Feb 28, 2020
We are going to hit a number of topics today from the world of Technology and I have a special guest today who will discuss a subject close that I feel is important for my listeners as well. We are going to talk about some of the dangers of using the cloud and why you need to be careful. Passphrases beat Passwords, Malware on Macs, Ransomware, Cloud Liability and How Big Tech is taking advantage of our kids.
For more tech tips, news, and updates visit - CraigPeterson.com
Automated Machine Generated Transcript:
Hey, good morning, everybody, Craig Peterson here. I am not doing the Facebook Live this week. If you watched it last week, I'd love to know what you think. Of course, it's something I am more than glad to do. We're busy, so I don't want to do something that people aren't going to like. We're thinking about trying to do something a little bit different, where we go ahead and instead of just the radio show when we do these Lives. We're going to use those for deep dive so you can ask questions and all of that sort of stuff. I think that's going to work out pretty darn well. We'll see how that goes. We're, you know, we're just trying a few different things here as time goes on. Hey, I got a great interview coming up with a friend of mine. He has been sugar-free now for years, you know, is a tech show right then, and there's no particular tech behind this. You know, if you listen to me for a while that I have had a weight problem, okay. Ever since I was a kid, I had a belly on me. The bottom of my rib cage there in the center kind of points out as I get a ski jump from my belly over the years. I've had this constant battle with my weight, and I lost 80 pounds, I put 40 back on throughout about 15, almost 20 years. I guess that's not too bad. Now I've taken it off again. I've talked about what I did to do that. I want you to hear what Barry has to say. I invited him on. He's an incredible guy and done so many interesting things over his life. He has a book out there, and he had a membership site. He was helping people for a while to get rid of their sugar addictions, but he's going to give us some tips and tricks and some points as well coming up a little bit later on today. I want to discuss a fair amount today about "The Cloud" because so many people think it's a panacea. They think by using the cloud somehow relieves them from the regulatory liability of these regulations that are out there and some of the things that you're supposed to comply with, right? In some cases, if you are a subcontractor selling stuff to a military contractor, there's now a ten-year prison sentence plus all of these fines and things that can nail you. So people are thinking, well, we'll just move to the cloud, right? It's going to make it easier. It's going to make it cheaper. And you know, the first pass on those numbers might be the case it might be cheaper. But what I have found in doing a little bit more digging is that many companies are now abandoning the cloud. And when I found they were abandoning the cloud, that's when I started getting interested trying to figure out why what's going on here. Here. And so I dug into it, and I'm going to share that with you today. I think that's an essential thing for businesses. I've got a new report out from the FBI this week that's backing me up from five years ago. I think that's kind of cool. So we'll talk about what the FBI is warning and telling us to do. From our security standpoint. We're going to also talk about some of the intricacies of cloud security. Still, Mac malware on Max, this is kind of interesting, isn't it because we all been kind of conditioned to think the Macs are malware-free, due to their secure design. They use software designed in the university environment for networking, unlike windows. You know, so when you think about the Mac and you think that you are completely free of malware, that is not the case. We'll talk about what kinds of malware you are likely to be exposed to that could kind of nail you. We're going to talk about business ransomware, you do not hear much about it, because you know, there was such a big deal a year to two years ago, but it is on the rise again. So we'll talk about that and how that's affecting business. We're also going to talk about the fact that if you are in business, face it, and you're a tech business. There are no two ways about it, right? As a business person, now you have to use technology. So how do you do it? How do you take care of your security and your technology, when the Calvary is incoming, they're not there? You're just like every other business out there. That means you have to develop some technical prowess and expertise. You have to be also the guys that take care of your security. Maybe you'll bring in professional services firms to help you out. Companies like mine can come in and design your network or redesign your network. Or maybe have accountants come in and look over your bookkeeping. Maybe help to improve some efficiencies in the business. Maybe you bring a legal team in to make sure that you're not going to get nailed by some of these regulations out there. The bottom line is that we are all tech businesses in this day and age. That's something that I don't think most people consider. We'll get into that a little bit later on today. We're also going to be talking about big tech, taking advantage of our kids some new lawsuits filed under the children's online privacy protection act or COPPA, against some of the biggest companies out there in the online world. These are all big deals, I think. That's what we're going to be talking about today. If you want to two, you can get all of these different segments from my weekly radio shows my appearances on TV and radio at my website at Craig Peterson dot com, and you can listen to them individually. You can also subscribe to the podcast. What we've been doing with the radio show since the whole radio show from soup to nuts is an hour and a half long every week is to put it out as one long show. Thanks to a suggestion from a few listeners and one guy that kind of pushed me over the edge in making it that way. If you subscribe to the podcast on any of the major podcasting services, you are going to get a one hour and a half, a 90-minute podcast that covers all the latest news of the week. I appreciate everybody that's doing that. Of course, our numbers have gone down a little bit in the podcast downloads because there are fewer downloads instead of the show being a different podcast is now one podcast, but I think it is better. There was an event that was held by the FBI infragard program in New Hampshire here last week. I didn't go as I was just tied up. They hold it the morning, every couple of months, and most of the time, I just can't go. But the event was called "The Calvary is not coming." They weren't talking about Covid-19 The coronavirus. They were talking about our infrastructure, our businesses when we get attacked. I work with the FBI on cases and help them understand what's going on with attacks against our customers like when Iran or China, Russia, or even others are trying to attack our customers by doing some nasty stuff with our customers, right? Our customer's data that we just don't want to have happened. We just didn't want that information to get out. While preparing these tutorials, the pop-up-trainings, and coursework, it brought to mind this idea of the Calvary, and whether or not they're coming. You and I, we are the people who are responsible for the security in the businesses we work in, right? And that can end up meaning that it's all on our shoulders. So this whole Calvary thing got me to thinking that I think there's a great analogy here. We are the Calvary, I'm the Calvary, and that is the director Action I've been going anyways, not with that specific wording, that particular name, okay. But that's the direction I've always been going. But now I think I'm going to get way more specific about that. Because you are the Calvary, you are the people that your family goes to when there's a problem. You are the people who are relied on by the business owner. Maybe you are the business owner, and the buck stops with you when it comes to technology when it comes to security when it comes to making everything work, right. That's the way it is with me, right? I'm the business owner, and yet the tech buck, the security buck stops with me. And so that's the approach I'm going to be taking here. We are the Calvary. I am the Calvary. You are the Calvary every one of you, right? You listen to this tech show to understand technology a little bit better because you're the person that others go to who is going to answer their questions. Who's going to fix their problems. I think it's great, but I also feel a huge responsibility to help you with that. I kind of woke up in more than one time over the last few months with nightmares, that's the wrong word, but how do I help you? How do I help you guys best? What are the things you need to know that is going to be easy? It is a question that we need to work on need to understand. We need to make work for us and our families, our business families as well as our families. That's my theme. I have already got five tutorials in the can where I'm doing screenshots, and I am showing you what to do while you're watching my desktop as I am doing things. I'm installing an extension, or I'm locking down a Windows computer, or I'm configuring a firewall. I am doing all of these things you have to do for everybody or that you have to understand. That's where we're going. I am committed to this. I think I have a message that that works that people can understand, right? The Calvary isn't coming. You are the Calvary. We are the Calvary, each one of us, and that's what we will be covering. So keep an eye on that. Make sure you're on my email list because these tutorials, although free, you can only get them if you subscribe. Craig Peterson dot com is where you're going to find it online. Craig Peterson dot com. Make sure you also use subscribe to the podcast, I'd appreciate it if you enjoy these. A subscription always helps us out and helps get the word out even further. We'll be right back listening to Craig Peterson on WGAN and, of course, online at Craig Peterson dot com.
