This sounds familiar

Back in #WeekendWisdom number 41, I talked about supply chain risks. Since then there have been a couple of massive global supply chain hacks that have occurred.

What are these supply chain hacks you speak of?

The first one was late last year. The SolarWinds hack was revealed. SolarWinds makes network monitoring software that are used by large corporates and government agencies.

But for my audience, which will be the more smaller business owner, something happened last week. A company called Kaseya, they provide software for IT managed service providers who obviously look after the IT for their customers which are usually small businesses. This software enables those managed service providers to be able to remotely manage and control their client’s devices.

What happened with the Kaseya hack?

Well Kaseya were hacked and had their client’s devices were ransomed by the REvil ransomware gang. Now REvil claim that they have infected a million devices around the globe and they’re looking for $70 million to free up these devices. The whole story is still playing out, so we don’t know the full details of it yet.

What can you do about this type of risk?

But how would you, as a small business owner, be able to try and protect yourself from such a supply chain hack?

Well you really do need to make sure that any third party that is going to put some kind of service or device or software into your network, into your environment, to carry out a full, thorough due diligence on that supplier and their application.

If you don’t have the capability in-house, there’s plenty of people out there in the market and in the business that will be able to provide you with an independent assessment.

So that’s it for this week. Lets be careful out there and we’ll talk to you again next week.

The post #WeekendWisdom 086 Supply Chain Hacks appeared first on L2 Cyber Security Solutions.

I hear from a number of small business owners who say “I’m too small. There would be nobody interested in hacking me.”

How does a Supply Chain Risk occur?

Criminals may not be interested in hacking that business. But if they find out that that business has a big customer that they are more interested in, things might change. What they might try and do is compromise the security of that small business so they be able to get in through them, to the big customer. So that’s where they’re trying to get into the supply chain for their actual victim.

Can you give me a for example?

A great example of this type of supply chain risk occurred back in late 2013. Target, the large US retail company had all of their payment card terminals in their stores compromised. These had malware installed on them. That enabled them to steal up to 40 million payment card details from customers over the Black Friday weekend and subsequent shopping weeks leading up to Christmas.

What did the hackers do?

What had happened was, the criminals sent a phishing email to the Heating, Ventilation, Air Conditioning maintenance company that Target used. They compromised their computers there. They were able to find the network logon ID and password for the work order processing and invoicing system for Target. The criminals were then able to use those logon details to be able to gain access to Target systems and spread the malware.

So that’s what can happen to small businesses who have big customers.

Moral of the story: Small businesses do need to have good security in place too.

So that’s it for this week. Let’s be careful out there and we’ll talk to you again next week.

How can L2 Cyber Security help you?

We offer a full range of training programmes, which can be delivered online or in-person*. We can also talk to you about best practice for security in your #SmallBusiness in order to prevent you becoming a Supply Chain Risk.

L2 Cyber Security are also a partner of CyberRiskAware for online self-directed Cyber Security Awareness training and Phishing testing.

Contact us for more information at info@L2CyberSecurity.com.

*With appropriate social distancing and other health and safety measures adhered to.

Follow us on Social media:

Liam is available on Twitter, LinkedIn and Instagram.

Follow L2 Cyber on Twitter, LinkedIn, Instagram and Facebook.

© L2 Cyber Security Solutions

The post #WeekendWisdom 041 Supply Chain Risk appeared first on L2 Cyber Security Solutions.

Haven’t we heard about this kind of behaviour from China before?

That was my first reaction to this story. Back in 2012, the US Government set out to ban any US telecommunications operator from using equipment supplied by Chinese companies Huawei and ZTE. This was after reports of communications equipment manufactured by them and supplied to US companies, were detected sending large packs of data back to China late at night.

But doesn’t the US do this as well?

Indeed thanks to the likes of Edward Snowden, we became aware that the NSA behaves similarly. In that story, they are shown to have intercepted the shipment of a new communications router. They then implanted some spying capability into it. It was then sent it on it’s way to it’s final destination.

So there’s nothing really new about the Chinese hacking server hardware?

Well this story from Bloomberg has stirred up quite a lot of controversy within the information security community. Apple and Amazon have been quick to categorically state that they have not been compromised. They claimed the story was completely false. Patrick Gray, an Australian information security journalist, interviewed one of the named sources in the Bloomberg story. Joe Fitzpatrick had been quite uncomfortable with the published story. Gray also raised the fact a previous story by the same journalists, quoting anonymous sources, turned out to be false. So he reckons it’s a bogus story.

I personally don’t think China would take the big risk of implanting “spy chips” in the all of the electronics that their own huge manufacturing companies produce. It would be a strange thing to do on such a massive scale as it would be more easily detected. They’ve been more targeted in the past, as has the US, so that’s probably more normal.

Certainly the supply chain is one of the weak points in a product’s creation. That’s how we ended up with Petya/Not Petya and also the compromise of CCleaner.

If you are in a top secret, research and development type operation, then you will need to have suitably vetted hardware, software and physical security experts on payroll or contract to be able to protect your business from these kind of efforts of the Chinese hacking server hardware.

For the rest of us mere mortals, there is little we can do to truly protect ourselves, without going to great expense. We just have to hope we have nothing the Chinese, the US, the UK, the Russians, the Israelis, etc., etc., etc. want. If they want it bad enough, they’ll get it.

Lets be careful out there.

#SecuritySimplified

The post The Chinese hacking server hardware appeared first on L2 Cyber Security Solutions.