With consulting work comes travel. Over the years, I have traveled extensively and stayed in a variety of hotels and suites. Through this experience, I have noticed several issues with hotel (specifically room) security. In this blog, I am going to walk you through some of the consistent issues that I notice in hotel room security, due diligence and awareness.
As many of you probably know, you never want to leave your valuables laying around your hotel room when you aren’t in it. This is one of the reasons hotels provide a safe, a lock on the door and hotel staff. At least one of these should stop a criminal, as well as keep me, my valuables and my room safe, right?Replacement Room Keys
I cannot tell you how many times I have observed people casually walk up to the front desk and ask for a replacement room key. Depending on how you deliver this request will probably land you a room key without having to say anything but the room number. Just... read more >
Make your incident response team smarter and more effective
We’ve all heard it time and time again, “it’s not if, but when.” Being prepared for that imminent critical security incident is becoming essential. A small amount of investment can pay off tenfold in the effectiveness and efficiency of a response. Investing in an incident response plan can save time, frustration and minimize the impact on an organizations reputation, even if an organization decides not to invest in a full blown incident response program.
Being on the service end of incident response, I see a unique perspective on the challenges that organizations experience when faced with an actual cyber security incident. I see over and over again how utterly unprepared many organizations are in handling an incident. As J.R.R. Tolkien so graciously stated in “The Hobbit,” “It does not do to leave a live dragon out of your calculations, if you live near him.” I promise you, if you have internet facing assets; the... read more >
How to Use ELK to Solve Your One-off Log Analysis Problems
Performing log analysis with divergent data sets can be the stuff nightmares are made of. If you are lucky, your organization may have only a few dozen different log types throughout your environment. If you perform log analysis as a service, forget about it. There are many fantastic log management solutions on the market today, including our own ActiveGuard service. These solutions have robust log collection, analysis, and search capability. For a comprehensive, enterprise log analysis solution they are ideal, however they require substantial implementation and tuning for your specific environment and are intended for long term log aggregation and monitoring.
It is not always feasible to stand up one of these solutions on short notice or for a one-off project.
So where does that leave you? Manual log normalization and analysis? Manual techniques do have their... read more >
Understanding the How and Why Ransomware Targets are Identified and Pursued
Welcome back to our discussion about the Second Victim. You’ll recall that these are the unknown victims in a ransomware campaign. These are the servers used to deliver a message or accept payment, completely under someone else’s control and all without your knowledge. Today we are exploring some of the aspects that elevates a server from unknown, to target, and finally a victim. Whether its contents are being held for ransom, or they are a pawn in the actor’s nefarious game.
A researcher that I follow recently issued a “Heads Up” warning that new ransomware is targeting servers. At the time of the reporting there were at least 400 affected servers. After doing some digging, I confirmed that at least 40 servers are victims of ransomware and at least two dozen others may be affected, but are taking steps to remediate the problem. But how did this happen? What was it about these servers that made them vulnerable? Plagued by these questions, I... read more >
Your Backup Strategy Can Minimize the Risk
Ransomware is grabbing a lot of security news headlines these days, not necessarily because it’s worse than other types of malware, but perhaps because it’s more annoying. Older malware might simply have erased your hard drive. Ransomware encrypts it, saying “your data is still here, but you can’t have it.” To add insult to injury, it then tells you to pay a ransom “or else.”
Of course, paying the ransom is no guarantee that your data will be recovered. Once a system is infected with ransomware, there is no sure way to recover all of the data. But a robust backup strategy can get you most of the way back, and that’s a lot better than nothing. It’s hard to believe that large organizations or government offices have been caught without adequate backups, but it has happened to hospital groups, law firms, police departments, and even NASA (see links at the end of this... read more >
The most important weapon in your arsenal will be your ability to adapt.
-Batman (Bruce Wayne): Batman and Robin V1 #24
I LOVE to research things. Unfortunately, that constant drive to learn also results in a (perhaps not so) healthy level of paranoia. To that end, I take every precaution a security advisor can with their data while still functioning normally in an advanced society, much less a technical career. Because I also advise those in my life to do the same; I am the “go to guy” whenever anything technical happens to them.
Recently, one of these situations occurred. Someone near to me (Let’s call him Alfred) was following a common piece of guidance, “Frequently check online account statuses,” a few hours before taking his family on a multi-state road trip. Much to his surprise, he discovered 59 transactions with matching international fees, all under $3.00.
... read more >
A Cyber Security Risk on Your Wrist?
Smartphones in the ‘90s, outside of Nokia’s N series, weren’t even a thing. Wearable devices were a leftover trend from ‘80s cyberpunk. Images resembling those depicted in Snow Crash and Neuromancer were things of the imagination, but are now becoming part of daily life. “Goggling in” referenced in Snow Crash is a reality made possible by the new rise in virtual reality products like the HTC Vive and Oculus Rift. People are already carrying around what essentially amounts... read more >