Hi guys, welcome back. Craig Peterson here on WGAN. In online, of course, Craig Peterson dot com. We're going to talk about the cloud and what stuff you need to worry about and what you don't. I was at my chiropractor's just this week and talking with him, and he has moved his practice in with another chiropractor. It's a little bit bigger, they've got massage therapists, and now there are four chiropractors in practice there. He was asking because he was concerned, they have a system there that is cloud-based, and you know, time was they would have a server there in the office, maybe in the basement, and they would have their little firewall, they try and keep things safe. Now that it's out in the cloud, their worried. We're going to be getting into that in a few minutes. And then also coming up here at the top of the hour. I've got my friend Barry who's going to be joining us, and we're going to be discussing sugar, which is, yeah, I guess there's kind of a tech angle to the sugar side, right? Like the high fructose corn syrup and the problems coming from that, of course, we're not going to talk about that part of it, but what he's done and the book he has as well as what you can do. First off, let's talk about our first cloud topic of the day. And this is about businesses in danger, and how they're in danger now from the cloud. The cloud, as I mentioned in the last segment, is not a panacea; it does not relieve you of any responsibility for the data that is in the cloud. So, for instance, if you have patient data, if you have data that is privileged or personally identifiable, putting it into a cloud vendor's hand does not relieve you of that responsibility. If you want to check it out with most of the major vendors out there like Google, for instance, you can find their statements online of what it is that they will accept responsibility for, which is nothing. And that's particularly true if you're not using the business type services. For instance, with Office 365, if you are using their email service, for example, and you're on their lower tier of the platform, you're not going to get security. You're not going to get the ability to block some of the most malicious types of emails that might be coming in. It's not backed up. They are not going to have some of the multi-factor-authentication that you really should have tied in with things, maybe like DUO or others, alright. Just because there is a cloud-service does not mean it's safe. Just because a company like Microsoft with its Office 365 does have some pretty darn secure services. Don't assume that the lower end service is they have are going to be safe for you either. And there's a great article I have up on my website right now. And it's from Health Net security. And it's talking about this subject and saying that 44% of malicious threats are cloud-enabled nowadays. Think about that. It's huge. Time was when the risks were what viruses and we know anti-virus software now is pretty much good for nothing, right? Because the anti-virus software is not going to protect you from modern threats. But that's what it was. It was all this virus stuff that might spread and worms that might cover the basics. But now we're seeing that cybercriminals are using the cloud because it's been an effective method for them to hide their attacks. Because the cloud vendor again, it's you know, friendly. Glee, this is you know, saying, you see a lot, aren't I? Frankly, when you get right down to it, if you are in a big cloud vendor like Microsoft or Google or an Amazon. Or even some of these smaller guys that are still pretty big, you're not even noticeable. Would they notice if you moved to another cloud provider? You will not change their bottom line or their top line. You're not even a rounding error. How much do you think that they care about you individually? What can you do when you get hacked, and you're in the cloud? What can you do when their cloud network goes down? What can you do when their software isn't working when a rollout of their latest release doesn't work? Or maybe it just doesn't work for you and 10,000 other people, which is nothing, right? Because Yeah, well, we got millions of subscribers 10,000 Some people Yeah, well, we'll get right on that for you, sir. Right, because you're not even in the 1%.
Lots of problems here. And when we're talking about the security
side, yeah, in some ways, it's going to be more secure. But in many
ways, it's not. Here's a quote here from a threat company that they
do a lot of research is called net scope and scale P. and Ray can
Aziz is the threat research director over there. And he's saying,
and we are seeing increasingly complex thread techniques being used
across cloud applications, spanning from Cloud phishing and malware
delivery, to cloud absolute control and ultimately, cloud data
exfiltration. Of course, data exfiltration is where the bad guys
are stealing your bank account information, stealing nutritional
property, stealing your customer's information, etc. Or research
Research shows the sophistication and scale of the cloud-enabled
Kill Chain to increase, requiring security defenses that understand
thousands of cloud apps to keep pace with attackers and block cloud
threats. For these reasons, any enterprise using the cloud needs to
modernize and extend its security architecture. In other words,
what he's saying is any business because we know when he's an
enterprise, I want to bring up a critical point. I was doing some
work and doing some training with a bunch of accountants in
Ireland. The largest group of accountants in Ireland, and I was
explaining some of the security problems that we see here and
around the world and that they see there, and they started talking
about enterprises. Now I note in enterprises, right, and enterprise
is big business. You think of enterprises here in the United
States, and you're thinking about you know, the multi-billion
dollar profit that some of these vast enterprises get. An
enterprise means any business, right? It's an enterprise for a kid
to set up a lemonade stand at the side of the road and sell
lemonade to passers-by. That's an enterprise. So they're saying
here, and I agree that every business, no matter how small, needs
to understand the threat and understand that cloud apps aren't the
answer and you have to take care of it yourself.
The Calvary isn't coming. Your end Nat not even in that you're not a rounding error when it comes to the amount of money these companies made and make every year. So you have to be your own Calvary. Now, when we're stuck talking about businesses here, they're saying that 89% of companies are In the cloud Now, that doesn't mean they're hundred percent in the cloud, it just means you're using the cloud service. I bet you when you got right down to it, that those numbers are probably really 100%. People are using some of the services that maybe you shouldn't be using, right. They're using Google Docs and Sheets and all of those types of things. I use Grammarly all of the time, and some of those things can leak data. So we're trying to be careful not to use some of the cloud services when it comes to more confidential data. But really, it's 100%.
Think about everything you're doing, all of the collaboration tools, and people are using Slack, which is not secure. And they're using that to share information within the team. You know, it's a great productivity application, sweb mail apps, those are probably the most popular and used today, people using Gmail or I mentioned office 365. I have a friend who still uses Yahoo, who knew that they were still in business doing email, right? There, the average company is using 142 different cloud applications. And I'm what I'm just trying to do here. Now, I'm not trying to scare you away from using the cloud. It isn't just a scare tactic. I'm not trying to sell you a listen. You need to have multiple layers, and you have to buy them for me, right? What I want you to do here, my whole goal of talking about this today is to get you to pay attention to what you're doing, and the data that you have up there. We're going to talk about this more when we get back. We'll finish this up. We're talking about the new FBI, released this week, what they're saying about security and what you can do to help. So stick around. You're listening to Craig Peterson on WGAN. We'll be right back.
