Manage episode 329984855 series 1107025
Using Punchlists to Stop Ransomware
I really appreciate all of the emails I get from you guys. And it is driving me to do something I've never done before now. I've always provided all kinds of free information. If you're on my email list, you get great stuff. But now we're talking about cyber punch lists.
[Automated transcript follows]
[00:00:16] Of course, there are a number of stories here that they'll come out in the newsletter or they did, excuse me, go in the newsletters should have got on Tuesday morning.
[00:00:26] And that's my insider show notes, which is all of the information that I put together for my radio appearances radio shows. And. Also, of course, I sent it off to the hosts that these various radio stations. So they know what taught because, oh, who really tracks technology, not too many people. And I get a little off-put by some of these other radio hosts, they call themselves tech people, and they're actually marketing people, but.
[00:00:57] That's me. And that's why, if you are on my list, you've probably noticed I'm not hammering you trying to sell you stuff all the time. It's good. Valuable content. And I'm starting something brand new. Never done this before, but this is for you guys. Okay. You know that I do cybersecurity. As a business and I've been doing it now for more than three decades.
[00:01:22] I dunno if I should admit that right there. Say never say more than 17 years. Okay. So I've been doing it for more than 17 years and I've been on the internet now for. Oh, 40 years now. Okay. Back before it was even called the internet, I helped to develop the silly thing. So over the years, we've come up with a number of different strategies.
[00:01:43] We have these things that are called plan of action and milestones, and we have all kinds of other lists of things that we do and that need to be done. So what we're doing right now is we're setting up. So that you can just email me M firstname.lastname@example.org. And I will go ahead and send you one of these punch lists.
[00:02:09] Now the punch lists are around one specific topic. We've got these massive. Punch lists with hundreds and hundreds of things on them. And those are what we use when we go in to help clean up the cybersecurity and accompany. So we'll go in, we'll do scans. We will do red team blue team, or we're attacking.
[00:02:30] We do all kinds of different types of scans using different software, trying to break in. We use the same tools that the hackers use in order to see if we can. Into your systems and if the systems are properly secured, so we do all of this stuff and then it goes into all of the paperwork that needs to be done to comply with whatever might be, it might be, they accept payment cards. It might be that they have. But information, which is healthcare information. And it might be also that they're a government contractor. So there are hundreds and hundreds of things that they have to comply with. Most of them are procedural. So we have all of this stuff.
[00:03:13] We do all of this stuff. And I was talking with my wife here this last week about it and said, yes, That's so much of this could be used by small companies that can't afford to hire my team to come in and clean things up. And I don't want them to suffer. So here's what we're doing. We're starting this next week.
[00:03:36] We have a punch list for you on email. So what are the things you can do should do for email? Just very narrow on email so that you can recognize a Fisher. Email, what you might want to do to lock down your outlook, if you're on windows or your Mac mail. So we're taking these massive spreadsheets that we have and we're breaking them up.
[00:04:03] So the first one that's available to you guys, absolutely. A hundred percent free. Is the one on email. So just send me an email. Me M email@example.com. Now, remember I am, my business is a business to business, but almost everything in these various. Punch lists applies to individuals as well.
[00:04:27] So I got an email this last week from a guy saying, Hey, I'm 80 years old and retired and I don't know much about computers. And that's what got us thinking about. No, we need to be able to help him. We need to be able to help you out. Okay. And if you're a small business and we've dealt with a lot of them over the years, and as a small business, you just don't have the funds to bring in an expert, whether it's me or somebody else, although yeah.
[00:04:56] You want the best anyways. It it is going to allow you to do it yourself. Okay. So absolutely free. All of these punch lists on all of these topics. We're probably going to end up with more than a hundred of these punch lists. And all you do is email me M firstname.lastname@example.org. Just let me know in there what you're interested in.
[00:05:19] So even if we haven't got that punch list broken down for you yet, we will go ahead and put that on the. To do right. We need the priorities. What kind of a priority should we have as we're putting these things together for free for people. And the only way we know is if you ask, so the first one's on email, you can certainly ask for email.
[00:05:39] We've got, as I said, more than a hundred others, that we think we're going to be able to pull out of the exact. Plan of action worksheets that we use so that you can go through this yourself, whether you're a home user or you are a small business or even a big business, we were talking with a gentleman who's probably listening right now, who has a business.
[00:06:06] They have three offices, they have some requirement because of the military contracts for high level. Cybersecurity. And they would work for him too. All right. So they, this is all of the punch list stuff. He probably know what a punch list is. It's used in the construction industry a lot, but in our case, it's indeed to do this.
[00:06:27] You need to do this, you need to do this. Okay. So that's what that's all about. So enough rambling on that. It's going to take us some time to get them all together. I'm also. And then her do more video stuff again, training. So just like on the radio show where we're talking about what's in the news, we're going to talk about watch what's in the news.
[00:06:49] When it comes to small businesses, what you should be paying attention to with of course, an emphasis on cyber security and. Putting those up on my email@example.com. In fact, we've already got some up there already, and then we are going to also be putting them on YouTube and rumble. So if you don't like YouTube and Google, then you can certainly go to rumble.
[00:07:14] You'll see them there. But if you're on the email list, Starting to put links in the bottom of the emails. So you can go and watch those videos. If you're a video type person that you know, more visual. So it's, I think all good. And it's good news for everybody. And this is what happens, I think, as you get more mature, In the business.
[00:07:36] As I said, I've been on the internet for more than 40 years, helped develop some of that software that some of it's still in use today and now it's time to do more give back. And I really am trying to give back, okay, there's this isn't. This isn't a joke. No joke. So go ahead. Email me at Craig Peterson.
[00:07:57] Tell me which punch list that you would like. And I can also put you on my email list so that you get my insider show notes, and you can just do that yourself by going to Craig Peterson. Calm. You'll see right up at the top of the page. If you scroll down a little bit, it'll pop up. It's a big red bar that goes across the top.
[00:08:17] I try not to be too intrusive and you can sign up there for the newsletter. So you'll get some of these trainings automatically. You'll get my insider show notes, all of this stuff. It's absolutely free. Okay. This is my give back to help you out. It really is. Okay. As I mentioned at the very beginning.
[00:08:37] Peeve by some of these people that represent themselves as tech experts. And in fact, all they are marketers. We've got a client that decided that I was too expensive. My team. So they went out and shopped around, tried to find the cheapest company they could. And so now the company that they're bringing in is saying, you're saying Hey so how does this work?
[00:08:59] How do you do zero trust? Why do you have a firewall here? Why do you bother to have a direct fiber link between the offices? All this stuff? Because they need it. Okay. I get it. You use. Barracuda spam firewalls and Barracuda firewall holes it, yeah, this is a different league. Okay. So you're going to be getting these punch lists from me that are really going to help you understand and secure your systems.
[00:09:29] This isn't your average run of the mill, managed security services provider or managed services or break fix shop. You're getting it from the guy that the FBI. InfraGuard program went to, to do their trainings. That was me. Okay. So for two years I set up the program. I ran it. And if we ever sitting down and having a coffee or a beer, sometimes I'll tell you why I left.
