POPULARITY
5 episodes with renee dudley
2 episodes with renee dudley
2 episodes with renee dudley
There was a time in the United States—not that long ago, actually—when local newspapers played an undisputed positive role in holding people in authority to account. Daniel Golden is a journalist practicing his craft in that great tradition. Golden is a Boston-based senior editor and reporter at ProPublica. He has been instrumental in three Pulitzer Prizes, two as an editor and one as a reporter. He co-edited a ProPublica series on Latin American asylum-seekers caught between the U.S. government and the MS-13 gang, which won the 2019 Pulitzer Prize for feature writing. Before joining ProPublica, he worked as managing editor for education and enterprise at Bloomberg News. There he edited a series about tax inversions—companies moving headquarters overseas to avoid taxes—that earned Bloomberg's only Pulitzer Prize in 2015. Golden won a Pulitzer as a reporter for The Wall Street Journal in 2004 for a series of articles on preferences for children and donors in college admissions. He expanded that series into a critically acclaimed national bestseller, “The Price of Admission: How America's Ruling Class Buys Its Way Into Elite Colleges—and Who Gets Left Outside the Gates.” An updated edition was published in October 2019 with new reporting on the Operation Varsity Blues scandal. He is co-author of “Spy Schools: How The CIA, FBI, and Foreign Intelligence Secretly Exploit America's Universities,” with Renee Dudley. Golden spent 17 years as a staff reporter at the Boston Globe, including a stint on its Spotlight team, and served as senior editor for investigations at Conde Nast Portfolio. He has won three George Polk awards, three National Headliner awards, the Sigma Delta Chi award, the Gerald Loeb Award, among others.See omnystudio.com/listener for privacy information.
Hear about four books that explore twists on "hunting" from Ian Hauck, head of Adult & Reference Services at Troy Public Library. These include: "The Fortunes of Jaded Women" (14 Vietnamese women affected by a family curse, hunting for a way to break it; Carolyn Huynh, 2022); "The Ransomware Hunting Team" (nonfiction story of the good guys trying to crack ransomware codes; Renee Dudley & Daniel Golden, 2022); "Hellsing" (first of classic Manga series of vampire hunters; Kohta Hirano, 2003); and "The Tatami Galaxy" (novel about hunt for self-knowledge in alternate timelines; Tomihiko Morimi, 2022). For more details on books and activities, visit www.thetroylibrary.org. To find other libraries in New York State, see https://www.nysl.nysed.gov/libdev/libs/#Find. Produced by Brea Barthel for Hudson Mohawk Magazine.
Renee Dudley - The Ransomware Hunting Team: A Band of Misfits' Improbable Crusade to Save the World from Cybercrime...with TRE's Giles Brown
On today's show we shine a spotlight on an incredible real-life technological thriller, as we invite Renee Dudley and Dan Golden to discuss their new book: The Ransomware Hunting Team: A Band of Misfits' Improbable Crusade to Save the World from Cybercrime.
Dan Golden and Renee Dudley, reporters at ProPublica and authors of "The Ransomware Hunting Team: A Band of Misfits' Improbable Crusade to Save the World from Cybercrime," discuss their book. Dave and Joe share some follow up form listener Ignacio who writes in to share thoughts on Joe's preference to using open source options for password managers. Joe's story this week follows Coinbase, who recently had a cybersecurity breach but their cyber controls prevented the attacker from gaining direct system access and prevented any loss of funds or compromise of customer information. Dave's story is on people trying to gain cryptocurrency back after it was hacked and stolen from them, only to wait and receive nothing in the long run. Our catch of the day comes from listener Josh, who writes in about an email he received that stated that his wallet would be suspended if he did not download a verification link. Links to stories: Who You Gonna Call? The Ransomware Hunting Team. Social Engineering - A Coinbase Case Study These Companies Say They Can Recover Stolen Crypto. That Rarely Happens. Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.
Here & Now's Scott Tong describes ransomware as "a high-tech version of kidnapping." It's when a computer or tech system is hacked and money is demanded in order to get it back. In their new book, The Ransomware Hunting Team, ProPublica journalists Renee Dudley and Daniel Golden chronicle how ransomware has grown from individual attacks to large-scale operations against major corporations, universities and hospitals. But as they vividly explain to Tong, there's also a band of coding vigilantes who are helping ransomware victims regain access ... without paying up.
Welcome to podcast 125 of the Security Box series. On this edition, let's talk about a new book we found during the break, one in which might be of interest since we're going to talk about security posture later. The book is titled The Ransomware Hunting Team: A Band of Misfits' Improbable Crusade to Save the World from Cybercrime by Renee Dudley and Daniel Golden. While it doesn't cover your posture per say, it does cover a team who is behind you in the fight and understands the struggles. You see, its not all your fault, we understand that. You could even do everything right, including having the right training. Next, we're going to cover two articles that cover the year end review and what is coming up in predictions for 2023. Financials See Increase in Phishing Attacks, Compromised Sites Lead Staging Methods in Q3 Phishlabs Financials and Card Data Top Q3 Targets on the Dark Web Phishlabs We may have blogged these, but if we haven't, they'll be blogged as part of the podcast show notes which these are. Besides that, we'll have plenty of things in news if we can remember it all, and of course, we'll have lots of discussion on things that might not be in the roundup. We hope you enjoy this edtion of the podcast, and thanks for listening!
