The Internet is NOT Mr. Roger’s Neighborhood
Desert Animals: Before moving to Arizona, we had only seen coyotes in photographs. Javalina or coatimundi? Never heard of them. Mom moved here before us. She and her little 10-year-old black and white shih tzu, Jasmine.
Coyote Magic: Mom was fascinated by the coyotes she saw daily running through the desert across the street from her new house. To her it was as magical as the tiny trolley on Mr. Roger’s Neighborhood. But the magic was not destined to last.
The Awakening: One night she let Jasmine out the front door to do her “business” before bed, just like she did every night. But this time, as she returned to her office chair by the front door, almost immediately there was an odd noise. She got this feeling inside her told her something was wrong. She bolted for the door. Jasmine was gone.
Predators: I know that’s hard for some of you to read. It was tragic for her, and for the grandchildren. We all loved Jasmine. But it illustrates the point. No matter how many times she saw the coyotes, AND knowing that coyotes are predators, there was that natural human tendency to disbelieve that could ever happen to her.
Not to Me: She’s not alone. Regardless of the situation, humans are inclined to think the worst will never happen to them. For example, we have auto insurance. Not because WE are bad drivers. No, we insure ourselves to protect us from the poor choices of others.
Online: How does that apply to life online? Believe it or not, there REALLY ARE organized crime syndicates that are planning the next big hit. They normally target big businesses – the Big Game. But they have found that the big businesses are getting better at protecting themselves. So they target small businesses who traditionally have weaker defenses, but who connect their smaller network to the big company network, ESPECIALLY now that more people are working from home. IT departments of small businesses have had to scramble to figure out how to allow remote workers. So the simplest solution has been to open a port in the firewall and allow the worker to use Remote Desktop.
Simple, not Secure: That would be a great solution – in Mr. Roger’s Neighborhood. But we don’t live there. A report I reviewed this week provided compelling statistics advising NOT to allow that type of remote access. One large company was breached when a nation-state threat was able to brute force a login through that open firewall port. A brute force attack uses automation to generate a large number of guesses at a password until they get in.
Act Now: If that has been the solution at your company, stop everything and get that port closed NOW. There are better solutions. And in many cases, you can have remote workers without providing them remote access to your network.
It Can Happen to You: People tend to make poor choices that provide the right opportunity for a threat. Even when the threats are as obvious as ferocious predators running down the street next to your house. The internet is TEEMING with ferocious predators. Sometimes those choices can cause irreparable damage to your business, or your family’s livelihood. By the way, those ferocious predators on the internet are allocating huge budgets to enhance their attack capabilities. Our defense is only as good as OUR budget allocation. Don’t think that it couldn’t happen here in a small city. It already has and is more common than you would think.