[00:09:53] Okay. But think about FBI and I think you might have a clue as to why I decided not to do that anymore. I trained thousands of businesses, government agencies, state local. Federal, you name it. So you're getting what you really need, which is another problem. I keep hearing from people, you do a search for something on YouTube or Google and you get what a million, 5 million pages, as supposedly that it says are available and they give you, okay, then here's the top one. But what you need is an integrated, single. To do things where everything works together. And that's what I'm trying to do for you guys, because there's so many little products, different products that just don't work so well together.
[00:10:46] So we'll be covering that as well in these, but you gotta be on that email list. Craig peterson.com. Craig Peterson, S O n.com/subscribe. We'll take you right to the subscription page and I'll keep you up to date. This is not my paid newsletter. All right, stick around. We'll be right back. And I promise I'll get to Russia.
[00:11:12] Some of the high-tech companies and others pulled out of Russia after the Ukraine invasion, but one stayed Google. What is going on with Google? And now they're in big trouble with the Russian government. Wow
[00:11:28] here's the list of companies according to seeing that, that have. Out of Russia because you remember Russia invaded !Ukraine, February 24, we had Adobe, these are the guys that make Photoshop, Adobe reader. Airbnb has an interesting story too in Ukraine because a number of quite a number of Airbnb customers went ahead and rented rooms and homes from Ukrainians, even though they had no intention of going and they told the Ukrainians, Hey.
[00:11:59] The I'm not going to show up, just take this money. I'm sure you need it. Can you imagine that? But that's fantastic. Good for them, Amazon. They suspended shipments of all retail products at customers in Russia and Bella ruse and also suspended prime video for users. Apple stopped selling its product in rushes.
[00:12:21] It's halting online transactions, including limiting apple pay. It's also disabled. Some apple map features in Ukraine in order to protect civilians, Amazon web services. They don't have data centers or offices in Russia, but it stopped allowing new signups for the service in Russia. BMW for GM, huh? I have all scaled back their operations or stopped them.
[00:12:49] Ford suspended its operations in Russia effective immediately until further notice. GM is suspending business in Russia. Honda has a suspended exports to Russia, Disney halted, all theatrical releases in Russia, including the new Pixar film, turning red, also pause content DJI. The drone company that has gotten in trouble here in the U S for some of its practices of sending GPS information to China while they're not doing it over there.
[00:13:20] Electronic arts. They make a bunch of very popular games, epic games, and other one Erickson, FIFA body band Russia from this year's world cup formula one canceled its plan planned Russian grump, pre Fujitsu, Goldman Sachs. Now Google that's where I want to go. We'll stop at Google here for a minute.
[00:13:44] Google. Suspended their ad network in Russia. And the idea was okay. We're not sure how payments are going to work because Russia of course has had this kind of this lockdown by foreign countries on their banking system. We're not sure we can get the money out. That's what they're apparently doing now.
[00:14:08] They're still there. Google's YouTube it search engine on and on still running in Russia. Now that is really disturbing. If you ask me, why did they not pull out? It doesn't make sense. So Google did stop accepting new customers for Google cloud in March. YouTube said is removing videos at denier trivial trivialize, the Russian invasion, but what finally got.
[00:14:42] Out of Russia, Russia seized their bank accounts. They froze them. They transferred their money out of the main bank account in Russia. We're talking about a $2 billion per year business, Google Russia, that really upsets me. So I did a little more research online about all of this, and I was really surprised to see that you crane now has given the Ukraine peace prize to Google.
[00:15:12] And it says, quote, on the behalf of Ukrainian people with gratitude for the support during this pivotal moment in our nation's history. So what is it? I'm not sure. So they're one of their foreign ministers, and Karen. I think I said, thank you. From the beginning of the war, Google has sought to help power.
[00:15:35] However we can through humanitarian support of our tools, we'll continue to do as long as needed. So I dug in a little more and tried to figure out what's up. Russia or Google left its Russian search engine online and YouTube online and was using it in Russia in order to. Control the narrative in Russia.
[00:15:59] Now, unlike what they've done here in the U S where Google hasn't been caught, many times controlling the narrative in various elections and taking certain ads and not taking others and taking certain business and not taking others, apparently in Russia, it has been. Blocking a lot of the stuff that Russia itself has been putting out.
[00:16:23] So the federal government there in Russia. Interesting. Hey, so they also have helped you crane out by providing them with mapping GPS and rumor has it satellite services. Yeah, interest in it to track Russian troop movements. All also Ukraine saying the Google news component has also been tremendously valuable.
[00:16:51] Google's also helping to raise money for the cause of Ukraine. Like many companies are doing right now to help people displace due to the war and Poland. Wow. They've been doing yeoman's work and bringing. People in, by the millions, into Poland from Ukraine or reminds me when I lived in Calgary, Alberta, my Cub, one of the Cub masters Cub troop leaders was a woman who came from Poland many years ago.
[00:17:18] This was back during Soviet occupation. Poland. And I remember talking to her about what was happening over there. Why did she leave? And it was just so impressive. The polls have done so much impressive stuff over the years. So they're also saying that Google has done a lot of other things in order to.
[00:17:39] Help protect Ukraine, including Google's blocked domains. They've prevented phishing attacks against Ukraine. They warned targeted individuals that they are being targeted. It's really something what they've done. So my first knee jerk was why is Google? Still doing business in Russia while now it's become clear because they have a special page for Russians that gives correct information, at least, Google is claiming it's correct.
[00:18:13] I don't know which fact-check teachers checkers they're using. That gives Russians real information about the war what's going on in Ukraine. What's happening with the Russian soldiers. Did you see this? Just this last week, the apparently Russia removed the age limit for volunteers for the military.
[00:18:35] It used to be, I think it was 40 years old. If you were a Russian citizen and 30 years old, if you are a foreign national, now the Russian military will take any. At any age from anywhere. In other words, Russia has really getting hard up if they want people like me to fight their wars.
[00:18:54] I'm sure they don't really want, I don't know. Maybe they do want me, that every war needs cannon fodder. So it is fascinating to see good job Google. I am quite impressed. I did not expect them to be doing that. They've also. Provided over $45 million in donations and grants to various groups.
[00:19:18] They've done pro bono work for various organizations over there. So this is really cool. So that's it. That's what's happening over there? Yeah. Crane and Googled, you can of course, find out a lot more. Get my insider show notes. So you had all of this on Tuesday morning. You could have digested it all and be ahead of everybody else out there.
[00:19:43] And then also don't forget about my new offer here. Free, absolutely free for anyone. Asks by emailing firstname.lastname@example.org. I'll go ahead and send them to you, which is I think a pretty cool thing now. What am I going to send you? You got to ask first, right? You got to ask. And what we're going to be doing is taking what I have been using for years to help secure my customer.
[00:20:14] And we're making available for free my cyber punch lists. Craig peterson.com/subscribe.
[00:20:22] Bit of a hub-bub here. Biden's infrastructure bill $1.2 trillion. And it's in there is this thing that Bob Barr's calling an automobile kill switch. I did some more research and we'll tell you the facts right now.
