Solutions Blog

Apparently, cyber attackers also consider imitation to be the sincerest form of flattery

By Richard Arneson

Phobos-the personification of the fear of ransomware

An ambitious, but apparently unoriginal, cybercrime gang is taking responsibility for a rash of malware attacks that began just prior to the Christmas holidays. They’ve named it Phobos, ostensibly taken from the name given to the personification of fear in Greek mythology. Apparently, fear wasn’t granted god status by the ancient Greeks.

The gang, which apparently forgot to name itself, was inspired by two (2) earlier and very prolific attacks: Dharma and CrySiS, the origin and meaning of its name pretty self-explanatory. But it’s obvious to the security professionals that the gang is only flattering itself—they have no doubt that the same band of reprobates is behind all three (3) attacks.

Dharma

Like Dharma, Phobos preys on open or poorly secured RDP (Remote Desktop Protocol) ports. From these weakened RDPs, Phobos sneaks and slithers into networks and launches the ransomware attack, where it begins encrypting files. It can affect files on local, mapped network and virtual machine drives.

Because it’s called ransomware, victims are soon left with this decision—should I, or shouldn’t I, pay to access my affected files, which will be locked with the .phobos extension. And, as it usually the case, they want payment in Bitcoin, the currency of choice for launchers of ransomware. (Here’s a not-so-subtle tip: DON’T PAY. It only supports and exacerbates the crime.)

It’s obvious that Phobos is Dharma-inspired—the ransom note appears exactly like the one (1) that was used by Dharma, text and typeface, and all. In addition, most of Phobos’ code is identical to Dharma’s; it’s basically a cut and paste version of the latter. And, really, why wouldn’t it mimic Dharma? In the cybercrime world, Dharma is probably 2018’s MVP in the ransomware division. Or, at the very least, it’s on the all-star team; it was arguably the most damaging ransomware of the year.

CrySiS

To prevent hurt feelings, the developers of Phobos borrowed from CrySiS, as well. Phobos is so similar to it that anti-virus software often detects Phobos as CrySis. The variants between the two (2) are so slight that many in the security industry refer to them interchangeably. Technically, though, they’re relatives, and are part of the same sinister crime family.

How are they finding victims’ RDP ports?

Sadly, there’s a marketplace for everything, even RDP ports. On underground cybercrime forums, expansive lists of RDP ports are advertised for sale at bargain basement rates. They’ve been collected by attackers via brute-force attacks, or, in many cases, by playing a game of “Guess the RDP Port.”

Secure ports, backup data, repeat often

To help mitigate the risks of falling victim to ransomware, all RDP ports must be secured with passwords. Not doing so means a simple tap on the [enter] key unlock the gate. And, of course, back up data on a regular basis.  

 If you’re already a ransomware victim, you can go to ID Ransomware and upload one (1) of the encrypted, affected files. They’ll tell you which strain you’ve been infected with, and there are probably more than you’d imagined. Currently, ID Ransomware can identify over six hundred (600) different strains of it.

Ransomware is more than locking victims’ files. By the time they realize their files have been locked, the cybercriminals may have been traipsing about networks for weeks or months—maybe longer. The ransomware may simply be their coup de grace, launched only after they’ve downloaded as much of the victim’s information as they deem worthwhile.

They’re Security Experts

To find out how to secure your organization’s network and protect mission critical data, contact GDT’s tenured and talented engineers and security analysts at SOC@GDT.com. From their Security and Network Operations Centers, they manage, monitor and protect the networks of companies of all sizes, including those for some of the most notable enterprises, service providers, healthcare organizations and government agencies in the world. They’d love to hear from you.

If you want more information about network security, check out the following articles:

Last week’s DHS “alert” upgraded to “an emergency directive”

The Collection #1 data breach—sit down first; the numbers are pretty scary

Shutdown affects more than workers

DDoS Attacks will deny a Massachusetts Man Ten (10) years of Freedom

Phishing for Apples

This isn’t fake news

Don’t get blinded by binge-watching

Mo Money, Mo Technology―Taylor Swift uses facial recognition at concerts

Step aside all ye crimes—there’s a new king in town

Q & A for a Q & A website: Quora, what happened?

They were discovered on Google Play, but this is no game

And in this corner…

Elections are in, but there’s one (1) tally that remains to be counted

Hiring A Hacker Probably Shouldn’t Be Part of Your Business Plan

Gen V

Sexy, yes, but potentially dangerous

Tetration—you should know its meaning

It’s in their DNA

When SOC plays second fiddle to NOC, you could be in for an expensive tune

How to protect against Ransomware

Last week’s DHS “alert” upgraded to “an emergency directive”

By Richard Arneson

Last week, the US Department of Homeland Security (DHS) issued an alert through its US-CERT (Computer Emergency Readiness Team) division concerning repeated DNS hijacking attacks. Apparently, the alert was well deserved. Yesterday, it was significantly upgraded to an emergency directive due to a spate of recent DNS hijacking incidents that have originated in Iran.

