Show Notes for Weekly Security Update 2021 Week 1

Simple cyber defense weekly updates for January 2 2020.

Welcome back to some cyber defense. This is the new year 2021. In this episode, we’re going to look back at the major security impacts that happened in the year 2020.
And we’re going to start off with the T Mobile attack. T Mobile had two different breaches in the year 2020, once in early 2020s, around March, and another one more recent, at around December.

So what happened was an attacker got ahold of some employees email, and was able to take over those accounts. And then from there, they pivoted into getting into user data.

So why did they do that? They were just basically looking for information.
What can be done to stop this? What they’re going to have to do is just be mindful that their data is out there and be more cautious when dealing with emails and texts, which could be used by attackers to get them to give them access to their accounts. Because of the data that they’ve stolen from T Mobile, they are going to make their spamming attacks a little bit more looking legitimate, because they have their phone numbers, they have their credentials. They can easily make an email look like came from T Mobile get a click on it. Just be a lot more cautious of those emails coming through.

So the next biggest attack point in 2020 is due to the impact of the Coronavirus. Many employees were working from home
that made them a prime target for attackers. Now three things in particular that were the biggest hazards from working home. The first one is
the employee’s home Wi Fi security. Now, when you’re in the office, there are many controls that are in place to protect the Wi Fi networks and the employees, computer computers and whatever attaches to the internet. But when they’re at home, most likely visas don’t have all those protections that they’re using are weaker protocols like wep,they can allow attackers to easily access their network traffic.

So what should they be doing is the first thing they should be doing is they should be using a VPN if they are connecting to the company’s network. The VPN will ensure that attackers can’t easily sniff the traffic back and forth. Another thing that can be doing is using the strongest protocol out there at the time of this recording of WPA two. But WPA three is coming around soon, and we’ll be going up. And when that does, I urge people to go through WPA three.

The next thing that is a hazard for workers at home are phishing scams. Now these attacks will be very sophisticated because of all the data breaches, emails with attachments and links that they’ll make that attackers will make these look really legitimate like coming from the company. But again, you just have to really think about what you’re looking at and what is happening. And if need be probably the best thing to do is just get on the phone with someone say, Hey, I got an email from supposedly you, is this true, if it is yes or no.

And the last thing that you have it for remote workers is insert your passwords. Simple passwords are encrypted, credible, easy for hackers to attack. And I created a video on my YouTube channel, which goes over the many steps that you can go to increase your password security, that urge you to go find that and look at that is basically a few simple things that you can do to increase your password security, like complexity of it, not reusing it. And basically using a password manager. For more details, go to that YouTube video Password security.

The next major hazard in 2020 was ransomware. It’s not going anywhere. And it’s probably going to continue going on for many, many, many years. And many of these attackers are using emails to trick employees to either open an attachment or click on a link and then infects their computer with a ransomware, which would then spread over the network and just encrypt as much files as they can and extort the company for money. No matter how small of a target you think you are, every single person is a potential target.
It’s not a matter of if you’ll be attacked, it’s just a matter of when you will be attacked, if you’re not taking proper precautions, to protect yourself against the biggest protection that you can have against us is User Education is just to be aware what attachments you’re opening and what links are opening and making sure that they are really legitimate. The next thing to do is have a very robust backup, offline backup so that if an event that all your files are encrypted, at least you have the backups to go off the guns and hopefully be able to get yourself back up.

So the fourth biggest major incident in 2020 was from Nintendo, where they said that 160,000 users were impacted by recent account hacks. What happened was the attacker had gotten access to the Nintendo Network and took over many accounts. And the reason why they’re able to do that is to you, they were doing was they got into databases leaks, and they got a list of passwords and they use those passwords to get into independence is really the best way to prevent this is to never reuse your passwords, and to use a unique password for every single account that you have. And to constantly change it up every so often.

In October, Google says that it mitigated a total of 2.54 terabyte per second DDoS attack, and in the largest known to date. So what is a DDoS attack, it’s basically a distributed denial of service attack. And these tak attack was basically us try to completely shut down the Google network. And luckily, many of these attacks were prevented were blocked and prevented. There were some minor doubt outages for Google that year. And luckily everything can back up. So there’s not much the end user could do to prevent this other than just make sure that really important. Communication is not relied just solely on Google and we have other means of communication like texts and phone calls or other email addresses that you can use. In case this does become a longer outage Luckily, this did not come a large outage.

