May 16, 2021
2021-05-15 Show 1113 - How the Colonial Pipeline changed Ransomware forever
Craig Peterson: Hey, wherever you are, whatever you're doing
right now. I know you're listening, and I appreciate you being with
us. Of course, this is Craig Peterson. I've been in cybersecurity
now for 30 years, and we're going to talk about what's really
happening with this Colonial Pipeline ransom.
[00:00:16]This whole hack, if you will, of what's been happening
with this Colonial Pipeline. Cyberattack is very upsetting to me.
Let's just really briefly because I've talked about it before. Talk
about what happened. What is ransomware? Ransomware is software
that the bad guys get onto your computers.
[00:00:40] Now it's changed over the years. When ransomware first
started hitting, I think most people still have this in mind, and
the software gets onto your computer. Usually, you click on
something. You download a zip file, and you open it up. Maybe it's
a Microsoft word document and embedded inside that document.
[00:01:00] Is a piece of nastiness, and that nastiness is the
ransomware. And what it'll do on your machine is it'll start
looking for files that it can encrypt. And those files typically
are things like your word documents, your Excel spreadsheets, all
that sort of stuff. And. They would encrypt it and then pop up on
your screen, a nice little red warning message that all your files
have been encrypted.
[00:01:31] And if you really want to get those files back, what
you're going to have to do is go to this particular website, send
some Bitcoin to this specific Bitcoin wallet. And then hopefully,
you'll be okay. Now, back in the day, it was crossing your fingers
cause you didn't know what was going to happen.
[00:01:52] If I send the money while I get the decryption key, will
the software work while I get all my files back. And frankly, the
answer to most of those questions was no. In most cases, you would
not get all your files back in this day and age. It's changed
slightly, but we'll get into that and how it's changed and who has
changed the ransomware.
[00:02:16] Industry. I want to give you some tips on what to do and
how to avoid ransomware in the first place. And there are some
automated things you can do. You can do some things just as a human
being that you should watch out for. And I want to also get into
it, so what do you do after the fact? I got a call from a listener
this week who had a real problem.
[00:02:41] Actually, she sent an email to just
me@craigpeterson.com, and I got her phone number called her back,
and I had my lead tech and myself on the phone with her for
probably about 15 minutes going through. Okay. So here's what you
have to do to respond. So I think it's essential for everybody to
understand this.
[00:03:01] This Colonial Pipeline cyber attack was ransomware, but
it wasn't like that original ransomware that I saw all those years
ago where you're crossing your fingers, et cetera. It has advanced
to the point where this company has now made this cyber attack
business an actual commodity for lack of a better term.
[00:03:25] Quite literally, it was called the DarkSide. They've
been around for about a year. And apparently, the people that are
involved with the DarkSide have been doing ransomware for much
longer than that. But what they're doing now isn't just, Oh, take a
gamble, and maybe you'll get your decryption key.
[00:03:44] Maybe the decryption will work. Nowadays, they have
turned it into a truly professional organization. There are tech
support people that you can talk to. You can call, you can have an
interactive chat with them. The ransomware is very careful to make
sure that you can still use the online chat features in your
windows machine or whatever they might need to communicate with
you.
[00:04:14] And the tech support people
[00:04:15] will
[00:04:15] Craig Peterson: say, Oh yeah, some, I'm sorry that
happened to you. Let me help you fix it. What you have to do is go
to this website and buy Bitcoin. First, you have to set up a
wallet. All of this was just so complicated. People weren't able to
figure it out. So they now, with their tech support, will help
you.
[00:04:34] Find a place to buy the Bitcoin help you set up a
wallet, help you put your more money into that Bitcoin wallet after
you bought some fractional, probably Bitcoin, because they're worth
quite a bit right now. And then. They'll help you to send that
money from your Bitcoin wallet to their Bitcoin wallet.
[00:04:59] And then they'll help you run the software to decrypt
your files. This is pretty complicated, and these guys, a DarkSide,
understood that. And that's why they did all of this tech support
type stuff, but they've taken it. I yet a step further, this
gang-like DarkSide in there. They're not the only ones
DarkSide.
[00:05:23] They're just the guys that we think went ahead and
hacked the colonial gas pipeline, but they've taken it to the step
now where they are selling ransomware as a service. You can
approach to them and pay them. And quite a while, you've been able
to buy ransomware that you could use. You had to find the email
addresses.
[00:05:47] You had to send it out. You had to do this, but now for
a down payment and a percentage of your take this gang will go
ahead and do everything for you. Including sending it all out.
They've really professionalized this whole Industry of crime, of
ransomware crime, of course. And we've talked about this on the
show before they also will go the next step and what the next step
is in this day and age is.
[00:06:19] When they get into your machine before they encrypt
anything, they have a human being who looks at your machine. So the
machine calls home. And I want to tell you how to stop them from
calling home. Because that's going to stop most of the ransomware,
but it calls home and says okay. I got somebody.
[00:06:39] And so the bad guy now, because that connection's opened
up to call home. Can now hop on to your computer, unbeknownst to
you. It's not as though you're going to see the mouse moving or
screens changing. It's all happening behind the scenes. And so
they're on your computer. They look for files. They think might be
of interest.
[00:06:59] Those files get uploaded to them and they try and spread
laterally. And a lateral spread means that they see, yeah, here's
some machine that we have compromised. This looks interesting. What
other computers on the network? Is there an active directory
server, some sort of a file server network-attached, storage, other
computers what's out there.
[00:07:25] They will probe your network, which again, if you've got
good network equipment, you're going to see that probe happening
and you're gonna be able to stop it. But most people don't write.
And including some of these big businesses that just aren't paying
enough attention to how the bad guys operate. Now more than they
knew.
[00:07:45] The Colonial Pipeline huge multi-billion dollar company.
Okay. You now know more than they do in what order we eight minutes
into their show today. So they will look around the network, spread
laterally, take control of other machines. And they try all of the
known ways of getting in. And of course, if you haven't patched
your machines and haven't kept them up to date lately, it seems
like Microsoft is releasing patches a couple of times a week, just
like the old days.
[00:08:15]Microsoft fixed that problem. So you no longer had to
patch once or twice a week? Yeah. How did they fix it? No, not by
fixing their software. I know. No, I haven't forbid know what
Microsoft fixer software. No, what they did is. They came up with
this concept of patch Tuesday. So once a month, they'll just
release all of the patches for all of the vulnerabilities that have
been found that they know about and that they could patch
readily.
[00:08:44] Is that insanity or what? So on average, they were
leaving. You exposed for one, let's see, half of a month would be
about 15 days. So there you go. About 15 days you were completely
exposed. It's this whole thing is insanity. I just, I don't know
why people aren't paying attention to it. And I talked to small
businesses, and basically, they have their fingers crossed, and
they don't think it's going to damage the reputation, even if they
do get hit.
[00:09:14] But these guys are gathering all of this data from all
of your machines inside your network, including your home network.
Although they're not as interested in this. If it's just a little
home network, other than if you are working from home. Okay. Are
you silly enough to use a VPN? That's not configured right.