Last week’s alert was due to a recent report published by FireEye, a California-based cybersecurity firm. In it, they provided details concerning a coordinated hacking campaign led by an Iranian cyber-espionage group that had manipulated DNS records for both government agencies and private enterprises.

The hijackers’ end game? Redirect traffic meant for email servers to malicious clones, after which they’ll scan for and gather treasured login credentials.

The Directive

The DHS emergency directive orders all government agencies to carefully audit its DNS records and look for unauthorized changes, especially any related to passwords. And it directs them to enable multi-factor authentication for those accounts that can be managed through DNS records.

In addition, they urge all IT personnel to monitor Certificate Transparency (CT) for recently-issued TLS certificates used for government domains. Also, to pay special attention to any requested by non-government employees.

How does DNS Hijacking work?

In the simplest of definitions, DNS hijacking is simply a means of redirecting traffic to a phony website. As a quick refresher, DNS was invented to translate complex, impossible-to-memorize IP addresses into something that’s far easier to remember (like, for instance, GDT.com—much easier to commit to memory than nine (9) numbers listed in no intuitive, commonsensical order).

When you type in a website’s name, the DNS is called on to direct traffic to its corresponding IP address. Usually your ISP maintains the DNS servers, and if a hacker can crack into them, let the hijacking hijinks begin. From there, they can change victims’ DNS records to point traffic toward their servers. Then their party starts. They capture as much login information as they can stomach.

Who has been affected by the attack?

Currently, the DHS, according to a report published by Cyberscoop, a multimedia provider of cybersecurity-related news and information, is aware of six (6) civilian organizations that have fallen victim to this particular DNS hijacking attack. What the DNS doesn’t know yet is how many government agencies have been affected. In its directive, they outlined a four-step action plan to address the issue. All government agencies have been given ten (10) business days to complete it.

Security Concerns?

To find out how to secure your organization’s network and mission critical data, contact GDT’s tenured and talented engineers and security analysts at SOC@GDT.com. From their Security and Network Operations Centers, they manage, monitor and protect the networks of companies of all sizes, including those for some of the most notable enterprises, service providers, healthcare organizations and government agencies in the world. They’d love to hear from you.

If you want more information about network security, check out the following articles:

The Collection #1 data breach—sit down first; the numbers are pretty scary

Shutdown affects more than workers

DDoS Attacks will deny a Massachusetts Man Ten (10) years of Freedom

Phishing for Apples

This isn’t fake news

Don’t get blinded by binge-watching

Mo Money, Mo Technology―Taylor Swift uses facial recognition at concerts

Step aside all ye crimes—there’s a new king in town

Q & A for a Q & A website: Quora, what happened?

They were discovered on Google Play, but this is no game

And in this corner…

Elections are in, but there’s one (1) tally that remains to be counted

Hiring A Hacker Probably Shouldn’t Be Part of Your Business Plan

Gen V

Sexy, yes, but potentially dangerous

Tetration—you should know its meaning

It’s in their DNA

When SOC plays second fiddle to NOC, you could be in for an expensive tune

How to protect against Ransomware

Yes, of course you want 5G! But do you really know why?

By Richard Arneson

It’s an exaggeration to say that the race to 5G is in its final stretch, even though several carriers are claiming it is, and that they’ll be the first to cross the finish line. No question, though, the race heats up more each day, and not just in the U.S. In fact, many in the industry, both here and abroad, believe that China is currently the clear and present leader.

But regardless of who, exactly, currently sits at the top spot, a recent survey conducted by PCMag.com unveils that yes, indeed, the public definitely wants 5G, but they don’t really know why. That’s called good marketing.

Has the marketing of 5G really been that good?

While the carriers—and countries—are mortgaging their futures and advertising budgets on 5G, there’s one (1) thing they appear to have overlooked—explaining what it is and why exactly it’s going to be so earth-shattering. Sure, respondents listed faster speeds as a benefit, but, seriously, who couldn’t have guessed that? Have you ever seen a carrier promising slower speeds and more dropped calls?