[00:20:39] What are you supposed to do? If you are trying to pass a bill to stop drunk driving deaths, and you've got all of the money in the world, Joe I guess 1.2 trillion, isn't all of the money in the world. What are you going to put in there? I did a search on this and I'm chuckling because this is craziness.
[00:20:59] This is the AP associated press. And they've got this article claiming. President and Joe Biden signed a bill that will give law enforcement access to a kill switch that will be attached to all new cars in 2026 APS assessment false. Okay. So we've got fact checkers here while the bipartisan infrastructure bill Biden signed last year requires advanced drunk and impaired driving technology to become standard equipment in cars.
[00:21:31] Experts say. Technology doesn't amount to a kill switch. Let me see. So I can't start the car. If the car's computer thinks I might be drunk or impaired in some other way, but that's not a kill switch. What is that? Then if I can't start the car, because I have a disagreement with the computer. How about these people that I don't know, maybe their eyes can't open all of the weight.
[00:21:59] Maybe they have problems with eyes on nystagmus though. Eyes jittering back and forth. And then now what are they going to argue with the computer? That's a kill switch. I can't believe these crazy people that are like AP here, coming up with fact checking on things. So yeah, I'm sure there some distortions in some articles out there, but they contradicted themselves and to bear graphs, I guess they figure people are just going to see false.
[00:22:30] Okay. I'm done. And they're not going to bother reading the rest of the article. Ah, Kind of crazy, isn't it? So according to an article written by member, former us representative Bob BARR in the infrastructure bill, is this kill switch. Now the big question is what is the kill switch? How far does it.
[00:22:55] So I decided let's look up something I remember from years ago and that is GM has the OnStar system it's yet another reason I won't buy GM, there are a number of reasons, but this doesn't, it. OnStar system, they've got an advisors and that grade, and if your car is in a car accident, a crash that advisor can hop on and ask if you're okay.
[00:23:22] And if you want emergency services coming, they'll come OnStar. We'll call them. And if you are just fine, they won't bother calling. If there's no answer at all, they'll call emergency services and let them know where the vehicle is because the vehicle has with OnStar built-in GPS. One of the features of OnStar is that it can send a signal to disable cars, engines, and gradually slow the vehicle to an idle speed to assist police in recovering the vehicle.
[00:23:58] Now they will only do that at least right now for vehicles that have been reported stolen and have been confirmed by the police. So in reality, that's cool, right? It slows down. Hopefully the bad guy, if he's on the highway, makes it over to the side of the road and while the car slows down and eventually stops.
[00:24:22] So all of this stuff sounds good. This kill switch. Sounds good. Doesn't it? Because we're going to keep drunk drivers off the road. Now in reality, of course, they're not going to be able to keep drunk drivers or other impaired drivers off the road. I really don't care what kind of technology they put in.
[00:24:44] And they're not talking about putting in one of these blow in the tube, things that checks your blood alcohol level. They're talking about having a camera facing you as the driver and probably other occupants of the vehicles and that internally facing camera. Is going to evaluate you. It's going to look at you.
[00:25:07] It's going to look at your face. If something droopy, or are you slow to respond? It might have a little test to that. It has you take right there. The law is very loosey goosey on any details. There really aren't any, so it's going to be up to the manufacturer. So they put this in the car step.
[00:25:28] Just like OnStar, step one, put it in the car and they'll tell you when to turn you remember how cool that was the GPS with OnStar. And you tell ya, I want to go to this address. And then the assistant goes ahead and sends programming to your car. And now you can go. And if you lock your keys in the car, they can unlock the car for you.
[00:25:51] All kinds of cool stuff. And then next up what happened. But they can stop the vehicle. So there's another technology story related to OnStar. And this is from 2009 from Kelly blue book, OnStar stolen vehicle slowed down Fort it's first carjacking. So again, doesn't that sound fantastic. And this was a Tahoe OnStar.
[00:26:18] And the driver and his passenger forced out of the vehicle robbed by a shotgun wielding perp who then drove off in the SUV. And the OnStar dispatcher was able to locate the vehicle using GPS advice please, of exact location. And as soon as the police establish visual contact, the stolen vehicle slowdown system is activated available on a number of GM cars and trucks.
[00:26:43] So this was over a decade. That this happened, but the technology's evolved. Yeah. So we initially have all of these car companies trying to decide, okay, so we've got this kill switch law, which AP says is not a kill switch law because they talk to experts just the, what was it? 52 people heads of intelligence.
[00:27:08] Committees and agencies said that this wasn't a collusion hope, right? So they talked to experts who said no, this isn't a kill switch, but that's today you can argue, it's not a kill switch. I would completely disagree with you. Day one. It's a kill switch. Cause you can't start your car. It's a kill switch.
[00:27:25] I kill switch is often something you hide somewhere on the car so you can kill the engine. So it can't be stolen. It's a kill switch. Come on. People fact checkers aside, but this could potentially allow law enforcement again, to shut down your car. Remotely track the cars, metrics, location, maybe the passenger load, because remember now cars are tracking all of this.
[00:27:51] They've already been. Tickets issued by police. The did not see anyone speeding. The car was not caught on a traffic camera, but they hook up a device to your cars port that talks to its computer. And the computer says, yeah, he was doing 80 miles an hour, five minutes. And all of a sudden you got a ticket, right?
[00:28:12] Massachusetts wants to go ahead now and say, ah yeah. Let's charge by the mile that you drive in mass. Because of course you're not getting enough revenue from gasoline because of the electric cars, electric cars are not paying their fair share when it comes to road taxes. So let's do it that way.
[00:28:32] So how are they going to collect the information while. And they're going to hook up to your car's computer. The next thing coming down the road in it's already in most cars is wireless data connectivity, or you might've found already. If you have a Nissan, a Honda, many other cars. You have to get a major, upgrade it very 600 bucks up to a few grand for an expensive car, but the two G data network.
[00:29:02] And we talked about this on the show already is being completely shut down by the end of the year. So they've got to replace it and switch you over. To the L G E data network, which of course eventually will go away as well, or at least three G what happens once it's all hooked up? The next easy step is just feed all of that information straight to the government.
[00:29:26] Craig peterson.com.
[00:29:30] If you've been afraid of ransomware before, I've got a good example for you where a whole country now has been ransomed. Absolutely crazy. So we'll talk about that. What is the state of ransomware? And the NSA is asking us to trust them again.
[00:29:47] Of course staying up to date means that you get my insider newsletter pretty much every Tuesday morning.
[00:29:54] And the only way to get that is to go to Craig Peterson.com/subscribe. And I will keep you up to date. You'll get even more insight information. The Costa Rican government has declared a state of national emergency. And to the best of my knowledge, this is the first time a government has done this because agencies of the Costa Rican government have been hit so badly by the Conti rants.
[00:30:24] That the new incoming president immediately declared a state of emergency. So now the country has expanded law enforcement powers and they are trying to go after the Conti ransomware group. No between you and me. Good luck on that one. They are based in Russia. There's a number of different articles out this week.
