CISA sent an email about attackers taking advantage of poor cyber hygene. It was released on January 13th, and while it was short, I think this is of value to share.
The first paragraph says:
CISA is aware of several recent successful cyberattacks against various organizations’ cloud services. Threat actors used a variety of tactics and techniques,
including phishing and brute force logins, to attempt to exploit weaknesses in cloud security practices.
They recommend that people take a look at Analysis Report AR21-013A: Strengthening Security Configurations to Defend Against Attackers Targeting Cloud Services for people who need it.
For the full article, Attackers Exploit Poor Cyber Hygiene to Compromise Cloud Security Environments should be read and I hope that you find it of value.
Hi.
Well, I saw this coming last year or earlier.
I thought it would be at least a few more years away but oh well, may as well deal with this shit now.
Cloud services were always going to become targets its just a given.
For myself after getting a 50 dollar present this christmas, a visa pressy card that is, I decided to update and get another backup drive because my drives are aging, more than 3 years old anyway.
I have had 3 drives fail including a new drive.
I have lost data, quite a lot of it.
I don’t need another external drive but decided while sales were good to get one.
I now have one, and have made a backup to store in another location close to me so in case I lose my other 2.
The phrase putting all eggs in one basket comes to mind.
This laptop has a lot of stuff internally.
I have 2 coppies of everything about 1.13tb of it, most of that audio, all program installers and portable apps, etc.
I have podcasts stored on keybase, and dropbox has a few projects and incripted files containing my net web library and passwords etc, but thats about all.
This was bound to happen.
I also have backups on another drive of that data.
How to stay secure is quite dasy.
Have more coppies.
If you have your internal drive, another drive and another drive again in case that fails locally then good.
Have another drive offsight.
And if you are a business or other agency, have more coppies.
Even though ssds are the rage for the price of a big one you need to pay and for bigger than big its a lot.
External hard drives are still the best value and I use seagate is the brand of choice.
The backup drive I have is an unsecured straight dump of one of my backup drives.
The person that is storing it knows its a backup, but it just needs to be just sitting and doing nothing till needed.
The backup has the drive, securely stored in its packaging, its manual and a spare cable.
When world war 3 appears and at some time that may happen, or if the net or power go off for long periods security asside, we won’t have access to data at all.
A good backup solution if you want one via the cloud is a good thing to.
But assume you lose everything, and need the drive no net, and well for a long period.
Now obviously, if its that bad and us humans are reduced to our basic form, the drives are still important for historical reasons at least.
Also remember that all the stuff you put online on the cloud is no longer your’s, its the property of the previder you choose to host it on.
Its unlikely they will sell your stuff, but taking that in mind, is a good step.
Also if a bit fails you may have no or reduced access for some time.
While it works, fine, but since fibre and most high band connections include your phone and since cell phones also need transmittion power, all that fails and nothing will work.
At some point when it comes back especially after a major disaster, ie a nuke war, or a quake or something the chances that things will come up the same is unlikely.
Your drives or at least some of them if stored will have a better chance of surviving.