The survey, which included 2,500 U.S. consumers, found that four (4) out of five (5) Americans basically have no idea what 5G is, much less what it will provide. A quarter of those who claimed to know what 5G is believe they currently have it. Hmmm. Yes, that means many of the twenty percent (20%) who claim to know what 5G is don’t. And of those who believe they’re currently enjoying 5G, almost half believe they have it at home. Apparently, they’re mixing up 5G Wi-Fi with 5G, an understandable mistake, but incorrect. 5G Wi-Fi has been around for almost twenty (20) years. While it operates in the five gigahertz (5G) range, it is a short range, home networking solution that became popular around 2010 when home routers began utilizing 801.11.

So, what worries consumers about 5G?

If you answered, “higher prices”, you nailed it. But, really, isn’t that answer on a par with “higher speeds”? But give yourself a pat on the back if you answered shrinking data caps, or something to that effect. That ranked just south of higher prices.

While you may have read or heard some of the scare tactics surrounding 5G (or seen them in video form on YouTube), hopefully you’ll fall in line with the vast majority of respondents who aren’t buying it. Eighty percent (80%) stated that they have no safety or health concerns regarding 5G, and that they believe claims to that effect are a bunch of hooey. To allay any fears you may have about 5G, the base stations are not more powerful than current ones, and they’re not solely millimeter-wave. And in the event you’re wondering, millimeter-wave technology has been widely studied, which runs counter to what the technology fearmongers believe and have been disseminating. Concerns surrounding millimeter-wave technology are due to the fact that because it operates at an extremely high frequency, some believe it will splash consumers with steady waves of radiation. Not so.

If you really, really want to know why you (should) want 5G, click here. Oh, and find out how the government is trying to get 5G into your hands quicker here.

Mobility questions? These folks have the answers

If you have questions about your organization’s current mobility strategy (or the one you’d like to implement) and how 5G will affect it, contact GDT’s Mobility Solutions experts at Mobility_Team@gdt.com. They’re comprised of experienced solutions architects and engineers who have implemented mobility solutions for some of the largest organizations in the world. They’d love to hear from you.

The Collection #1 Data Breach─sit down first; the numbers are pretty scary

By Richard Arneson

It’s interesting what forty-five (45) bucks will buy you these days─a small bag of groceries, a night at the movies with your significant other (if you the small-sized drinks and snacks at the concession stand), and half a parking space at a Dallas Cowboys home game. Also, and if you don’t possess a conscience, it can get you three-quarters of a billion unique email addresses.

What happened?

Last week it was revealed by security researcher Troy Hunt that “Collection #1”, an unimaginative name for one (1) of the largest security breaches of all time, is a mass of data—almost 90 Gb worth—that includes 773 million unique email accounts and almost 25 million associated passwords. Yes, passwords.

Originally, the data numbered 2.7 billion records, but Hunt jettisoned the garbage to arrive at its current, apparently marketable total.

Just so there’s no confusion, Hunt is the good guy. For years, he’s been researching data breaches and alerting the public of his findings. He shared his recent, pared-down database with the site Have I Been Pwned?, which allows email addresses to be entered to discover whether they are one (1) of the unlucky 773 million. The bad guy(s) are the ones selling access to the database on a file hosting site that shall remain nameless (sorry, no free advertising for evil).

Collection #1 isn’t a new thing; it’s been around approximately two (2) years. Collection #2 came first, and actually puts its digital progeny to shame. Aside from the fact that it was named by a sequentially-challenged hacker, it totals over 500 Gb. So, if you’re keeping score at home, both collections total almost a terabyte of stolen data that is available to miscreants for the one-time fee of $45. A steal—literally and figuratively.

Hunt does offer up a sliver of solace. While he found his email address in the database, the password associated with it was one (1) he’d used many years ago. Whew. However, even if a password was used for email years ago, you may not be out of the woods. For instance, what if it’s the current password you use to log into another site, like—gulp—your bank. It could be a key that unlocks a spate of services.

Yikes! What next?

First, go to Have I Been Pwned? to discover if you’re an undistinguished member of this hacked fraternity. If so, start changing your passwords—all of them. But don’t change them once and never do it again. We’re supposed to be replacing the batteries in our smoke detectors when daylight savings time ends and begins, right? Add changing passwords into the mix. With the volume of excellent password management tools available, you have sundry options to address this problem. That’s not to say it’s a security panacea, but it can greatly reduce password-related issues.

Security Concerns?

To find out how to secure your organization’s network and mission critical data, contact GDT’s tenured and talented engineers and security analysts at SOC@GDT.com. From their Security and Network Operations Centers, they manage, monitor and protect the networks of companies of all sizes, including those for some of the most notable enterprises, service providers, healthcare organizations and government agencies in the world. They’d love to hear from you.