[00:30:47] This one from ADV Intel at tech target. But according to their research, the Conti ransomware groups attack on Costa Rican government was part of a rebranding effort. So this ransomware gang has seen a lot of their payments, just dry up. Because it's harder to get the money in. And what are you going to do with cryptocurrency?
[00:31:11] If you're the Conti group, can you turn it into anything useful? It depends on the country you're in, but for most people, no. Okay. Absolutely. No. So we were able to knock the Conti ransomware groups website. Offline. And we talked about that before here. The U S government did that, but now this is marking a new chapter for the cybercrime landscape.
[00:31:38] Interesting. Isn't it? So there are some investigations that have been going on. They've been trying to figure out what happened. What was the cause of the downfall of the Conti ransomware group? Are they really gone? Why did they pull their website offline and. They declared publicly support for Russia in its invasion of Ukraine.
[00:32:02] And so now the Conti ransomware group got hacked and held ransom. They suffered major league. As a consequence. So other hackers went after Conti, which is a hacking group and they showed here from internal documents that were stolen, that the Conti ransomware gangs primary Bitcoin address, which was found in the leak, showed that they had taken in over $2 billion in cryptocurrency over the last five.
[00:32:35] Isn't that just amazing and anonymous leaker has published more of the gangs communications, that can help the mass for sure. But you think with that much money, they'd be able to protect themselves right now on top of it, because of the hack of Costa Rica and the major damages, because the U S government has offered a couple of bounties here.
[00:33:00] Against the Conti ransomware group. So there's $10 million available. If you can provide the feds with information about the leaders of the Conti ransomware group and $5 million that you can get leading to the arrest of anyone involved with a Conti ransomware attack. Isn't that something. So ransomware has been really out of control for years.
[00:33:25] There's no signs that things are actually slowing down. Definitely been enhanced law enforcement efforts to track them down. But I'll ultimately here, the core members of these groups have been escaping these law enforcement activities. They've been using mules like 2000 mules. Have you seen that movie?
[00:33:46] But the idea is they get people primarily in the U S because that's where most of the money comes from. They do rent. Of people and businesses information here. In fact, last year, it's estimated that 60%, six, 0% of small businesses were hacked, which is just crazy. No wonder has got $2 billion. Okay.
[00:34:07] What are we supposed to do? What are they doing to really come after us? They're doing many of the same things. These mules will be hired saying, Hey, I just need to use your PayPal account. And all you have to do is transfer some money. 5%, 10% of the money I put in there. And they've always got these excuses, think that I, Jerry, an email scams from years past, and frankly still go around a little bit here, but large bounties are really becoming a part of the toolbox, a law enforcement's been using in the us and abroad to try and track them down.
[00:34:44] And that's really what they're hoping for down in Costa Rica, because what are they going to do? Frankly, really what are they going to do? I don't know. And they obviously are relying on the United States to help them out with this. And the internal structure of the Conti group has been highly organized.
[00:35:03] They've got the same type of structure of legitimate corporation would have it takes it to work that needs to be done. They hire contractors that may not even know who they're actually working for to write small pieces of a code here that gets tied. So it's not too surprising that a Conti affiliate is going to go far enough to cause a national emergency to be declared.
[00:35:30] One of the things that Conti has done and some of these other ransomware companies have done companies gangs. They have ransomware as a service. So there's all of these people that are affiliated with Conti and all you have to do is get the Conti ransomware onto someone's computer and ta-da, they will pay you.
[00:35:54] It's really that simple. They've got tech support for the people that are ran through there. They got ransomed to help them supposedly pay, right? How do I buy Bitcoin? And they'll walk you through. And then they will help you with restoring your files. Hopefully they can be restored. They are, they can't always be restorative.
[00:36:15] I think right now the latest number I saw. How about 60% of people who have their data encrypted and ransomed are in fact able to get that data, but there's 60% of the data back. So that's not too big a deal, but Conti operates on affiliate. And this affiliate that went ahead and grandson and our friends in Costa Rica is called UNC 1 7 5 6, uncles, 7 56.
[00:36:51] They're also suspected in other attacks on government servers, including a theft of intelligence materials. Peru. And this attacker has already leaked information stolen from Costa Rica and it's on the Conti ransomware dark web portal, which is online. And after the former president of the country refused to pay a $10 million ransom demand, they started leaking the data.
[00:37:17] So in this case, focus has been on the national government agencies. They are potentially looking at what might you might call espionage, but these Conti ransomware affiliates have become famous for really quickly exploiting new vulnerabilities as they're published and being indiscriminate in who they attack, because $2 billion.
[00:37:39] And then the other part that I think is really interesting here. W we're talking about money, we're talking about real money, obviously, Conti deals almost exclusively in Bitcoin, which can be hard to turn into hard currencies, but that our friends in Costa Rica have said, no we're not going to.
[00:37:59] Knowing what has been stolen and what they no longer have access to. In fact, the president said that the company, the country Costa Rica is effectively at war. Now, they got a foothold Conti did in 27 agencies at different levels of the. And the yeah. Okay. So Conti is say, I'm looking at an article in the register here.
[00:38:26] Conti is apparently has made more than 150 million from a thousand plus victims while we know it's actually 2 billion, but it depends on the timeframe that they're talking about. And the Conti says that they are determined to overthrow the government by means of a cyber attack. We've already shown you all the strength and power.
[00:38:45] You have introduced an emergency. It's really quite something. Now I mentioned earlier today that I am. Taking all of the cyber security stuff that we have been using here over the years. Things like our plan of action and milestones documents and all of this stuff we use to run our projects for our customers.
[00:39:11] It's the real stuff, people. And remember, I've been doing the cyber securities. Since the early nineties, so we know what we're doing, I know what I'm doing and I'm making it available for free. Okay, guys, you just have to send me an email email@example.com. So the first cyber punch list that we have that available, and all you have to do is ask for it again.
[00:39:37] Me, M firstname.lastname@example.org is the. Email punch list. So with this punch list, I go through the things that you need to do. In order to secure your email and be more or less secure in your email. Now, I don't know about you. I do not like these long diatribes. I have a book behind me that is hardening windows 10 and it is in a four inch binder.
[00:40:14] Cited. There are thousands of recommendations in there from Microsoft. There's a lot that needs to be done. So what I've done is boiled it down to the most important things. And as I said, it's available for absolutely. Free for you. It really is. If you're a listener, just email me M email@example.com.
[00:40:38] You can ask me to add you to my insider show notes and my little three minute trainings that we do every week. You can also ask for a cyber punch list that you might need. So it's just, okay, we need to do this. You need to do that. You need to do this. You need to do that. So it makes it very straightforward.
[00:40:57] I'm trying to. To be, to see about any of this, but we have had amazing feedback on this from companies over the years, and now it's available to you for $0. Okay. So make sure you check it out. Craig peterson.com and you can always email me M firstname.lastname@example.org as well. Thanks for taking a little time with me today and look for me online.
[00:41:24] Look for my emails and if you would please. Thumbs up on your favorite podcasting platform, YouTube or rumble or subscribe. Thanks.
[00:41:37] We're going to talk about the Senate bill that has big tech scared, really scared. I'll talk about a new job site problem for a number of different industries because of hackers and cloud, the cost and reliability.