The sixth thing that many people are talking about talking in 2020 was the zoom security and privacy. There are a lot of people that scrutinize zoom for their lack of security and lack of privacy. And the biggest one for them was the end to end encryption, which they did manage to fix. And they did implement the end to end encryption. But some things that you may want to do is also set up a two factor authentication for your zoom account, so that if your password does get compromised, the attacker will have to work a little harder in order to get to your account. Two, factor authentication involves basically two different authentication methods that are used. First one is your password. And the second one is usually like a token that either sent to you through email text, or you have a third party authentication app like Google Authenticator, or so long, they’ll give you a random generated code every 60 seconds or so this will add a layer of protection but that the attacker will find more difficult because not only did it add their passwords are also at the finest get this token, which, if done properly, could be more difficult for people to get their hands on. Because it’s randomly generated, either through email or text message or a publication. So if they don’t have access to what the token generates, and they won’t be able to get the token. Some other criticisms from zoom is because of the ease of use, it made it really easy for some troublemakers to what’s known as break into illuminating. And even though they weren’t invited to the meeting, they’re able to make their way into it and see what’s going on here what’s going on. So many people were worried that they had a private meeting with zoom, discussing sensitive topics that someone could just hack their way into the meeting and hear what was going on and take that information and sell it to someone or disclose it online. That would not be very good for the company. But adding the two factor authentication would mitigate this issue. Because not only the password to get in, but you often need
a token, which is a lot more difficult for attackers to get.

So the last thing 2020 that happened was the SolarWinds attack. And this was a massive attack that is still being investigated today. And a lot of firms like Costco, at&t, Microsoft, Comcast, McDonald’s, as well as financial giants like Visa, MasterCard card, and also some many businesses. And also government agencies were using the solar wind technology to do their business. So what happened was, an attacker managed to trick many of the software that the vendors were using into updating a fake update that allowed the attackers to gain advantage or gain a foothold into the network, and to steal a lot of sensitive information. So what exactly does this mean for the end users? For all of us, it means that a lot of our data is out there now. And the best thing to do is to just be aware, and be more mindful of the emails and phone calls that you get that most likely a lot of attackers will be using to Try to gain your accounts or try to steal money from you. So the best thing to do is just be more diligent and be very careful what you open in your emails, your text messages. Also in Facebook, also, looking around breyers, this is still being investigated. So it could be a much bigger thing than is being reported. Now. Like I said, many government agencies were also impacted by this focus could be a huge impact to everyone. And once more details are related, or sent out through this, I will report on it and tell you what you need to know. So those were the major impacts of 2020, security, cyber security wise. And most of them look like have to deal with gaining information. And, and then using that information to send out spam emails, trying to use social engineering to gain more information to get other money
for different accounts. So it seems like the biggest takeaway from this is to be very mindful of what’s out there.

It’s very scary that a lot of our information on there is basically now in the hands Packers, and they’re using this information to make very fraudulent emails look very legitimate, and they’re taking their time to get into your accounts, and then either doing personal identity theft or just trying to trick you into giving them money through either extortion or ransomware. So the biggest thing you probably should do is to freeze your credit score, freeze your credit, keep an eye on all your bank account information and make sure that every charge that is on there is legitimate and as soon as you find one that’s not legitimate report right away because the biggest ways to stop identity theft is very early. The longer goes on the harder it is for you to get out of it.

So this concludes this episode and review of 2020 If you enjoyed it, give it a thumbs up and share it with all your and be on the lookout for the next episode.
If you like what was in this episode, please consider liking, subscribing and sharing with others. For more information to suggest a topic or to donate, head over to simplecyberdefense.com

Transcript generated by https://otter.ai/

Links:
https://www.zdnet.com/article/the-biggest-hacks-data-breaches-of-2020/

T-Mobile:
https://www.zdnet.com/article/t-mobile-says-hacker-gained-access-to-employee-email-accounts-user-data/
https://www.engadget.com/t-mobile-data-breach-security-phone-number-hack-2020-172117333.html

Remote Worker Endpoint Security:
https://www.forbes.com/sites/carrierubinstein/2020/04/10/beware-remote-work-involves-these-3-cyber-security-risks/

Password Security Video:
https://youtu.be/4o5rhNpC4dw

Sophisticated and Targeted Ransomware Attacks:
https://www.zdnet.com/article/ransomware-these-sophisticated-attacks-are-delivering-devastating-payloads-warns-microsoft/

Nintendo:
https://www.zdnet.com/article/nintendo-says-160000-users-impacted-in-recent-account-hacks/

Google:
https://www.zdnet.com/article/google-says-it-mitigated-a-2-54-tbps-ddos-attack-in-2017-largest-known-to-date/

Zoom Security Issues:
https://www.tomsguide.com/news/zoom-security-privacy-woes

SolarWinds:
https://www.cnn.com/2020/12/19/tech/solarwinds-hack-companies/index.html
https://www.theverge.com/2020/12/17/22188060/microsoft-president-solarwinds-orion-hack-breach-brad-smith