If you want more information about network security, check out the following articles:

Shutdown affects more than workers

DDoS Attacks will deny a Massachusetts Man Ten (10) years of Freedom

Phishing for Apples

This isn’t fake news

Don’t get blinded by binge-watching

Mo Money, Mo Technology―Taylor Swift uses facial recognition at concerts

Step aside all ye crimes—there’s a new king in town

Q & A for a Q & A website: Quora, what happened?

They were discovered on Google Play, but this is no game

And in this corner…

Elections are in, but there’s one (1) tally that remains to be counted

Hiring A Hacker Probably Shouldn’t Be Part of Your Business Plan

Gen V

Sexy, yes, but potentially dangerous

Tetration—you should know its meaning

It’s in their DNA

When SOC plays second fiddle to NOC, you could be in for an expensive tune

How to protect against Ransomware

Government Cloud adoption is growing, but at the rate of other industries?

By Richard Arneson

Just so you don’t have to wait for the obvious, let’s just go ahead and get it out of the way─yes, security is the biggest issue for government agencies moving to the cloud. But it hasn’t deterred half of them, according to a year-old Gartner study that states fifty percent (50%) of all government organizations utilize cloud services. Now─eighteen (18) months later─it’s assuredly higher, but we’ll have to wait on their next study for that answer.

Based on our everyday, garden-variety, government-related experiences, it’s easy to assume that government deployments, with the exception of those related to the military or national security, of course, are a little antiquated. Let your mind wander and bring into focus those times you’ve forlornly trudged into the post office, DMV or DPS. It feels like walking back in time. You expect to see signs selling war bonds. Sure, there have been a few updates here and there (you can now pay for auto registrations with a credit card!), but, basically, the processes are not that different than they were thirty (30) years ago. Based on these more frequent interactions with government agencies, it may come as a surprise to learn that, technologically-speaking, they’re definitely not decades behind enterprises, both public and private. In fact, while companies across all industries spend an average of 20.4% of their total IT budget on the cloud, governments, including local, state and federal, clock in a 21.3%.

While security is the top concern, government organizations cite the top two (2) cloud adoption drivers as cost savings and the ability to deliver services more efficiently. Savings and efficiency—sounds about right.

Which cloud are they adopting?

While government cloud adoption is healthy, the three (3) issues throttling it back are security, as previously mentioned, concerns about being locked into a singular vendor, and a lack of the key features they need. This is the reason Gartner opines that the implementation of private clouds by governments will be twice that of public clouds. It’s ironic, government want more features, but are implementing private clouds that inhibit those features associated with public clouds, including functionality, scalability and cost savings. Again, it’s all about security.

Actually, much of what governments consider a private cloud is actually closer to advanced virtualization or an outsourced infrastructure. While both can work perfectly for running particular workloads, they aren’t technically private clouds. Here’s what governments need to know—the benefits gap between the private clouds and public clouds is widening. Another Gartner survey revealed that less than five percent (5%) of what government entities considered a private cloud actually possessed multiple cloud characteristics. That figure makes you wonder if many government IT departments want to say they’re running in a cloud environment, but without actually doing so, at least in a meaningful way. And a poor cloud implementation will likely result in disgruntled users and surly executives. So, ultimately, they’re frustrating users while also failing to achieve and enjoy many, if not most of, the cloud benefits.

Where is the data stored?

Data sovereignty. It will always be important for government entities, whether they like it or not. Data sovereignty simply refers to collected data that is subject to the laws of the country in which it’s collected. Governments are uneasy about storing data outside their borders, which is a concern many agencies share. Recently the Australian government cancelled their cloud contact upon discovering the vendor was processing government data in an offshore cloud. The UK contracted with a cloud provider, but refused to implement its service until the provider had built a local site. Again, security prevails.

Governments, especially local ones, are probably better positioned to take advantage of the cloud than many enterprises. Budgets are repeatedly cut, which certainly makes cost savings an enticing element. But, regardless, those implementing government clouds must consider, in addition to its unique technical, organizational and procedural structures, the regulatory issues that will always sit atop the list of concerns.

Moving to the cloud? It all starts with Expertise―then an Assessment

Migrating to the cloud is a big move; it might be the biggest move of your IT career. If you don’t have the right cloud skill sets, expertise and experience on staff, you may soon be wondering if the cloud is all it’s cracked up to be.

That’s why turning to experienced Cloud experts like those at GDT can help make your cloud dreams a reality. They hold the highest cloud certifications in the industry and are experienced delivering solutions from GDT’s key cloud partners―AWS, Microsoft Azure and Google Cloud. They can be reached at CloudTeam@gdt.com. They’d love to hear from you.