Renee Dudley and Daniel Golden are the authors of the new book, “The Ransomware Hunting Team: A Band of Misfits' Improbable Crusade to Save the World from Cybercrime.” In this episode, they join host Hillarie McClure to discuss their respective backgrounds and what inspired them to write the book, as well as their experiences observing the increase in ransomware attacks, what they expect to see in the future, and more. “The Ransomware Hunting Team: A Band of Misfits' Improbable Crusade to Save the World from Cybercrime” is available on Amazon, as well as at other major retailers, such as Barnes & Noble and Books-A-Million. • For more on cybersecurity, visit us at https://cybersecurityventures.com/
Easy money is hard to come by. Unless you're in the ransomware business. Then tens of millions of dollars can be yours in a single, unsuspecting click. Quick cash grabs fuel a worldwide economy, funneling extorted funds into secret bank accounts, hackers' salaries, and even government pockets. In a world where your data is the gateway to a thief's payday, all is not lost.Cybercrime vigilantes like The Ransomware Hunting Team volunteer their time to make the digital world a safer place. Chances are, one day you're going to need help from them. And when you do, this band of cyber wizards will be ready.Get a copy of Renee Dudly and Daniel Golden's book, The Ransomware Hunting Team, on Amazon, Bookshop, or Audible today.CreditsCurious State is a Quick and Dirty Tips podcast hosted and produced by Doug Fraser.Find Curious State on Twitter, Instagram, and Facebook, or subscribe to our newsletter for the latest updates.Podcast Manager - Adam Cecil Podcast and Advertising Operations Specialist - Morgan ChristiansonDigital Operations Specialist - Holly HutchingsMarketing and Publicity Assistant - Davina TomlinIntern - Kamryn LacyThe Quick and Dirty Tips network is a division of Macmillan Publishers in partnership with Mignon Fogarty, Inc.Have a question? Or a topic you'd like covered on the show? Maybe you just love sending emails? Whichever shoe fits, tie it on and send me a message at curious@quickanddirtytips.com.
In this episode, I'm talking with journalist and author Renee Dudley. Renee is a technology reporter at ProPublica who stumbled onto a band of what she describes as misfits while reporting on the rapid rise of ransomware. What she found was an incredible group of individuals who decided to be a change for good by helping fight cybercrime. She tells the story in a new book she wrote with co-author and fellow journalist Daniel Golden, The Ransomware Hunting Team: A Band of Misfits' Improbable Crusade to Save the World from Cybercrime. Here's my conversation with Renee Dudley.
Michael Gillespie is a cancer survivor and cat lover who used to work for Nerds On Call in Illinois. Fabian Wosar is a high school dropout from Germany who became obsessed with computer viruses at age 11. Sarah White is a computer science prodigy who became a malware expert as a teenager. They're all members of the Ransomware Hunting Team, an invitation-only group of elite coders who crack ransomware attacks across the globe. We learn more about these cybercrime fighters from Pro Publica reporters Renee Dudley and Daniel Golden, authors of the new book “TheRansomware Hunting Team.” Guests: Renee Dudley, technology reporter, Pro Publica - co-author, "The Ransomware Hunting Team: A Band of Misfits' Improbable Crusade to Save the World from Cybercrime." Daniel Golden, senior editor and reporter, Pro Publica - co-author, "The Ransomware Hunting Team: A Band of Misfits' Improbable Crusade to Save the World from Cybercrime."
This week we're sharing another tech show we made that we think you're going to love. It's called The Extortion Economy and it's a five-part series about the ransomware epidemic produced with ProPublica. See you soon with a whole new season of In Machines We Trust!! -- A new-age iteration of the old-age extortion problem. A ransomware vigilante, a piracy (as in actual boats) expert, a school administrator, and a kidnapping victim share their experiences. This is part one. We Meet: Fabian Wosar, CTO, Emsisoft Doug Russell, Director of Technology, Haverhill Public Schools Lisa Forte, Co-founder, Red Goat Cyber Security Credits: This series is hosted by Meg Marco and produced by Emma Cillekens, Tate Ryan-Mosley and Anthony Green. It's inspired by reporting from Renee Dudley and Daniel Golden from ProPublica. We're edited by Bobbie Johnson, Michael Reilly, Mat Honan and Robin Fields. Our mix engineer is Erick Gomez with help from Rebekah Wineman. Our theme music is by Jacob Gorski. Art is from Lisa Larson-Walker and Eric Mongeon. Emma Cillekens is our voice coach. The executive producers of The Extortion Economy podcast are Meg Marco and Jennifer Strong. Sounds From: Video: Colonial Pipeline CEO Joseph Blount testifies at the Senate Homeland Security Committee, Source: CNBC Television, https://www.youtube.com/watch?v=DcYePKjI_mc Video: Roving Report Italy, Source: AP, http://www.aparchive.com/metadata/youtube/8b08bfc68a0b203d238aa8e0c4316e61 Video: CBS Evening News 1989-12-14, Source: CBS, https://www.youtube.com/watch?v=wHsbZEX5pQw
We look at the reasons ransomware is so hard to solve and ask hard questions about who is really helping the victims. This is part four. We Meet: Fabian Wosar, CTO, Emsisoft. Bob Wice, Head of Underwriting Management. Cyber and Tech, Beazley. Bill Siegel, CEO and cofounder, Coveware. Sounds From: Video: CDOT employees dealing with yet another SamSam ransomware attack, Source: Denver7, https://www.youtube.com/watch?v=lubGaiNT1IU Video: Ransomware Hits CDOT Computers, Source: CBS Denver, https://www.youtube.com/watch?v=FbuEXUUvD-A Video: Ransomware Recovery Service by Proven Data, Source: Proven Data, https://www.youtube.com/watch?v=hyeaBxE4JGQ Credits: This series is hosted by Meg Marco and produced by Emma Cillekens, Tate Ryan-Mosley and Anthony Green. It's inspired by reporting by Renee Dudley, Jeff Kao, and Daniel Golden from ProPublica. We're edited by Bobbie Johnson, Michael Reilly, Mat Honan and Robin Fields. Our mix engineer is Erick Gomez and theme music by Jacob Gorski. Art is from Lisa Larson-Walker and Eric Mongeon. Emma Cillekens is our voice coach. The executive producers of The Extortion Economy podcast are Meg Marco and Jennifer Strong.
