Valkorado
Member
Posts: 10494
VRCC DS 0242
Gunnison, Colorado (7,703') Here there be twisties.
|
 |
« on: December 13, 2020, 02:43:33 PM » |
|
Should sensitive US Treasury Department emails really be shared on the internet? ??? National Telecommunications and Information Administration (NTIA) was also attacked. Sounds like preliminary information may be pointing to Russia. https://www.foxbusiness.com/technology/u-s-treasury-breached-by-hackers-backed-by-foreign-government-reporthttps://www.itwire.com/security/attackers-gain-access-to-us-treasury-through-microsoft-office-365.htmlThe source who fed the information to Reuters, very likely an intelligence agency given that the report was written by Chris Bing, who was responsible for many similar stories at his former billet, CyberScoop, also said the intrusion was considered serious enough to merit a meeting of the US National Security Council on Saturday. NSC spokesman John Ullyot was quoted as saying: “We are taking all necessary steps to identify and remedy any possible issues related to this situation." |
|
|
|
« Last Edit: December 15, 2020, 03:29:41 PM by Valkorado »
|
Logged
|
Have you ever noticed when you're feeling really good, there's always a pigeon that'll come sh!t on your hood? - John Prine 97 Tourer "Silver Bullet" 01 Interstate "Ruby"  |
|
|
Valkorado
Member
Posts: 10494
VRCC DS 0242
Gunnison, Colorado (7,703') Here there be twisties.
|
|
« Reply #1 on: December 15, 2020, 03:28:54 PM » |
|
More US agencies "hit". At least six total (seven including NTIA noted above). Treasury
Commerce
Homeland Security
Pentagon
State Department
National Institutes of Healthhttps://www.dailymail.co.uk/news/article-9055267/Russian-cyber-attack-hit-six-federal-agencies.htmlI guess one of the experts in the know described the significance of these breaches as, "An 11 out of 10". |
|
|
|
« Last Edit: December 15, 2020, 03:57:35 PM by Valkorado »
|
Logged
|
Have you ever noticed when you're feeling really good, there's always a pigeon that'll come sh!t on your hood? - John Prine 97 Tourer "Silver Bullet" 01 Interstate "Ruby" |
|
|
Bret SD
Member
Posts: 4306
***
San Diego, Ca.
|
|
« Reply #2 on: December 15, 2020, 03:48:17 PM » |
|
My money's on china, I'll bet the cyber war is red hot about now.. I wonder how much we have on them? |
|
|
|
|
Logged
|
Bret
02 Standard -- Blue & White
82 Aspencade -- Red
“No man has the right to be an amateur in the matter of physical training. It is a shame for a man to grow old without seeing the beauty and strength of which his body is capable.” Socrates
|
|
|
baldo
Member
Posts: 6960
Youbetcha
Cape Cod, MA
|
|
« Reply #3 on: December 15, 2020, 04:32:06 PM » |
|
|
|
|
|
|
Logged
|
|
|
|
Rams
Member
Posts: 16231
So many colors to choose from yet so few stand out
Covington, TN
|
|
« Reply #4 on: December 16, 2020, 03:49:53 AM » |
|
Maybe, maybe not. Maybe if he'd done a better job, this attack would have not had the success it did. The left news source you reference presents no facts, just political fertilizer. It is, what it is. Your own link refers to security issues before President Trump was even in office. the China-linked compromise of the Office of Personnel Management in 2015 This is also from your linked article. The SolarWinds compromise dates back to March, so it happened on his watch. There’s no indication that the past few months of compromise would be any less ugly if Krebs were still in the director’s chair. Ya might consider feeding that fire of hate for President Trump a little less fuel. If I were you, I'd start getting ready to defend the Harris/Biden administration.  Rams  |
|
|
|
« Last Edit: December 16, 2020, 04:00:27 AM by Rams »
|
Logged
|
VRCC# 29981
Learning the majority of life's lessons the hard way.
