THERE COMES A TIME WHEN THE PEOPLE PAY THE PRICE FOR THE LEADERSHIP THEY HAVE CHOSEN
TURNING ANY CAPTIVE PLATFORM INTO A LUCRATIVE ADVERTISING "VEHICLE"

DADDY, TELL ME THE STORY ABOUT GOVERNMENT SECURITY AGAIN

Every time I hear the government attempt to reassure me about the safety and security of my personal and financial information, I am reminded that the government does not employ the best and brightest, awards contracts based on political considerations and connections, and selects the low-bidder knowing the system design is flawed and hopes to catch up with “engineering change orders.” Pretty much the reason there are so many large government system failures – even using the biggest of government contractors.

Hackers Leak Personal Data of Washington DC Police Officers

The ransomware gang Babuk released the personal details of several Metropolitan Police Department officers—essentially a full dox—in an attempt to extort the department into paying a ransom to stop further leaks. When Babuk announced that it had stolen 250 gigabytes from the MPD, a police spokesperson confirmed the data breach.

[OCS: Makes me wonder why the data was not encrypted, why there are no controls and verifications of large file transfers or requests for a large number of sensitive files, and who or what automated system is watching the logs? Who is watching the IP addresses? ]

A gang of cybercriminals who hacked the Washington D.C. Metropolitan Police Department have started leaking alleged internal police files, including "background investigations" on police officers that includes psychological evaluations, polygraph responses, supervisor interviews, their credit history, information about their home, their social security numbers, date of birth, personal emails, home address, phone numbers, their driver's licenses, financial details, and their handwritten signatures.

The documents include the result of the applicants' medical evaluations, the background check into their criminal history and social media activities, their employment history, financial information such as their monthly expenses, whether they have student loans or other "financial liabilities," social media handles and screenshots of their profiles, their responses to the polygraph tests, a list of places they lived, a scanned copy of their driver's license, names of possible relatives, and several forms that applicants had to review and sign. The files released on each officer constitute, essentially, a full dox of that person's professional and much of their personal lives.

Ransomware gangs such as Babuk or Cl0p have recently changed the way they extort victims. They don't just encrypt files and ask for a ransom to unlock them, they also first steal the data and then use the threat of leaking it online as a way to put more pressure on the victims and force them to pay up.

"The negotiations reached a dead end, the amount we were offered does not suit us, we are posting 20 more personal files on officers, you can download this archive, the password will be released tomorrow," the hackers wrote on their dark web site. "If during tomorrow they do not raise the price, we will release all the data." <Source>

Commonsense advice from the FBI when they find time from pursuing Donald Trump and supporters…

fbi-clouseu

Ransomware

Ransomware is a type of malicious software, or malware, that prevents you from accessing your computer files, systems, or networks and demands you pay a ransom for their return. Ransomware attacks can cause costly disruptions to operations and the loss of critical information and data.

You can unknowingly download ransomware onto a computer by opening an email attachment, clicking an ad, following a link, or even visiting a website that's embedded with malware.

Once the code is loaded on a computer, it will lock access to the computer itself or data and files stored there. More menacing versions can encrypt files and folders on local drives, attached drives, and even networked computers.

Most of the time, you don’t know your computer has been infected. You usually discover it when you can no longer access your data or you see computer messages letting you know about the attack and demanding ransom payments.

Tips for Avoiding Ransomware

The best way to avoid being exposed to ransomware—or any type of malware—is to be a cautious and conscientious computer user. Malware distributors have gotten increasingly savvy, and you need to be careful about what you download and click on.

Other tips:

  • Keep operating systems, software, and applications current and up to date.
  • Make sure anti-virus and anti-malware solutions are set to automatically update and run regular scans.
  • Back up data regularly and double-check that those backups were completed.
  • Secure your backups. Make sure they are not connected to the computers and networks they are backing up.
  • Create a continuity plan in case your business or organization is the victim of a ransomware attack.

<Source: FBI>

Bottom line…

Every month I see GAO (Government Accountability Office) listing various problems with internal controls in government agencies. Almost always followed up by a dispute over the GAO’s findings or a promise to do better – until next time. Unfortunately, many of these systems are defective by design, deliberately avoiding transparency to allow for political manipulations.

Why are we not elevating threats to our national security and infrastructure?

Why are governments still allowed to have unencrypted personal non-public data in their files when private companies are forced to encrypt such data or suffer the consequences?

What is the government doing to ensure those with the “keys to the kingdom” are not sensitive to or compromised by outside forces or causes – and hand over their passwords and encryption keys?

Where is all this biometric log-in data, and are the biometric hashes protected?

Where is all the security money going if not to protect vulnerable systems?

Forget sensitivity, diversity, and critical race theory – how about constant training for security with frequent challenges. And, above all, firing those who fail to meet the security challenge,

We are so screwed.

-- steve


“Nullius in verba.”-- take nobody's word for it!

“Beware of false knowledge; it is more dangerous than ignorance.”-- George Bernard Shaw

“Progressive, liberal, Socialist, Marxist, Democratic Socialist -- they are all COMMUNISTS.”

“The key to fighting the craziness of the progressives is to hold them responsible for their actions, not their intentions.” – OCS

"The object in life is not to be on the side of the majority, but to escape finding oneself in the ranks of the insane." -- Marcus Aurelius

“A people that elect corrupt politicians, imposters, thieves, and traitors are not victims... but accomplices” -- George Orwell


Comments