If you’d like to learn more about the cloud, migrating to it, considerations prior to a migration, or a host of other cloud-related topics, you can find them here:

The 6 (correctly spelled) R’s of a cloud migration

Are you Cloud Ready?

Calculating the costs–soft and hard–of a cloud migration

Migrating to the Cloud? Consider the following

And learn how GDT’s Cloud Team helped a utility company achieve what they’d wanted for a long, long time:

A utility company reaps the benefits of the cloud…finally

Smart Sneaks

By Richard Arneson

     But will they make you jump higher?

Living and working in the age of IoT is nothing short of fascinating. The number of new IoT devices created each day overloads the press release wires. And with wide-scale 5G wireless on the horizon, it’s only going to pick up steam. There will be virtually no facet of our everyday lives that isn’t affected by it.

Not to be left out of the IoT buzz, Nike, the manufacturer of all things worn in the name of athletics, introduced its latest smart product to the marketplace at this month’s CES Show in Las Vegas. No, it doesn’t track heart rates or blood pressure; it doesn’t calculate reps or steps. It simply bends over─virtually, of course─to tie your sneakers.

It’s been several years since Nike first suspected that consumers were simply dog-tired of tying their shoelaces. But they’ve taken that suspicion a step further. Their latest iteration of the self-tying sneaker is the Nike Adapt BB shoe, which can be secured, tightened and adjusted with your smart device. It’s the next evolution of two (2) shoes Nike released in 2016: the 89 AirMag, which self-laced and even featured lighted soles (it was a limited-edition shoe based on the ones Marty McFly wore in the 1989 film Back to the Future II), and the HyperAdapt 1.0, which accomplished the same feat, but utilized more traditional laces. Both served as market test balloons. Apparently, they both stayed afloat, at least long enough for Nike to determine the public was ready for a smart sneaker.

While the company promises additional self-lacing shoes will be released later this year, the Nike Adapt BB is currently the only one (1) that can be controlled through a downloaded app. The Adapt BB is, naturally, Bluetooth-enabled and waits at the ready to find out how its owner would like their sneakers laced up before hitting the court. Just think, your basketball shoes will house a tiny motor to cinch down your shoes.

Now for the numbers

The Adapt BB, which made its debut yesterday at two (2) basketball games in Europe, will go on sale in the UK on February 17th. They’re priced at £299.95, or approximately $387 U.S. dollars, and each charge (yes, the sneakers need to be charged) lasts about two (2) weeks.

What Nike hasn’t addressed is what you’d imagine afflicts athletes whose height rivals that of a Redwood─fat-fingering. Imagine LeBron James, who makes almost a half a million bucks per game, sitting out a playoff series because he accidentally over-cinched his Adapt BBs just before his smartphone went dead. Maybe the shoe’s 2.0 version will be able detect if circulation has been cut off.

Get more IoT and Smart City info from the experts

For more information about IoT and Smart City solutions, talk to the experts at GDT. Their tenured, talented solutions architects, engineers and security analysts understand how to design and deploy IoT and Smart City solutions for organizations of all sizes to help them realize more productivity, enhanced operations and greater revenue. GDT helps organizations transform their legacy environments into highly productive digital infrastructures and architectures. You can reach them at IoT@gdt.com. They’d love to hear from you.

You can read more about Smart Cities and IoT Solutions here:

These are no dim bulbs

Why Smart Cities? It’s in the numbers

Five (5) things to consider prior to your company’s IoT journey

Without Application Performance Monitoring, your IoT goals may be MIA

How does IoT fit with SD-WAN?

GDT is leading the Smart Cities Revolution

Late for an appointment? Blame it on a Pole

By Richard Arneson

Remember the days when finding your next appointment meant pulling over, fumbling with a map, then trying to line up the creases before shoving it into your glove compartment? Oh, and if you were running late, finding a phone booth and a quarter held sway over locating a misplaced, winning lottery ticket. Yes, it was a pain, but at least it didn’t change due to our planet’s wonky, wobbly axis. Yes, Earth’s axis moves a lot, and guess what? Modern day navigational tools are affected by it. And, yes, that applies to the online maps we’ve all come to rely on.

In the event you’ve had a hunch our planet is wobbling like a figure skater with an inner ear infection, you’ve been right. Our magnetically-charged north pole is moving, and doing so quickly. Here’s the good news—it’s also moving unpredictably. Nothing says “peace of mind” like hearing Planet Earth is doing something unpredictably. But here’s the rub, at least technologically speaking—navigational models have to continually be updated to account for Earth’s inability to control its wayward axis. NATO counts on the updates; the Department of Defense (DoD) relies on them; and, yes, your handheld device, tablet and computer do, as well.