Every trip is an adventure, enjoy it while it lasts.
|
|
|
f6john
Member
Posts: 9366
Christ first and always
Richmond, Kentucky
|
|
« Reply #5 on: December 16, 2020, 06:07:58 AM » |
|
It was just Hunters and Eric’s buddies checking in on their investments. Nancy said not to worry, her driver will check into it.
|
|
|
|
|
Logged
|
|
|
|
Valkorado
Member
Posts: 10494
VRCC DS 0242
Gunnison, Colorado (7,703') Here there be twisties.
|
|
« Reply #6 on: December 17, 2020, 03:47:34 PM » |
|
US cyber-attack: Hack of government agencies and companies poses 'grave risk' US officials have warned that a major hacking campaign uncovered this week poses a "grave risk" to the government, critical infrastructure and the private sector. The US Treasury and commerce departments were among those attacked. The US Cybersecurity and Infrastructure Security Agency (Cisa) said thwarting the attack would be "highly complex". https://www.bbc.com/news/world-us-canada-55358332https://www.washingtonexaminer.com/cisa-foreign-hack-government-bigger-than-thoughtThe federal security agency also warned on Thursday that “this threat poses a grave risk to the Federal Government and state, local, tribal, and territorial governments as well as critical infrastructure entities and other private sector organizations.” PAGING SERK. What's your take on this? |
|
|
|
« Last Edit: December 17, 2020, 04:49:56 PM by Valkorado »
|
Logged
|
Have you ever noticed when you're feeling really good, there's always a pigeon that'll come sh!t on your hood? - John Prine 97 Tourer "Silver Bullet" 01 Interstate "Ruby" |
|
|
|
|
Valkorado
Member
Posts: 10494
VRCC DS 0242
Gunnison, Colorado (7,703') Here there be twisties.
|
|
« Reply #8 on: December 18, 2020, 05:48:25 AM » |
|
I thinks it's PAST time for the government to encrypt EVERYTHING except public facing websites - and private industry (especially financial / infrastructure) should consider the same.
& get it OFF the internet! I'm not sure that even an intranet would be wise, unless it incorporates biometrics or some hardcore access firewalls and encryption protocols. |
|
|
|
|
Logged
|
Have you ever noticed when you're feeling really good, there's always a pigeon that'll come sh!t on your hood? - John Prine 97 Tourer "Silver Bullet" 01 Interstate "Ruby" |
|
|
|
scooperhsd
|
|
« Reply #9 on: December 18, 2020, 07:16:04 AM » |
|
Biometrics is really only effective at the workstation, what you need to protect network infrastructure is strong encryption. If anybody was in military communications you know what kind of equipment I'm talking about.
|
|
|
|
|
Logged
|
|
|
|
hubcapsc
Member
Posts: 16781
upstate
South Carolina
|
|
« Reply #10 on: December 18, 2020, 07:26:37 AM » |
|
Biometrics is really only effective at the workstation, what you need to protect network infrastructure is strong encryption. If anybody was in military communications you know what kind of equipment I'm talking about.
All that stuff is practically foolproof if used properly... that is, it all requires all the people to always use it properly. It is often hard to use properly and hard to tell if it has been used properly. Motivated bad-guys (motivated by $ or politics) are willing to do the hard work to find the place where it hasn't been used properly. In the old days I guess information transfer was a lot slower and the bad-guys would beat up the courier in the parking lot to get the information... -Mike |
|
|
|
|
Logged
|
|
|
|
Valkorado
Member
Posts: 10494
VRCC DS 0242
Gunnison, Colorado (7,703') Here there be twisties.