[00:41:53] This tech bill. It has the Senate really scared.
[00:41:57] He is frankly, quite a big deal for those of you who are watching over on of course, rumble or YouTube. I'm pulling this up on this screen. This is an article. ARS Technica and they got it originally from wired it's it was out in wired earlier in the month. And it's pointing out a real big problem that this isn't just a problem.
[00:42:23] This is a problem for both the legislature. In this case, we're going to talk about the Senate and a problem for our friend. In big tech. So let us define the first problem as the big tech problem. You're Amazon. You are Google. Those are the two big targets here of this particular bill. We're going to talk about, or maybe your Facebook or one of these other Facebook properties, et cetera.
[00:42:50] If you are a small company that wants to compete with any of these big guys, What can you do? Obviously you can do what everyone's been telling us. Oh, you don't like the censorship, just make your own platform. And there've been a lot of places and people that are put a lot of money into trying to make their own platform.
[00:43:12] And some of them have had some mild successes. So for instance, I'm on. You can watch my videos there. And there have been some successes that rumble has had and making it into kind of the competition to YouTube. But YouTube is still the 800 pound gorilla. Everybody wants to be where the cool kids are.
[00:43:32] So for most people. That YouTube. They look at YouTube as being the popular place. Thus, we should be, we are obviously saw the whole thing with Elon Musk and Twitter, and the goings on there. And Twitter really is the public square, although it's died down a lot because of this censorship on Twitter.
[00:43:52] Interesting. So as time goes forward, these various big companies are worried about potential competition. So how do they deal with that? This is where the real problems start coming in because we saw Amazon, for instance, in support of an internet sales tax. You remember that whole big deal. The internet had been set aside saying, Hey, no states can tax the internet and that's going to keep the internet open.
[00:44:21] That's going to help keep it free. And people can start buying online. And that worked out fairly well. A lot of people are out there, why would Amazon support a sales tax on the internet? They are the biggest merchant on the internet, probably the biggest merchant period when it comes to not just consumer goods, but a lot of goods, like a staples might carry for business.
[00:44:45] So they'd have to deal with what they're 9,000 different tax jurisdictions in the United States. And then of course all these other countries, we're not going to talk about them right now, but the United States 9,000 tax jurisdictions. So why would Amazon support an internet sales tax when there's 5,000 tax jurisdictions?
[00:45:10] The reason is it makes life easier for them when it comes to competition. So if you are a little. And do you want to sell your widgets or your service? Whatever it might be online. You now have to deal with 9,000 tax jurisdictions. It's bad enough in the Northeast. If you are in New Hampshire, if you live in New Hampshire and you spend more than, I think it's 15% of your time south of the border and mass, then mass wants you to pay income tax for that 15% that you are spending your time there.
[00:45:48] Now they do that with the. Baseball teams with football teams, hockey, you name it, right? So the big football team comes into town. The Patriots are paying the New York jets or whatever it might be. The Patriots have to pay New York state taxes, income tax now because they stepped foot in New York heaven forbid that they try and do business there and help New York state out.
[00:46:12] And they now have to pay income tax. Now they only have to pay income tax for, or for the amount of time. They're more New York. Various states have various weirdnesses, but if you're only playing 1, 2, 3 dozen games a year, It isn't like your normal work here, which is 2080 hours. We're talking about their plane to New York and they're only spending maybe 10 hours working in New York, but that represents what percentage, 10, 20, 30% of their income, depending on how many games they play and how they're paying.
[00:46:45] And so they got to keep track of all that and figure it out. Okay. We played in New York, we played in New Jersey. We're in mass. We were they weren't in New Hampshire, certainly the Patriots plane, but they got to figure it all out. Guess what? Those big pay. Football players, hockey, baseball.
[00:47:03] They can afford to have a tax accountant, figure it all out and then battle with them. I had a booth one time at a trade show down in Connecticut. Didn't say. Thing it was terrible trade shows, man. They aren't what they used to be. And they haven't been for a long time. This is probably a decade plus ago, maybe even 20 years ago.
[00:47:26] So I had a little booth, we were selling our services for cybersecurity and of course, nobody wanted to bother pain for cybersecurity who needs it. I haven't been hacked yet. Although there's an interesting article. We'll talk about next week based on a study that shows. Small businesses are going out of business at a huge rate because of the hacks because of ransomware.
[00:47:49] And if you're worried about ransomware, I've got a really great little guide that you can get. Just email me, email@example.com. I'll send it off to you, right? It's a free thing. Real information, not this cruddy stuff that you get from so many marketers, cause I'm an engineer. They'll go out of business.
[00:48:10] So they figured I haven't got a business yet, not a big deal. And so no body. There's big trade show. And I was so disappointed with the number of people that even showed up for this silly thing. So what happens next while I get back to the office and about a month to two months later, I get this notice from the state of Connecticut they're tax people saying that I haven't paid my Connecticut taxes yet.
[00:48:37] And because I was in connected. I should be paying my income tax for that day that I spent and wasted in Connecticut. Oh. And plus every company in Connecticut that I'm doing business with now, I need to collect their taxes and pay them the taxes that I'm collecting for those Connecticut businesses are resident.
[00:48:59] I didn't sell a thing. You know what it took almost, I think it was three or maybe four years to get the state of Connecticut to finally stop sending me all of these threatening notices because I didn't get a dime from anybody in Connecticut. So I'd love the internet from that standpoint saying you don't have to collect taxes in certain cases, certain states, et cetera, unless you have a legal nexus or a legal presence there in the state. So back to Amazon, Amazon loves the idea of having everything on the internet packs. They love the fact that there's 9,000 plus tax jurisdictions. When you get right down to city, state county Lilian, either local taxes, or you look at those poor residents of New York state, or they're poor residents out in Washington state that have to worry about that, right?
[00:49:52] There's county taxes, state sales tax. City sales tax, and income taxes are much the same, the, all of these crazy cities and states around the country. Yeah. The ones that are in serious trouble right now, they are those same ones. Those particular jurisdictions are hard to deal with. So from Amazon standpoint is just like the Patriots football players.
[00:50:17] We've got plenty of money. We've got teams of lawyers. We have all kinds of accountant. We can handle this and you know why Amazon really loves it because it provides another obstacle for any competitors who want to enter the business. That's the real reason, so many big businesses don't go ahead and charge you serious money so that they can use that money against you.
[00:50:48] Okay. You see where I'm going with this? Because if you want to start a business that competes with Amazon, if you want to have a doilies, you're making doilies. My grandmother used to make them all the time and she had them on the toilet paper in the bathroom, little doily holders. Doilies everywhere.
[00:51:06] And then of course, the seashells shells on top of the toilet paper holders. If you want to do that and sell it, how are you going to deal online with 9,000 tax jurisdictions? All what you're going to do is you're going to go to Etsy, or you may be going to go to Amazon marketplace and sell your product there.
[00:51:25] An Amazon marketplace. So Amazon is taking its cut out of it at is taking it's cut off. And you still ultimately have some of that tax liable. Amazon loves it. It's the same reason you see these groups forums, right? Barbers saying, oh, we've got to be regulated. Really you need to have a regulation in place for barbers.