Isn’t it always about that pesky Liquid Iron?

Far below the Earth’s surface, liquid iron does what liquids do—it sloshes around. And this movement is what causes the Earth’s axis to wobble. Fill a basketball with a pint of water and roll it on the floor. That’s us, trying to carry out our day-ot-day tasks on a lopsided basketball. If navigational systems aren’t adjusted to account for the north pole’s migration, which si currently heading from the Arctic Circle towards Siberia, your navigation system of choice is as precise as a stock picker. The degree to which this will affect your ability to find your next appointment is unclear, but it certainly feels unsettling.

The Earth’s axis is currently moving approximately thirty-four (34) miles per year. Yes, that number is relative, but here’s how it relates─The World Magnetic Model, which measures such things, reports that the Earth’s axis moved about nine (9) miles a year when it was last gauged in 2015 (they measure and update it every five (5) years). So, as you may have guessed based on this four-fold increase in speed, the need to adjust magnetometers (ah, yes, the magnetometers) is becoming increasingly more important. The movement so much faster than in year’s past that they’re recommending updates take place now, instead of waiting until the calendar flips to 2020. Our smart phones are built, at least in reference to their navigational components, based on these magnetometers. And mapping applications we’ve come to rely are dependent on the accuracy of the magnetometer.

Oh, and here’s another thing the government shutdown has, well, shut down—the world magnetic model update, which was supposed to take place today. It won’t happen. Those responsible for the update are cursing Google Maps while circling the block trying to find their upcoming job interview.

If you’re heading to an appointment, you may want to take a map with you—the foldable type.

Mobility Experts with Answers

If you have questions about your organization’s current mobility strategy, contact GDT’s Mobility Solutions experts at Mobility_Team@gdt.com. They’re composed of experienced solutions architects and engineers who have implemented mobility solutions for some of the largest organizations in the world. They’d love to hear from you.

You can read more about how to digitally transform your infrastructure, and organization, here:

Goooooaaaaalll─Technology’s World Cup

Workshops uncover insights into the state of IT and Digital Transformation

What is Digital Transformation?

The only thing we have to fear is…definitely not automation

Without application performance monitoring, your IoT goals may be MIA

When implementing a new technology, don’t forget this word

Automation and Autonomics—the difference is more than just a few letters

Is Blockchain a lie detector for the digital age?

If you fall victim to it, you won’t end up marking it as “like”

They were discovered on Google Play, but this is no game

Blockchain; it’s more than just Bitcoin

When being disruptive is a good thing

Government shutdown affects more than workers

By Richard Arneson

As the government shutdown enters its fourth (4th) week, which marks the longest of its kind in U.S. history, the list of ill effects left in its wake now includes IT security. Yay! Like the impasse between the Trump administration and Democrats that’s at the heart of the shutdown—the border wall—this aftershock also includes a wall. This one (1), however, comes in the form of a digitally-encrypted wall—TLS (Transport Layer Security) certificates.

TLS certificates, like SSL certificates, are utilized by websites to secure connections between users accessing them. For all intents and purposes, TLS is basically the 2.0 version of SSL. Web servers that have installed TLS certificates display their web address with that all important “S” after “HTTP”. Yes, the “S” stands for secure; it means a cryptographic key has been binded to the website, so communications between it and users are encrypted.

So, what does this have to do with the government shutdown?

It’s reported that as many as eighty (80) government websites—those with a .gov domain name—are no longer TLS-protected. Their certificates have expired. And furloughed government IT workers means there’s nobody to renew the certificates. So, trying to access one (1) of these unprotected websites will net you this message—Your connection is not private. As a result, users won’t be able to enter the site. Frustrating, yes, but at least they’ll be kept safe by being prevented from entering. However, in several browsers the warning can be bypassed, which means any sensitive information entered, such as social security numbers, won’t be encrypted. If more advanced and adventurous users decide to take this route, they could open themselves up to man-in-the-middle attacks, in which cyber criminals eavesdrop on conversations in the name of ill-gotten gains.

Naturally, the longer the shutdown, the more sites will be affected. In just over three (3) weeks, eighty (80) certificates have expired. And those eighty (80) sites represent only two percent (2%) of all federal .gov sites. Yikes.

Security Concerns?

To find out how to secure your organization’s network and mission critical data, contact GDT’s tenured and talented engineers and security analysts at SOC@GDT.com. From their Security and Network Operations Centers, they manage, monitor and protect the networks of companies of all sizes, including those for some of the most notable enterprises, service providers, healthcare organizations and government agencies in the world. They’d love to hear from you.