|
|
« Reply #11 on: December 18, 2020, 07:30:28 AM » |
|
Very interesting. Glad they are fixing the gate, but it looks like the horses are running free. Most concerning to me was further access to secure infrastructure including our national electric grid. Time to kill the Cozy Bear! The ChiComs and li'l Kim are both looking into ways to collapse our grid as well... |
|
|
|
« Last Edit: December 18, 2020, 07:44:38 AM by Valkorado »
|
Logged
|
Have you ever noticed when you're feeling really good, there's always a pigeon that'll come sh!t on your hood? - John Prine 97 Tourer "Silver Bullet" 01 Interstate "Ruby" |
|
|
Bret SD
Member
Posts: 4306
***
San Diego, Ca.
|
|
« Reply #12 on: December 18, 2020, 07:31:32 AM » |
|
Biometrics is really only effective at the workstation, what you need to protect network infrastructure is strong encryption. If anybody was in military communications you know what kind of equipment I'm talking about.
In your opinion, is it possible to have an attack this large scale and apparently successful without help from the embedded traitors in our country? The media wants us to believe it's Russia that did it, so automatically my mind goes to their CCP owners/masters. There is no doubt we are now experiencing a full on CCP assault. I hope DJT will use his power now, at this point there's no getting around the battle, and the only way to the other side is through it. It seems our country has been so deeply compromised over many years we now have traitors all through government, corporations, and even in the military (sad to say). The military is the only thing holding our freedom in place.. we need to act soon I believe, or we'll never see another free and fair election in this country. https://oathkeepers.org/2020/12/open-letter-to-president-trump-you-must-use-insurrection-act-to-stop-the-steal-and-defeat-the-coup/ |
|
|
|
|
Logged
|
Bret
02 Standard -- Blue & White
82 Aspencade -- Red
“No man has the right to be an amateur in the matter of physical training. It is a shame for a man to grow old without seeing the beauty and strength of which his body is capable.” Socrates
|
|
|
|
scooperhsd
|
|
« Reply #13 on: December 18, 2020, 08:47:05 AM » |
|
Biometrics is really only effective at the workstation, what you need to protect network infrastructure is strong encryption. If anybody was in military communications you know what kind of equipment I'm talking about.
In your opinion, is it possible to have an attack this large scale and apparently successful without help from the embedded traitors in our country? The media wants us to believe it's Russia that did it, so automatically my mind goes to their CCP owners/masters. There is no doubt we are now experiencing a full on CCP assault. I hope DJT will use his power now, at this point there's no getting around the battle, and the only way to the other side is through it. It seems our country has been so deeply compromised over many years we now have traitors all through government, corporations, and even in the military (sad to say). The military is the only thing holding our freedom in place.. we need to act soon I believe, or we'll never see another free and fair election in this country. https://oathkeepers.org/2020/12/open-letter-to-president-trump-you-must-use-insurrection-act-to-stop-the-steal-and-defeat-the-coup/I believe it is certainly possible that this occured, and I also think my suggested measures would help, properly implemented of course. |
|
|
|
|
Logged
|
|
|
|
|
Robert
|
|
« Reply #14 on: December 18, 2020, 09:59:51 AM » |
|
Total lies  Trump made the agency and appointed all the people, so if they are saying Trump failed then they failed since they were appointed to do a job. YOUR FIRED Baldo good job at the fake news. US President Donald Trump signed today a bill into law, approving the creation of the Cybersecurity and Infrastructure Security Agency (CISA).
SecurityPresident Trump at Signing of H.R.3359, Cybersecurity and Infrastructure Security Agency Act |
|
|
|
« Last Edit: December 18, 2020, 10:20:08 AM by Robert »
|
Logged
|
“Some people see things that are and ask, Why? Some people dream of things that never were and ask, Why not? Some people have to go to work and don’t have time for all that.”
|
|
|
Valkorado
Member
Posts: 10494
VRCC DS 0242
Gunnison, Colorado (7,703') Here there be twisties.