[00:09:35] Or the wrong kind of VPN. Okay. Hey. Yeah. So what we'll
do now is we will spread laterally. Over to the business computers
and all of the other people working from home that are also VPN in,
in, properly into the business network. So they can just spread
like crazy. It's, it is absolutely amazing that we're not doing
more.
[00:09:58] I'm not calling for the feds to get involved with this
cause they will almost certainly make everything worse. I'm just
shaking my head here thinking about all of the potential problems
they can't even get. This whole net neutrality thing straightened
out, but DarkSide then has your files. And they do what I talked
about a couple of weeks ago here in the show, they hold your files
ransom by threatening to release them.
[00:10:24] Look at what happened to Metro PD, the Metro police
department in Washington, DC, just a couple of weeks ago. Yeah,
they got into Metro PDs, computers, they spread laterally. Hey,
look at what we found. They threatened to release these files. They
had found of all of the confidential informants there, phone
numbers, addresses names, cases that they're involved with, et
cetera.
[00:10:52] Yeah. Again, they're not taking it seriously. There's a
lot we have to do.
[00:10:58]There is a huge problem out there right now. And the
problem has to do with these ransomware gangs. And there are quite
a few of these gangs out there, frankly. And one of them called
DarkSide has nailed the Colonial Pipeline. What happened is the
ransomware got into their network. We don't know the details
yet.
[00:11:21] I've heard a lot of rumors. I'm not sure. And it started
spreading inside the network. Again, you don't have a lot of
details. I'm sure I'll find them out. And when I do, I will share
them with you, but it spread. And the guys over at Colonial
Pipeline said we better shut down the pipeline. Because we don't
want the ransomware to cause serious problems thinking about what
could happen with a pipeline, you could go overpressure, which
could cause the pipeline to burst valves might not close that are
supposed to be closed.
[00:11:56] It's going to really affect the whole flow of everything
in the pipeline. And remember too, you have one pipeline that
carries multiple different fuels, so they stop it. From carrying
gasoline, for instance, it switched to diesel, they switched to jet
fuel. They switched to gasoline. They switched to home heating
oil.
[00:12:16] All of those are carried by Colonial Pipeline. I'm not
sure if they're all in one pipeline, that's just send-up. Okay,
we're sending gas now type thing. Or if there's actually multiple
physical pipelines inside, I'm not really sure, but there is a lot
that could go wrong. Either way, just based on the fact that they
don't have the computers to control the vows, to control the flow,
to monitor everything that needs to be monitored.
[00:12:44] Monitored. So DarkSide is at the very least holding
their computers hostage. We don't know at this point, if Colonial
Pipeline is going to pay the ransom, we don't know if there's going
to be a backend ransom. As I explained a little earlier, we're
seeing now these. Bad guys. Not only saying pay us now in order to
get your files back, but pay us now, or we're going to release all
of your data.
[00:13:16] I'm not sure Colonial Pipeline has that much data
because they. Probably only have a very limited number of
customers. So something might not happen there. The obvious data
that they'd be concerned about is what I was contacted about just
this week bank accounts, what happens if the bank accounts broken
into stuff is stolen, what do you do?
[00:13:40] And how do you deal with this? So these. Types of
attacks are becoming much more frequent and it's very concerning to
all of us. For a couple of years, I ran the FBI InfraGard webinar
program and we talked a lot about. Protecting our critical
infrastructure, but the critical infrastructure is more than just
the electric grid or the fuel pipelines.
[00:14:09] Frankly. It includes almost every business because if a
business isn't critical, how could it possibly stay in business?
Okay. You might argue how about the tourism industry? Is that
critical? I don't know, ask the people that work in the tourism
industry, if it's critical to their jobs or not.
[00:14:29] We have to defend everything and ransomware attacks,
according to commerce, secretary Gina Raimondo. Are what businesses
have to worry about now. So it's a real problem, but they've got a
Homeland security involved in investigating this. They've got, of
course, the FBI involved investigating it, and they've brought in
some third parties.
[00:14:56] And w the one that looks to be the prime, I'm concerned
about, cause this is not what they do, but they're saying it's an
all hands on deck effort right now. She said we're working closely
with the companies, state and local officials to make sure they get
back up to normal operations as quickly as possible.
[00:15:17] And there aren't disruptions in supply. We already know.
There have been some disruptions. I think it was South Carolina
declared a state of emergency this week. There's a more than 1800
fuel stations, gas stations that are out of fuel. Some of it is
attributed to what we're now calling the toilet paper response
where people are saying, Oh no, there's not gonna be any gas.
[00:15:43] I better go buy gas now. And some people are bringing
cans and cans to fill up as always filling up all of their
vehicles. So it is a problem. Now, I'm going to talk a little bit
more here about how ransomware gets in so that we can then give you
some solutions. And if you have to drop out, I understand you can
listen to this whole show as a podcast, just go to Craig
peterson.com/podcast, and you can get all of the details there.
[00:16:19] I even post. These automated transcripts, they're not
like an absolute type of transcript, but it's pretty darn close. So
again, Craig peterson.com/podcast, and you can listen there if you
miss part of it today. Ransomware has to get onto your machine. Now
there's a few ways it can get onto your machine.
[00:16:42] There are a number of different types of attacks, but
the biggest one that's typically used is called a Trojan attack.
And a Trojan attack is kinda as the name implies. You think that it
is something other than what it is, the Trojan horse. So the
software that supposedly your friend sent you by email that you're
downloading, it's not really good software.
[00:17:08] It's really ransomware disguised as maybe a Microsoft
word document macro. There's a lot of things that it could
potentially be, but. That's one of the ways and the most common way
gets in there are other ways as well. They can exploit
vulnerabilities in software that you're running. So if you're not
keeping your machines patched up to date, it could get in using
either a zero day attack, which.
[00:17:38] Yeah, there's nothing much you can do about those other
than having a great firewall. So that's why I recommend having a
real high end one, a good Cisco firewall. There are some other
brands out there that are pretty darn good. And there's reasons
that I like the Cisco over some of the other ones and it is what we
sell, because I think it's the best out there.
[00:18:00] But having a real high-end firewall can talk. Stop these
zero day attacks. Zero day attack is where thethe bad guys are
using a vulnerability in your computer. That is currently
unpatchable. The vendor, Microsoft, whoever it might be, has not
come up with a patch for yet. So the bad guys say Hey, day, let's
just get into machines and then they can remote control your
machines, install the malware, usually the ransomware nowadays and
go off on their own.
[00:18:34] That's the number one way they get in. Now, if you've
been listening to this whole show so far today, that what has
happened is once you have the ransomware that ransomware calls
home, Now there's a number of different pieces or classifications
of software that call home. One of them is ransomware.
[00:18:57] So it gets on your machine. It calls the bad guys up and
says, Hey, here I am. What do you want me to do? And usually the
bad guys. If it looks like a decent target, hop on your machine,
poke around, try and spread laterally. As I explained, in some
cases, what it does is it just uses your machine, particularly if
it's just a home machine and there's nothing particularly valuable
on it.