Hey, welcome back, everybody, Craig Peterson here, WGAN online
at Craig Peterson dot com. We're going to talk here about the FBI
his latest recommendation from their press release this week. We've
got more coming up about cloud security. Ransomware is on the rise
again, what type is it? What's it doing? And at the top of the
hour, I've got Barry Friedman joining us. We're going to talk about
and the impact of sugar. Now, this isn't an entirely tech-related topic, but I know you're going to appreciate this. He is a great guy. He's got an excellent little book out. It's been up for quite a few years now. It is this concept that he has about sugar and what to do with it, and about it has helped to change my life. I figured I would share it with you. It's one of the things I find essential. Let's finish up our first cloud topic of the day because I want you guys to think about your use of the cloud. When you get into the larger businesses, it's looking like the average of these Fortune 500 companies. The real big ones, but not like the, you know, absolutely massive ones. Those guys are using over 2400 distinct cloud services and apps. Think about what you're using what you're doing. And let's help you think about it for a minute here. Here's a top of five cloud app categories. Which of these are you using Cloud Storage? So we're thinking about things like Dropbox here or box, we're thinking about things like Google Drive, which again, all of these guys Microsoft has one drive, all of them have tiers that are safe. However, most people are not buying their secure tier. So keep that in mind. Next, collaboration tools, which collaboration tools are you using? Right? I am talking about Slack here, and about the Microsoft Teams program. And there are many other types of collaboration as well. We use some for putting together diagrams to use some for some of our graphics arts. We use some cloud apps for grabbing videos and doing some video production. Webmail, what are you using for webmail? Consumer stuff? What do you do? Are you going on to amazon.com to order things? How about some of these other sites, social media, many of us my business included, we have social media accounts that we use to keep in touch with our prospects and with our clients. Which are these are you using Google Drive, YouTube, office 365. Hopefully, you're at least using one of the business versions of office 365. How about Facebook? How about Google? Gmail, Microsoft Office SharePoint, that's a pretty common one. Outlook. How about Twitter, Amazon services like s3 or Amazon Web Services. It was the list goes on and on. LinkedIn, many of them are using them. When and when we're talking about 44% of the threats being cloud-based. It gets to be a big deal. The five top targeted cloud apps are Microsoft Office 365. Now we're seeing this right now with one of our clients who is using Office 365. Now we have them on one of the enterprise levels that they need. They have multiple times a day people trying to break into their Microsoft Office 365 for business accounts from Iran. Now numerous times a day, but also from China and Russia. The next top one box. Very good. Again, outstanding software, but you have to have the right kind. And make sure you're using at least two-factor authentication with some sort of a random one-time password (OTP) type generator. Google Drive Microsoft as your GitHub. Man, it goes on and on lots of great information here. I'm not planning on doing a full course on the cloud anytime soon. But we are going to talk about it more a little bit today coming up later on. But I want to get to this FBI thing right now. About five years ago, there was some academic research that was published, and I remember reading it back then I was really, really into it came out of Cornell, and they looked at the strength of passwords. And we went into the whole history of behind passwords how they started I remember the very first passwords, you know, we remember using systems didn't have passwords. But it has evolved to the point today where these recommendations that came out five years ago are starting to take root with people.
There have been so many discussions, so many arguments, if you
will, about what should or should not happen when it comes to
security. Some are arguing that we need more complexity in our
passwords. Many businesses require you to have uppercase lowercase
digits, special characters in the password used to be used to have
control characters and your passwords. I haven't seen that
requirement in a long time. It was back in the days of terminals.
Others say, Hey, listen, all you need to do is make your passwords
longer. Because part of the problem we have with passwords is the
more Like some password, the more likely somebody is going to write
it down. And if they write it down, the cleaning crew or somebody
else is going to come across it, right? That's a bit of a problem.
Well, the FBI is Portland office this week, came out on the side of
longer passwords and not this whole complexity mess. So in the FBI
statement, they said, quote, instead of using the short, complex
password, it's hard to remember, consider using a longer
passphrase. It involves combining multiple words into a long string
of at least 15 characters. The extra length of the password makes
it harder to crack while also making it easier for you to remember.
It falls right in line with the research out of Cornell. It is what
I've been recommending for a long time. You're best off using some
sort of a phrase such as a four-word phrase for a password.
Remember, I use password managers, and you should be. You should be
using one password or using Lastpass to make sure that you are safe
right. So using one of those have it choose the words for you
randomly. Both of them have the ability to generate passwords.
Occasionally I will use these very complex ones with upper
lowercase special characters and numbers. But I only do that when
the site requires you to do that. Okay. But this is a very, very
big deal. And you might have seen stuff about this before there is
a famous now-infamous XKCD webcomic that is online, I should say.
It is kind of cool. A lot of sarcasm, math, and language, but it's
looking at password strength and through 20 years of effort and
said We've successfully trained everyone to use passwords that are
hard for humans to remember, but easy for computers to guess. And
that is the problem, the harder it is for the computer to guess.
The longer it'll take to break-in to, and the less likely they can
get into your account, right? So they break it down, look for
common substitutions, look at the order numerals punctuations and
basically, they come out and say, Hey, listen for your average
password, using troubadour ampersand three as the example. That's
1-234-567-8910 11 characters, which is a pretty good length, right?
Most sites only require eight characters. That breaks down to 28
bits of entropy. That's two to the 28th power, and at 1000 guesses
a second, it would take a computer above three days to break that
You know, possible attack if it's a weak remote web service, it can be a lot faster, there are hash tables that are news. Those hash tables make it so that the bad guys can crack a password in just minutes. When you start using these big ones, and the example is like course, correct battery staple, that's 44 bits, takes 550 years to guess versus three days. Think about that for a few minutes. I think it's vital that we use these passphrases from once again, I agree with the FBI on this one. All right, when we come back, we have one more segment before we get into our little sugar interview. And we're going to talk a bit of malware on Mac. So stick around. We'll be right back.