[00:51:49] You need to have licensing for barbers. Why do they do that? They do that. Not just barbers, right? It's all of these licensures and various states. They do that really to keep people. To keep their prices high. That's why they do it because someone can't just put up a sign and say, Hey, I am now a barber.
[00:52:10] Come get a haircut. And if you don't like the barber, if they do a lousy job, you go elsewhere. We don't need all of the bureaucracy on top of this to enforce licensure. Anyways, when we get back, let's talk about that Senate. It's a big deal. And I am coming down in the middle of this thing. Hey, visit me online.
[00:52:30] Sign up right now. Craig peterson.com and get my special report on passwords.
[00:52:38] We just talked about why big business loves regulation. It helps protect them from up and coming small business, frankly, let's look at this bill, the Klobuchar and Grassley just introduced in the Senate.
[00:52:54] I am coming down in the middle of this bill. And let me tell you why we really do have a problem with some of these big businesses.
[00:53:04] For those of you who were watching here on rumble or YouTube, I'm going to pull this up. This is an article that was originally in wired and is in ARS Technica, great website. They got lots of good information and the title of the bill is a Senate bill that has big texts. So the question is why now are ours technical?
[00:53:27] I'm going to scroll this down so you can see what they are saying. They're claiming that this is really apocalyptic that frankly the people who are pushing against this bill are obviously the wrong people and everything else. But I love this point here. This is from a senior VP of policy at Yelp.
[00:53:50] You can see this on my screen. Luther Lowe. And he's talking about this bill. Actually one of two. Antitrust bills is what they're called in the us. There's voted out of committee by a very strong bi-partisan vote. And the other bill is to regulate app stores and there's issues with that too, that we won't really be talking about today, but they have to do with protecting you the consumer.
[00:54:19] If you can load any app you want from any app store on the internet, on your iPhone, is your iPhone still? Versus having to get it from apple. We're not talking about that one right now. This is Congress's shot here to stop big tech companies from abusing what they're calling a gatekeeper status.
[00:54:42] So we're going to talk about that. What is this gig key keeper status? What does that mean? So Luther low back to him, VP of policy at Yelp long time ago. Antagonist says it, the ball game. That's how these guys stay big and relevant. If they can't put their hand on the scale that it makes them vulnerable to small and medium-sized companies eating their market share.
[00:55:11] Isn't that what I was. Protecting themselves, protecting themselves against the small startups. And if you've got government regulation on your side, you can just hammer them with the fact that, Hey, you guys aren't compliant, right? If you've got some major government regulation to just look at what happened with Elon Musk, when he said I'm going to buy Twitter, all of a sudden his.
[00:55:40] And he, his Twitter account has problem. All of a sudden what w what his money has prompted. All of a sudden when Elon Musk's that I'm going to buy Twitter, the government started investigating Tesla. It's amazing. How these people work and how they think. It's just, it's absolutely amazing.
[00:56:00] So they use these big companies, use government to beat other people over there. It's like my example of the barbers, right? Do we really need licensing for barbers? Do we really need to have a barber board that oversees barbers? If someone harms you, there are laws against that. No. When I was, for 10 years, I was in EMS.
[00:56:26] I was a volunteer EMT. You guys know that emergency medical technician and my wife was. And if we were to cut someone's hair without their consent, that would be considered assault, even battery in some cases. So there's laws on the book to protect your hair. Okay. Need laws about barbers? We don't need laws about so many things.
[00:56:52] The government sticks its fingers in. And so what is it? Stick his fingers in here. What are they trying to do? Let me pull that up on this screen for you. Senators Amy Klobuchar and Chuck Grassley, CR grassy, I should say, who were our, excuse me. So are the top Democrat and Republicans on the Senate judiciary committee are saying, Hey, we need to regulate how Amazon, how Google and these others can use their position in order to.
[00:57:30] Keep their fingers off the scale. So bottom line, that, that sounds like a pretty good idea to me. And that's the thing that fits on the bumpers bumper stickers, stop Google from putting their thumb on the scale. Stop Amazon from putting the thumb on the scale because we have.
[00:57:47] Actual problems with this. We have seen where people who are using Amazon marketplace to sell their stuff. Why would they do that? Obviously they've got to pay a percentage to Amazon plus depending on how your business operates, you have to pay Amazon to warehouse. You're good. Just for you. You have to pay Amazon for all the logistic services for shipping, for moving around between Amazon warehouses and then for selling it, it can get pretty darn expensive.
[00:58:20] Okay. Amazon charges, that seems pretty fair to me, right? The libertarian mindset. Where's the problem. I don't see the problem, Craig. The problem is that Amazon has. Own products that they want to sell more than half of what's on the Amazon store is actually sold by third parties. And we've talked about that before.
[00:58:42] We talked about problems with that before, but that means that what almost half of it is sold by Amazon. So Amazon has a number of brands. Last I checked, it was a few dozen brands that don't look like they're Amazon. There's a home services brand. There's a place that sells couches or Chesterfields depending on where you're from.
[00:59:06] There's a whole bunch of different businesses, clothing, businesses, et cetera, that are actually Amazon who might've bought a company or they saw. That accompany was doing really well in their marketplace by selling item X. So what do they do? They go ahead and say, okay we're going to start making an item X, see where the problem comes in.
[00:59:29] So Amazon is using these small businesses that put everything on the line, right? They might have their house leveraged to the max. They might have sold their house and living with somebody else, apartments are too expensive. The cash to get their business going. They scraped the money together.
[00:59:46] Maybe they had to pay $5,000 to have a mold made injection mold, and then they have the stuff made in the U S or in China, or there they're trying to print it on a 3d printer for the. Concept. And they'd go through a number of different iterations of trying to make that product work and consumers to like it.
[01:00:07] And consumers give them feedback saying, what, if this was a quarter in smaller or moved over there on the product, that would just be so much more useful. So they add that they had the engineering time, they've invested quarter million dollars. Easily to get the product off the floor to get it out there and people start buying it.
[01:00:29] Where are they selling it? They got to really sell it on Amazon marketplace because who else are you going to go to for logistics, sales, support, everything else. And not to mention the tax jurisdictions that want to collect money from you. And then Amazon comes out with a competing. Is that enough to drive you crazy.
[01:00:51] Now we've seen this forever in the software industry. Microsoft has done this for years. Apple does it to I'm looking at a screen right here in front of me. I hooked up to an apple mini. Some of the side card functions and stuff. They were developed by a third party that spent their blood, sweat, tears, and money on developing it.
[01:01:16] And then along comes a big guy and you're out of business. We've got to finish this up. We will do that. When we get back, what's a Senate doing actually here. And what does it mean to you and me? Hey, visit me online. Craig peterson.com. Get my insider information for free.
[01:01:38] We just talked about how big business uses its advantages to crush potential competition. Crush them. And it's a shame and it's happened to me and many people I know, and now the Senate's getting involved and making things worse.
[01:01:55] This happened to me a number of years ago, and I will never forget it.