[00:19:20] It uses that whole machine now as part of a botnet, and
it uses your machine that it's taken over to attack other machines.
And unless you're paying a lot of attention, you probably don't
even know that it's happened.
[00:19:37]What do you do here with ransomware? He gets in, it looks
like it's something that it's not most often, it's a Trojan.
Sometimes what happens is the bad guys are sending it all in
because of a zero-day or more than likely because you haven't
applied the patches to all of the software that you need to
patch.
[00:20:01] So there's a few different things here, right? That,
that you gotta be careful of. So do those, you hear it a million
times. The next thing you can do to help prevent this from
happening is to make sure your usernames, email addresses passwords
are unique for every site you go to. Because some of these bad guys
just go to the dark web, they can download for free your email,
address your password from hundreds of websites.
[00:20:35] Yeah, it's available for them. It's been stolen, and
it's been released in some cases, they have to pay for it, but,
overall it's well worth their money spent to find out your username
and password. So if you are working from home, let's say you're a
homeworker for, let's say Colonial Pipeline here, making stuff up
right now, a nonexisting company, and you're at home.
[00:21:01] He was supposed to be monitoring the pipeline, make sure
the right valves are open when they're supposed to be open, make
sure the fuel is flowing. Make sure all of the bills are getting
paid invoices going out. And you're just doing it from home. And in
fact, you got a nice little laptop set up in the corner of the
bedroom, on a table.
[00:21:20]It's, it's the life. And then. All of a sudden you're
losing control. Just what I, I know of two water systems where this
happened. Yeah. Yeah. All of a sudden somebody finds your username
and your password online and that email address. Yeah. Yeah.
[00:21:41] joe@colonialpipeline.com. Perfect. Okay. So let's look
in the dark web. Oh, here's Joe's. Password that he used over on
LinkedIn back when we stole all of those LinkedIn usernames and
passwords and emails and everything else. So let's just try that
because we see that at colonial pipeline. There's this remote
desktop server.
[00:22:07] And we know that. Yeah, because we scan them in. There
it is today, remote desktop server, you know what they eat the
named it remote desktop, RDP dot colonial pipeline.com. Of course,
we're talking about a fictional company here, but it's only now
God, I use their name and email address and a password that has
been used by Joe on one or more other websites.
[00:22:31] So what do they do? They say. I'm going to try. Let me
see. Let me see. I'm going to connect right now to the Microsoft
remote desktop server at colonial pipeline. And let's try and log
in as joe@colonialpipeline.com and let's cut, copy and paste the
email address that he was or a password he's using it.
[00:22:51] LinkedIn, you know what I just noticed he uses the same.
Password even a few years back over at Facebook. So let's just try
it. Oh, look at that. I'm in. I'm in. So what's the next step? The
next step is, of course, they start to poke around a little, can I
take control of this machine? Let's download my ransomware onto the
machine.
[00:23:13] And of course this fictitious company known as colonial
pipeline. They don't have a really great firewall that looks at it.
Everything that's being put onto a machine downloaded. So it's not
even going to notice that we're installing the most common form of
ransomware on the internet today. So let's get that on his machine
at work.
[00:23:35] Okay. At Tonya's machine at work and off. Okay. We got
it. We're the remote controls working. So let's just connect from
the remote. Desktop server and okay, so we're in now, let's see
what other machines we can find on their network and off they go,
this fictional company now because Joe had a username and a
password that he has used before on another website, they were able
to get into our fictional company.
[00:24:06]Does that make sense to you? So now they're inside,
they're moving around. They're taking control. They're finding the
computers that are used to control the valves, the flow of oil, or
whatever's in the pipeline. This. Day and okay, so we're all set.
So let's go ahead now because we've got all of their files,
including all of their banking information while we were in there
and
[00:24:31] we
[00:24:31] Craig Peterson: grabbed all yeah.
[00:24:33] All of the account numbers, all to their customer info.
So let's let it loose. And now they start encrypting all of the
data. And by the time this fictional pipeline company has figured
out that they're on there. Guess what? Yeah. In fact, what happened
was they found out that they had been hit with ransomware because
the ransom messages came.
[00:25:03] So that is how it could happen. And that could happen to
almost any company out there. And the reputation damage is
enormous. The amount of money that is going to cost them is
enormous. It's more than doubled in the last year. The cost on
average now is over $1.2 million because of a breach and
ransomware.
[00:25:29] And so now they're in big trouble. Really big trouble.
So how could you have stopped this? That's where life gets
interesting. And I have done a number of webinars on that very
thing we've delved into in some detail, it's been about a year and
I'm thinking what I'm going to do is just put together some little
courses that if you're on my email list, you'll find out about just
little free things in order to help you guys understand this a
little bit better.
[00:26:00]So I'll make sure you're on my email list. Craig
peterson.com/subscribe, and I'll explain it all. So here's what you
can do. First of all, get a various smart, next generation
firewall. Now, one thing about cybersecurity that you'll find is
there are a lot of criminals out there. A lot of criminals and.
[00:26:25] I'm not just talking about the people that put
ransomware on your machine. I'm talking about the people that are
telling you to buy their VPN product because it's going to make you
safe, and they're lying about it. And they're really lawyering
their words. So that, that perception that you have is somehow
you're going to be safe.
[00:26:43] I'm talking about the people that will sell you this.
Anti-virus software that not only do not need but could potentially
open you up to even more security problems, just like the VPNs can
open you up to more security problems. It is full. Of criminals.
They just haven't been convicted yet. Okay. So it, it's definitely
a problem, a very major problem for so many people and you just
don't know.
[00:27:14]So that's why I want to make sure you guys understand why
it's happening and the how it's happening to can. Then go on to the
next step and what do I need to do to keep it out? So a really good
next generation firewall, by my definition, means that firewall is
going to examine all data coming in and going out.
[00:27:40] So it's going to be able to look at anything that's
encrypted at websites that are encrypted at data that's being
downloaded at zip files that are being downloaded and check the
payload to make sure. That it is legitimate traffic. Okay. It
sounds easy, but again, there's so many criminals in the
cybersecurity business.
[00:28:03] You have to look very closely stick around.
[00:28:06] So if the bad guys have control of a machine and they
are trying to download some malware, in this case, ransomware, the
firewall is going to see that and stop it right there.
[00:28:20]Most firewalls, all they'll do is block certain ports, or
they will stop as someone on the outside from getting. To the
inside, but what about you going to a website and downloading
accidentally, or maybe purposely downloading some software? That's
malicious. Or what about some guy the got onto your computer via
your VPN connection or your remote desktop or team viewer, et
cetera.
[00:28:51] And now has control of your computer. You have to watch
all of the data coming in, going out, and it all needs to be
checked for. Any sort of malware. So that's one of the first things
we always do. Now. The next thing has to do with your computer. I'm
going to focus in on windows because that's what most people
have.