The problem of ransomware has many causes but no clear solution. What's coming next? This is part five. We Meet: Fabian Wosar, CTO, Emsisoft Jake Johnson, North Carolina State Representative Abishur Prakash, Geopolitical Futurist Paul Rosenberg, Mayor, Village of Rye Brook, New York Kimberly W. LaGrue, CIO, City of New Orleans, Louisiana Allan Liska, Principal Research Scientist, Recorded Future Sounds From: Video: Governor declares state of emergency after ransomware attack on Louisiana, Source: WWLTV, https://www.youtube.com/watch?v=pT1mAILZVVg Video: City Hall set to open Monday following cyber attack, Source: WDSU News, https://www.youtube.com/watch?v=jEDW3ETTDkg Video: Cyber attack cripples New Orleans for days, Source: Fox News, https://video.foxnews.com/v/6116822204001#sp=show-clips Video: City Hall adapting to life without computers after New Orleans cyberattack, Source: WWLTV, https://www.youtube.com/watch?v=mwnwG63K-Jc Video: New Orleans government targeted in cyberattack; no ransom demanded, Source: WWLTV, https://www.youtube.com/watch?v=z5A0ANiQ3_Q Credits: This series is hosted by Meg Marco and produced by Emma Cillekens, Tate Ryan-Mosley, and Anthony Green. It's inspired by reporting by Renee Dudley and Daniel Golden from ProPublica. We're edited by Bobbie Johnson, Michael Reilly, Mat Honan, and Robin Fields. Our mix engineer is Erick Gomez and theme music by Jacob Gorski. Art is from Lisa Larson-Walker and Eric Mongeon. Emma Cillekens is our voice coach. The executive producers of The Extortion Economy podcast are Meg Marco and Jennifer Strong.
After the Colonial Pipeline payment, the FBI followed the money and cybersecurity researchers followed the ransomware group. We followed both. We Meet: Fabian Wosar, CTO, Emsisoft Elvis Chan, Assistant Special Agent in Charge, FBI San Francisco Credits: This series is hosted by Meg Marco and produced by Emma Cillekens, Tate Ryan-Mosley and Anthony Green. It's inspired by reporting from Renee Dudley and Daniel Golden from ProPublica. We're edited by Bobbie Johnson, Michael Reilly, Mat Honan and Robin Fields. Our mix engineer is Erick Gomez. Our theme music is by Jacob Gorski. Emma Cillekens is our voice coach. The executive producers of The Extortion Economy podcast are Meg Marco and Jennifer Strong. Sounds From: Video: Colonial Pipeline hack leads to gas shortage Source: ABC News, https://www.youtube.com/watch?v=Be3gpaTQJlA Video: Cyberattack of Colonial Pipeline drives panic buying in Tampa Bay Source: WFLA News Channel 8, https://www.youtube.com/watch?v=DgDyz31sIhI Video: Fuel starts flowing after Colonial Pipeline restarts operations Source: ABC News, https://www.youtube.com/watch?v=EgWSgQf_dSc Video: Department of Justice officials discuss Colonial Pipeline ransomware attack Souce: PBS News Hour, https://www.youtube.com/watch?v=iwjDMJi8hOQ
In an absurd contract, look into the criminal world where the stakes are high, but the methods are increasingly business-like and meet the people who interact with the ransomware hackers. We Meet: Chester Wisniewski, Principal Research Scientist, Sophos Allan Liska, Principal Research Scientist, Recorded Future Fabian Wosar, CTO, Emsisoft Kurtis Minder, CEO, GroupSense Lisa Forte, Co-founder, Red Goat Cyber Security Credits: This series is hosted by Meg Marco and produced by Emma Cillekens, Tate Ryan-Mosley and Anthony Green. It's inspired by reporting from Renee Dudley and Daniel Golden from ProPublica. We're edited by Bobbie Johnson, Michael Reilly, Mat Honan and Robin Fields. Our mix engineer is Erick Gomez with help from Rebekah Wineman. Our theme music is by Jacob Gorski. Emma Cillekens is our voice coach. The executive producers of The Extortion Economy podcast are Meg Marco and Jennifer Strong. Sounds From: Video: Cyber Attack Forces Major Gas And Diesel Pipeline Shutdown, Source: NBC Nightly News, https://www.youtube.com/watch?v=aGbSy82aZBo Video: Here's the hacking group responsible for the Colonial Pipeline shutdown, Source: CNBC https://www.cnbc.com/2021/05/10/hacking-group-darkside-reportedly-responsible-for-colonial-pipeline-shutdown.html Video: Cyberattack of Colonial Pipeline drives panic buying in Tampa Bay, Source: WFLA News Channel 8, https://www.youtube.com/watch?v=DgDyz31sIhI Video: Colonial Pipeline paid $5 million ransom to hackers. Source: CNBC, https://www.cnbc.com/2021/05/13/colonial-pipeline-paid-ransom-to-hackers-source-says.html Video: Colonial Pipeline CEO Joseph Blount testifies on ransomware attack before Congress, Source: CNBC, https://www.youtube.com/watch?v=DcYePKjI_mc Credits: This series is hosted by Meg Marco and produced by Emma Cillekens, Tate Ryan-Mosley and Anthony Green. It's inspired by reporting by Renee Dudley and Daniel Golden from ProPublica. We're edited by Bobbie Johnson, Michael Reilly, Mat Honan and Robin Fields. Our mix engineer is Erick Gomez with help from Rebeckah Wineman and theme music by Jacob Gorski. Emma Cillekens is our voice coach. The executive producers of The Extortion Economy podcast are Meg Marco and Jennifer Strong.
