Preview Mode Links will not work in preview mode

Thanks for joining us! Let me know if there are any topics you'd like us to cover by sending an email to me at craigpeterson . com!

  1. All Episodes
  2. Microsoft is to blame for these hacks as much as the Russians and China

Microsoft is to blame for these hacks as much as the Russians and China

Jun 2, 2021

[As heard on WGAN 2021-06-02-wgan. The following is an automated transcript.]

Craig Peterson: [00:00:00] Good morning, everybody. Craig Peterson here. Thanks for joining me this morning. I was talking more about this Commonwealth of independent states. In case you're not aware of it, these are the countries that were part of the Soviet Union. Now not all of them are in it, but the majority of them are. And why are the hackers going out of their way to avoid hacking?

[00:00:25] It might be a red herring, frankly, but it also might be because there could be some severe penalties for them and how you can use that in order to help save you from getting hacked. So all of that here this morning, as well as a little bit more about the meatpacking plant that had to close down here throughout.

[00:00:49] North America. So here we go with Mr. Matt, Gagnan

[00:00:54] Matt Gagnon: [00:00:54] 7:36 on WGAN morning news. A good time to talk to Craig Peterson, our tech guru, who joins us at this time every Wednesday. Of course, you also hear him on Saturdays at one. When he talks about all these topics and more in more depth, Craig, how are you this morning?

[00:01:12] Craig Peterson: [00:01:12] Oh, WGAN is always a good time. Not just when I'm on, I'd do a little something extra,

[00:01:17] Matt Gagnon: [00:01:17] a little something extra. Thanks so much for joining us here. Of course, for that little something extra right now, Craig Peterson, I do have to ask you first about. Meat hacking. I've been plugging it all morning here.

[00:01:30] Obviously, we had the oil pipeline hack. Now we have beef plants forced to shut down because of a cyber attack here. So these cyber attacks are happening with increased frequency. And are a problem. Tell me, sir, what's happening here and what it means for us?

[00:01:45]Craig Peterson: [00:01:45] We have a whole crew of people internationally.

[00:01:49] Some are in Russia, some are in China. Of course, we've talked about North Korea and others before who are trying to make money. And the way they can make money is by going after targets that are particularly rich that have the money to pay the ransom. And that's why they're going after these guys. It's like Sutton. Why did he Rob banks, supposedly? Because that's where the money was. And in this case, that's really what they're doing, Matt.

[00:02:20] Matt Gagnon: [00:02:20] It certainly is where the money is, and they're happening with, it seems like greater frequency or at the very least greater visibility because they're going after big stuff here.

[00:02:28]Do you expect this to continue? I know that there's been some talk hereafter the pipeline attack that we're going to reinforce our infrastructure and make sure things like this don't happen again. Any truth to that.

[00:02:37]Craig Peterson: [00:02:37] Yeah, there is there, there's a number of things that are going on right now to try and tighten things up.

[00:02:43] But I've got to say this JBS, which is the company that was attacked here, this meatpacking company, that basically a quarter of all of our beef and a fifth of all of our poultry is packed to there. They responded pretty darn well. They didn't, obviously, keep the hackers out, but nothing is a hundred percent.

[00:03:05] They immediately did something thing that solar winds took a not soldier cringe, but were a colonial pipeline, took a little bit longer to do. And that is, they shutting me down very quickly. Yeah. They started to look, see what was going on. They immediately brought in a team of people. This is what they do.

[00:03:25] They help bring companies back from a ransomware attack. They brought in a lot of people, so they could start restoring all of the systems. It looks like from backups and then starts turning things back on one at a time. I imagine they'll tighten up some of their security operations, which we. All need to do, which goes right into your question of are we going to do more?

[00:03:49] Is there more we can do? And the answer to that is absolute. Yes. Every one of us, that most of the time the bad guys are using what is called zero-day attacks initially, which means there is a vulnerability in something very often in Microsoft windows or in a firewall. And the bad guys know about it, but it hasn't been patched yet.

[00:04:15] But I got to tell ya that is only really used against these very big operators where there's a whole lot of money involved. Most of the time, we're getting hacked. Because we haven't patched. Now I know how painful it could be the patch. Okay. Especially when we're talking about Microsoft, you can apply their patches and then brick to your machine.

[00:04:38] In other words, turn your machine into something that's almost useless, and it's going to take you days to recover. So people are weighing that back and forth. Is it worth, potentially knocking myself off the air for a day or two or three? Because the patch was bad from Microsoft or from another vendor, or should I do the patch and take the risk of it not working very well or may be causing harm and then going further, I blame Microsoft budget.

[00:05:09] You blame

[00:05:09] Matt Gagnon: [00:05:09] Microsoft for a lot of things.

[00:05:11] Craig Peterson: [00:05:11] Greg terrible company. They really are. They're the things they've done to the industry, but the reason I'm blaming Microsoft here is, are you kidding me? They're sitting on billions of dollars in cash, and they released patches for their buggy software. Okay. I get that.

[00:05:27] Everybody releases patches, and the patches break systems. So people don't trust it anymore. So that's how I'm looking at it. Here. I read an article this morning from the New York times, and they were looking at this hack from a again, probably, maybe Russia, maybe China. And they're quoting, they're saying.

[00:05:50] President Biden says it's from Russia reading between the lines. Microsoft said their hack, which was the major part of the whole SolarWind attack was actually from China and the Biden administration went quiet on this, but it's hard to say we know Russia has been hacking a lot. We know China's been hacking a lot of little China's more behind the scenes.

[00:06:12] We don't really know where they come from, but Matt, we can do something about it. Keep your software up to date. If you can, don't use windows and switch over to a Mac, their patches work, and they have for years and be more security conscious. So

[00:06:30] Matt Gagnon: [00:06:30] speaking of Russian hackers, Craig, I do have to ask you whether or not there is something we can do a one weird trick, if you will.

[00:06:37] One of those eternal click baity items area, right? If there is one weird trick to stop these Russian hackers right there, out there, how do you do it?

[00:06:46] Craig Peterson: [00:06:46] This is the coolest thing ever. It's absolutely true. This comes from Brian Krebs and a few other people out there right now. There is something you can do right now.

[00:06:56] It only take you 10 minutes, maybe 15, and we're here. Here's what it is. We know that the Russian hackers are not. Attacking former Soviet territories. And the reason from that it, for that is if they are hacking from Russian territory and they hack a Russian company or another one of these companies that are part of the Commonwealth of independent state, which is again the former Soviet union for the most part if they hack a Russian company, they, and they get caught, they get to go to a Russian prison, which doesn't sound like much fun to me.

[00:07:35] And so what they've done is they've built into almost all of this soft, where a kill switch. We're talking about ransomware software, hacker software. If you install a virtual. Russian keyboard on your computer, just like a, you may have a Spanish keyboard or a French keyboard on your computer, install, a Russian or one of a few other languages keyboard on your computer.

[00:08:01] You don't have to use it. You don't have to type in rush and you don't have to learn Cyrillic. None of that when the software starts to run in your computer, almost all of it. The first thing it does is says, is there a Russian keyboard? And if the answer's yes, it's short circuits at shelf, and this is what we're thinking.

[00:08:21] And I think this is right. This is the way the Russian hackers are avoiding attacking Russian or Russian Commonwealth states is Commonwealth of independent states. It's a way they're stopping the inadvertent hack of a nation of a company that might end them up in Siberia because they still do have some fun stuff going on up there.

[00:08:43]Matt Gagnon: [00:08:43] Greg Peterson, our tech guru joins us at this time every week to go over the world of technology. Thanks Greg, as always good luck on Saturday. And we'll talk to you next week, sir. Hey, you're

[00:08:52] Craig Peterson: [00:08:52] welcome. And I'm going to put instructions on how to do this in this week's newsletter. So make sure you're signed up@craigpeterson.com and we'll talk a little bit more about it as well on Saturday.