If you want more information about network security, check out the following articles:

DDoS Attacks will deny a Massachusetts Man Ten (10) years of Freedom

Phishing for Apples

This isn’t fake news

Don’t get blinded by binge-watching

Mo Money, Mo Technology―Taylor Swift uses facial recognition at concerts

Step aside all ye crimes—there’s a new king in town

Q & A for a Q & A website: Quora, what happened?

They were discovered on Google Play, but this is no game

And in this corner…

Elections are in, but there’s one (1) tally that remains to be counted

Hiring A Hacker Probably Shouldn’t Be Part of Your Business Plan

Gen V

Sexy, yes, but potentially dangerous

Tetration—you should know its meaning

It’s in their DNA

When SOC plays second fiddle to NOC, you could be in for an expensive tune

How to protect against Ransomware

Distributed Denial of Service (DDoS) Attacks will deny a Massachusetts man ten (10) years of freedom

By Richard Arneson

Unless you consider ten (10) years in the hoosegow some odd form of payment, it’s widely known that (all together now) crime doesn’t pay. Martin Gottesfeld, 34-year-old Massachusetts knucklehead, just got reminded of it the hard way, though. He got sentenced to a decade behind bars for cyberattacking two (2) medical facilities on behalf of Anonymous, a hacking activist group (What happened to the days when activist groups tried to get people to vote more or advance women’s rights?). The cyberattacks were launched to protest the treatment of a teen in a high-profile custody case. The sentence was handed down on January 7th, four (4) months after a federal jury found him guilty on two (2) counts, including conspiracy to damage protected computers. His cyberattacks, which occurred in 2014, targeted Boston Children’s Hospital and another nearby medical facility.

Gottesfeld, a computer engineer who hails from the Boston suburb of Somerville, MA, dreamed up his attack after learning about a child custody case involving a teenage girl. Gottesfeld shared the views of several political and religious groups who decided the government’s interference in the case unjustly trumped parental rights.

The teenager, Justina Pelletier, had been taken into custody by the state of Massachusetts after it determined her parents, who insisted their daughter’s health issues were not psychiatric in nature, were interfering with her treatment. Gottesfeld, whose information about the case came from news stories, decided the hospital had misdiagnosed Pelletier. He determined the best way to combat a faulty diagnosis was to launch DDoS attacks on Boston Children’s Hospital and Wayside Youth & Family Support Network, where Pelletier resided after being discharged from the hospital. Gottesfeld’s attack on the hospital disrupted its network for almost two (2) weeks, and interrupted several services used to treat patients.

While there has been no reported connection with Gottesfeld’s DDoS attacks, just three (3) years ago he was found floating off the Cuban coastline in a motor-challenged boat. He was rescued by a Disney Cruise ship. While it’s unclear if a large mouse or actual crew member led the rescue efforts, they soon learned that they’d pulled aboard an honest-to-goodness fugitive from justice. As it turned out, Gottesfeld had recently fled the United States upon learning he was the target of a federal investigation. Apparently, Gottesfeld is as poor at selecting boats as he is at cyber-crime.

In addition to giving up a hundred and twenty-one (121) months of freedom, Gottesfeld is required to pay almost $450,000 in restitution, an especially steep price considering he’ll be making about fifty (50) cents an hour until 2029. He should be getting fairly used to living behind bars, though. He was originally taken into custody almost three (3) years ago. Naturally, he has plans to appeal his conviction, but insists he has no regrets.

Security Concerns?

To find out how to secure your organization’s network and mission critical data, contact GDT’s tenured and talented engineers and security analysts at SOC@GDT.com. From their Security and Network Operations Centers, they manage, monitor and protect the networks of companies of all sizes, including those for some of the most notable enterprises, service providers, healthcare organizations and government agencies in the world. They’d love to hear from you.

If you want more information about network security, check out the following articles:

Phishing for Apples

This isn’t fake news

Don’t get blinded by binge-watching

Mo Money, Mo Technology―Taylor Swift uses facial recognition at concerts

Step aside all ye crimes—there’s a new king in town

Q & A for a Q & A website: Quora, what happened?