A new-age iteration of the old-age extortion problem. A ransomware vigilante, a piracy (as in actual boats) expert, a school administrator, and a kidnapping victim share their experiences. We Meet: Fabian Wosar, CTO, Emsisoft Doug Russell, Director of Technology, Haverhill Public Schools Lisa Forte, Co-founder, Red Goat Cyber Security Credits: This series is hosted by Meg Marco and produced by Emma Cillekens, Tate Ryan-Mosley and Anthony Green. It's inspired by reporting from Renee Dudley and Daniel Golden from ProPublica. We're edited by Bobbie Johnson, Michael Reilly, Mat Honan and Robin Fields. Our mix engineer is Erick Gomez with help from Rebekah Wineman. Our theme music is by Jacob Gorski. Emma Cillekens is our voice coach. The executive producers of The Extortion Economy podcast are Meg Marco and Jennifer Strong. Sounds From: Video: Colonial Pipeline CEO Joseph Blount testifies at the Senate Homeland Security Committee, Source: CNBC Television, https://www.youtube.com/watch?v=DcYePKjI_mc Video: Roving Report Italy, Source: AP, http://www.aparchive.com/metadata/youtube/8b08bfc68a0b203d238aa8e0c4316e61 Video: CBS Evening News 1989-12-14, Source: CBS, https://www.youtube.com/watch?v=wHsbZEX5pQw
Renee Dudley of ProPublica discusses her fascinating research into the unsettling world of ransomware: how it works, the role that “recovery services” play and where the ransom money ends up.
John 16 - Jesus promises his disciples the gift of the advocate.
In the second part of my interview with Renee Dudley from ProPublica, we delve into the cyber insurance and ransomware incident response industries, including how some of these companies are being less than forthcoming about their services. In fact, it appears that several "incident response" companies are simply paying the ransom and then charging companies a fee on top of that. We'll talk about how cyber insurance works and how to decide whether or not it's for you. And Renee will also give us some tips on choosing an incident response firm and what red flags to watch out for. Renee Dudley is a tech reporter at ProPublica. Before joining ProPublica in 2018, she was a member of the enterprise team at Reuters, where she reported extensively on issues with college-entrance exams. Before joining Reuters in 2015, she worked as a reporter in New York for Bloomberg News and in South Carolina for The (Charleston) Post and Courier and The (Hilton Head) Island Packet. At Bloomberg, she uncovered questionable accounting and unauthorized sales practices at Walmart Inc. In Charleston, her reporting led to the indictment and resignation of South Carolina’s most powerful politician. She received the Society of Professional Journalists’ Pulliam Award in 2010 for her work upholding First Amendment rights while reporting for The Island Packet. Further Information: ProPublica on ransomware: https://www.propublica.org/article/the-extortion-economy-how-insurance-companies-are-fueling-a-rise-in-ransomware-attacksMike Gillespie to the rescue: https://www.propublica.org/article/the-ransomware-superhero-of-normal-illinoisID Ransomware: https://id-ransomware.malwarehunterteam.com/No More Ransom: https://www.nomoreransom.org/Bleeping Computer: https://www.bleepingcomputer.com/
Unless you've been living under a rock, you know that ransomware is one of the most common and most lucrative cybersecurity rackets today. But despite all the press, ransomware is massively under-reported because companies don't want bad press. And in most cases, unless it can be proven that data was actually stolen, companies are under no legal obligation to inform the data subjects (you) of these hacks. In part one of my interview with Renee Dudley from ProPublica, we'll discuss the current state of the ransomware problem and the emergence of cyber insurance and incident response companies to deal with the threat and recover from attacks. And we'll also see that not all players are above board about what they do. Renee Dudley is a tech reporter at ProPublica. Before joining ProPublica in 2018, she was a member of the enterprise team at Reuters, where she reported extensively on issues with college-entrance exams. Before joining Reuters in 2015, she worked as a reporter in New York for Bloomberg News and in South Carolina for The (Charleston) Post and Courier and The (Hilton Head) Island Packet. At Bloomberg, she uncovered questionable accounting and unauthorized sales practices at Walmart Inc. In Charleston, her reporting led to the indictment and resignation of South Carolina’s most powerful politician. She received the Society of Professional Journalists’ Pulliam Award in 2010 for her work upholding First Amendment rights while reporting for The Island Packet. Further Information: ProPublica on ransomware: https://www.propublica.org/article/the-extortion-economy-how-insurance-companies-are-fueling-a-rise-in-ransomware-attacksMike Gillespie to the rescue: https://www.propublica.org/article/the-ransomware-superhero-of-normal-illinoisID Ransomware: https://id-ransomware.malwarehunterteam.com/No More Ransom: https://www.nomoreransom.org/Bleeping Computer: https://www.bleepingcomputer.com/
Renee Dudley of ProPublica discusses her fascinating research into the unsettling world of ransomware: how it works, the role that “recovery services” play and where the ransom money ends up.
