Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Cyber Attack At My Local CC
#11
cookderosa Wrote:"I received an email about twenty minutes ago saying that the school's servers were infected with a ransomware virus, "

And I was like "what?" He's a member here! And we are connected on LinkedIn...... oh wait... that's Ransomsoul. :roflol: He's not a virus. He's a dad. Whew!

Ok, in all seriousness, $28,000? So maybe I watch too much tv, but is someone really taking such a huge risk of prison time for $28,000? If I were a cyberhacker (control your laughter) I'd ask for WAY more than that. Add a zero.

You have to find the sweet spot - enough money that it's worth your while, but not so much that they won't pay it. I guess for a CC, that's about $28k! If you asked for a million bucks, they probably wouldn't be able to come up with it. But large institutions can come up with $28k in 5 minutes. I'll bet the hackers can figure out the amount each company is willing to pay. Smart, not to go crazy. And do that a few times, and you're rich (at least, if you live in a 3rd world country).
TESU BSBA/HR 2018 - WVNCC BOG AAS 2017 - GGU Cert in Mgmt 2000
EXAMS: TECEP Tech Wrtg, Comp II, LA Math, PR, Computers  DSST Computers, Pers Fin  CLEP Mgmt, Mktg
COURSES: TESU Capstone  Study.com Pers Fin, Microecon, Stats  Ed4Credit Acct 2  PF Fin Mgmt  ALEKS Int & Coll Alg  Sophia Proj Mgmt The Institutes - Ins Ethics  Kaplan PLA
Reply
#12
With the current software available on the market, automatic backup checking should be in the minimum feature set when selecting backup. A long duration persistent infection is a possible attack, however it's unlikely to be effective with crypto varieties, because the goal is not to stay hidden but to be seen. It is pretty typical to keep months worth of backups with the current technology of incremental forward backups, and the cheap cost of disk. At a minimum, even since the 1990's I've kept 7 years of month end backups, for non-transaction data which seems to be what all auditors have asked m. Transaction data I typically keep incremental changes by capturing database log files before purging.

I would guess this is a case of a school who hired too few staff, or hired staff who did not have enough experience in this area -- or even worse they outsourced it to a provider who told them they had it under control. Backup is one of the items any IT professional learns early on is their first line of defense against the unemployment line -- operations professionals don't skimp on it.
Currently studying for: Still deciding.

Done!
2020 - Harvard Extension School - ALM IT Management 
2019 - Harvard Extension School - Graduate Certificate Data Science
2018 - Harvard Extension School - Graduate Certificate Cyber Security
2016 - WGU - MBA Mgmt & Strategy
2015 - Thomas Edison State College - BSBA Marketing & CIS
Reply
#13
mednat Wrote:...
I would guess this is a case of a school who hired too few staff, or hired staff who did not have enough experience in this area -- or even worse they outsourced it to a provider who told them they had it under control. Backup is one of the items any IT professional learns early on is their first line of defense against the unemployment line -- operations professionals don't skimp on it.
It also sounds like they timed the lockout to coincide with registration for a new term, putting extreme time pressure on any restore efforts.
NanoDegree: Intro to Self-Driving Cars (2019)
Coursera: Stanford Machine Learning (2019)
TESU: BA in Comp Sci (2016)
TECEP:Env Ethics (2015); TESU PLA:Software Eng, Computer Arch, C++, Advanced C++, Data Struct (2015); TESU Courses:Capstone, Database Mngmnt Sys, Op Sys, Artificial Intel, Discrete Math, Intro to Portfolio Dev, Intro PLA (2014-16); DSST:Anthro, Pers Fin, Astronomy (2014); CLEP:Intro to Soc (2014); Saylor.org:Intro to Computers (2014); CC: 69 units (1980-88)

PLA Tips Thread - TESU: What is in a Portfolio?
Reply
#14
Obviously, this college is just like the thousands of other organizations that thought it was OK to skimp on IT infrastructure.

[URL="http://www.latimes.com/business/hiltzik/la-fi-hiltzik-uc-visas-20170108-story.html"]
Here is UCSF, a leading hospital in the US, trying to skimp by outsourcing backups and other IT infrastructure to India.[/URL]

It's not enough to bring H1B to American soil. The real goal is to move these jobs to India permanently as part of a cloud offering for infrastructure as a service. This is why I'm no fan of those who go to school to become sysadmin/devops/network admins. Choose software engineering, security, MIS, or data analytics/data science instead.
TESU BA CS and Math (graduated December 2016)
Reply
#15
TrailRunr Wrote:Obviously, this college is just like the thousands of other organizations that thought it was OK to skimp on IT infrastructure.

[URL="http://www.latimes.com/business/hiltzik/la-fi-hiltzik-uc-visas-20170108-story.html"]
Here is UCSF, a leading hospital in the US, trying to skimp by outsourcing backups and other IT infrastructure to India.[/URL]

It's not enough to bring H1B to American soil. The real goal is to move these jobs to India permanently as part of a cloud offering for infrastructure as a service. This is why I'm no fan of those who go to school to become sysadmin/devops/network admins. Choose software engineering, security, MIS, or data analytics/data science instead.

I don't disagree with the move of IT to other countries, but I can definitely say it's not limited to operations. In my career, i've seen more development jobs go overseas than operational. Business Analyst roles are typically the positions that stay, those who type the code often do it off of spec sheets submitted by the BA with little to no interaction with the end-user in many large organizations.

I don't agree with the model, and I have voiced my concerns every time I hear it suggested, but that is the trend. From what I've seen it's not cheaper, easier or faster. It's just easy for a sales person to present in a way that makes it appear to be cheaper, easier, faster. As connected as we are, there is still a significant cost for culture differences, and a journey across the globe. Informal interpersonal communications almost always play a larger role in organizations than executives think. This link between IT and business is severed pretty abruptly in this type of outsourcing situation.
Currently studying for: Still deciding.

Done!
2020 - Harvard Extension School - ALM IT Management 
2019 - Harvard Extension School - Graduate Certificate Data Science
2018 - Harvard Extension School - Graduate Certificate Cyber Security
2016 - WGU - MBA Mgmt & Strategy
2015 - Thomas Edison State College - BSBA Marketing & CIS
Reply


Possibly Related Threads...
Thread Author Replies Views Last Post
  Israel Attack Ignites Civil War Inside Both Political Parties LevelUP 17 2,688 01-03-2024, 06:58 PM
Last Post: LevelUP
  MGM reeling from cyber 'chaos' 5 days after attack LevelUP 0 392 09-14-2023, 03:53 PM
Last Post: LevelUP
  Heart attack warning story Mamasaphire 3 1,977 10-17-2017, 12:29 PM
Last Post: bjcheung77
  Ransomware Attack! bjcheung77 11 2,243 05-16-2017, 07:41 PM
Last Post: Johann
  Techy People and all and Cyber Security quasarvs 10 2,699 07-02-2013, 08:27 PM
Last Post: quasarvs
  Starting a new class at my local USF this Monday ryoder 1 867 08-31-2012, 06:25 AM
Last Post: ryoder
  Texas A&M sub-$10K Cyber Security Bac degree! dcan 4 1,239 03-13-2012, 09:09 PM
Last Post: ryoder

Forum Jump:


Users browsing this thread: 2 Guest(s)