[00:29:14] Nowadays. If you have a Mac, you're relatively safe. If
you have a Google Chromebook again, You're relatively safe. Just
keep them up to date. All right. But windows, windows is a whole
other world and you know how much I love windows. Yeah, not right.
And I worked on it way back when in the empty days.
[00:29:39] Anyhow. Microsoft Windows has built into it. Now, some
very good software that can help protect you. Windows defender,
make sure windows defender is turned on and is up to date. If you
have windows. And it's a recent version, and you need to be running
a recent version of windows. Then you have access to windows
defender, turn that on.
[00:30:08] And windows defender again, keeps an eye out for
malicious software. Oh, really? Who knows windows better than
Microsoft? I would argue there are some people, but as a general
rule, Microsoft understands what they're doing here. They have kept
it up to date, right? They have had major security problems in the
past with windows, the vendor itself, but most of those are fixed
now.
[00:30:33] And to me, the measure of success isn't, Hey, it's a
hundred percent secure because you and I both know that's a load of
cow stuff, because nothing's a hundred percent secure. And whether
it's made by Microsoft or it's made by Cisco. There could
potentially be problems. So Microsoft has fixed the known problems
anyways, in windows defender.
[00:31:00] So make sure that is turned on. That's the first free
tool I wanted to mention, and it is huge. The next one is, of
course, make sure you're up. Dating your machine. I don't mean just
windows, make sure all of the other software in your machine is
being updated. If you're using a browser like Firefox or even
Google Chrome, I have issues with Google Chrome from a privacy
standpoint, but at least both of those browsers and many others
that are based on either one of them, the both of those browsers
do.
[00:31:36] Update themselves automatically. So that's like a huge
win. So they'll keep themselves up to date, but most of the Adobe
software won't keep itself up to date. Most other third party
applications that you might've bought and installed on your
computer or downloaded. They're not going to keep themselves up to
date.
[00:31:56] So keep on top of that. That's the second thing you can
do. That's usually free. I would say usually because Microsoft does
sometimes charge you for upgrades. I'm not sure they're going to do
that anymore. The whole naming scheme and everything else,
numbering scheme for windows indicates that maybe they've dropped
that idea.
[00:32:18] Yeah. But some of these other vendors might charge you
for new release. So let's say Microsoft really decides I'm working
on our climb down. We're not going to let this malware continue to
give us a black eye. And so they changed the way parts of the
operating system work. And so that software you're using for your
customer management billing, whatever might be requires an upgrade,
which of course that vendor's going to call a major upgrade.
[00:32:45] And now you've got to do the app. Great. And you've
probably got to pay them in order to get your hands on that
upgrade. So that's why I said usually free, not always free.
Microsoft also comes with a firewall, and I use that term very
loosely because it's an old style firewall. It is just protecting
data on certain parts.
[00:33:10] And Microsoft does a very poor job of configuring that
firewall. Basically, Microsoft doesn't want any tech support calls.
So they pretty much turned on all of the features that you could
possibly have. And when it comes to the firewall, they just leave
them all wide open. To me, that's a huge problem. So yeah, the
firewall is turned on by default on windows.
[00:33:38] It is by the way off by default on your Mac. And both of
those companies take much different approaches on the Mac. Nothing
is enabled that doesn't, isn't explicitly turned on. So there's not
a whole lot of reason for a firewall because you don't have a file
server running on your machine. SMB file sharing.
[00:34:00] You don't have a way a web browser running on your
machine, et cetera, et cetera, all of that stuff you have to turn
on manually. So on windows. I've I have a course that I haven't
released yet. That talks about how to harden windows. I did my
improving windows security course. I released that in April of 21
and a lot of you guys signed up for it and I've had nothing but
great feedback, a few legitimate.
[00:34:28] Questions people have, but great feedback over the
course. So I'm going to have to do one on specifically the firewall
on, on windows and maybe the windows defenders as well, but you're
going to want to turn off any services you're not using. And I do
describe that in the improving windows privacy and security
course.
[00:34:50] So if you took that. You've Oh, and you did it. You've
got really your mission locked down. Noah came anyways. I'm
rambling. Next up. Remember I said that the malware calls home,
both ransomware malware, calling home to say, Hey, look what I
found. You want to have a poke around. And another piece of
nastiness called a botnet.
[00:35:18] Where the button that will again, call home to the bad
guys and say, here I am, let me know what you want me to do. And
very frequently they'll use your computer. It might be a home
computer might be a business computer. They love business computers
because usually they have a better internet connection.
[00:35:37] And they'll use your computer. Just send out a hundred
million pieces of spam to any email address they can find. And once
they've done that, of course, what's attached to that email while
ransomware or other nastiness that's out there. So how do you stop
them from calling home? Again, the non-paid or the paid, I should
say option is a really good next generation firewall.
[00:36:05] So we had a client that has an office here and an office
that's out of state. And what happened was one of their of state
offices had connected in via a VPN that we had warned about. And
being in properly set up and configured and protected. So they came
in on that VPN, the bad guys did because they had control of these
out-of-state computers and they found accounting files, and they
started to upload them.
[00:36:38] So we had a really good next generation firewall from
Cisco in place of firepower firewall. And we've got all kinds of
equipment in our data center that, that controls all of that, but
it saw, wait a minute. There's data being exfiltrated we're seeing
in their account information potentially. So I would shut it right
down.
[00:37:01] So they got a few megabytes worth of data out and that's
it. We shut it right down. It was all automatic. And then it
informed us, Hey, look at what we just did. You might want to have
a closer look, which of course we did do. So having that next
generation firewall that can recognize data coming into your
network and going out of your network is crucial.
[00:37:27] The other thing that you can do, and you can do it for
free or paid, the $50 a month charge that we have for endpoint
computers. In other words for desktops is includes a paid version
of this. Which is more advanced, but you can get it also for free.
And it's obviously it's not as good and as many options, et cetera,
et cetera, not men really for business, but checkout open DNS
online.
[00:37:58] You can go there right now. Just open D N s.com.
Open-domain name server.com. And you can find out how to do it
there, but it is as simple as setting your name servers to the
addresses. You'll find right@thebottomoftheopendns.com homepage. So
you'd set it to two Oh eight 67 two two two-dot two, two, two.
[00:38:26] And. Let it do its thing. So what happens now, once
you've set up your DNS using open DNS, and again, you can get it
for free and the low end. And then at the higher end, it's called
Cisco umbrella and a lot more features, but when the bad guys
trying call home, they need to convert the name of their
server.
[00:38:48] Into an internet address and open DNS is updated quite
frequently. I know the commercial versions that we have are updated
instantaneously 24 seven, whenever anything is discovered. And I
think the free open DNS is pretty close to that. So put that in
place. Do some of these other things I've been telling you about,
and you're going to be 95% ish safe.
[00:39:17] That's pretty good. Isn't it for nothing plus the
firewall, which can cost you some real money. Some of these real
fast firewalls can cost over a hundred grand for a very large
business, you can start at just a few grand anyways.