I am planning a Security Summer for my listeners. I will have some free courses. I will also introduce you to some of the software that I use for my clients and how you can use it too. So watch out for announcements on those. Is our society changing? What part is social media playing? Listen in today for more on this. What can Open Source do for you? Why Open Source may change your life. More on this today. Are we really ready for Autonomous Cars? or Is the technology expected to perform faster than it is actually ready? Interesting questions we will be discussing today. What is going on with Google? G-Suite and Titan are both having issues. Microsoft has another problem and it is a big one. More on this. Do you have a Mortgage? You need to hear this! For more tech tips, news, and updates visit - CraigPeterson.com --- Transcript: Below is a rush transcript of this segment; it might contain errors. Airing date: 06/01/2019 Cyberbullying, Security summer free courses, First American Hack, Google Bluetooth titan hijacking ---- Hello, everybody, Craig Peterson here. We have ignition and boy do we have a show for today and then some. You know a little bit about cyberbullying, I am sure. Well, I'm going to tell you about something that I experienced this weekend, something that your kids may be experiencing in a much more critical way. You know, we mentioned last week about the suicides and tied into this Netflix show. Well, we'll get into this a little bit more. For those of you who are wondering how software is getting developed, nowadays and what you might want to do for your business for software development. We'll talk a little bit about GitHub and this whole open source revolution and how It has come into the mainstream, now. We have some security warnings from our friends at Google. A massive hack. I don't think I saw this anywhere. Frankly, we'll talk about what Krebs on security had to say about this. Tesla. Got to throw this in because what's a week without talking about Elon Musk. Consumer Reports is calling the automatic lane change feature on Tesla's navigate on autopilot, far less competent than a human driver. So, it kind of makes you wonder, should we be messing with this? Is this the right thing to do? Frankly, I think it's an excellent question. Well, I commented last weekend in one of the articles up on the website, and as you know, I post articles every week. It's usually just a real quick synopsis of like the first couple of sentences from the article, and then I'll give you a link to it. However, this last week, really, for the first time in a couple of years, we sat down and wrote some articles. We had mentioned something because again, I select the pieces that I am going to cover. I go through what the strategy is with my team and talk about the salient and essential points, and then they go off and write the article. So, this particular one was about anonymous, and it's still up on the website. And we take those articles, and we tweet them, we put them up on the social media sites as well. Well, the guy that we had mentioned in the web article claimed to be part of the hacking group Anonymous. He spent time in prison because of some of his activities, and he was a little miffed with me. So I got a little bit of a whiff of him not being pleased about me and what I said in that article. I thought that it was rather interesting because this is the first real hater I've had in quite a while, frankly. Well, I've got to tell you, this feeling I had in my gut was, you know, people describe this, this feeling of butterflies and things and here, I was wondering, what did I do? What did I do to hurt this guy's feelings? Or, what, right. I can only describe it as a Wow thing. Well, in reading a little bit further into what he had said was that the that he remembers, I think it was in his warrant, it mentioned the FBI infragard program. And I'm an infragard member. He probably looked me up, and I'm easy to find after seeing the article, which was perhaps triggered by a Google search or maybe a Twitter search or something. And that made me feel a little bit better. But man, brought back all the feelings of the first time there was an attack on my systems. And that was again, you might remember in the early 90s. And I had these questions running through my mind, what should I do? How do I do it? How do I respond? What? What's going on? I remember when I discovered the hack, who do I call, right? What do I do? And what's going to happen, Right? In my case, it's what's going to happen to everything that I have built, right? Here I am sitting there with a company that I had founded years before, and remember it's the early 90s and I was still a relatively young guy. But I'd been working on this company for over a decade by that point in time. And that feeling I had could only be described as horrendous. It was quite something, and it reminded me of this by having this guy from anonymous, you know, going after me kind of the cyberbullying thing, right? Hey, they're not sitting there trying to wait around for any logic or reasoning or anything else. It is a type what you feel without thinking reaction. Think about people that you've had to deal with probably yourself before. So what do you do? Well, that made me do a little bit of re-evaluation, you guys know, if you listen to the show, for a long time that I do a lot of training, I offer a lot of free training for people on cybersecurity. And just thinking back again, made me remember helped me and let me just put it that in perspective. Remember, that feeling I had in my gut when my first hack attack occurred. When I realized someone had violated my trust, someone had broken in. Someone was potentially going to take my entire business away from me. How helpless I felt, and I had no idea what to do. Questions like: What should I do?, How can I do it?, Who do I call?, What's going to happen to my business?, What's going to happen with my clients?. Of course, that was almost 30 years ago now. But this brought all those feelings back. So here's what I'm going to do for everybody out there. Because I know I'm not alone. Some of you are maybe 30-40 years behind me on this journey. I admit I was a pioneer out there. I got arrows in my back, right? I was out there on the Internet early, getting people online, when it was first legal to do so. I was one of the very first people. You weren't, Okay, I understand. You were running a business, and