|
|
« Reply #15 on: December 19, 2020, 05:39:39 AM » |
|
Pompeo: Russians are 'pretty clearly' behind hack of US government https://www.foxnews.com/politics/mike-pompeo-cyberattack-us-government-pretty-clearly-russiansThis is the new battleground, and this was an act of war. Guaranteed we will strike back. This story has just begun... Hacked networks will need to be burned 'down to the ground' https://www.foxnews.com/tech/hacked-networks-burned-down-to-the-groundIt's not clear exactly what the hackers were seeking, but experts say it could include nuclear secrets, blueprints for advanced weaponry, COVID-19 vaccine-related research and information for dossiers on key government and industry leaders. Many federal workers — and others in the private sector — must presume that unclassified networks are teeming with spies. Agencies will be more inclined to conduct sensitive government business on Signal, WhatsApp and other encrypted smartphone apps. "We should buckle up. This will be a long ride," said Dmitri Alperovitch, co-founder and former chief technical officer of the leading cybersecurity firm CrowdStrike. "Cleanup is just phase one." The only way to be sure a network is clean is "to burn it down to the ground and rebuild it," Schneier said. |
|
|
|
« Last Edit: December 19, 2020, 07:20:02 AM by Valkorado »
|
Logged
|
Have you ever noticed when you're feeling really good, there's always a pigeon that'll come sh!t on your hood? - John Prine 97 Tourer "Silver Bullet" 01 Interstate "Ruby" |
|
|
Gavin_Sons
Member
Posts: 7109
VRCC# 32796
columbus indiana
|
|
« Reply #16 on: December 19, 2020, 06:01:41 AM » |
|
Maybe, maybe not. Maybe if he'd done a better job, this attack would have not had the success it did. The left news source you reference presents no facts, just political fertilizer. It is, what it is. Your own link refers to security issues before President Trump was even in office. the China-linked compromise of the Office of Personnel Management in 2015 This is also from your linked article. The SolarWinds compromise dates back to March, so it happened on his watch. There’s no indication that the past few months of compromise would be any less ugly if Krebs were still in the director’s chair. Ya might consider feeding that fire of hate for President Trump a little less fuel. If I were you, I'd start getting ready to defend the Harris/Biden administration. Rams But all conservative interweb links are total bullshit according to baldo Didn't you know only his links are truthful and factual?  |
|
|
|
|
Logged
|
|
|
|
Bret SD
Member
Posts: 4306
***
San Diego, Ca.
|
|
« Reply #17 on: December 19, 2020, 06:06:24 AM » |
|
Microsoft? I hope they're not using Windows.. what a POS OS it is, I'll take Linux over it any day, it has much better security and is naturally compartmentalized. I keep a copy of Windows around for proprietary software, but rarely will I connect it to the internet. In over 20 years using Linux I've never had a security problem, it's not immune from attack of course, but it's much easier to secure and much more reliable. Once you know how it works, it just works.. every.time.  |
|
|
|
|
Logged
|
Bret
02 Standard -- Blue & White
82 Aspencade -- Red
“No man has the right to be an amateur in the matter of physical training. It is a shame for a man to grow old without seeing the beauty and strength of which his body is capable.” Socrates
|
|
|
baldo
Member
Posts: 6960
Youbetcha
Cape Cod, MA
|
|
« Reply #18 on: December 19, 2020, 07:26:13 AM » |
|
|
|
|
|
|
Logged
|
|
|
|
|
Serk
|
|
« Reply #19 on: December 19, 2020, 07:32:12 AM » |
|
Microsoft? I hope they're not using Windows.. what a POS OS it is, I'll take Linux over it any day, it has much better security and is naturally compartmentalized.
