AS HEARD ON - The Jim Polito Show - WTAG 580 AM: VPN's are a Problem for businesses, Federal Register Changes for DOD Contractors and Love in the age of Zoom
Craig Peterson - America's Leading Technology News Commentator
Release Date: 09/29/2020
Craig Peterson - America's Leading Technology News Commentator
First up, I have some sobering news. Almost all of our personal information has likely been stolen at one point or another. This could include our names, addresses, phone numbers, email addresses, and even passwords. Cybercriminals are constantly searching for vulnerabilities in systems where this information is stored, and unfortunately, they often find them. However, there are steps we can take to protect ourselves. One tool that can help is called "haveibeenpwned." It's a website where you can check if your email address has been compromised in any data breaches. If it has been compromised,...
info_outlineCraig Peterson - America's Leading Technology News Commentator
Welcome to this week's episode of The AI Revolution! In this episode, join us as we explore the world of Artificial Intelligence and its potential to revolutionize business and life. We'll discuss how to use AI for free, what it can do well, and when and where you should never use it. We'll also talk about how to generate emails, blog posts, and content for Facebook, Twitter, LinkedIn, Instagram, and YouTube live! Tune in now to learn more about how AI is transforming the world. Discover the Secrets of Internet Anonymity and Protect Your Privacy The best way to protect yourself from...
info_outlineCraig Peterson - America's Leading Technology News Commentator
Cyber security is no longer an option for small business owners – it's a necessity. Cyber threats are rising, and small businesses must stay ahead of the curve to protect their data and networks from malicious actors. This show will uncover the most dangerous cyber threats to small businesses and what steps you can take to stay secure. Ransomware Attacks Ransomware attacks are one of the most dangerous cyber threats to small businesses. Ransomware is malicious software (malware) that's typically delivered via malicious links or email attachments. Once installed on a network, the...
info_outlineCraig Peterson - America's Leading Technology News Commentator
Artificial Intelligence Search Engines You Can Use For Free Today Robot Kicked Out of Court CNET and BuzzFeed Using AI Biden Signs Go-Ahead to Use Child Labor to Make E-Car Batteries The Biden administration has issued a 20-year ban on new mining claims in the upper Midwest's famed Iron Range, and it is turning to foreign supply chains as it pushes green energy projects. The move comes as the U.S. continues to rely on foreign suppliers for critical minerals used in wind turbines and electric vehicles. The ban is part of a broader effort by the White House to reduce reliance on imported...
info_outlineCraig Peterson - America's Leading Technology News Commentator
A Step-by-Step Guide to Clearing Your Browser History and Wipe Away Your Online Footprint The process for clearing your Internet browser history can vary depending on your browser. However, here are the general steps for removing your browser history on some popular browsers… Generation Z is the least cyber secure because they are the most tech-savvy generation but also the least experienced in cyber security. They are likelier to take risks online, such as clicking on suspicious links or downloading unknown files and are less likely to use strong passwords or two-factor...
info_outlineCraig Peterson - America's Leading Technology News Commentator
ChatGPT's Technology Will Be Part of Everything This Year ChatGPT is a new text-generation tool trained on 40GB of Reddit's data. It can generate long passages of text virtually indistinguishable from human-written prose, which could have enormous implications for everything from customer service chatbots to fake social media accounts. The company behind ChatGPT is also working on ways to detect if the text was generated by ChatGPT or a human—though some experts worry about how bad actors could misuse this technology. The technology has generated random plot descriptions for video games to...
info_outlineCraig Peterson - America's Leading Technology News Commentator
Google Ads were weaponized in a way that made them appear like any other ad – Allowed hackers to infect computers with malware via a single click. Hackers have weaponized Google Ads to spread malware to unsuspecting users by disguising them as regular ads. They do this by cloning the official websites of popular software products, such as Grammarly, Audacity, μTorrent, and OBS, and distributing trojanized versions of the software when users click the download button. This tactic allows hackers to infect users' computers with malware through a single click. Google Ads, also known as Google...
info_outlineCraig Peterson - America's Leading Technology News Commentator
Artificial Intelligence is changing the world. Right Now! In just a few years, it's possible that you might be chatting with a support agent who doesn't have a human body. You'll be able to ask them anything you want and get an answer immediately. Not only that, but they'll be able to help you with things like scheduling appointments, making payments, and booking flights—without any human intervention necessary. This is just one of the many ways that Artificial Intelligence will change our lives this year. We will see more businesses using AI technology to make their processes more efficient...