maybe you were not even born yet, okay. But I am committing now to build what I'm calling a security summer. And the idea is that throughout the summer, and I'm probably not going to be able to start this until late June, early July. But throughout the summer, I'm going to offer a course. So you know you know what to do, and you'll know how to protect yourself, right? Because you have to start at the beginning, before the bad guys get in, how to detect it, once they are in what to do about it, the forensic analysis that you're going to have to do after the fact, to clean this thing up, right? I don't want you to have that feeling in your gut that I had before. Thirty years ago, when my first hack happened. I've had a couple of times since and not nearly as dramatic, okay. Because I had dealt with it before and I knew what to do. I had moved into a position where I was pretty much at the forefront at the time in security. But then I went on to run my business. But I don't want you to have that feeling your gut. Right? What do you do? I am sure some of you have had it before. I know you've come into the office in the morning, the computers aren't working. And your first reaction is there in your gut. Your first thought is -- Oh my gosh, what do I do now? Then that turns into anger. It's anger towards your vendors. Right? Well, I have Norton. I bought that Sonic wall. How did this happen? I should be all set, right. And so now you get on the phone, and you start yelling at vendors, you start yelling at your people who are supposed to be taking care of the IT side. I don't want you to feel that way. We're going to have some free pieces of training this summer. If you're interested, send me an email, and let me know what security subject you're particularly interested in having me cover. That I can make sure we have some free training for you on that during the summer. I want to make it a summer of security. It's our security summer. Brought to you by Craig Peterson, my team and I am getting to work on it, as we speak. My wife is going to put her heart and soul into this effort. I think I know what you need, and I think I know what you want, but it is essential to hear from you so that I can give you what you feel you need. So, email me at Craigpeterson.com Craig Peterson. com. We're also going to be talking about it on this radio show on these podcasts and on YouTube side, etc., etc. I got my first real hater this week in a long time. And it brought back memories and made me more determined to help you guys out. So, What was one of the first things I did. I shut down my website and made sure everything was patched up, right? Because I didn't want him to try and hack into my site. After all, anonymous is a hacktivist group, and that's what they do. So, that's what I'm going to do for you guys. We're going to have a security summer this year. Okay, so let's get into a couple more of these articles before I run out of time. This one, I thought it was just totally appropriate. I got a couple of articles that are appropriate for this week, and you'll see those up on my website, and one or two of these articles were written up with my team. My wife does a lot of this stuff too. So, kudos to her. You will find these up on craigpeterson.com, This is from an article that initially appeared in Pro Publica, and I found it on Ars Technica myself. It is a fascinating article and written by a couple of people here, Renee Dudley and Jeff Cow. It's talking about the some of these companies here in the US that you can hire to help you out of ransomware, tight spot. Think about some of these we have read about, lately, The city of Atlanta, Georgia, Newark, New Jersey, the Port of San Diego, Hollywood Presbyterian Medical Center in LA. Atlanta, online water service requests and billing systems were down for over a month. Colorado Department of Transportation, they called in the National Guard, all because of cyber attacks. Apparently what has happened here is that the companies and in these cases, government institutions and hospitals, went to professionals and said, hey, what should we do now? The response from the FBI from the government, in general, is don't pay ransoms. Well, guess what happened here? The FBI said that the criminal actors were out of the reach of US law enforcement. But they were not apparently and out of the reach of this American company called Proven Data Recovery out of Elmsford, New York. It appears that these guys regularly made ransom payments to Sam Sam ransomware hackers over more than a year, according to Jonathan Storfer, who is a former employee who dealt with these ransom payments. Now, Bitcoin transactions are somewhat anonymous and difficult to track. But I know in talking with some secret service agents that they have tracked people through public records and got convictions because of being able to track down some of these Bitcoin coin payments. Pro Publica was able to trace four of these payments, and this article goes on and on. Another US company, Florida based company, Monster Cloud also professes to use their data recovery method, but turns out they were paying ransoms sometimes without informing law enforcement or the victims, this is bad. Again, from Pro Publica, both of these companies charge their victim's substantial fees on top of the ransom amount, and they offer other services such as sealing breaches to protect against future attacks. Well, that's what I do for a living, Right? I don't try and do the recovery and no do I pay any ransom. There are many pieces of free recovery software out there that work in most cases. But, sometimes if you don't have a good backup, you're just out of luck. So, keep that in mind. Going to one of these companies, if you have ransomware on your computer is not going to solve the problem of ransomware. Because, some of these account companies, at least two of them in this case, according to Pro Publica, are making deals with the ransomware criminals, which is, in my opinion, not right. So, we talked a couple of weeks ago about our friends over at Equifax and how they took a huge hit here. It cost them over a billion dollars, probably I would guess close to one and a half billion, but I don't know for sure. They haven't disclosed all of the numbers. This week, they did reveal that they had to do a bit of a write off of about a little more than half a billion dollars. But there's another one out there, and It is crazy. It is the one, I mentioned, from Krebs on security, concerning the website for First American Financial Corp, a Fortune 500 real estate, title insurance giant. I mean giant, billions of dollars in annual revenue. First, America Corp leaked hundreds of millions of documents related to mortgages going back to 2003. Krebs on security found this leak, and they went ahead, and they fixed it. Isn't that nice of them, after the horses got out of the barn. So, these are digitized records that included bank account numbers, bank statements, mortgage statements, tax records, social security numbers, wire transaction receipts, driver's license images, were all available without authentication to anyone with a web browser. I find that incredibly unbelievable that a company that employs 18,000 people, you'd think they'd have some security people on staff. And they brought in more than 5.7 billion. There you go. That's the number from Krebs article. Now Krebs found out a bit about it because of a real estate developer, out in Washington state, who said he'd had little luck getting a response from them. It just goes on and on, just like last week with what happened with Intel. And the reports of their colossal security problem. And they, it sounds like, literally tried to buy off the people who reported this massive bug in the Intel chips. It's just amazing. So it goes on and on the earliest document number available on the site wasn't document number 75. The dates and documents get closer to real-time each forward increment in the record number. I have the article up on my website, we've got a link to it if you want to see it. It's it is just stunning. So, who knows what happened has happened here, again, we have an example of a company that did not keep track of the security problems. And what do you want to bet they did not keep track of data x filtration, and what the criminals stole? Big deal. Big problem. Now Google's got a couple of warnings out this week too. Is this getting old to anybody? I hope you're learning from this, and I hope you can apply it in your own life and your businesses. Take time to learn from these things. But, Google exposed that their G Suite, which is the Google suite where you as a business, you can pay for Google Docs, Google Sheets, etc. If you're a business and you're trying to use it, they want you to pay for it. That's what the city of Atlanta found out when they got hacked. All of their email accounts were down, and they couldn't do spreadsheets, they couldn't do anything. So, they all signed up for Gsuite accounts. Google promptly shut them down two weeks ago for doing that, because they're supposed to pay. Then Google worked out a deal with them. However, it turns out they were storing plain text passwords on its servers for the last 14 years. It is a very, very big deal. So Google is saying that they have fixed the issue and that they've seen no other improper access or misuse of the affected passwords. They've got reasons why they did it. No, everybody makes mistakes in security, okay. I'm giving you that. But these two cases are for companies that should know better, they have big enough department, and they are going to lawsuits. And like Equifax, it's probably going to cost our friends over at First American Financial Corp over a billion dollars. It is something that they can maybe afford to pay a billion dollars in fines and fees. But how about you as a small business. So we've talked about two-factor authentication many times on my show. And we always set up two-factor authentication when it comes to our clients to keep their data safe. You know, some of them have to have to fall under the rules that are in place for federal military contractors, federal contractors, HIPAA records, etc., etc. So you have to have the right kind of two-factor authentication in place, you have to have the correct type of training, the right kind of databases, etc. And the people are getting ripped off right, left and center, these companies that are selling some of these things, they don't care. They are just trying to sell you something another point product and other point security, that is not going to help you out. Can you tell I am getting a little pissed today? Excuse, My French. But here's what's happening. Google has something they call Titan, and we've talked about it on the show before. It is a security key. It was leading edge, and I'm glad they did it. They've been using it internally for all of their logons. So, it's something you have along with something, you know. Now, you know. I have been promoting Yubikeys. I don't have an investment in any of these companies. We do use them when we are trying to get a company secured. The idea behind the Yubikey and Titan security keys is that it's a little USB fob, you plug it into your computer, you type in your password, you're off and running. Okay? Well, Google's warning that for the Bluetooth Low Energy version of the Titan security keys it sells for two-factor authentication are vulnerable to hijacking by nearby attackers. Google says if you have them, contact them. And they'll give you a free replacement device that fixes the vulnerability. It has to do with Bluetooth pairing protocols, and that means that anybody within 30 feet can carry out an attack, against you. These are $50, which is about the same cost as a Yubikey. I, personally, would go with the Yubikey. But there now you know about the Google Titan. There is nothing particularly wrong with it, except that it's one version is susceptible to hack. If you check the back of your Titan key, if you pull it out right now, it's probably on your key ring, it's a nice, small thing looks like your USB thumb drive, almost. If it starts with a T1 or T2, it is susceptible to attack and eligible for a free replacement. We're not going to have time to get into the rest of these things. So let's get into cyberbullying. I think this is an important one. And I want to talk about internet mobs because that's kind of what happened this week to me. And because I was reported on some security stuff, right, and they, they use almost anything they can against you. And recently we've seen real problems with cyberbullying against kids. According to a survey and a completed study, It reported online bullying affected 43% of kids. One in four has said that happened more than once. 70% of students reported seeing frequent bullying online. Over 80% of teens use a cell phone regularly. I think these