Ten or fifteen years ago that was the case, Microsoft has advanced Windows by leaps and bounds recently, and combined with the greater uptake of Linux, more people using it means more people are finding ways to compromise it, so now it's much closer to a wash, both in terms of reliability and security... (I use and support both at home and professionally.) |
|
|
|
|
Logged
|
Never ask a geek 'Why?',just nod your head and slowly back away...  IBA# 22107 VRCC# 7976 VRCCDS# 226 1998 Valkyrie Standard 2008 Gold Wing Taxation is theft. μολὼν λαβέ |
|
|
Bret SD
Member
Posts: 4306
***
San Diego, Ca.
|
|
« Reply #20 on: December 19, 2020, 07:35:11 AM » |
|
Xi whiz baldo, an opinion piece disguised as more fake 'news' .. weak |
|
|
|
|
Logged
|
Bret
02 Standard -- Blue & White
82 Aspencade -- Red
“No man has the right to be an amateur in the matter of physical training. It is a shame for a man to grow old without seeing the beauty and strength of which his body is capable.” Socrates
|
|
|
|
scooperhsd
|
|
« Reply #21 on: December 19, 2020, 07:41:36 AM » |
|
Windows can be hardened to a sufficient degree - You have to strike a balance between security and ease of use.
And I would agree with Serk - 10-20 years ago, WIndows was the preferred target, simply because of numbers. Now, with more widespread use of Linux in more places - it's becoming just as big a target.
The big issue is using the firewalls to separate the internal infrastructure from public facing servers for the public/customers to use.
|
|
|
|
|
Logged
|
|
|
|
Bret SD
Member
Posts: 4306
***
San Diego, Ca.
|
|
« Reply #22 on: December 19, 2020, 11:14:38 AM » |
|
Windows can be hardened to a sufficient degree - You have to strike a balance between security and ease of use.
And I would agree with Serk - 10-20 years ago, WIndows was the preferred target, simply because of numbers. Now, with more widespread use of Linux in more places - it's becoming just as big a target.
The big issue is using the firewalls to separate the internal infrastructure from public facing servers for the public/customers to use.
Makes sense, also the more you try and do with any platform, the more you're open for avenues of attack. My simple setup is pretty good, I run Linux Mint based on Ubuntu, I've also run many other flavors and dinked around with them for years. I still suck haha |
|
|
|
|
Logged
|
Bret
02 Standard -- Blue & White
82 Aspencade -- Red
“No man has the right to be an amateur in the matter of physical training. It is a shame for a man to grow old without seeing the beauty and strength of which his body is capable.” Socrates
|
|
|
hubcapsc
Member
Posts: 16781
upstate
South Carolina
|
|
« Reply #23 on: December 19, 2020, 11:24:54 AM » |
|
with more widespread use of Linux in more places - it's becoming just as big a target.
I bet it is just the dinky nerdlings who go after those of us running Linux
on our desktops... but I bet the top-shelf black-hat guys are all over learning
how to compromise the bazillion Linux boxes that "the cloud" is running on.
-Mike
|
|
|
|
|
Logged
|
|
|
|
|
scooperhsd
|
|
« Reply #24 on: December 19, 2020, 12:40:47 PM » |
|
All I'm saying is don't think you're invulnerable to viruses just because you choose to run Linux instead of WIndows / Mac. You have just been in a smaller target group that is just now getting large enough to be noticed. You still need to practice "safe computing" - avoid places where virus writers put their wares to be downloaded, run current A/V (if available) and adblock as much as possible.
|
|
|
|
|
Logged
|
|
|
|
|
old2soon
|
|
« Reply #25 on: December 19, 2020, 01:18:20 PM » |
|
I Am and Continue to be computer illiterate. But I duz have a question. Where are the chips or what ever that make gubmint computers do their thing manufactured? In America OR are our security computers built with foreign sourced components? china B T W comes immediately to my mind. Could foreign sourced parts divert or copy or compromise our-U S of A-very security secrets along with other More sensitive material-read launch codes amongst other things? I personally bank and spend some electronically. Doesn't this very Country run on an electronic river of money? When's the last time many of us here cashed a paper check and deposited actual money into a savings or checking account? A few key strokes and some folks I haven't seen in better than 4 years and some I have yet to meet will read this. Who else is reading this that it was not directed to or-pick a scenario. RIDE SAFE.
|
|
|
|
|
Logged
|
Today is the tommorow you worried about yesterday. If at first you don't succeed screw it-save it for nite check. 1964 1968 U S Navy. Two cruises off Nam.