info_outlineCraig Peterson - America's Leading Technology News Commentator
Privacy… Ring Cameras Hacked in 'Swatting' Scheme Critics and researchers say the Ring cameras are used to surveil gig economy drivers and delivery people and that they give law enforcement too much power to survey everyday life. The pair would hack people's Yahoo email accounts, then their Ring accounts, find their addresses, call law enforcement to the home with a bogus story, and then stream police's response to the call. Often, they would harass the first responders at the same time using Ring device capabilities. ++++++++ LastPass finally admits: Those crooks who got in? They did steal...
info_outlineCraig Peterson - America's Leading Technology News Commentator
Craig Peterson Insider Show NotesDecember 5 to December 11, 2022 China… Apple Makes Plans to Move Production Out of China In recent weeks, Apple Inc. has accelerated plans to shift some of its production outside China, long the dominant country in the supply chain that built the world’s most valuable company, say people involved in the discussions. It is telling suppliers to plan more actively for assembling Apple products elsewhere in Asia, particularly India and Vietnam, they say and looking to reduce dependence on Taiwanese assemblers led by Foxconn Technology Group. After a year...
info_outlineWelcome!
Good morning, everybody. I was on WTAG this morning with Jim Polito. He had a few questions about VPNs, seems like it is a little confusing for people to understand that they were designed for something completely different than what people are using them for today and that is where the problems are coming from. Then I broke some big news about the Federal Register changes and DOD contractors and sub-contractors that went into effect last night at 5 pm. Then we got a little light-hearted with a brief discussion about Love and Zoom. Here we go with Jim.
For more tech tips, news, and updates visit - CraigPeterson.com
---
Automated Machine Generated Transcript:
Craig Peterson: [00:00:00] We're giving you an emergency regulation, right now you have 48 hours notice and you have to actually secure your systems by December 1st. We now have people who can audit you, who have secret clearances or better and they're going to start that audit December 1st.
Hey, good morning everybody. Craig Peterson here. Mr. Jim Polito was in his studio for the first time in many months. He sounds much better there in the studio. We got into VPNs. What is the problem? What is this whole thing called zero-trust, and how's that going to be affecting us here in days, weeks, months ahead. Also huge, huge, huge, huge announcement. Federal register. If you do anything for anybody that does anything for the Department of Defense, including mowing their lawns. A big change in the federal register. You are now in serious trouble. If you don't meet these guidelines, that has been published for a couple of years. This NIST 800-171, but anyhow, I mentioned that is Whoa!
So here we go with Mr. Polito
Jim Polito: [00:01:16] A great Tuesday segment, it would be a great segment any day of the week. He is our good friend and tech talk guru. Craig Peterson. Good morning, sir.
Craig Peterson: [00:01:28] Hey, good morning, Jim. How are you?
Jim Polito: [00:01:31] I'm good. I'm good. I'm actually, I never thought the day would come and this will be the second topic, but I never thought the day would come that Craig Peterson and I would be talking about dating. We're going to talk about dating. We're going to talk about dating in the age of COVID, but before we get to that, you have some really big news you provided me with. Okay. So I understand the concept of a VPN. A VPN so that you can work securely from home or another remote location, and yet still have access to everything.
Every computer, every little bit of hardware you have in software and drives that you have to say your business now. Thank God Danny has this, uh, my former producer now. Program director, because Danny can, uh, if I need something VPN in from home and do it or fix it or whatever, uh, now you're saying that VPN, what? Isn't the. Gold standard anymore. What's going on?
Craig Peterson: [00:02:46] We have to remember where VPN came from in the first place. You know, it's been over 20 years ago, but I had three megabits worth of internet here at the house and it was costing me, 20 years ago, about $6,000 a month to have three megabits worth of internet. Yeah, exactly. So I had internet here at the house so I could work at home and that network was then routed through, of course, the phone company had all of those lines and that they went to the office and then the whole VPN concept came along. What we could do now is run a virtual network link.