[00:39:32]Colonial pipeline. Of course it hit the East coast hard.
It particularly hit the Southern state, some of whom declared
States of emergency because of what was happening, panic buying. I
don't know if you saw the pictures of people with a gap, with a gas
in.
[00:39:51] Trash bags, clear trash bags, people buying every fuel
can, they could fill it up with gasoline, somebody dangerous
things. I remember back in the sixties, a friend of my dad's had
this beautiful Corvette. I'd love to have one of those nowadays,
and he needed to get some gas for the lawnmower. So we went down to
buy it, and he had a gallon jug that he filled up with
gasoline.
[00:40:17] Oh, my gosh. And we had this glass one gallon jug in the
back with me. This was the Corvette where there was that little, a
two piece window in the back. And that's where I was just a little
kid. What happens if you're in an accident? It just, these people
who are doing this are crazy. Plus the gasoline is almost
guaranteed to break down that trash bag.
[00:40:43] This it's just not true. What people have been doing. No
man, no wonder people have been calling it the latest toilet paper
fear, right? Where everybody went out to buy toilet paper, but this
is a real. Problem. We've got Saudi you do remember this Aramco.
They were probably hacked by Iran about a decade ago, and we've
seen hacks against all kinds of other utilities, these public
service, if you will utilities that provide us with.
[00:41:14] Pretty much everything that we need for our daily lives.
And colonial apparently had a cyber health assessment about five
years ago, give or take. Now it sounds like it was the same thing
that we do for businesses, a paid one versus the free ones. And
I've got. A checklist that you can use.
[00:41:36]I'll send it to you. All you have to do is ask me for it.
And you can use that to get an idea of what are the things you
should be doing to prevent this. What are the things you can do as
well? And if you listen to the first hour today, show of course, I
went through some of the free things you can do as well to help
prevent all of this sort of thing.
[00:41:56] So they did go through a cybersecurity analysis.
Apparently, they did not follow through on all of the
recommendations. And as I started out this segment today, one of
the things that's really probable, probably behind this is because
they didn't know what they needed to do. So many of us are using
people who are great people.
[00:42:22] They love computers. They've been learning a lot about
cybersecurity, but none of the snow, everything. And unfortunately,
so many of us just don't know enough. And we're talking about over
one, 1 million to 2 million open jobs in cybersecurity. So
everybody's hanging up their hat. Everybody's putting out a shingle
saying I'm a cybersecurity expert person.
[00:42:47] I've got months, even, maybe even years worth of
training. That's all well and good, but you still need to have a
third party come in and look, and then you have to follow the
recommendations. That's the other big problem I found is businesses
just not following the recommendations. And then we get calls back
in on average.
[00:43:08] I think we figured it out a couple of months back. It
was like eight months after we do a cyber health assessment for
someone they come to us and say yeah, we got hacked. Can you fix
this for us? And in some cases, we're able to close things up and
help them out. Just like the phone call we had this week.
[00:43:25] And they had taken some of the right steps to make sure
that they shut down these hackers. But there's a lot of things I
just plain didn't do. And that's a problem, right? We have
government contractors that are subs, and sometimes these guys have
the primary contracts, and they're out there in the front line.
[00:43:48] They have potential prison terms. If data is stolen, Now
this last week, this week, right this week. Okay. It's Saturday
now, president Biden signed an executive order that is starting to
put teeth into these laws. If you even sell something to someone
that ultimately has a contract with the federal government, you've
got some serious liability now.
[00:44:18] If data is stolen and we could get into a lot of details
because it happens all the time and people have businesses and they
say I just make X product, but the only customer for product X is
the government. And you just had all of the purchase orders stolen.
And think about Hogan's heroes, right?
[00:44:40] If you remember that show back in the sixties and early
seventies and in the whole Cogans heroes, what ended up happening
is they were looking at it all saying what should we do? What can
we do? When we're were to get a little bit of information and they
do everything they possibly could to get that information back to
London.
[00:45:00] And sorry about that. A little phone ringing here. So
they're trying to get all that information back to London. Some of
it, they got back, some of it, they didn't get back, et cetera, et
cetera. But just that little bit about wait a minute, now they just
bought 50 of these. Therefore we're thinking that the military.
[00:45:19] Is now starting to expand and is going to be doing this
or doing that in this area, that area, right? Those little bits of
information are valuable, not just to someone like Iran or to
Russia or to China, it's valuable to competitors. So president
Biden's latest little executive order is really starting to.
[00:45:44] Bite into all of these contractors that have been, as we
call a pencil whipping forms. Now the SPRs forums as the type of
form, they have to go online. They have to report about what their
compliance is for their cybersecurity maturity. They don't know
what they're doing. They don't know what they're filling out.
[00:46:01]I'm thinking maybe I should go ahead and. Put one more
little trick into this whole thing. And that is have a a service
where we help businesses fill out their paperwork and understand
it. But the reason I haven't done that is because the businesses
that I know that have been lying on these forums, pencil whipping
the forums, they don't really want to know.
[00:46:29] Cause then they have plausible deniability. So how do we
solve this problem? It really bothers me, frankly. When we come
back, I'm going to talk about these five urgent actions that are
happening right now, where these 65 businesses, nonprofits, and
NGOs have formed this ransomware task force.
[00:46:51] What this is about, what it's hopefully going to help
everybody out with. But I want to really emphasize again, do you
guys. Make sure you have a good cybersecurity health assessment.
You have to have that. And if you get a cha cybersecurity health
assessment, I'm more glad this end of the paperwork, you can do it
yourself.
[00:47:14] Okay. The basics and you know what else I'm going to do.
I'm going to have a training on this. That's available for free.
I'll put that up on my website so that you know what each one of
those questions really means. It's so that you can now. Have a good
look at your cybersecurity. Cause I know a lot of you guys you're
retired.
[00:47:34] You have some money that you're trying to protect from
these bad guys. A ton of you guys are small business owners like
me, right? I've owned and run small businesses for decades now.
And. We just are focused on our businesses and just don't know
everything we need to know. We don't even know what we don't know
right.
[00:47:56] About cybersecurity. So I'm going to help you with that.
But when we get back, we're going to talk about these fights. If
you want to reach out to me, if you want a copy of any of these
cybersecurity health assessment forms. I'll send them to you. No
problem. Just email me. M e@craigpeterson.com or reply to
tomorrow's email.
[00:48:17] If you're on my email list, I'll be glad to get that off
to you. No problems, no questions asked. I'm not going to be
harassing you. If you want us to do a deeper dive, where we look at
your systems, we scan them all. We help you prioritize it. We put
together a series of steps that you can take to make sure all of
the is done in the order that it really should be done
in.
[00:48:42] Yeah. Be glad to do that, to that, to pay the
assessment. There are a number of companies out there that do it.
There's about 1200 nationwide. So you should be able to find
somebody if you don't trust me, I get it. That's fine. But get one
done, get a very good one done and go deep into it. We're also
hopefully going to be able to get into some of the other articles,
and you'll find all of these, of course, in tomorrow's
newsletter.