Hey, welcome back, everybody. Craig Peterson here on WGAN and online, Craig Peterson dot com. We're going to talk right now about malware on max. Right, our max hack-proof is not kind of the bottom line. But we're going to talk about that we also have more coming up on some of the cloud risks and things you can do, where you should keep an eye out when it comes to the cloud services that you're using. And I want you to think about what services you're using. And we did talk about that a little bit earlier. Okay, so let's get into the max right now. When we get back to the top of the hour, we're going to be joined by my good friend. We're going to be talking a little about what's going on when it comes to sugar, guys, so he's coming up here in about what 1015 minutes, so make sure you stick around you're going to enjoy it. He has a book out there by You'll find it over on Amazon almost anywhere online. And I think you'll get a lot out of it. It's called I love me more than sugar, the why and how of 30 days sugar-free. So it's, it's absolutely a great idea and is something must pay attention to, we have such an obesity epidemic in addition to all the illnesses, so many of them traced back to that one ingredient. Why and how and what's going on. All of that is coming up with my friend Barry Friedman coming up at the top of the hour. So our Macs you know if you've watched me for a while that I am a huge Apple fan, right? And I'm a big Apple fan mainly because when Apple first came out with iOS 10, not iOS but with a Mac os 10. They had switched from using what was a complete and total toy operating system to a real one using Unix and a refined version of Unix. They ended up having a mock OS underneath it. I had worked on both platforms before helping to develop the kernels in both of those, so I thought, well, this is great, maybe now's the time because I was frustrated, right. I had been using Unix for years. I had, at that point, used Linux as well. And so many of the apps that I wanted to use just weren't available for Linux or any version of Unix. That was a big BSD guy. He still used BSD for some of the things we're doing. I just said, this Is it, right? Because you could drop into a terminal, you had a real terminal, a real operating system sitting under underneath you. And I thought that was pretty darn cool. And I have stuck with Max ever since. But Macs are not foolproof. They do come under attack. Apple has tightened things up. If you've got Catalina, which is the latest release of the Mac operating system, you know that some of the old apps that you might have had no longer work on Catalina, because Apple now has put some requirements in place. The biggest one is, you guys need to be 64 bits instead of 32 bits. That makes the operating system writing a little bit easier because you no longer have to handle two sets of libraries and worry about linking the man or the addressing space for the application. After all, you want to randomize it. And so now I'm going down a rat hole, you're getting kind of geeky, but that's one of the things the other big thing is now you might have noticed that Apple has a lot of controls in place about where an application can go on your Mac, what it has access to and will pop up and ask you about it. There is a lot more stuff coming up. In fact, in the next minor release of Catalina, there's going to be more restrictions in place. But even with all of those things, there are still some vulnerabilities, nothing like Windows. But Windows is getting better. But there are still some significant flaws in the way windows works with its file-sharing services, services turned on, even though it has a firewall. It's a crappy one, and that's part of what we're going to take care of with some of the courses and tutorials I am offering. You're going to be able to lock down any Windows or Mac computer all by yourself. You're going to be able to lock down your small business network, and I am teaching you how to do that, absolutely free. No upsells. Depending on how far you want to be able to lock it down, I will have some courses and things too. As I've said so many times, you're the Calvary the hackers are coming you have to be prepared. When we're talking about Macs, what must we pay attention to? Malwarebytes has some outstanding software that you can use on a Mac and also on Windows. It's one of the few pieces of software one of the packages that I recommend, frankly, but they've got a new report out, and they're saying that Mac malware is now growing faster than malware for Windows, for the first time. It is a quote right out of malware bytes. For the first time, Macs outpaced Windows PC in the number of threats detected per endpoint. I want you to remember, that is threats, not actual successful attacks. In total, we saw approximately 24 million Windows, adware detections, and 30 million Mac detections. We're talking about adware here. These aren't the viruses that have plagued windows forever. It isn't the ransomware that continues to plague windows and will for years to come. We're talking about adware detections. Frankly, what this boils down to so that you don't get too worried about it with your Mac. It is that most of the Mac malware is much more of a nuisance, and it is a real danger. Because Macs are generally not vulnerable to what we would normally classify as malware. They do have some pop-ups that can happen because of the browsers. That's why I've got my training coming up. You guys that are the frontline defenses in your homes and your families and your businesses, you are the Calvary. I've got some great Calvary training coming up for all of you. Keep an eye out for that here in a couple of weeks. But Macs are mostly only vulnerable to this so-called adware frankly and add whereas I said it's more of a nuisance than a danger. Here's something else that Malwarebytes acknowledges it says max differed drastically from windows in terms of the types of threats seen. Between us. It's because they design Macs drastically different than Windows machines. Mac's operating system is designed right. Back to Malwarebytes, where we found several different categories and families in our top detections and Windows threats that classify as traditional malware, especially those aimed at businesses. Most Mac threats and certainly the most common ones are families of adware and potentially unwanted wanted programs (PUPs). Among the top 10 Mac threats for consumers and businesses or it is a mix of these PUPs, these potentially unwanted programs, and adware. The PUPs are a variety of mostly cleaning apps termed as unwanted not just by Malwarebytes but by the Mac user community at large. Two of the best-known examples mean Mac keeper and Mac booth. And I had to add to that, that I have a good friend and he was in the insurance business for years, had his practice and they had several people working for him as he was handling insurance, and then he went into investment type stuff. And it was interesting to me that he fell for that whole pop thing multiple times. He just kept downloading and paying for Mac keeper, which just doesn't do anything, and is malware itself. It is adware. Mac boosters are the same sort of problem. Don't install those things. By the way, when it comes to a Mac, this is very crucial. You have to install the software yourself, right. So until last year, the two top Mac adware apps had detected installations. Number one Hundred of thousands in 2019. However, one new piece of adware was detected 30 million times. It's called New Tab. It appeared on the scene in December 2018. It's an adware family that attempts to redirect searches in the web browser to earn illicit affiliate revenue. I've talked about that before it clicks on ads using your browser. And it is usually delivered in the form of apps with embedded Safari, Safari extension Safari is Apple's number one browser, Apple's browser itself, right. So don't use a new tab. Most crucially of all, Mac malware is not a virus, and it can't spread by itself.
It isn't a worm that kind of crawls around. Mac OS does not allow unsigned apps to be installed without user permission at all. The mission these apps cannot spread from machine to machine. You have to fix them. No drive-by, right? None of that happens on a Mac. So the way Mac malware gets installed is by entirely new users like you and me into installing it ourselves. And when we're talking about these potentially unwanted programs, when I call it a scam, where, frankly, but these types of scams advertising junk apps, pretend they're doing something useful. And this is part of what chrome google just got rid of over 500 Chrome extensions because they were doing the same thing. They had scareware built into them. They weren't clicking on all kinds of ads out there to try and drive up revenues. Naive users like my buddy that get tricked into installing them and sometimes even paying for them, which is what he did with Mac keeper. Okay. And then they're hijacking your browser. It's just crazy. So protect yourself. It is simple. Only ever install apps from the Mac App Store or a trusted developer. Only install browser extensions that are recommended by me or by trustworthy sources, because they are not signed and not reviewed. You can always delete them, and you can always remove them, you know, and that's been my advice for people for a long time. Go through your inventory of apps, including on your iPhones, your iPads, etc. The thing that you see that you haven't used in a while delete them. I just went through earlier this week on my iPhone, I sat there and said, Okay, I haven't used that for a while, but I really could use it soon. No, I haven't used it for a while, and I deleted it, which is what I recommend everybody do here. Be very careful that great article from nine to five Mac by Ben Lovejoy that I was commenting on here this segment, and you'll find it online and, of course, at Craig Peterson dot com. And this is part of what I do if you are on my email list, you will get these emails. We have a high open-rate like 40% of you guys open these emails, and I think that's just phenomenal. It's a very, very high rate because they are so useful. So make sure you subscribe, Craig Peterson, calm, slash subscribe, get on my email list, and articles like this and others, including that FBI warning that just came out, will show up in your mailbox. Usually, Saturday morning depends on how far a week's been going. Stick around when we come back. I got my friend joining us, Barry Friedman. You're listening to Craig Peterson on w GAN online Craig Peterson dot com.
Hello, everybody, welcome back. Craig Peterson here on WGAN. A little earlier this week, I sat down and recorded an interview with a friend of mine. I've known him for quite a while now. His name is Barry Friedman. He's written a book that you'll find online. It is one of the Amazon number one bestsellers titled I love me, more than sugar. You know that I have been very conscious about my health, particularly recently, right? As I get a little bit older, you realize I'd better be healthy, or I'm going to have all kinds of problems.
I have been doing all sorts of diets over the years over the last 40 years. A lot, okay. I kind of stuck with the Atkins diet for a while lost quite a bit of weight. I also have tried a couple of other things. Over the last couple of years, year and a half, anyway, my wife and I have been doing Intermittent fasting. We found it to be just absolutely incredible for us. Now, Barry has a different way of approaching it that's been very successful for him and many other people. So I asked him if he'd sit down with us and talk a little bit about it, and he did. So here we go with the interview with Barry Friedman.