VRCCDS0240 2012 GL1800 Gold Wing Motor Trike conversion
|
|
|
Bret SD
Member
Posts: 4306
***
San Diego, Ca.
|
|
« Reply #26 on: December 19, 2020, 02:22:56 PM » |
|
All I'm saying is don't think you're invulnerable to viruses just because you choose to run Linux instead of WIndows / Mac. You have just been in a smaller target group that is just now getting large enough to be noticed. You still need to practice "safe computing" - avoid places where virus writers put their wares to be downloaded, run current A/V (if available) and adblock as much as possible.
Yes, TBH I have run Windows for years for my ex wife and kids, the only problems came from the kids getting pirated stuff off the net. They could just revert or re-install so I didn't get on them too much, their computers were never part of my network. These days I'm mostly on a Chromebook and use ad blockers as well as a script blocker, to date I've never had a hacking problem AFAIK.. not that I'm special or anything, I just avoid risky behavior and executing files unless I know where they came from.. |
|
|
|
|
Logged
|
Bret
02 Standard -- Blue & White
82 Aspencade -- Red
“No man has the right to be an amateur in the matter of physical training. It is a shame for a man to grow old without seeing the beauty and strength of which his body is capable.” Socrates
|
|
|
|
scooperhsd
|
|
« Reply #27 on: December 19, 2020, 03:13:24 PM » |
|
Would you believe that at times in the past, I would purposely go out on the Web WITHOUT A/V just to show it can be done if you're careful about where you go ?
Not that I would reccomend this , but if you only frequent sites that you trust - you could.
|
|
|
|
|
Logged
|
|
|
|
|
Serk
|
|
« Reply #28 on: December 19, 2020, 03:15:54 PM » |
|
Would you believe that at times in the past, I would purposely go out on the Web WITHOUT A/V just to show it can be done if you're careful about where you go ?
I used to work for a large well known AV company, and one of their techniques was to have a VMWare ESXi farm with scripts that would spin up Windows workstations, make the workstations go unprotected into the darkest corners of the web, then shut 'em down and analyze what all they'd been infected with... (Thousands of these were running simultaneously) It was actually pretty entertaining to just pull up a console on one of those and see what was being done to it... |
|
|
|
|
Logged
|
Never ask a geek 'Why?',just nod your head and slowly back away... IBA# 22107 VRCC# 7976 VRCCDS# 226 1998 Valkyrie Standard 2008 Gold Wing Taxation is theft. μολὼν λαβέ |
|
|
Bret SD
Member
Posts: 4306
***
San Diego, Ca.
|
|
« Reply #29 on: December 19, 2020, 05:28:48 PM » |
|
Would you believe that at times in the past, I would purposely go out on the Web WITHOUT A/V just to show it can be done if you're careful about where you go ?
Not that I would reccomend this , but if you only frequent sites that you trust - you could.
I believe it, and I've never used an AV on my Linux distros Would you believe that at times in the past, I would purposely go out on the Web WITHOUT A/V just to show it can be done if you're careful about where you go ?
I used to work for a large well known AV company, and one of their techniques was to have a VMWare ESXi farm with scripts that would spin up Windows workstations, make the workstations go unprotected into the darkest corners of the web, then shut 'em down and analyze what all they'd been infected with... (Thousands of these were running simultaneously) It was actually pretty entertaining to just pull up a console on one of those and see what was being done to it... That's hilarious |
|
|
|
|
Logged
|
Bret
02 Standard -- Blue & White
82 Aspencade -- Red
“No man has the right to be an amateur in the matter of physical training. It is a shame for a man to grow old without seeing the beauty and strength of which his body is capable.” Socrates
|
|
|
|