[00:49:09] And you can get that by just going to Craig
peterson.com/subscribe by Google, wants people to use two factor
authentication, which I think is a great idea. So it's going to
start turning it on for you guys. App tracking. Apple has just gone
above and beyond yet again in helping to keep our data secure.
[00:49:30] Thank goodness, not just secure, but. Private Peloton
man. They're hurting again. Total mess up on their part again,
cybersecurity, absolutely cybersecurity problems.
[00:49:42]Now we've mentioned here in the last hour about DarkSide
ransomware, and these are groups. Both bad guys that have been
doing ransomware for a long time and more lately, they've gotten
together and built a company and this company actually sells
ransomware services. Now I don't mean that if you've been hacked to
go to the DarkSide and say, Oh my gosh, we got ransomware.
[00:50:10] Fix it for us. No, they are selling. Ransomware as a
service and the hers there. There's a huge problem with this. It's
just absolutely amazing, but there's some security researchers out
there who have been trying to find out okay. Who. Is using them. So
let's give you a couple of numbers here. So you have an idea of how
much money DarkSide is making by selling this as a service.
[00:50:40] So they, they do everything. They write the software
that holds your stuff ransom. They go ahead on that software, and
we'll do tech support, not just for the people that have licensed
their software, but tech support for you. The poor ransom me. Okay.
All of that stuff, but according to what is in, let me see ZD
net.
[00:51:05] They went and had some researchers check out the
DarkSide, ransomware variants website, and there's some forum posts
there that indicate that affiliation with DarkSiderequires 25% of
the cut for ransomware payments under 500,000. And it has a sliding
scale. So if you can ransom somebody. For more than 5 million, all
they want is 10% of the money.
[00:51:36] Can you believe this talking about a real business? It's
just incredible. So they are out there and they are really rampant
now. And they've been doing it since last summer, this whole double
extortion tactic and something they've really fine tuned where they
say pay us. And we will decrypt your data. At least we'll give you
the key and help you decrypt it, or don't pay us now, but pay us
later.
[00:52:03] So we don't release your data. As I mentioned, that's
what's happened with the Metro DC Washington DC police department
that got the data out of the police department, and they're
threatening to release it. If the DC police don't pay the right
money to them. So these guys, these researchers and this particular
cases, fire, I said, they have found five groups that are doing
rants that are linked with the DarkSide, bad guys.
[00:52:36] And they've got these letters, numbers. It's not real
names. It's just what they've been labeled. But the, I wanted to go
through here. What these. Different affiliated DarkSide, ransomware
gangs are doing so there's one where there's was to start with one
we'll run through all five and what their tactics are.
[00:53:00] But this first one, which is identified as UNC 26, 28
has been active since February this year. Now, remember how I
mentioned how they'll get into your network and then they'll start
to move. Laterally within the network, they'll try and infect other
machines. If they get onto your home machine, they'll go through
the VPN that you're using to connect to the office.
[00:53:21] And. Once they're there, they'll start spreading between
office machines. And there's some thinking that has actually
happened in the case of the colonial pipeline. We'll know more
details. I hope fairly soon I've been watching what the FBI has
been saying. They send me updates, but I haven't seen anything.
[00:53:41] That's publicly shareable at this point in time.
Anyways. So this lateral movement is where they're really going to
kill you. And this first group tends to move quickly from the
initial infection where they get the software on your machine. And
they're only lurking on your network for two, two to three days
before they start the encryption.
[00:54:06] That's all the time it takes for them to find all of
your machines. Now they use suspicious authentication attempts,
brute force attacks. Spray and pray tactics, all common spray and
pray means they're just looking for anybody out there. They're not
going after a specific target. They'll find your home, the computer
and bam they're in and they'll just take bank account information,
or they might use your machine for attacking other people,
including by the way, attacking governments and governments don't
take well to having your computer attack them.
[00:54:40] Okay. So they. Apparently, I'm just trying to summarize
all of this as we're going, but they get their initial access
through legitimate credentials for corporate virtual private
networks. What have I been telling you for a long time? VPNs are
not the panacea. Most people think they are, and they purchase it
from other criminals.
[00:55:02] Next group, 26, 28. Is thought to partner with other of
these services besides DarkSide and includes revival and net
Walker. Another one has been active since at least January, they
moved from initial access to ransomware deployment at an average of
10 days. So it used to be about two weeks. And that's where I've
been saying for a long time, that most of the time when you get
ransomware, They'll be in your network, poking around for a couple
of weeks, but it's been so profitable.
[00:55:36] They may well hire more people and spread more quickly.
So instead of 14 days is now down to three to 10 days. According to
this report, I'm looking at right now, from what FireEye has said
and fire, I do do investigations of these types of things. And in
fact, they got involved in some political stuff, not too long ago
as well.
[00:55:57] Team viewer home. My gosh, Microsoft team viewer. It's
abused to maintain the persistence in connections. That's where
they can continue to be on your machine. Get on a compromised
machine, and then they exfiltrate your files before they encrypt
them. Next one here, dating back for a little over a year.
[00:56:20] They use a phishing name. Emails to deliver this
DarkSide ransomware, and they use a smoked ham net backdoor. So
there go here. This group can wait on your network and lurk for
months ahead of when they actually fire up their ransomware and our
friends. Over at Sofo said that they've been called in to assist on
five different instances of DarkSide ransomware infection.
[00:56:52] So there's a lot to know there's a lot to be concerned
about, but remember they get in blocking them. The way I told you
in the last hour is really going to help. It's going to stop more
than 95% of them, and it doesn't have to cost you a dime. Mind you,
the paid versions are going to be better, but that's the way that
is.
[00:57:13] And we also now have these 65 businesses, which includes
some nonprofits, government organizations, and formed this
ransomware task force. So that's, I think good. News to all of us
world economic forums involved in this as well. And they're just
trying to really help. Now, what I get concerned about is the
government's involvement, and it's one thing for the government to
follow up after an attack.
[00:57:44] Okay. And it's another thing for the government to
provide general information. In fact, you can find it. The small
business association has quite a bit of stuff, not as detailed. I
don't think it's anywhere near as good as the free cyber health
assessment forms that I can send you. But they, we do have it.
[00:58:01] A lot of places have it, and it is well worth looking
into. I, so yeah, here we go. Average downtime due to ransomware
attacks, 21 days, get that thorough cyber health assessment done.
Now whether you do it yourself, you hire somebody to come in and do
it. Or we did 1100 of these last year for free for listeners and
their businesses.
[00:58:29] So more than glad to do it as well. Just email
me@craigpeterson.com and I'll get all the info out to you.
[00:58:36]Look at what's happening right now with.
[00:58:38] The whole colonial pipeline thing, and I am more than
glad to help you guys out. And all you have to do is just go ahead
and email me M e@craigpeterson.com. All right. Getting down to it
here. Two factor authentication. A lot of people have started
using. Text messages as part of two factor authentication.