Again, check it out online, you'll find this book. It's called I love me more than sugar, the why and how of 30 days sugar-free. We're joined right now by Barry Friedman. He is an author. He has been quite busy over the years, even on Johnny Carson, back in the day. He is a gentleman that I know and appreciate. He's helped me out with a few things over the years. I want to talk a little bit about this book here. I love me more than sugar. What he has found. What he's doing. To help not just me out a little bit, but he's going to talk about sugar and how it impacts all
So let's get started. Barry, welcome.
Now there is a whole bunch of controversy out there right now, I've heard people say there are a million diet plans. If you do a Google search, you'll find one that'll work for you because they all work. You know, and it's varying degrees, right? And I've done this over the years, I lost 80 pounds doing the diet, which is really something and then I put about half of that on over the next 20 years. I've taken it off now by doing intermittent fasting and being a little more cautious about what I eat. Looking at all of these changes over the years, one of the significant changes I see right now, Barry, has to do with this food pyramid, which tells us we have to eat grains that were the basis of it. Why don't you tell us a little bit about why that is? What's the problem with the grains and sugars in them.
It is funny, you know, all that stuff. See, you would talk to a nutritionist and do well to dig into that, Craig. But what I can tell you is, you know, since childhood of our culture, our parents often use sugar as a reward, punishment, and bribe. It works its way into our lives so fast, so pervasively, and it's kind of a miracle. We eat a lot of wheat. We eat a lot of grains, and those turn into sugar. We eat a lot of sugar. We're up to about 150 to 180 pounds a year average for Americans. It's about eight pounds every three weeks. I know that because I used to go on TV talking about my book and a juggle an eight-pound bowling ball. I would hand that to the host and say, here's how much sugar an average person eats in three weeks, and they hit the table with it. Yeah, it's funny, you know, I think in 2020 or within this decade, we are going to unequivocably look at sugar the same way we now look at tobacco. It snuck in. Back in the old days, go back 150 years, rich people would eat four pounds of the stuff a year. Our systems have not developed fast enough to handle the massive increase, and it shows up in all kinds of ways, overweight, and obesity. A lot of people will tell you it has a lot to do with the number of cancers we have. If you were to look at those two curves, cancer, and sugar consumption, those curves look pretty similar. Now, I'm not a doctor. I'm a four-time world champion who doesn't eat sugar.
Sugar over the years, we know it has caused problems. I saw some studies looking at some of the Egyptian mummies thousands of years ago now a couple of thousand years ago, and they had all kinds of problems with their teeth and many other diseases that they had. Now they're attributing that to sugar. You mentioned that when we were younger, we would get a little bit of sugar as kind of a treat or reward. Now we see these hangry commercials, but you need to eat this Chocolate Bar because it's going. It has gotten out of hand
Unknown Speaker 5:04
Yeah, it's hilarious. I mean, that's how we get up to 150 180 pounds a year, it's added to everything. Crackers and salt have dextrose in it to keep it from caking, salt has sugar, which is fantastic. You know, a lot of savory foods will have it, and it just shows up everywhere. The truth is, after eight years of coming up, Leap Day 2020 will be my eighth anniversary. My first day sugar-free was leap-day 2012. I love these every four years I get an actual anniversary. What happens, you know, what happens when it stopped eating is the taste for the desire for the need. The addiction goes away. Food starts to taste differently. I've often said to people, Craig, that you can't speak for the version of yourself who lives on the other side of 30-day sugar-free. Right now, the person I am is influenced by everything I've done in the last whatever, 30 days or 30 years. That person on the other side of a 30-day sugar-free detox is an entirely different person as far as skin or anxieties. Usually, the feelings they have, their skin, the amount of sleep they need, the way their teeth feel. My teeth feel so good all the time right now used to be able to take my pulse in my teeth after eating a four-pack of Reese's Peanut Butter Cups. I could feel my pulse. Yeah, I may have been feeling my finger, but it felt like my tooth was banging. Anyway, if somebody is interested in doing that, you know jumping, find little tricks you can do for yourself like tell yourself you're not getting any sugar for 10 AM or noon. Little tiny tricks will turn around the habits.
It is the habit that is the problem. In so many ways for so many people. Going back to what I've been doing with intermittent fasting. You know I had it in my mind that I had to eat. We look at our kids nowadays. They have breakfast, and they have a mid-morning snack in school, they have lunch at school and then an afternoon snack after school and another bite before they go to practice. The score it's getting bigger, just listening to it and drink during sports practice
Yeah, exactly. It is sugar, and it's compounding.
When I decided, Hey, I'm going to skip a meal, you know, just a very moderate light-fast. Yeah, my brain was just going, Oh, you've got to eat. I found that really what it was for me was kind of always an addict, right? I was addicted to it. Is sugar that way too? You are describing it as you know, try not to have sugar before 10 AM. Is this something an addiction, frankly?
Oh my gosh, are you kidding me? I mean, the sugar beats up four organs pretty severely, the brain, the liver, the heart, and the skin. As far as the brain and when you're talking about like, even before we take that bite, you know, it starts firing up, you know, it fires up the same receptors that are fired up by gambling or sex or drugs. No chance of addiction. They're right certainly no chance of addiction. But yeah, it plays, and you know, it's funny going off sugar and I did it for 30 days. Well, I did for one day at first felt so good on March 1, 2012. I was like, I have to do this for 30 days and see what happens about 20 days into that. I was like, Oh my gosh, I'm going to do this for a year just because I feel so alive right now I have to see how I feel. But what happens is it throws a monkey wrench into well-choreographed habits that you have in your life, right the way you live and yours and other people's. That's another thing that happens, you know, it's like I live in a family with a wife and a son. We mean, you don't do sugar. It's a personal decision. You know, you get this little dance of confusion that you get to run around, but it's also within that is bliss, and there's resentment, and there's a renewal, and there's hope the emotions so much is involved. When we eat sugar, you know, it's not supposed to be a portal for squelching fear and sadness and loneliness, anger. It's supposed to be for food, and so few of the 650,000 items that are on a market shelf, serve that exact purpose. The food you know, we can walk around and collect what's food, in a pretty small basket, and other stuff are usually just connectors for that hundred and 150-180 pounds of sugar a year.
Let's talk about this bloating, right? We were discussing a little bit about what happens when we eat a lot of sugar. The insulin response, for ten years, I was a volunteer paramedic, and I certainly had diabetic patients. You'd find them just unconscious, and what do you do with them? I know a lot of people who have diabetes, as well. A lot of this has to do not just with the insulin response, which I'd love to chat about briefly. It has to do with inflammation at the cellular level. Our bodies are blocking themselves because of what we're doing with some of the sugars that we're eating. We put on weight, and that increases our inflammatory response. It results in some of these other problems with the brain and the heart and the liver.