[01:02:00] It was a really big lesson for me. I had designed and written a computer system that would take the code that it was written for a much older system. And run it for much less money. So bottom line here, this was a system called Cade computer assisted data entry that was made by Sperry way back in the day.
[01:02:25] Yeah. I've been in there for that long and they had little programs, so they would not punch cards, but punch right on two tapes, those big nine track tapes and that information would then be used for processing later on then. People, big businesses grocery stores, you name it. We're using that Sperry system.
[01:02:48] And I designed a system that would take their COBOL is what it was. It was a form of COBOL code from this cage system. And you could use my code to compile it and run it on a Unix system. So the cost involved here was that it would be cheaper to buy a whole new Unix computer and buy new terminals and do some slight training changes.
[01:03:18] But the key punch operators would be exactly the same keystrokes as they were already used to. Okay. So you know how fast they were, so it wouldn't slow than none at all. And their cost would be. Then just the maintenance contract on the old Sperry cage. Very cool stuff. And I worked really well.
[01:03:38] Then I worked with a couple of sales guys at spirit because Barry had a Unix tower system. It was a mini computer that was Unix space. And I had one, I had saved up my money. We bought this thing. It was a lot of money nowadays. It'd be about a hundred thousand dollars I spent on that system and it was really great.
[01:04:00] Cool. So some grocery stores started using it. They used it to build the space shuttle to design it and send it into space. RCA, Astro space used it, my system, which is all really cool. So Sperry was interested in it saying, okay let's do this. Now. I had flown myself across the country too, because I was in California at the time to do some of this work for.
[01:04:25] The for RCA Astro space for the space program and help make sure it was working and get it installed, help them configure it and everything else. So I had a lot of time, a lot of money, a lot of effort into this. It was a big venture. So Sperry invited me down to their headquarters down in blue bell, Pennsylvania to talk about this.
[01:04:50] And I was so excited because their sales guys wanted to sell it. They gave me some free space in a booth in Las Vegas. So I was in the Sperry booth with them and, say, yeah, you can buy this. And you're using the Sperry, the new Sperry hardware. And I went down there and talked with them.
[01:05:10] They never did anything with me, or, here's a huge investment young guy. And all of this stuff just worked and they had proof of concept. They had a couple of customers already using the system and it never materialized. And then about a year and a half later, I found out Sperry had tried to duplicate my system and had messed it up terribly.
[01:05:35] It wasn't keystroke compatible. So anyone using the new Sperry system, they had to learn. Okay. So I got to hit this and I got to go over here and I got to click on this. Are you kidding me using a mouse? Aren't you not? These are data entry operators. They just go all day long, just typing and.
[01:05:52] They had stolen my ideas. They messed it up. They didn't do as good a job as I did, which turns out it's pretty common. And they had stolen it. They stolen years of my life. So I've seen that before with me. I've seen Microsoft do that with friends of mine, and I've seen apple do it with various products that they've decided to release.
[01:06:17] They all do it. Why do you think these businesses can not spend money on research and development, and yet at the same time, stay in business as technology's continuing to move forward? Why? The reason is. They don't have to do, or why would we do T wait a minute. Now, all we have to do is either buy the company or steal the product just re-engineer.
[01:06:44] Oh. And if we want to buy the company, we can do what Microsoft has been accused of doing again and again, which is. We'll just Microsoft. Let's see here. I like that database is pretty darn cool. So here's what we're going to do. So Microsoft announces, Hey, we're going to have a competitor to that in coming out soon.
[01:07:03] And then they sit there and they wait and they say, okay, how many people are going to ask about, oh wow. A lot of people asking for it. In the meantime, that company that had that great little database soft. Trying to sell it. And people are saying, wait, Microsoft is going to come up with a version of this.
[01:07:18] I'm just, I'm going to wait. We can wait a few months. Let's see what Microsoft. So that poor company is now seriously struggling because this big company came out and made the announcement that they're going to do something like this. And then that small company gets a knock on the door. Hey, we're Microsoft or company X.
[01:07:41] And we like your product. Wow. Okay. So we're going to do a buyout. We're going to we're just, oh, this is going to be fantastic. I might have to sign what a two year contract non-compete and help them manage it. Okay. We can deal with this. And then they find out that company X says Your company is not worth that much anymore.
[01:08:02] Your sales look at their sales here, man. They've gone way down. Okay. So let me see let's do a nickel on every dollar evaluation you had a year ago. This happens every day, worldwide in America, it should never happen to anyone. And as you can tell, it upsets me. So what are Klobuchar and Grassley doing here?
[01:08:30] Amy, when she was running for president, she made this big deal. I'm going to pull us up on my screen. Those of you who are watching on rumble or YouTube. And you can find all of that in my website, Craig peterson.com can see here. So they are trying to protect the American consumer, right? Yeah.
[01:08:49] Yeah. That's it. They're gonna protect us. And so what they're doing is saying that. Would a rule ruin Google search results because that's what Google says. Is it going to bar apple from offering new features, useful ones on the iPhone? How about Facebook? Will it stop them from moderating content? So the legislation's core idea is we will just.
[01:09:17] The marketplace take care of things. We're not going to let Amazon put their products in the product listings before third parties, but how are you possibly going to be able to regulate that stuff you can't, you can regulate it talking about a bureaucracy. You'd probably need one about as big as the federal government is right now.
[01:09:41] And the federal government needs to be cut back in a major way. There's this two months. How about the 150 million Americans? This article brings that up to that are currently using Amazon prime, even though the price one hump. And they have it free to prime members. It's this is a big deal.
[01:10:00] The bill doesn't mention prime. Doesn't mention Google by name, Amazon. But this is going to be a nightmare to enforce the bill is not specific enough. It should be voted down. And between you and me, I don't know what can be done about this other than to have additional marketplaces show up online. And you know what the conservative social media sites are starting to win.
[01:10:29] So maybe there's hope.
[01:10:32] We've got two things we're going to talk about right now. One of them is tech jobs. And man, is there a lot of scamming going on there as you might expect in the second is cloud, are you looking at cloud services? Hey, a home or business.
[01:10:48] You can see this. I'm going to pull this up on my screen for those watching on rumble or on YouTube, but this is a big problem.
[01:10:58] And we've seen this again and again right now, they're going after certain workers in the chemical. The sector, but it isn't just the chemical sector. What we've seen is the bad guys going after anyone that's applying for a job. So let me give you a few tips here. First of all, you should not be pain to apply for a job.
[01:11:25] We see that all of the time when it comes to the head hunting firms, what. Is, they will charge the business who is looking to hire someone that makes sense to you. They'll hire they'll charge the business. So oftentimes it's a percentage of the annual salary committee where from usually 20% up to a hundred percent or more, depending on the position.
[01:11:49] And boy can, they make a lot of money, but they don't necessarily place. People, but you know how it is right now, there, there can be quite a few. So people have been applying for jobs to make a lot of money and not realizing that fee that supposedly they have to pay is illegitimate. So remember that.
