Each month Peters & Associates hosts a webinar focused on Cyber Security. This is our way to bringing awareness to our client community and we encourage to you join in whenever you are able.  Our goal is to help you determine what you can be doing to avoid these types of slip-ups.

In October we reported on four newsworthy security incidents, all of which are outlined below.

Attacks and hacks in the news

  • DDOS attack with IoT devices causes outages for Twitter and others.
  • Kim Kardashian – physical security issues with a $10,000 jewelry heist
  • Malware on 6000 eCommerce sites including Converse, Audi, and RNSC
  • October is Security Awareness Month – employees as the strongest link

DDOS Attack with IoT Devices

The Internet has many devices with IP addresses where security is an afterthought.  Devices were compromised and used to send a “flood” of traffic to critical routing servers causing them to stop functioning.  This attack caused top brand-name consumer and business services including Twitter, Netflix and AirBnB to be unavailable for approximately 9 business hours.

Lessons Learned

  • Modify default passwords
  • Implement patch strategies, including firmware upgrades, for all Internet-facing devices including phones, cameras, HVAC, etc.
  • Rank the importance of system’s availability to operations

Kim Kardashian Robbed

This month several police impersonators stormed an upscale Paris hotel where the famous socialite was staying.  For a hotel of this reputation, the security equipment was reportedly either missing or poorly maintained equipment.  Most noteworthy, the door code lock had not been changed in decades and was known by everyone!

Lessons Learned

  • Physical security is the first line of defense to assets
  • Schedule regular maintenance for passcode changes and non-functioning equipment

6000 eCommerce sites hacked

It was discovered that websites around the globe had financial data directed to a Russian web site.  These sites included famous commercial names including Converse and Audi, as well as political sites such as the Republican Senatorial Committee.  The root cause of issue was due to outdated eCommerce software combined with malicious software that ran undetected on databases behind web servers.

Lessons Learned

  • Schedule software patching to reduce risk
  • Run detection on all systems

October is Security Awareness Month

While many associate October with Halloween, it may surprise some that it is also National Cyber Security Month!  It is an an annual campaign to raise awareness of everyone’s role in the security position of your organization and on the Internet.

Please join us in November for our next This Month in Cyber Security webinar.  You will find the information to register at https://www.peters.com/event/.

For more information, email info@peters.com or call 630.832.0075.