published by alexis fields
Managing Director | Grupotech
September 27, 2022
I am happy to start writing on the Grupotech blog on this date, after a full month of events related to Cybersecurity.
This is not another post criticizing infrastructure or security policies like everyone else, I would like to be able to share a couple of experiences related to the main actors of this September, called the month of CyberINsecurity.
Joint Chiefs of Staff (EMCO)
The email accounts of EMCO officials that were intervened are 162. In total, more than 400 thousand messages sent and received by those boxes were exposed between 2012 and May 2022, although most are concentrated from 2018 onwards. The information adds up to 340 gigabytes. The metadata of the files indicates that the hack occurred between May 7 and May 16 of this year.
The group of hackers behind Guacamaya said in a statement that the leaking of EMCO emails is the first step in an intervention called "Repressive Forces" and that it would include information from other Latin American countries. For the next few days they announced the publication of documents from the armed forces and police of Mexico, Peru, El Salvador and Colombia.
Worrying.
Power of attorney
I remember when I was 17 years old, I had just left high school after studying telecommunications, I stayed in a company that provided computer services for the Judiciary, my job was to direct the support team, making visits and preventive maintenance. At that time it caught my attention that they used McAfee as an antivirus, since according to me and my very short professional career, it was not one of the best solutions, in fact in forums like "Undetectables" and others related to Malware, they made fun of the poor system defense he represented.
When I had opportunities to consult some people from the IT area of the PJUD about this, they told me that they were what they needed since they were required; "have an antivirus solution installed."
A good listener few words.
Falabella Bank
We learned to live with a pandemic, a social crisis, economic crises, but today we practically live in a post-apocalyptic environment (if they have a Falabella bank account) I must say that I am from a generation that does not use coins, I practically only charge a card and mobile payment methods.
Today, to buy I had to look in different corners of the house, coins, some change or something that would allow me to buy, to my surprise and uncertainty, my Falabella bank checking account had disappeared.
I don't want to be exaggerated, but it gave me problems when carrying out at least 3 normal transactions, fortunately I always have some backup, but will it be too soon to deny some kind of Cyberattack on the bank?
My conclusion is; We must analyze what the institutions today consider Cybersecurity, generate regulations and update the laws with more severe punishments, they really do not seem to have the expected effect and it is unfortunate in all existing aspects.
I believe that there is greater importance when it comes to passing a control or a regulation, than a real spirit of protecting data, both internal, as well as that of customers and suppliers.
When you allow obsolete equipment and ornamental antivirus to continue to exist after 17 years, we are not really complying with cybersecurity, rather we work on the opposite side.
As data, in Cut Security we have a service which we call defense365, this includes many protocols with which computers with Windows 7 should have been urgently patched, at least to have prevented the propagation of these types of attacks (the technical information of this attack can be found in a post from 2016 by googling: "How can they not hack my company").