[00:59:02] So for instance, you go to a website, you put in your
username, which is usually your email address, which is a bad idea
from these people that coded up this terrible software, right? You
should be able to choose your own username, so you can have a
different username on every website, and then you put in your
password.
[00:59:19] And of course you guys. Best and brightest, you are
using different passwords on every website, and hopefully you're
also using a password manager to keep track of it all. I were
really surprised. I looked at it. I had 1200, 1200 different.
Accounts on different websites. So then you probably have more than
you realize, but SMS, text messages are not the best way to do two
factor authentication.
[00:59:53] The idea behind a secure system, just a regular login
security is, do have something, along with something you have. So
there's something, is your username and your password. Something
you have. That's a lot different, isn't it? And having your phone
with you that can receive a text message is not really going to
protect you, especially if they are out to get you.
[01:00:17] So if you have a fair amount of money in investments,
maybe you have some Bitcoin, et cetera, many. Times now there are a
lot of examples I can cite of people who have had their phone
number hijacked. So the bad guys remember the, all these data,
leach data breaches, these leaks, where they've got your username,
they've got your password, they've got your phone number.
[01:00:42] So if they really want to take over everything, all they
have to do is. Grab ahold of your phone number, because most of the
time, how do you recover your password on our site? Oh, I just go
ahead and have it, send me a text message. What happens if instead
of that text message going to you, that text message goes to a bad
guy because they've taken control of your phone number.
[01:01:07] It happens. It happens every day. So Google has an idea
that I think is a pretty reasonable one. And Google has for a long
time, had an app called Google authenticator. And I used that when
it first came out, and I played around with it a little bit
nowadays I've been using duo, and I've got, go do all set up so
that.
[01:01:27] I can put in a one-time password thing, but that changes
every 30 seconds or so. And you might've used those before.
Sometimes it's a token, et cetera. But what Google has done for two
factor authentication is they have it set up so that when you go to
login. If you have a Google program on your smartphone, it will
have you open up Google, for instance, the app on your
smartphone.
[01:01:55] And then you confirm that yes, it is me who is logging
in. It's not a bad idea. They do it a little different on Android.
Google's prompt is a full screen. Popup is built into every Android
device as part of Google play services. So it's really pretty easy.
This is going to be, I think, a good game changer because otherwise
you're in trouble.
[01:02:20] I just got a call. This is just crazy. Yeah. What a
week, this week from another listener, who's a church. This
particular church had been basically hacked and their main email
account was hacked into the bank account. It just goes on and on.
And it smells like they may have access to his text messages, which
are used for account.
[01:02:48] Recovery. So this type of two factor authentication
thing that Google is pushing out. Yeah. I think is a very good
idea. They're becoming a little more proactive and it's, I think
it's going to be good. Yeah. Overall we'll see how this all goes.
There are some other ways to do it. I think maybe some better ways,
but this is not a bad way.
[01:03:14] Now speaking about privacy versus security, we've been
talking so far about security. That's what two-factor
authentication is all about. And if you want a little privacy,
Android slash Google is not the way to go. You know that already. I
say every time that you should be using duck, Go, not Google to do
searches online, to find stuff well, Apple released their newest
version of iOS, which is of course the operating system for the
iPhone and for the eye pad.
[01:03:48] And I guess the iPod, right? Like the iPod touch and
stuff, but this operating system has now code in it that pops up
and asks you if you want to allow an app to track your activity
across other companies, apps, and websites. This I think is a very
good thing. At least, that they're trying to track you, right?
[01:04:13] So Facebook has been complaining about this for a long
time. The experts said probably 40%, maybe 60%, let's call it. 50%
of people will allow the app tracking. It turns out that 96% of
users in the us have opted out of app tracking. In this latest
version of iOS, which to me makes a lot of sense. In other words,
only 4% of people said, yeah, you can track me.
[01:04:44] What does this mean? Obviously to you as a consumer, it
might be good. It actually might be bad. Again, if I want to buy an
F150 pickup truck, I wanna buy an F150 pickup truck. Now, maybe you
could try and talk me into buying a Dodger Chevy or something else.
I get it, but I want a pickup truck. I don't care about seeing ads
for women's pajamas or you name it.
[01:05:16] I'm looking for a pickup truck. So I want to see ads
that are aimed at me for something that I want. I you're probably
the same way you remember those days on the internet, where you
were constantly getting these male enhancement. Emails. And they
went out to everybody because they had no idea who you were.
[01:05:38] They didn't have any information about you. And when
Facebook and Google and some of these others came along, all of a
sudden you were getting more relevant information. By not allowing
them to track you, you are going to be getting ads that maybe
aren't as relevant as they used to be. Now on the other side, it's
nice not having them track you because it's none of their
business.
[01:06:04]But it's, I think it's overall a good thing. Reminds me
of Tom cruise in minority report where he's walking past those
billboards, and they scan his eye. As all that's possible from that
distance. And they recognize him as, what was it, Mr. Tadashi or
something? Not definitely not him. And they were trying to sell him
something that were tied into what Mr.
[01:06:29] Tadashi had purchased before. And the machines, just the
billboard just thought it was Mr. DACI not the Tom Cruise
character. So this is going to change quite a few things. If you
are a. Business. You're going to have a little bit of a harder time
trying to track people, which also means, by the way, and not
distract people, but, find people that are of interest to you.
[01:06:53]I want somebody that's a white male in his mid forties
who drives an F150 that is 10 years old, which means, okay, he's
probably going to buy another one. You're going to have a little
bit of a harder time with some of that tracking. So it's going to
cost you a little bit more for some of the advertising, but I think
it's also going to drive down the cost of ads on some of these
platforms, because they're not going to be able to target as
closely as they could be for all right.
[01:07:20] really we're everywhere. All you have to do is you can
find the podcast. You can go to tune-in dot com and of course you
can just ask your Amazon Alexa, Alexa, play. W G a N and off she'll
go, there are so many articles to talk about this week.
[01:07:36] You will find all of them in my newsletter. And what I
typically do in the newsletter is not only do I go through hundreds
of articles and put together a collection of what I think are the
most important ones, the best ones for you guys to be able to
follow. But I also send you right to the person's website that put
the article out.
[01:08:00] So they get a little bit of credit. Maybe they get a
little bit of advertising revenue, that revenue we talked about in
the last segment today. But I think that's the way it only fair to
everybody involved. Although obviously I'm adding a lot of my own
commentary. So if you want to hear what I had to say about it,
Subscribe to my podcast.
[01:08:24] Just go to Craig peterson.com/podcast. You can listen to
them there, or if you are a podcast listener, I'd really appreciate
a comment. Hopefully I've earned five stars from you. Just go to
Craig peterson.com/itunes, and we will. At that point be able to
track it a little bit subscribing to the podcast really helps
us.
[01:08:49] And that's how some of these podcasts are measured and
I'm doing this all without any commercial content. On the podcast
that I do, obviously here, there's some great companies that are
supporting us and trying to get this message out. And I appreciate
them for advertising, but on the podcast has used subscribing that
really helps Peloton.