Yeah. There are very few things that surprise me when I walk around an airport, and I still travel a fair amount. When walking around an airport, I see a lot of large people. We're big people nowadays, and it's not surprising. You know, when you talked about the molecules, sugar is composed of two molecules, I'll keep this as technical as possible, Glucose, and fructose. Glucose gets metabolized by every cell in the body, you know, and if we don't get it from the diet, our diet our bodies make it. Fructose, so very different. The only organized organ that can metabolize that is the liver. The liver is the single transporter for it. It's overworked. I mean, it's it probably did pretty well back in the days when people ate four pounds of sugar, wealthy people ate four pounds of sugar, not average peasants, the likes of me. I've gotten a few they called it the delicate spice back in the day, and that's what our livers could healthfully handle you don't see a lot of large people when we look back in old pictures. I just got all these pictures of my grandma, and her family send through the legacy box is such a beautiful thing to get these 14 Films back. No one is fat, Craig. There's nothing personal in the video. Yeah, going back to probably the 1880s the earliest people on here, but that's just people running around. They've not filled themselves. It's a challenge, man, you know, and it becomes a very personal decision, no one's going to make us quit sugar. We've been talking about it.
Hey, stick around. When we get back, we're going to finish up our interview with Barry. He has some more interesting points, including how he got to the point he's at right now. So we'll be talking about that. And we're also going to talk a little bit about intermittent fasting, what I've been doing, and what you might want to do and then we're going to get back into technology. Listen to Craig Peterson WGAN.
Hey, welcome back everybody Craig Peterson here WGAN online at Craig Peterson dot com. Hey, let's pick up our interview with Barry Friedman. In case you were wondering what the name of his book is, it's "I love me more than sugar." I quite enjoyed it. This guy is a great guy and has been involved with so many things over the years, from being on the Johnny Carson show doing juggling through today where I met him because he's one of the coaches in one of the programs in which I participate. Very, very great guy, and we're going to talk more with him about the whole sugar thing.
I wasn't famous for a long time when I first tried this and then then it started, like, wow, he's still doing that, you know, the Curiosity started then I wrote a book about it and got on TV shows as fast as I wanted to dial-up and call-in or fly-in and be on Morning News. There's a call for it. It's a curiosity, but soon, it will be something that we must study.
Yeah, I think it's going to be common sense a few years from now. We're speaking with Barry Friedman. He has written a book, and I want to get into that. Now. I'm glad you brought it up. It is part of the 30-day exercise that you discussed. There's a plan in there. Why don't you tell us a bit about the book? I found it over on Amazon. Easy enough to find, and what's it doing? How's it going to help people?
Yeah, you know, this book is it's very non-scientific, and I, my buddy, Penn Jillette of Penn and Teller, the taller, bigger-half of Penn and Teller, He lost over 100 pounds on it. He wrote a great book called presto, how I lost 100 pounds. He's got an excellent subtitle for it, but his first line in the book, and I'm one of the few people in the world that can jump on to his tagline. If you take diet advice from a juggler, you're an idiot, because that's what he wrote in the book. I wrote the book really from just a perspective of a guy who did it. A guy who, you know, I traveled around a lot. I did shows for 34 years. Ted conferences, TV shows, I was around a lot of delicious sugar, and I used to love it all. From 2012 on, no added sugar, anything. I tell stories about that journey. Some substitutions we can do, where it starts, what it does to us. Some challenges you may come across, and then the 30 days is walked through very scientifically. I ran an online program for five and a half years and helped thousands of people do a 30-day challenge. What that gave me Craig was a massive database of where people are on day one, day two, day three. It is a traceable spike. I mean, you can see some of the most dramatic days of my life. And you know, it's, I call it in the book ground zero-day for ground zero it was crashing. I remember lying on a massage table. Tears are running down my face. Not because of not having sugar, but I knew that moment was a turning point. My wife as she was like holding me down deep massage as hard as she could just get stuff moving in my body, but I was I felt like it was the door of the threshold into a new life. I think if I would have folded at that point, just grab something I wouldn't have just gone back to going past that day. That was when everything changed. So we in the community, we often talk about what's your day for, and sometimes it's a day for other people, but there is a time when we need to. That's the hero's journey part. That's where you grab the mystical apprentice who goes with you and the mentor who goes with you and walk you through dope. If that helps, I would love to walk you through that. Visa v the book and we have a Facebook page with the how 50-60,000 people on it who have all dabbled in some realm of it, and it's a movement. As I said at the beginning, we will soon look at this the same way we now look at tobacco, no doubt about it.
The book is called "I love me more than sugar." Barry Friedman is the Author, anything else you'd like to add here? Barry, before we go?
Oh, I would just love to tell everybody that if something in this conversation spoke to you, I trust it. Don't question it. There's a fight or flight reflex in the brain that a little gland, that small almond-shaped gland whose job it is to take us away from scary things. If something touched you before, it has a chance to go through that part of the brain, a chance to tell yourself that there is a time for doing this. Know that sugars not for satisfaction or completion. It has never put through that kind of test. It's always about getting more. Like, I said, we will look at this as a real downfall for society. It got added to everything, and it became routine. As Craig said, we began hearing commercials about how we owe it to ourselves how we deserve this. So I trust the gut influences the gut instinct. If you heard something and take a chance,
I put a link on my website as well obviously to this interview, and you mentioned a Facebook page. What's the name of that group? Or that page?
Thirty days sugar-free, but the last 30 days sugar-free Facebook group. We post some stuff in there from time to time.
All right, and it's a community, and I think that's something that can help.
Yeah. Boy does it ever. It is easy to feel alone in this stuff.
Yeah, exactly. Especially in this day and age again, Barry Friedman. I love me more than sugar and 30 days sugar-free. Look it up on Facebook. I appreciate you being with us today.
Unknown Speaker 5:28
Thanks so much, Craig. Thanks for what you're doing. Bye-Bye.
Hey, as I said, I hope you enjoyed it. Barry's just a great guy. It's a lot of fun chatting with him about what is going on out there. What he's been doing, and he's done a lot, right. I think the most exciting people, frankly, are the people who have done a lot of different diverse experiences in it, and it helps us help you helps me just overall. All right, so we got a couple more things we want. To cover here today, one of them is the liability here on cloud services. We'll get to that in a little bit of business. Ransomware, I think, is an important thing. We'll be talking about that and big tech taking advantage of our kids. But I want to kind of continue with this theme. Barry was talking about sugar, and I know that you know, some diets w for some people, they're not great for others. If you have diabetes, of course, getting to getting rid of some of the sugar can be problematic, right? You know, I was a volunteer in the ambulance service for ten years, and I quite a bit of advanced training and everything else. When called to the scene of a diabetic emergency, we would administer d-50, which is 50% dextrose to diabetics who were out of it, then take the blood samples and stuff so they can spin them up in the lab quickly when we got into the hospital. You know, probably if someone has a diabetic emergency that you got to get some sugar into them right away. So getting rid of sugar is a difficult thing for a person with diabetes. I have, as I mentioned before, on the show, I have been focused on intermittent fasting. It is effortless to do. I've been following a doctor up at the University of Toronto, Dr. Fung, who has several books out on the subject. Before I started this, I read at least a half a dozen books on intermittent fasting. There are so many ways to do intermittent fasting nowadays. You want to go 12 hours a day, at least without eating. And that's not hard when you get right down to it. You know, think about going to finishing dinner at six o'clock or seven o'clock at night. And then not having any snacks, not eating until six or 7 AM. The next day, there's your 12 hours. And then the other thing to do with intermittent fasting is never, ever, ever snack. Now you can have dessert if you want, you're going to have ice cream, cake, pie, you can have any of that stuff that you might want to have, but have it with your meal. Don't wait an hour before you have dessert or two hours or more, have it right away. What you're trying to do is control the insulin levels. Now a better way to do it is what's called 16-eight. That is instead of 12 hours of no food at all. You can have water, you can have clear liquids, obviously no sugar, and you go for the 16 hours. That means if you stop at 6 PM by 6 AM, your 12 hours and you want another four hours left, so let me know You could eat at 10 AM. Or if you finish your meal at 7 PM, which is the latest, you should finish eating. That means you could eat at 11 AM The next morning. You might have a skip breakfast again, no snacks, just black coffee, or tea with no milk. And then you, you have your lunch at noon, and then you have your dinner at four or five or six o'clock. Whatever works for you. You will lose weight, and you will get healthier. If you have diabetes or have other medical issues. You want to talk to your doctor about it. But this can cure type two diabetes, just intermittent fasting. But the whole sugar thing I think is something any of us can do. Even if you can't fast. Hey, Craig Peterson here, WGAN stick around. We got a lot coming up. Yeah, we're back into tech in the next segment.