So rather than paying the six grand a month, for me to be able to connect to the office or my house. I could now connect the two networks together, just over the internet. So my cost went from about 6,000 a month to about 150 to $200 a month back then. It was a huge win. Yeah. That's what they're designed for is for the networks to connect together. And that is the problem. If you connect your home network to the office network, you now have a huge problem because all of the attack surfaces, all of the computers in your home, that really cool internet coffee pot that you bought that is really a computer that happens to make coffee is now gained access to your network at the office. That's where the problem is.
This is the internet of things that you often talk to me about, right?
Yeah. It's the internet of things, plus if you've got teenage boys, where are they going online? Right. What are some of the worst, the worst places you can think of? And so now all of these computers that are infected can now spread laterally out there and, and that's just a huge problem.
So, yeah, VPN, as you said is no longer the gold standard. In fact, I've got to make a quick announcement here in just a second about their defense the national register just had an emergency update as of 5:00 PM yesterday, but this all ties in.
Because what we're moving towards now is what is called a zero-trust network.
It's a way different concept than most people are used to than businesses are using, But the idea is why should you connect your home network to the office network? Because that's dangerous as heck. Okay. A zero-trust network as any device that wants to speak to another specific device has to be approved to not only does that device have to be approved to talk to the other device, but the protocol it is using has to be approved.
So it has gotten very very different in this world today because of all the hacks going on and the zero-trust is what you're going to start seeing a right, left and center here over the next year or two. Moving away from just the concept of an open VPN.
Jim Polito: [00:06:05] Wow. We're talking with our good friend, Craig Peterson, tech talk guru, and all about all things technical.
Now. The VPN in terms of security as you were talking, I mean, it was the gold standard. Isn't this just a race every time we turn around. So this new system that you're talking about, won't it have a shelf life, won't it at some point be useless against the bad guys.
Craig Peterson: [00:06:38] You can have a great point.
It's always been a game of oneupmanship between the defenders and the attackers. That's why zero-trust comes into play. Yeah. There are going to be problems with the implementation. The biggest problem we see is stuff being misconfigured. Businesses are completely misconfiguring the VPNs. Heaven forbid they have to try and figure out zero-trust. That's where we're going to see the biggest problems is with misconfiguration. But the whole concept behind zero trust says basically, no, there is no one that's going to shift because everything has to be approved and what we're trying to do with this is stop the lateral movement.
So if your business gets infected with something, Nowadays, it ultimately ends up being ransomware much of the time, but it gets infected. The bad guys if they've got ransomware in your machine, don't do what they used to do a few years ago. What they do right now, Jim and these guys are smart. Right? What does that make money doing? The good stuff.
Jim Polito: [00:07:44] Yeah,
Craig Peterson: [00:07:44] But what they're doing is, they've got ahold of Jim Pollito's son's computer. Yeah. And so they don't immediately encrypt it. They don't immediately pop up a notice saying, Hey, you've got ransomware. Like they used to do.
What they're doing now is they spread laterally inside your network. So their software looks for files that have interesting names, it uploads them to the bad guys. So they can have a look at that. The bad guys might hop onto your computer now and poke around saying, Hey, wait a minute.
Your Jim Polito's son works for this health management company and it looks like they might have some assets. So now the bad guys are looking at your computer. I mean the bad guy's actual intelligence, not programming. So these people are looking at it saying, Oh, wait a minute. Here, we've got medical records, we've got all of this stuff and now they evaluate, okay.
So what do we think this is worth. We're into the town of Worcester's computer network. What should we do now? Well, let's infect some more machines because we're in now. So they start spreading to other desktops here. You know, Jim Polito's his son's girlfriend's computer, who also works there in the town.
Now they have visibility into everything, but they've also copied many of these files out of your network. So this might go on for weeks and businesses aren't even noticing this because they don't track any exfiltration of data. Most businesses. So they're pulling all of this data out and now what they do is they encrypt everything on your computers and they pop up a notice saying you have one of two choices.
You can either pay us X dollars. And if it's a town it's probably more along the lines of $10 million dollars
Jim Polito: [00:09:38] Yeah.
Craig Peterson: [00:09:38] You can either pay us that and we'll give you the decryption keys. By the way, they have a help desk now where you can contact the help desk and they'll help you out. Or what will happen is we'll just release all of the tax records of everybody in the town, or all of the medical records of everybody in your medical office or all of the records of all of your customers? Yeah, it's crazy.
Jim Polito: [00:10:01] Yeah.
