Computer Snacks

åThis week we look at the ways to feed your computer, especially when they’re hungry. Check out the video and then the rest of this article!

What to feed your computer?

Micro-Chips

When talking about microchips, they are identified as the silicon material electronics that perform functions on a motherboard inside various devices, from laptops to IoT devices to our cars. However, several years ago, an interesting story came out of Bloomberg regarding the Supermicro motherboards where there was a tiny chip on board that the Chinese were using to connect wirelessly and have data sent back to them. Unfortunately, this was untrue. However, there was a colleague of mine who did a presentation at DEFCON at the ICS village back in 2019.

https://twitter.com/montaelkins/status/1158395449595662341

He took a Cisco firewall and added a microchip to it. After researching it and studying it, he was able to solder a microchip on the board that, when powered up, would send configuration and user account information back to his C2 server. He even brought the board itself to DEFCON and, after his presentation, challenged everybody to see if they could find the microchip. Nobody could, and when he did show it to us, it just looked like any other microchip that should be on the board. He did a great job soldering it in there and programming it. In the comments section below, I will provide the link for the tweet that shows the DEFCON talk and read more about it there.

(Fish) Phish Sticks

When talking about fish sticks and fishing, folks know that cybercriminals work their way into organizations via the user and phishing emails. Organizations can conduct phishing assessments to try and make sure that users are aware of what the cybercriminals are doing to gain access to the organization’s environment. When it comes to social engineering, there are three questions I always review first: 

  1. Is the email unexpected?
  2. Is this person a stranger or unknown to me?
  3. Are they asking me to do something immediately with a sense of urgency or initiating a knee-jerk emotional response.

If answering yes to any of these questions, then take the extra time to make sure and verify the user the email. These three questions are the starting point for ensuring a user doesn’t get successfully phished.

Cookies

Ah, cookies. Those wonderful little text files on our computer track login information and information about us when we visit websites. They were designed originally to be something worthwhile. Like all tools and features, it is used for wrongdoing. GDPR requirements enforced the need for organizations and users to be aware that there are cookies and what they do when one visits their website. There is the option of specifying what kind of cookies you want, which many users just want to get to the website. They don’t want to be worrying about what cookies and how much information it stores. Just show me the information on the webpage! And so many people don’t realize the potential dangers of cookies on their systems. Some ways to protect users are ad blockers, which are plugins for browsers to restrict the saved information. Additionally, browsers can protect your privacy like DuckDuckGo or Brave. These can help reduce your digital footprint and help protect you against cookies and malware attacks.

Computer Food for Thought

So while your computer may not ask you to feed them, users want to make sure they give it a healthy dose of antimalware or EDR / Endpoint detection and response. Ensure the operating systems are up to date, including all software loaded. So, in the end, make sure to patch and keep your computer well-fed with software updates!

Post in the comments

Printers & Music

As Organizations slowly welcome back their users to the office (RTO), others have embraced the remote, home life. Depending on your roles and responsibilities, your involvement with printing materials may have changed while working remotely for the past two years. 

Here is something to keep in mind that may get overlooked:

Make sure we’re still protecting the printers. 

Often, users don’t realize that the printer is an easy way for an attacker or cybercriminal to gain a stronger foothold onto an organization’s network.  
1. In 2018 “TheHackerGiraffe” attacked over 50,000 printers to print flyers to help promote the YouTube sensation PewDiePie. (https://lnkd.in/eeWm6-5t)
While many people might think this was just a harmless prank, it only targeted 50,000 out of the 800,000 exposed.
2. Several months ago, there were reports of POS printers being attacked in restaurants and printing up prank-style propaganda messages. (https://lnkd.in/eHAq_RVm) The attackers targeted a specific port that the printers utilize for communications to send the message across the internet. Interestingly, these POS machines were connected directly to the internet and were openly scanned and discovered. While the messages may be harmless, it demonstrates the minimal security protecting the devices on the organization’s network.
3. Recently hacktivists groups have targeted Russian military printers and gained access to send over 10,000 anti-war messages. (https://lnkd.in/e8iW77RG) While it’s not readily apparent how they gained access, most likely, they weren’t adequately secured or had exploitable open ports. 
So, whether it’s a hacktivist group, a script kiddie, or a nation-state, it’s important to remember some essential tips to protect printers and POS machines on our networks. 

Remember to protect your printers (PRAVMA)
Patched: Keep them up to date with their firmware and any printing software.
Remove: Avoid connecting the printers directly to the internet. Protect them behind a firewall. 
Avoid: leaving documents on the printer. Configure the printer where the user needs to log into the printer with a PIN to retrieve the documents.
Verify: Before returning printers, verify that all data on the internal hard drive is removed.
Monitor: Audit, review, and monitor all remote connections, including printing support companies. If possible, implement MFA for remote access to the printers.
Awareness: Include in the security awareness program about printing regarding any printed copies are correctly labeled to reduce the risk of exposing any confidential or unwanted information.

Surviving & Comfort Zones

Day 1 – We Survived!

We survived!
We made it!
We got through October!

The month of October, where cybersecurity professionals and organizations all around the month “celebrate” Cybersecurity Awareness Month! Okay, why all the big hoopla? This one month of the year, organizations focus on cybersecurity with lunch and learns, special events and possibly invite a cybersecurity professional to discuss cybersecurity tips, techniques, and best practices with the IT teams and the business. In October, I delivered more presentations in that one month versus the past six months. There is always a great demand for cybersecurity awareness presentations. Still, honestly, I hope to talk myself out of my career, where everyone is cybersecurity aware and develops the habits to be secure online. However, I recognize that we will always need security within our society.
Which, after October, it now brings us to November. In the USA, November is the time for Thanksgiving and preparing for the upcoming holiday seasons.
It’s also the month called National Novel Writing Month, or NaNoWriMo! The month where a nonprofit group (https://nanowrimo.org/) encourages writers to write that novel they’ve always wanted to write but needed a purpose. While I’m far from writing a novel, I am working toward writing an eBook supported by blogs and other writings over the next couple of months.
There are various topics I hope to write about in the next month. Those topics are still being formulated but will surround my daily activity as a security awareness advocate, including security awareness, ransomware research, education, and how to run an effective security awareness program.
I’m looking forward to writing more this month as this has always been a challenging skill set I’ve wanted to improve. We are primarily aware that repetition helps improve a skill or capability. If you do something repeatedly, maybe for a total of 67 times, it will be an action or skill that becomes ingrained into oneself.

From time to time, we need to be able to step outside of our comfort zones. It allows us to grow and learn from our mistakes. I know we’ve all made mistakes in life, and it’s vital that we learn from them. I feel that we learn more from our mistakes than we do from our successes.

While this month, I will be writing more than just a couple of hundred words for a comment opportunity, but something more substantial with an action item or a reflection item. Now while you’re thinking, “what is this guy, a college professor?” why, yes, I am an adjunct college professor, and that’s your homework for the month. Do something to step out of your comfort zone, review a mistake or series of mistakes from a previous project, and examine where you went wrong.
When I play Chess, I know I’m continually reviewing the games that I lose, so I can see where I made mistakes or blunders. Ahh, the game of Chess reminds me so much of cybersecurity. However, that’s another story.