Hello, everybody, welcome back, Craig Peterson here. I hope you're on my email list. I want to keep everybody up to date. We've got some training for you guys. You're the Calvary, right? You're the people who come in to help fix the problems with small business computers. Maybe you're responsible for them. Perhaps you're the owner of the business, right? You're responsible for making sure that everything's running right and for choosing the right technology and stuff. I appreciate you all being with me. I have some specialized training coming up for you as well. But you need to be on my email list if you are going to find out about those pieces of training. The way to do that is just going to Craig Peterson dot com slash subscribe. Of course. Peterson P-E-T-E-R-S-O-N. Just like it sounds, Craig Peterson dot slash subscribe, and you'll get my weekly email outlining the most significant threats that are out there right now. All of the articles that we talked about in the show, and more. Plus a few more that I just don't get to that are essential. People love it. We get an excellent open rate, some of the best in the industry. That's how good this newsletter is. And I provide it for free. And I give a lot of these pieces of training, absolutely free. All of my tutorials are available on my website as well at Craig Peterson dot com. I built the technology behind some of the biggest organizations websites in the world. And yet mine is very sad. Okay, I have to get my act together. Oh, well, there's always something else to do. Right, just the cobblers kids. Well, let's get into ransomware because it is on the rise again. But let's start with a little history because I think this is cool when you get right into it. There is an article that I started reading over at CSO online that reminded me of it, and you'll see a link to it as well on my website at Craig Peterson dot com and in this morning's newsletter. Hopefully, you got that. But it started this ransomware thing back in 1991. There is a biologist who was doing AIDS research, and he was kind of upset that other people who were also researching AIDS, were getting more notice, and he wanted more credit than he was getting. He started sending out quote, AIDS research quote, on floppy disks via US mail back in 91, to other aids researchers. It had a piece of malware on there called PC Cyborg Cyborg. It was the first ransomware that we know of. Isn't that something, right? It was these researchers who were competing with this one researcher. The next big one used encryption was back in the aughts. Back in the mid-aughts, Bob 2005, it was called an Archie vs. It used encryption and was defeated. You can find its password over in Wikipedia even nowadays. Now, in 2010, we started seeing the series of what are called police ransomware packages. And they were warnings from law enforcement about victims of illicit activities and demanded payment of fines. So this was a new generation of anonymous payment services that they started to use to be able to better hard payments without getting caught. Of course, this was some of the Bitcoin and some of these other types of services. that allows you to send money, semi-anonymously. Remember that right it is not anonymous, the FBI and the Secret Service have worked together to arrest people who have been using Bitcoin illegally for, you know, these types of anonymous transactions. There was a new trend that started to emerge, and that was cryptocurrencies. Other than the legal activities that occurred that drove up the price of cryptocurrencies. Which were artificially high begin with, the other big drive for cryptocurrencies, has been ransomware. People need to pay ransoms, at least they want to pay ransoms. How do they do it? Well, that's what the criminal started to use. Extortionists just absolutely love them. Why? They are designed to be relatively untraceable, and relatively anonymous, right? So they started shooting their demands to other currencies. It's also nice because then they don't have to worry about, well, what's the value? In France, it's a euro, or In Britain, it's pound sterling, the US dollar, Canadian dollar, Australian dollar, know the value. cryptocurrency is pretty much flat, no matter what currency you're using. These attacks started shooting up about that point in time. But as of a couple of years ago, in 2018, the ransomware boom seemed to be on its way out. The hackers had found other illicit ways that people were using to snag Bitcoin. One of them is still in use today, and that is to have something on your browser that starts to use your browser to do Bitcoin mining for them. Okay. They were also looking for bitcoin wallets, Cryptojacking became very popular. It is something denial of service attackers have been using for years. They gain control of computers without their users or owners of the computers knowing. Cryptojacking ransomware decline, but cryptojacking SHOT UP 14-15%, so they're using your electricity, they're using your computer to have this whole, you know, the whole thing of having a new mind for Bitcoin. And of course today and it's not just Bitcoin and other cryptocurrencies. But today, many of these cryptocurrencies, it is costly to do mining, because most of the coins are gone. That's part of the reason they want to use your computer, but even then, the payback isn't as big as it used to be. So now we're starting to see two big drivers behind this massive surge recently in ransomware. So the First has to do with the vague guarantees of the cryptocurrency pricing. Many of the crypto-jackers. We're using the victim's computers to mine this open-source Monero currency. However, Monero prices have been dropping, and Bitcoin prices have dropped dramatically as well. Although now with some of the real viruses, like the Covid-19. Some of them are going up because people are moving their money into gold and some cryptocurrencies. Monero prices have started dropping, and the bad guys are starting to realize that mining cryptocurrency is not going to be as rewarding as ransomware. Attackers had already compromised the victim's computer with Trojan downloaders making it easy to launch a ransomware attack when the time was right.
It took them only about a year 18 months to make a U-turn. It is just fascinating when you get right into it. We've seen a lot of them over the years, and now they are attacking businesses. They've always used this kind of spray and pray tactic of trying to send out this ransomware to as many computers as possible and as many people as possible, hoping that we are going to be successful without a significant return on investment. They've been going more and more against or against us by going directly right using phishing, spearfishing techniques, and other types of targeted attacks. So let's take a brief look here at some of the most significant attack methods that are out there. Sam Sam is number one right now is started appearing about five years ago is ramped up. These may go even higher. High profile ransomware, like Sam Sam, has been used to attack the Colorado Department of Transportation and the City of Atlanta. Atlanta was hit multiple times by it, talking about incompetency. Numerous health care facilities, hospitals. This is ransomware as a service, where people are designing the ransomware they're selling it to anybody who has the money, and they even provide tech support for people who get the ransomware. Isn't that just amazing? Originally thought to have Eastern European origin, now it's going wild in the US. We've got some Iranians who are claiming to be involved with it as well. We got right, pure locker many more. So be careful out there. Ransomware is on the rise. And backups aren't even successful in protecting anymore when we get back we'll talk a little bit about that. And of course, a whole lot more so stick around. Craig Peterson here on WGAN.