Craig Peterson: [00:10:01] You know, I've been saying businesses aren't doing this, and this is where the federal register thing comes in. There was an emergency order. If you will, last night here.
On the defense acquisition regulation system from the department of defense. Finally, finally. They basically said all of you contractors out there, the DOD subcontractors, we know you've been lying to us about your compliance with these rules that have been out for two years and so we're giving you an emergency regulation right now.
You have 48 hours' notice. You have to actually secure your systems by December 1st. We now have people who can audit you, who have secret clearances or better. They're going to start that audit on December 1st.
Jim Polito: [00:10:54] Wow.
Craig Peterson: [00:10:54] So just we're talking about, um, you know, company X that make power supplies for DOD contractors, right? This is the power supply. There are no smarts in there. They now have to comply with these new, which are called CMMC rules that are out there. These are just the set of compliance stuff. And they said you have to do it now. Quit. pencil whipping the forms because we're going to be taking a close look.
Oh, and by the way, It's only federal prison time as much as 10 years and millions of dollars worth of fines. Okay. So finally, the feds are getting upset about all of this and, and you've asked me before, what are we going to do about it? How can we make happen? Well, let me tell ya when we get some CEOs going to prison, Jim.
Ears are going to get a little bigger. I think as people listen with these auditors coming in with their sharp pencils, having a good look at the security. So again, here I am on a soapbox. Sorry.
Jim Polito: [00:12:01] No, it's okay. It's okay. It was, it was a complete story. Yeah, it's gotta be done now quickly before we leave, on the lighter side, Zoom. Is the new singles bar. Is that what you're trying to tell me? Because, by the way, I know you have concerns is about Zoom and the security associated with Zoom for businesses to lose proprietary information over Zoom. But Zoom is new, Hey, what's your sign, you know, is the new singles bar.
Craig Peterson: [00:12:36] Yeah, I love this. If this is absolutely amazing here. People are getting married later in life, or not getting married at all. Our fertility rates have plummeted to 1.7. Now, this is going to make it even worse. But businesses and now roof dating groups, you know, we used to have the fast dating. You remember George doing that on Seinfeld? Like 30 seconds eight? Yup. It's. So now. Yeah, speed dating. So now all of this is happening on Zoom businesses or having happy hour. Some of them are sending out little bottles of wine and all of the employees do Zoom. You have to see each other getting drunk and it's spreading into dating more and more and more. It's a fascinating thing. Really changed South here, Jim.
Jim Polito: [00:13:33] Wow. Well, you know, I mean, come on. It's the age of COVID and, maybe that's more effective. You get a look at the person, you can hear them talk, you know, you don't have to give them your personal number. It's just a Zoom thing. If the man or woman is a loser, while you're all set, it's like, yo, I gotta go. I gotta go. I'm all set. I gotta, I ain't gotta go, you know, uh, That's a good thing that you and I aren't out there anymore.
That's a good thing. Yeah. Craig Peterson folks now, uh, Craig, I think I got a correction from Danny. It's 11 o'clock on Sundays. On WHYN, WTAG. That's what he's telling me now. Craig Peterson show. That's what he's telling me.
So we'll have to, we'll have to make sure about that, but in the meantime, how can folks more information from the tech talk guru?
Well, you can always go to my [email protected] But if you have specific questions, especially now, I can send you guys, if you drop me in a line the information here on the changes to the federal register.
If you make anything that is bought by any DOD, contractors, your business just changed at 5:00 PM last night. Just email me M E @craigpeterson.com. I'll send you some of these articles that are out there. The changes by the DOD. Just email me and with any question, I answered dozens a week, just
All right, Craig, we'll talk to you next week. Always a pleasure, always some great surprises.
Craig Peterson: [00:15:18] Thanks, Jim. Take care.
Jim Polito: [00:15:20] Bye-bye.
Craig Peterson: [00:15:21] Hey, I got to get busy right now because there are a lot of companies that need some help and I gotta make sure everybody knows, and I am finishing up right now our first little three- minute videos.
It's taking me a long time, first time around, right. It always does, but things will go a lot swifter here in the future.
We're planning on doing this every Tuesday and Thursday. So keep an eye on your emails for that.
Take care, everybody. Bye-bye.
---
More stories and tech updates at:
Don't miss an episode from Craig. Subscribe and give us a rating:
Follow me on Twitter for the latest in tech at:
For questions, call or text:
855-385-5553