[01:09:12] You do remember Christmas, was it last year or the year
before Peloton running these ads and this guy was going to buy this
exercise bike from Peloton for his wife. And it seemed like a great
Christmas gift for her. She seemed to be very excited about it. And
then all of these snowflakes started saying, Oh, that's just
terrible.
[01:09:35] I like it. Was you doing saying she's fat. What's going
on? Obviously she wanted one of these Peloton bikes cause they are
amazing. Peloton has done just a great job in tying it into
internet training, and you've got a coach, and you've got some
really good hardware. The only in the form of the bike and Peloton
has some other things as well.
[01:09:57] So they really got nailed over that one and I think a
little bit unfairly. And then we also had here within the last
week, two weeks. Recall by Peloton on two treadmill models. And
this was following the death of a six-year old child who was pulled
under one of these treadmills is a terrible, I know I've gotten
caught up in them before as well.
[01:10:24] And the consumer product safety commission said that the
recall decision took some intense negotiation. Because they're,
Peloton, they didn't want to get nailed for something and it wasn't
really their fault. But the CEO of Peloton did admit that there was
a mistake here, but this is just, it's a terrible thing to think
of.
[01:10:48] In addition to this death, apparently Peloton received
at least 72 other reports, according to ARS, Technica of adults,
children, pets, and or objects getting dragged under. The tread
plus treadmill 29 children suffered injuries. Second and third
degree abrasions, broken bones, lacerations pretty bad all the way
around, you've got moving.
[01:11:13] Parts stuff can happen. I don't know. It's do we really
need a label on our lawnmower telling us not to use it, to cut our
hair? It's bad. It's terrible in any of these things happen. Oh my
gosh. I'm not going to read the details here, but this poor little
boy's three-year-old son.
[01:11:32] No, I'm the parent involved. I'm sure he felt feels this
terrible. So there you go. That's problem. Number one, Peloton had
and within the last week obviously a major problem considering what
happened, but also. Piling on to what happened at Christmas, with
all of the snowflakes complaining.
[01:11:54]It's now come to light the Peloton exposed sensitive user
data and continued to expose it even after it knew about the leak.
So it's no wonder Peloton stock price closed down 15% on Wednesday.
Now I've got to add to that, that because of the lockdown, starting
to go away. A lot, fewer people I think are going to be exercising
indoor on their Peloton, but it's still going to happen.
[01:12:23] They've got a lot of stationary bikes got a lot of
treadmills, but 3 million members, according to their stockholder
report and the data exposed include the user IDs, instructor, IDs,
group memberships workout stats, their sex and their age, their
weight. If they're in a studio or not There's apparently another
piece of personal data exposed that the Peloton still hasn't
secured.
[01:12:50] And so ours check Nicola where this article was
published, said, we're not going to tell you about it because it's
still being exposed. It's pretty bad. Apparently again, this is
just bad programming. It's the API APIs, these application
programming interfaces that are used by programmers.
[01:13:09] That are used to connect to cloud services, et cetera
required no authentication before providing the information. I was
reading an article this week, too. On an API might've actually been
theirs, but again, no authentication says, okay, we'll lock it
down. We're going to lock it down. So how do they lock it down?
[01:13:30]They put a username and password on it. Okay. That sounds
reasonable. But if you had a username and password, you could
access. Any personal information on any API call? I didn't just
restrict it to yours. Oh my gosh. Yeah. Totally barked fixed. In
fact that it looks like it was Peloton who botched that fix.
[01:13:53] Okay. Move onto the next one. We've got a lot of stuff
here I RRS is, has been for a long time. Warning people. Hey,
listen. If you have an asset. And you sell that asset. You have to
pay taxes, and we've got President Biden now saying, Hey, if you
invest in a company and you lose money, it's too bad, so sad. But
if you make money, now you've got to pay taxes on it.
[01:14:19] And they're saying the same thing about, of course,
Bitcoin investments and not just Bitcoin, any cryptocurrency
trades. Now they have the IRS been granted permission by federal
court in the Northern District of California to issue a John DOE
summons. And what they have done is they've sent us summons off to
this company called cracking and cracking is a us facing arm of
something called pay word ventures, according to ZD Net.
[01:14:56] And what they've said is they want information on any us
taxpayers who conducted at least $20,000 or the equivalent in
cryptocurrency trades between 2016 and 20. 20 now they're not
alleging that there's any wrongdoing. Cause we know every last
person that did a cryptocurrency trade and made money on it, paid
the taxes.
[01:15:22] And we already know president Biden is planning on
increasing those taxes to over 30% right now. Say lovey. What are
you going to do? According to the IRS convertible cryptocurrency.
In other words, cur cryptocurrency that you can trade for Fiat
currency, your affirms, your dollars such as Bitcoin may have tax
liabilities.
[01:15:46] All in fact it does. So keep that in mind, everybody.
That you sell these things, you owe money on them, just like if you
sold anything else, frankly. So apples, I mentioned the last
segment here, but Apple's new iPhone, anti-tracking feature. It is
being called devastating for Facebook. And I agree with that.
[01:16:11] Absolutely agree with it. And this is from bgr.com.
They've got a lot of great technical stuff up there. But Apple
rolled out this new iOS update, and it's forcing developers to ask
for consent before tracking users across your Apple apps, which I
think is really great. But what's interesting is that Facebook is
looking at a devastating loss in revenue.
[01:16:41] Lisa asked her, they're saying at this point, both
Facebook and Instagram have come out and said that they might no
longer be free. And if you block the tracking there, he might start
charging you. So we'll see what happens obviously. Facebook and
Instagram can still track you within their application.
[01:17:03] Although they're supposed to tell you what they're doing
with your data, and if you go into the Apple app store and you pull
up, for instance, the Facebook app, it will tell you right there in
the app store, you scroll down a little bit. To the privacy
section. It'll tell you what it is Facebook is doing with your data
right now, that self reported, but we'll see what ends up
happening.
[01:17:29] I'm looking at these opt-out rates cyst. It's crazy.
There's a whole bunch of graphs here showing how people just don't
want to be tracked. So it makes a whole lot of sense, frankly, a
whole lot of sense. Let's see. And. Our last one here is really, I
think the bottom line fought for the day. Ransomware is up
dramatically.
[01:17:54] We've seen triple the amount of hacks ransomware hacks
in the last year we have seen. Doubling of ransomware payments, the
average business that gets ransomware, it takes them on average
about nine months to get back to normal nine months. So I really
want you guys to spend a couple of minutes. If you want me to send
you, I'll be glad to a checklist of what you can do.
[01:18:27] For a self, some self audited here, cybersecurity
assessment. I'd be glad to do that. I can send it to you. If you
want to have one done by a third party, by all means, do it and
then follow the instructions. That's something that we do as well.
But I can send all of this to you. Just email me@craigpeterson.com
please do it.
[01:18:50] An individual or a business. This is going to help you
out so much. Just me, CraigPeterson.com. I got all kinds of free
stuff. That's going to help you out.
[01:19:00]