[01:12:10] Okay. The second thing has to do with this particular scam, because what they're trying to do is. Into some of these companies. So they will send a thing out saying, Hey, on my head hunter, I'm here for you. We're going to get you this job you need to apply. Are you interested in a new job now? I've seen some stats online saying that somewhere around 30 plus percent of people are looking or at least open to.
[01:12:45] Take getting a new job, which means a lot more are looking for jobs. Now I have to add to that, that the people who have jumped ship over the lockdown period really are not happy. The majority of them wish they had stayed where they were at. So keep that in mind too. But what they'll do is they'll say, Hey, listen.
[01:13:07] Oh, there's this new feature on LinkedIn. By the way, you can say y'all are, I'm interested in looking for a job. I forget exactly what it says, but it goes around your picture and I have it up there because I'm a contractor, I go to businesses and I'm. To harden their cybersecurity. And we usually start slowly, especially with some of these startups we're doing work with right now where they won't, they go from a completely flat network and it's all engineers and I don't want anything hindering anything.
[01:13:39] And so you got to work with them and it's just, we had a time sort of a thing. Okay. I just had this one thing this week. And then move on to one thing next week as well. So that's what I do for a living. And a lot of people are looking on LinkedIn and other places to find people who can be a chief information security officer.
[01:14:01] So I'm what you call a fractional chief information security officer. I do this under contract and I've been doing contracts and contract work for. I don't know if I shouldn't be on the air, but my gosh it's been now I guess it's 40 years right now. So I've been doing this for a long time.
[01:14:22] So I'm familiar with some of these scams, so they didn't take my word on some of this stuff. So what they do is they say, Hey, we've got a potential job opening. Are you in interested now? When we talk about 30 plus percent of people polled say that they're looking interested in a new job, the numbers are probably a little higher. Not that everyone's going to jump ship. Some people will, but there are a lot of people that if they get this email, they're going to open it up. And so what'll happen now is this group out of North Korea called the Lazarus group? And we've talked about them before.
[01:15:00] We'll go ahead and say yeah, the here's, what's going to happen here. Let's just send you this thing. You can open it up. You can look at it and see if it's really a fit for you. I love this graphic that they have. This is from dark reading. I have it up on the screen again. Rumble and YouTube.
[01:15:19] What should we do now? Should I open this up? Should I not open it up? It turns out that what's happening is that Symantec and Broadcom, both have noticed this and stated in an advisory a couple of weeks ago. Be very careful because what it's going to do is install a Trojan horse on your computer.
[01:15:40] So let's think about this. You're talking about the chemicals. You have a lot of people who are very technical. And if a company wants to get some new technology, we talked about this earlier in the show, what did they do? Do they just go and say, oh, okay, let's get some R and D going here. Let me research and development.
[01:15:59] Let's hire some scientists and do some pure science here, which are almost never happens anymore. No, what they do is they either buy a company, they steal a company's idea. If you are like the communist, you try and steal the technology directly. And that's exactly what these guys are doing. They put a Trojan on your machine because you open that file and that Trojan then gives you.
[01:16:28] Oh, excuse me, gives them access to your machine. Now this particular Trobe Trojan is a malicious web file. Disguises. This job offer and your machine gets comparable. They attempt to compromise it, right? It's not always successful. They're not as many zero days out there for these lower level actors like North Korea, but they've been able.
[01:16:52] Now, they're not just going after chemical sectors, they're going after it service providers. So companies like mine that provide managed security services for businesses, they are being attacked. So that's a problem too, isn't it? Because if you can compromise. A nine company and we've seen this all the time.
[01:17:14] It's getting reported like crazy. You now have access to all of their customers because the it service company has passwords, et cetera. And they're probably using. Industry is number one or number two products for managing the customer's computers, neither of which are secure. And that's the biggest problem that we've had.
[01:17:38] We use some of these things before, I'm not going to name them right now because it wouldn't mean anything to you anyways, but we had to get. We worked with our, it people inside the software companies that make the software that are used by the managed services providers. And we'd talked with their developers and said, Hey, listen, this is a serious problem.
[01:17:57] That's a serious problem. You've got to change this. You got to change that. And what ended up happening? We left them because they weren't doing what they were supposed to be doing a very big deal. So they're targeting defense, contractors, engineering firms of any sort. They want to steal IP, intellectual property, pharmaceutical companies.
[01:18:18] Yeah. Very big deal. These third hunting teams, including Cisco's, which are the guys that we use. Tallow sets again, an example of a big company buying a smaller company called telos that does threat intelligence and it looks at stuff. They're all reporting to this. So high level jobs in an industry or what you have to watch out.
[01:18:40] It'd be very careful. Now, earlier this year, Lazarus group, again, North Korea went after some of these jobs people 250 that were identified working in the news media, software vendors, internet infrastructure providers, using job offers that appeared to come from. Disney, Google Oracle by the way, that was according to Google who tracked the campaign.
[01:19:06] They know what their employees are doing, where they're going, what emails coming in. It's crazy. We're looking a lot of stuff. Okay. So I want to move on to the next topic here. Last one, this hour, but I'm gonna pull this up right now on my screen. You can have a look at it there. Of course, if you are at home.
[01:19:27] You can or you really can't on the road. You can see this on rumble and also see this on the YouTube site. At least for the time being until I get kicked off right. Kicked off again. That seems to be the word of the hour, but cost reliability are raising concerns in. Again, this is a dark reading article, came out a couple of weeks back here, but the biggest concerns about cloud computing to what is cloud computing.
[01:19:58] Let's talk about that first for a minute. Cloud computing is going online using something like salesforce.com. People don't think of that as cloud computing. But you have in Salesforce, all the communications with all of your customers, et cetera, that's an example of a platform as a service, basically. So they're providing you with everything and it's up in the cloud, nothing to worry about here, folks, but of course you have the same potential problems.
[01:20:28] You do outs where people use what's it called now? Microsoft 365. Which Microsoft disclaimed any liability for any problems they cause for anything customers it's really crazy, but again, what are the problems there? Reliability slash performance, 50% of the people, 50% applaud on the screen.
[01:20:51] Again here worried about reliability and performance, because if your business is relying on cloud computing, What, how is the security any good? That you could use something, as I mentioned Salesforce, and just picking them out of a hat and not, they haven't been like a terrible provider by any stretch.
[01:21:13] But how about if you're going to Azure and you're using a workstation news here? How about if you're going to some other place, right? It could be Amazon web services. Google also has data processing services. Security's huge issue. Cost is a huge issue, reliability, performance, all of those. We're issues with more than 50% of the it professionals.
[01:21:37] I'm surprised that this next one, which is our staff skillset on dealing with cog computing 26%. The reason I'm surprised by that is hardly anybody knows enough about cloud computing. Do we really confident about it? I'm serious about that. There's some companies right now, we're talking with a company called Wiz and they audit Azure configuration.
[01:22:05] So be very careful if you're using. Particularly if you're a business, it may not work out well for you. Hey, make sure you go online right now. Craig peterson.com/subscribe. Sign up. You'll get my newsletters. You'll get all kinds of great information. Absolutely free Craig peterson.com including my special report on passwords.
[01:22:29] Now, if you have any questions, just email me Me@craigpeterson.com.