numbers are probably higher than what this study showed, in 2014, I bet you they come close to 100%. Now, most of the teens ignore it. You know I talked about that terrible Netflix show "13 Reasons Why" where a teenage girl committed suicide and left behind 13 cassette tapes explaining her 13 reasons for killing herself. It has led to a 30% increase in teen suicides in the 30 days after that show came out. So there, there's been a correlation drawn on that it did not, by the way, affect adults, it was mainly the 10 to 18-year-olds that it touched. But, we have kids that are thinking about suicide and committing suicide because of cyberbullying. There have been well-publicized criminal cases about this. Now, how about an internet mob? How about if one of these groups decides to come after you, and the group is just the cheerleaders at school? There's a great story that CNN shared this week about a young lady, named Dominique Mora. She's from Southern California and went to school in St. Paul, Minnesota. She is 23 years old and was attending on a softball scholarship. So she thought it would be great to take a job at Chipotle to help make ends meet. Well, she was working at the store, and a group of teenagers came in ordered food, went to pay for it, and their debit card didn't work. That group of teenagers ran out of the restaurant with the food. They stole it, right. The manager gave them a little coaching and told them here's what they should do. What happened next was another day a group of teenagers came in, and she recognized two of them as being part of the group who had ordered food with the bad debit card before running off with the food. They never paid for it. They called the police and explained that these two teenagers were there and they did not want to serve them. We want them evicted from our store. Here is this young woman, 23 years old, and she asked them to pay first. They pulled up a cell phone, and she didn't realize they were videotaping her and started accusing her of racism because she was a white person caught in the act of doing something labeled racist. Which obviously, there's no racism involved in this at all, they had stolen food from this store, and it was on video, there's surveillance video, it had these two guys on it, according to what CNN is reporting. They dumped this video of her as a racist "B" online. The video of her November confrontation was watched at least 7 million times retweeted at least 30,000 times within two days, and media covered it. Chipotle fired her after it went viral. Now here she is, having done nothing wrong, the police not responding in a reasonable amount of time. It sounds like they never really did respond. It is a case of confirmation bias, these black guys were calling her a racist and the video they presented made it look like she may have been. It is now being used to paint her falsely as a racist. She lost her job and now is worried about what will happen, what she could or should do, and what she should not do. Those are the same questions I opened the show with today that went through my mind 30 years ago and ran through my mind again this week. Very, very, big deal. I think w have got to spend some time with our kids talking about this. Helping them understand the whole act of bullying, what cyberbullying is. That they should report it to the authorities at school, report it to your teacher, report it to the principal, I guess the vice principal is the one who's usually dealing with these types of things. The most common places where it's happening, and this is from stopbullying.gov, they have a lot of great information. Social media like Facebook, Instagram, Snapchat, Twitter, SMS, you know, your text messages, instant messaging, which includes email provider, app services, social media, and of course, email at self. We've got to be careful because the content that we share online, you can get these internet mobs, this mob mentality where everyone jumps on board and starts attacking people. It can drive not just our teens, but almost anyone to suicide, and we don't want that to happen. Sit and talk with them. You know, I was severely bullied as a kid as well. But you know, I could leave it alone. It was happening on the way to school, at school, on the way back from school. At least there were brackets or definitions surrounding it. But nowadays, there aren't. All right, I want to send you to my website Craigpeterson.com, because you will find more information about all of these topics today. A very, interesting one on hackers. About anonymity that was once critical and how that's now changing. I might try and get into that next week. A little bit more here on the show. Also, the Consumer Reports thing about Tesla. Don't count on their autopilot people. Be very careful. The automatic lane change feature is reported to be far less competent than a human driver. So, don't use it. Be concerned about cyberbullying. I'm working here this summer. I'm going to make this a security summer. I'm going to be doing some free courses. We're going to help you guys out with lots of free information. I give these little webinars. They're not I'm not trying to upsell you or anything else. I'm trying to inform you so make sure you attend. Let me know if you're interested and what topics you think I should cover. So if you are interested, email me. me@craigpeterson.com That is P-E-T-E-R-S-O-N Peterson with an O. Until next week, everybody. Take care. Have a great week. Bye-bye --- Related articles: Our New Society: Social Media Results In Judgement By Mobs Open Source Is Changing The Way We Approach Everything Autonomous Cars — Are they ready for Prime Time? Why Are We Still Trusting Google? Running Windows? Be Sure You Patch! You Need Two-Factor Authentication Even If Google Screwed It Up Got a Mortgage? Your Information Might Be Included In Massive Hack --- More stories and tech updates at: www.craigpeterson.com Don't miss an episode from Craig. Subscribe and give us a rating: www.craigpeterson.com/itunes Follow me on Twitter for the latest in tech at: www.twitter.com/craigpeterson For questions, call or text: 855-385-5553
Baltimore is under attack. Hackers have hijacked the city’s online services and are demanding $100,000 worth of bitcoin. ProPublica’s Renee Dudley explains how ransomware is threatening cities across the country. Learn more about your ad choices. Visit megaphone.fm/adchoices
© 2020-2025 Ivy Podcast Discovery LLC