Hey, welcome back, everybody, Craig Peterson here on WGAN online. Of course, Craig Peterson dot com. Hey, I want to finish this up this whole thing with ransomware. It's on the increase is a huge deal, not just for businesses. Frankly, it's a big deal for all of us. Then I mentioned just as we were going out in the last segment, that ransomware, it used to be that you could just make sure you had a good backup. If you got nailed with ransomware, all they would be doing is encrypting all of your files on your computers is spreading. Of course, that's a major headache if you have good backups because, at that point, you just have to restore all of those backups, and that can take days, depending on it is all set up. You know, when we set it up for some of our larger clients, we set it up with our equipment on their site. That way, we can get them back online within hours, if not within minutes, right, which is what you need. So the time had a backup that was offline and off-site, and multigenerational would protect you from having your files encrypted and losing them all. Nowadays, ransomware is a little bit different. What it's doing is the first thing is it gets installed on your computer, unbeknownst to you, right? And you wouldn't install it on purpose. And it spreads between the computers, any files it can see. It then allows a remote operator someone to get on, or it uses an automated system that looks for files, and things would be valuable. So spreadsheets and searches through your Word docs and other stuff on your computer. It seems in your cache history on your web browsers in case you're using cloud services, and it tries to find things in there that are going to hurt you the most. The remote control then allows a remote operator, who has now had a look at some of those files to say, hey, I want to dig into this a little bit more. And he'll hop on your computer and look around and say, oh, okay, yeah, I'm going to get this file, upload that file. All of this is happening, and you have no idea. Your firewall is only protecting stuff from coming into your network from the outside. Once it's in, it does not do anything about files that are being exfiltrated. Those that sent out from your system. We do that for our clients. We watch all of the data going out, anything that shouldn't be going out. If it has private information, social security numbers, if it has customer numbers, if it has bank account numbers, all of those we can recognize, and we stop it immediately. We stop it right away and preventing data from exfiltration. We just had that happen. Just a few weeks ago with one of our clients, they had data being taken out of their computers because someone had been trying to steal it. Many times, that's one of your employees, okay. They then have your data in hand. The ransom at this point is, hey, and we have your data, we have your customer list, we have intellectual property, we have data that could hurt you if it were released, pay up sucker.
And if you don't pay up, that data will then be released to the internet. That's a terrible thing, at least in my book. If it gets released to the internet, what happens is you will lose face as a business. You can probably lose customers. You could face fines and penalities if that data is personally identifiable. So that's the difference between older ransomware and current ransomware. They'll still encrypt all of your data, they've poked around and uploaded it, they'll get you one way or the other. Either. They're going to hold a gun to your proverbial head and threaten the release of your data, or they're going to have it encrypted. At that point that if you don't pay up, they are going to release that to the internet. So there you go. By the way, misconfigured clouds cloud storage is a huge problem. We've seen so many security breaches because of that over the last years. But I want to point out two more things here before we go for the day. One is, all of our businesses today are tech businesses, no matter what. Some companies have realized that even though you have a physical presence, like Barnes and Noble, they had to compete in the online world if they were going to survive. Walmart's done the same thing. They've come to realize that if they did not, basically go after their brick and mortar business and go after the online market they would be out of business. That is what they've been doing that right now. They have become a real threat to Amazon. Like it or not, companies who are in business in five or ten years from now will understand they are tech businesses. They are going to be defensive when it comes to cybercriminals, but old offensive in the way they pursued technology. So this is going to make you break their business. I had to bring it up. We have a great article online from Outlook business.com on my website at Craig Peterson calm about this, you have to protect your assets, and your assets have to become more digital than they've ever been before. And I want to go on now to something from Ars Technica. And this is something that I've talked to school districts about before because we have had numerous school districts. In New Hampshire, they're called SKUs. These are kind of super districts that are In technology trouble, I've been a keynote speaker before at some of these events for school districts, and it's been really interesting to me to really get in and help them out, Help Help them examine what it is that they have, how it's, you know, he it may be good enough, it might not be good enough. But right now, there are some lawsuits out there. And this is one of the articles I was talking about this week. And we included in our newsletter this week as well, because Google is now facing some lawsuits from State's attorneys general, and specifically this week, New Mexico Attorney General. His name is Hector Balderas. Has filed a lawsuit alleging that Google has been collecting and using the data of school children in New Mexico in violation of the children's online Privacy Protection Act (COPPA.) Also, New Mexico's unfair practices act. Now, COPPA says that these companies cannot collect the personal data associated with children under the age of 13. It covers websites, apps, digital platforms that collect this data from younger users have to have a privacy notice, and explicitly, parents must consent for any collection of the data.
You might remember a scramble it occurred some years ago as online websites who had games for kids and things right, that some of them were just teaching games, some were evil. These online websites collected the data of our children, and it was a problem for them. Well, now, since Google has been in this game and winning in so many areas, they become a target. You might know I'm a big Apple fan, right? Particularly, if you listen to the show a little bit earlier today, because basically, Macs, I should say, macintoshes are immune to the type of malware that Windows computers get almost every day. Well, the same thing is true for iOS. Apple's trying to get iPads into schools because they are secure and easy to use devices. I use them every day myself. My team uses them. Kids just know how to use them. Google introduced a whole family of software that can be used by schools for kids. Just think about the standard Google stuff right where you've got Google Docs. You've got Google Sheets right there, and you've got spreadsheets that are easy to use, easy to share. You've got, you know, a document editor, kind of like Microsoft Word that's easy to use, easy to share. Many schools are just using that underlying platform to have assignments go out to the kids, etc. Pile on top of that Google Chrome, and Chromebooks, which are quite inexpensive. Chromebooks are a fraction of the cost of an iPad, even with Apple's educational discounts. All this is getting them in the hands of kids. In New Mexico and other places, these school districts are using some of these platforms that are explicitly designed for use in elementary and middle schools by school children. Google is providing the platforms, and then Google is providing the operating system. These Google Chromebooks are great devices. By the way, I have nothing against Chromebooks. The main problem is that all the data about you and your children are going to be collected. That means sensitive information such as geo-location, your browsing history, search histories, viewing histories, contact lists, saved passwords, voice recordings, and other behavioral data. Okay, no matter who you are, and that's what New Mexico is alleging here, tracking their student data like this without the parental consent is not only illegal, it's dangerous. Now, Google is claiming that New Mexico's claims are factually wrong, adding that it allows schools to control access and requires the schools to seek parental consent. Google's not asking for permission doesn't know if it was given. Google further said, quote, we do not use personal information from users in primary and secondary schools to target ads. However, they do collect it. That child's data might be used when the child is a little bit older. Think about that for a few minutes. Here we are as adults, hopefully making informed decisions about what data we're sharing. But our kids are not. As they get older, that data that was collected about them before they were of the age of majority before they were 13 years old, can be used against them. Hey, guys, I want you to make sure you get my tutorials you get all of my newsletters and keep up to date and all this stuff. So make sure you subscribe right now. That is the end of today's show. Go to Craig Peterson dot com slash subscribe. Your listening to me on WGAN and online Craig Peterson.com slash subscribe. take care of everybody. Bye-bye
Transcribed by https://otter.ai
More stories and tech updates at:
Don't miss an episode from Craig. Subscribe and give us a rating:
Follow me on Twitter for the latest in tech at:
For questions, call or text: