuler
Exactly.
Craig Peterson
I like a warm day, frankly, in the 80s. Maybe a little much. It's a
beautiful beach day. But I'm not into the humidity and not into the
90 plus degree weather and everything else. I enjoy this.
Ken Altshuler
Well, you're in the right place. Enjoy it until winter starts in a
couple of weeks.
Craig Peterson
Yeah.
Ken Altshuler
It's right around the corner. Winter is coming. Mr. Peterson,
Eric Lusk
You'll notice the days are getting shorter.
Ken Altshuler
Exactly right.
Craig Peterson
Well, you're not going to notice it quite yet. It speeds up a
little bit, later on. Right now. We're only losing just you know, a
few seconds every day but it does accelerate. Winter is, you know,
the winter isn't so bad either. You know.
Ken Altshuler
There's no good winter, you're wrong. There's no nice way to put
it, winter, I mean no way to put a nice spin on it. But no winter
is not good.
Craig Peterson
Well, I look at it this way can I can always put on another layer
of clothes in the wintertime. I cannot take off my skin in the
summer.
Ken Altshuler
But you don't need to. You can be basking in the warmth in the
heat. I am from Oklahoma, so you're talking to the wrong
person.
Craig Peterson
Oklahoma's nasty. They have the worst of both, right.
Ken Altshuler
But that heat is super. It's like being in a SPAAA..
Ken Altshuler
So let's get into the tech issues. You gave us a lot of tech issues
that I didn't know where to start. I went to the one where 76
percent of mobile apps have flaws that allow hackers to steal
passwords, money, and tech. So what my iPhone, these people can go
on and steal my passwords. You tell me.
Craig Peterson
Here's the problem, I, in fact, I just forwarded an email to some
friends, I'll have to send it out to my whole email list here on as
part of this weekend's email that I send out. I sent out this
email. It was a summary that I get from law enforcement from the
FBI because of what I do with the FBI and Infragard running their
webinar programs. On it was just a note that said here's the
Android patches for July. It went on for I don't know three or 400
words just describing the critical patches and how only Samsung is
going to be releasing fixes for these patches on Android for these
significant security problems with Android software. Only Samsung
going to be releasing fixes for them within the probably the next60
days. These are highly critical. These are crucial, critical,
patches. Other vendors, some may never release patches for them.
Okay, so let's start with that in mind. Okay, Android, forget about
it. If you care about security at all. Never buy Android. Now,
iOS
Erik Lusk
So much for my cell phone. Exactly.
Craig Peterson
Ditch it. I can't believe you're in the financial business and you
have an Android because it is the most dangerous piece of hardware
available today. It's worse than Windows.
Ken Altshuler
Wow.
Craig Peterson
Okay.
Ken Altshuler
Did you hear that?
Craig Peterson
So, don't
Erik Lusk
Do you want me to turn around so you can hit the other kidney? Holy
smokes!
Craig Peterson
Is he starting to spit blood yet, Ken? Okay. Sorry about that. But
most people don't know this. Right? It's not your fault, Erik. Some
vendors are pretending Androids just fine. Right? So how do you
know who to trust? I'm not blaming you for this, and it's why I get
so upset with the antivirus software, people selling things like
Android phones and tablets, televisions with built-in things like
how webOS. Samsung said two weeks ago, don't forget to run an
antivirus on your TV. Who knows this stuff? Right? The bottom line
is, don't use Android ever. Stick with iOS. Going back to Ken's
point here, where 76% of mobile apps, according to positive
technologies analysis here, 76% of mobile apps have flaws that can
allow hackers to steal the passwords, maybe even your money and
texts. Okay. Yeah, there is not a device if it has power going to
it, If it has a wire going to it - the potential is there that it
can be hacked, okay. So Deal with it, bottom line. Poorly written
iOS applications are going to use cloud services other than Apple.
Now Apple, again, their cloud services are outstanding. However,
many of these cloud services, look at the Amazon breaches, we just
had another huge one yesterday, that affected TD Bank, according to
the reports, they were using a third party contractor. In other
words, if you are a business, think about this for a couple of
minutes, you're giving your data to who? To salesforce.com to this
cloud service. Do you know how good is this cloud provider's
security? Many of these apps that we're using are going to the
cloud, they're using cloud services, many of the vendors that are
upstream from us are taking some of our data, and they're not
protecting it. So I, man, I just, I can't emphasize this enough.
It's terrible. It's but it's the way of the world, and it's going
to continue to be the way the world. That's why I'm hosting my
security summer. This summer, I have a six-week program, one
hundred percent free for everybody. I want everybody to know what
to do because the vendors out there are not telling you the truth.
Okay. That's the bottom line. They're selling new software that
they have because they have it. Right. They're not selling you
solutions that solve basic things, and you need to do those first.
It's brass tacks of what you need to do to keep your data safe.
It's like you were talking about with distracted driving. Who can
afford the latest version of Apple's Car Play? The new one that is
just coming out with right now is phenomenal. Android has a similar
thing. But again, I don't want you to use Android devices for
distracted driving. Who can afford to pay somebody like me to help
them? Well, you know, bigger businesses, obviously, Ken, right. The
medium-sized companies and larger small businesses can come in, and
I can secure it. There are so many defense contractors working just
right south here at Portsmouth Naval Shipyard that has to have to
be DFARS compliance, which is a federal regulation. But they don't
know where they can go? How about the little guys that can't afford
to hire the real security people that all they do is networks and
security. That's what this security summer is all about, guys. If
people want to find out more, listen, you got to get ahold of me,
I'm more than glad to put you into this class. It's only 10 to 15
minutes sessions twice a week, during the summer. If you miss one,
you can watch it on the replay you need to email me at Craig
Peterson dot com if you want to be in it and I'll let you know when
it starts, okay, this isn't selling new stuff. It is just getting
down to the brass tacks and making sure that those are out of the
way. Many of these things you can do are free. Some of them are
just educational, but they need to know what to do and how to do
it. And then some you might want to or need to buy some paid
software. I'll tell you what to do. But email me at Craig Peterson
dot com. It's not as though I care about this stuff. Guys. I don't
want you to think I'm on a soapbox or anything. Okay.
Erik Lusk
Just a wee bit.
Craig Peterson
Oh, yea.
Ken Altshuler
But a good soapbox
Erik Lusk
Oh, yeah, absolutely! When the city of Baltimore was held hostage
by some computer hackers that managed to figure out how to shut
down the municipal website. That's no way to live. What's next
shutting down our Public Utilities?
Craig Peterson
You don't? Yeah, well, that's what's happening right now. And maybe
that was a cue for me right there. We had this whole thing with
Iran, right, they shot down our drone. That was or was not in
international waters, Right. So our response was to be in a posture
to bomb bomb bomb bomb bomb Iran. Right. Then President Trump
called it off at the last minute, right? It is all that we're
getting from the news. And then the part that most people haven't
been talking about is apparently, President Trump's idea of, hey,
listen, you didn't kill anybody in the plane, we don't want to kill
anybody. Then in a reciprocal response was that we hacked and shut
down their radars, missile radar systems and their missile sites.
Their answer is what's happening now with Iran going after our US
businesses. They've got some software that wipes your computer. If
they get on to your business computers, what they want to do is
cause problems with the US economy. Most businesses just are
protected well enough. They've got some a break-fix shop that knows
a little bit about security and certainly can install the software.
And those are, you know, Wow, those are the experts. And so Life is
good, right? Hey guys that is not the case. Now we've got Homeland
Security coming out this last week here, and warning businesses
that Iranian hackers are already targeting US companies. And
they're using this wipe software. They're not holding your data
ransom, they are wiping clean your computers and anything they can
find on your network, rather than stealing the data. That's
directly from Chris Krebs. He's the director of Homeland Security's
Cyber Security Division
Erik Lusk
Isn't that an easier thing to do? Rather than to go in and steal
the data, isn't it easier to just wipe out somebody's data
altogether?
Craig Peterson
That's the easiest thing to do. And you know what, Eric, there are
no fingerprints afterward, Right? Or should I say a very few
fingerprints? So for instance, we've gone into companies, we went
into one company, and we found that there were Chinese back doors
installed. It was a small manufacturer. And they made some dumb
parts, right? There's like you think of a screw. Well, who cares
about a screw. And the Chinese had multiple back doors, and they
were monitoring everything that was going on. But that screw
eventually ended up in our military equipment, until the Chinese
went after the little guy. It made it now easier, and they had
access to the portal to the big defense contractor, etc., etc. So
that was very easy to trace because we could see wherever these
back doors were talking to how they were accessed. We worked with
the FBI, and we were able to straighten it out very quickly, we got
them back in business within 24 hours. However, when you're just
wiping a computer, there is nothing left because they've completely
wiped the silly thing. So yeah, Eric, that's what they're doing
because it is the easiest thing to do. That's part of what we're
going to do with the security summer the right ways to do backups.
And I can tell you 90% of the people I've ever talked to probably
really close to 100 are not doing backups properly. But I don't
want people to feel bad. A good backup that works can recover your
data from that wipe from the Iranians. It can also recover your
data from any ransomware attacks coming. Many of those are from
Russia. We have one client, and we were looking at their website
the other day and the security mechanisms we have in place. Their
website was getting attacked five times every second it was a
little website. It's crazy. And it was coming straight from Russia,
by the way, anyways, blah, blah. I'm going to long in this segment.
But there's so much you have to know to do it right. Just email me
at Craig Peterson dot com. I want to get you in this. It is free.
It's for small-medium businesses. If you're just the IT person
because you know the most or you like computers, and "tagged your
it" right, like in the game of tag. It is for you. And it's free.
And I want you to attend email me at Craig Peterson dot com.
Ken Altshuler
Great. Craig Peterson dot com and Craig joins us every Wednesday.
738. Craig, we hope you have a great Fourth of July. We'll talk to
you next week.
Erik Lusk
So much for my cell phone. I guess I'm headed over to get something
else.
Ken Altshuler
iPhone time. iPhone time. Yeah.
Craig Peterson
Have a great Independence Day, everybody.
Erik Lusk
Thanks, Joe. All right, we'll take a break for CBS News, and we'll
be back after this.
---
More stories and tech updates at:
Don't miss an episode from Craig. Subscribe and give us a rating:
Follow me on Twitter for the latest in tech at:
For questions, call or text:
855-385-5553