Friendly forums for passionate Dems!
More than 91 million posts since 2001
Home Latest Greatest Videos Forums Hide ads Join up!
Home Latest Greatest
Videos Forums Help
Hide ads Join up!
Latest Discussions»Latest Breaking News»New fears over Chinese es...»Reply #17
Welcome to DU! The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards. Join the community: Create a free account Support DU (and get rid of ads!): Become a Star Member Latest Breaking News General Discussion The DU Lounge All Forums Issue Forums Culture Forums Alliance Forums Region Forums Support Forums Help & Search

Latest Breaking News

In reply to the discussion: New fears over Chinese espionage grip Washington [View all]

24601

(3,959 posts)
17. There are several big challenges with cybersecurity. One is whether the system/infrastructure has
Reply to KPN (Reply #15)
Mon Jun 25, 2018, 06:04 PM
Jun 2018

adequate safeguards built in. Are there firewalls, does it require strong passwords, if someone is coming in from an unknown IP, is there two-factor authentication? Does the email disable embedded URLs? Are patches and OS updates current, especially anti-virus signatures.

But the second thing is all about people making it a priority and reducing human error. Most of the time, those come from users as opposed to the IT staff.

As an outlier, The Clinton campaign hack included two human errors. The anomaly was that one of those mistakes was from IT. John Podesta received an email saying he needed to change his password. He asked IT if it was legitimate and the tech said it was. JP clicked on the link provided and changed his password. It was really a spearphishing email and the link took him to a fake site where thought he was changing his password. When is input his current password, the hackers had it, immediately logged into his real account and copied everything.

Human Error #1: IT misspoke - a mistake, not a lie, that it was legitimate. #2 was that JP just clicked on the included link rather than either putting it in manually or following the email application.

Other common user mistakes include uploading (or typing) information not authorized on the system (e.g. any classified on an UNCLASSIFIED system, TOP SECRET on a SECRET system, US only info on a coalition system). People plug in a USB devices or load disks without first scanning them. Users open attachments (that have fro unknown senders. It's also a poor practice to send stuff to people that just don't need it. Are users trained to safeguard classified or sensitive unclassified information & does the organization's culture reinforce following the rules?

Not everything is bad news. I'm kind of nerdy and a year ago I was watching C-Span where Commander of the US Cyber Command was speaking to a cybersecurity conference. He said something like the most progress he had seen was that (finally), senior leaders wouldn't spend the first half of meetings arguing that cybersecurity was the IT guys problem. A culture that accepts cybersecurity as somebody else's job invites failure.

That's some of the the bigger stuff but doesn't come close to covering everything.

TopBack to the top of the page AlertAlert this post for a rule violation ShareGet links to this post PowersThere are no powers you can use on this post
  EditCannot edit other people's posts RecommendRecommend this post ReplyReply to this post

Edit history

Please sign in to view edit histories.
22 replies = new reply since forum marked as read
Highlight: NoneDon't highlight anything 5 newestHighlight 5 most recent replies RecommendedHighlight replies with 5 or more recommendations
New fears over Chinese espionage grip Washington [View all] turbinetree Jun 2018 OP
Let me be the first to say ... BUT HER EMAILS!!! (nt) mr_lebowski Jun 2018 #1
Uh, Oh. Scarsdale Jun 2018 #8
"China regularly steals American intellectual property and technology." LuckyLib Jun 2018 #2
The Yellow Peril rears its ugly head dalton99a Jun 2018 #3
So, you're cool with the CCP taking the technical edge psychopomp Jun 2018 #22
The military needs to STOP outsourcing PERIOD. Crutchez_CuiBono Jun 2018 #4
Well, they have to Scarsdale Jun 2018 #10
So sick of this military first or you're not a Patriot bullshit. Crutchez_CuiBono Jun 2018 #19
The military doesn't build its own tanks, planes, ships, never has. JustABozoOnThisBus Jun 2018 #16
Maybe... Crutchez_CuiBono Jun 2018 #18
We need to replace or update old equipment, JustABozoOnThisBus Jun 2018 #20
ooooooh nooooo elmac Jun 2018 #5
Phillippines, other countries do give a shit. JustABozoOnThisBus Jun 2018 #21
I used to run internet traffic monitoring software... IthinkThereforeIAM Jun 2018 #6
The overwhelming majority of government contractor computers are on unclassified networks. When you 24601 Jun 2018 #7
K&R. Thanks for that overview. n/t KY_EnviroGuy Jun 2018 #11
So similar to Hillary's private server. KPN Jun 2018 #15
There are several big challenges with cybersecurity. One is whether the system/infrastructure has 24601 Jun 2018 #17
"We prefer Pooty Poot's russian spies." - Comrade Casino & KGOP republican cronies Achilleaze Jun 2018 #9
intelligence outsourcing Brewh Jun 2018 #12
China has been buying up high-tech companies Duppers Jun 2018 #13
Lock'em up! KPN Jun 2018 #14
Latest Discussions»Latest Breaking News»New fears over Chinese es...»Reply #17
Home | Latest Discussions | Greatest Discussions | Latest Videos | All Forums

About | Copyright | Privacy | Terms of service | Contact

In Memoriam

© 2001 - 2024 Democratic Underground, LLC. Thank you for visiting.