They were discovered on Google Play, but this is no game

And in this corner…

Elections are in, but there’s one (1) tally that remains to be counted

Hiring A Hacker Probably Shouldn’t Be Part of Your Business Plan

Gen V

Sexy, yes, but potentially dangerous

Tetration—you should know its meaning

It’s in their DNA

When SOC plays second fiddle to NOC, you could be in for an expensive tune

How to protect against Ransomware

What to consider before hitting the SD-WAN open road

By Richard Arneson

Estimates vary (greatly), but industry analysts predict the SD-WAN market will clock in somewhere between $4.5 billion and $9 billion by 2022. Yes, that’s quite a variance, but whether it finishes at the high or low end, the growth is staggering considering it’s now just shy of $1 billion. Yeah, it’s big, and why wouldn’t it be? SD-WAN can provide significant cost savings, faster and easier location turn-up with automated authentication and configuration, higher speeds and more bandwidth. And because it can be centrally managed through Controller software, it’s far easier to manage security, control policies and compliance. Who wouldn’t want some of that action?

But before you dive in, there are a number of things to consider, and prepare for, prior to starting your SD-WAN journey. That path may look like the Yellow Brick Road, but, as Dorothy and her inept buddies found out, it can be rife with danger. But forget the witches and flying monkeys. This is the real world, where outages, unbudgeted costs, and losses in productivity and revenue are a lot scarier.

Following are a few of the elements to carefully consider prior to hitting the SD-WAN road:

Migration

It’s important to consider which sites to migrate first, the broadband service providers to use, application response times and which ones should be moved to the cloud, personnel needing to be involved, and how the overall experience of end users will be affected. In addition, think about how many physical appliances will continue to be utilized, which should be virtualized, and what a hybrid of the two (2) would look like.

Most Common Challenge

One (1) of the most daunting aspects of moving to an SD-WAN architecture concerns which vendor to use. Currently, there are almost fifty (50) from which to select, and that’s not to mention the SD-WAN solutions offered by most of the larger service providers. Ever hear of paralysis by analysis? Selecting the “right” vendor for your needs can cripple the collective heads of IT personnel. It’s a big decision, and one (1) you’ll be living with for awhile.

SD-WAN Pre-Deployment

Start with a baseline that takes into account your current environment. A journey begins with a single step, but that step can’t be taken until you know where to start. The current state of your network architecture should include an inventory of all assets, users, applications and network paths and connections. And consider how SD-WAN will play with your current infrastructure. Will a hybrid of the two (2) work—and how well?— during the transition?

Deploying SD-WAN doesn’t have to mean you’ll automatically bid MPLS a fond farewell. Maintaining MPLS and utilizing SD-WAN to augment it may be the best option. And consider how cloud services you utilize, or plan to, will get incorporated during the deployment.

Deployment―the first step

SD-WAN deployment needs to be immediately (or close to it) validated after cut-overs. Cut your teeth on a few smaller “pilot sites”, and learn from those experiences. This is the ideal time to analyze and verify that intended policies are being adhered to by the SD-WAN controller, and that applications are performing as intended. Again, learn from these pilot sites; doing so will help future implementations go more smoothly.

Ongoing Management and Visibility

If you thought one (1) of SD-WAN’s benefits is that you can simply set it and forget it, you need to wipe that notion from your mind. If not, you’ll hamstring your SD-WAN deployment. Even though SD-WAN controllers continually make policy decisions based on the network’s state and select dynamic paths for applications, that doesn’t mean IT staffers can kick back and play Fortnite. The state of the network needs to be continually monitored for policy exceptions; ignore this key component and applications’ performance will deteriorate.

Also, SD-WAN isn’t an island unto itself. It needs to interoperate with other areas of the network, and without insight into this, and how it’s impacting your organization, your SD-WAN deployment won’t deliver the desired results.

High visibilty to carefullyl manage an SD-WAN deployment is critical; it’s what will ultimately make it or break it. And from this, you can better understand the impact it is delvering and will continue to provide to your organization. If critical performance measurements are evaluated on an on-going basis, it will help with troubleshooting, proactive alerting and policy optimization.

Got questions? Call on the SD-WAN experts

To find out more about SD-WAN and the many benefits it can provide your organization, contact GDT’s tenured and talented SD-WAN Engineers and Solutions Architects. They understand the many factors that must be considered prior to SD-WAN deployments, including link optimization, broadband usage, network architecture and the impact of moving on-prem infrastructures to the cloud. And they work with a wide array of SD-WAN providers. They’ve implemented SD-WAN solutions for some of the largest enterprise networks and service providers in the world, and helped them optimize their ROI. They’d love to hear from you.

Get more SD-WAN information here, including: 

Dispelling the myths surrounding SD-WAN, 

How SD-WAN fits with IoT

Demystifying SD-WAN’s overlay and underlay networks

SD-WAN’s relationship with SDN, and 

Why the SD-WAN market will grow by 1200% by 2021

And to see how GDT’s SD-WAN experts delivered the perfect solution to a global software company, click here.