loader from loading.io

AS HEARD ON - The Jim Polito Show - WTAG 580 AM: VPN's are a Problem for businesses, Federal Register Changes for DOD Contractors and Love in the age of Zoom

Craig Peterson - Secure Your Business, Your Privacy, and Save Your Sanity

Release Date: 09/29/2020

Crack the Code: Mastering Windows Security and Digital Clean-Up Tactics show art Crack the Code: Mastering Windows Security and Digital Clean-Up Tactics

Craig Peterson - Secure Your Business, Your Privacy, and Save Your Sanity

In the fast-paced world of technology, your Windows device needs the ultimate defense against cyber threats. I've revamped the guide, diving deep into the realms of anti-virus protection, cybersecurity, and online privacy. Here's your roadmap to a digitally clean and secure future: Windows Defender vs. Norton vs. Malwarebytes: Uncover the strengths and limitations of each superhero in the battle against cyber villains. The War Against Malware: Arm yourself with knowledge on the latest malware trends and the tools to combat them effectively. Guarding Your Cyber Fortress: Explore...

info_outline
Boost Online Privacy: A Cyber Spring Clean show art Boost Online Privacy: A Cyber Spring Clean

Craig Peterson - Secure Your Business, Your Privacy, and Save Your Sanity

Is your digital realm resembling a messy attic? Files overflowing like forgotten knick-knacks, an inbox resembling a confetti blizzard, and social media feeds choked with digital dust bunnies? Fear not, fellow data denizens, for spring cleaning season has arrived – and this year, we're reclaiming our online peace of mind! But unlike dusting cobwebs and decluttering drawers, taming our digital wilderness requires a different arsenal. Forget brooms and vacuum cleaners – we're talking AI-powered assistants, data-detective hounds, and even a digital shredder for those long-dormant devices...

info_outline
Beyond Delete: The Ultimate Guide to Shredding Sensitive Digital Trails show art Beyond Delete: The Ultimate Guide to Shredding Sensitive Digital Trails

Craig Peterson - Secure Your Business, Your Privacy, and Save Your Sanity

Hey there cyber enthusiasts! Ever wondered how to transform your digital space into a fortress of security? Well, buckle up, because we've crafted the ultimate guide to help you declutter, fortify, and defend your digital realm. Our mission: to make cybersecurity engaging and effective, without drowning you in techno-jargon. Check out these key points we've covered: Wi-Fi Wonders: Unveiling the mysteries of Wi-Fi security to ensure your online activities remain secure from prying eyes. Password Power: Dive into the world of password protection, unlocking the secrets to crafting...

info_outline
Securing Your Digital Realm: The Ultimate Cybersecurity First-Aid Kit Unveiled! show art Securing Your Digital Realm: The Ultimate Cybersecurity First-Aid Kit Unveiled!

Craig Peterson - Secure Your Business, Your Privacy, and Save Your Sanity

In the vast landscape of the digital world, safeguarding your online presence is paramount. Welcome to another episode of TechTalk with Craig Peterson, where today, we unravel the secrets to fortifying your digital realm with "The Ultimate Cybersecurity First-Aid Kit." Decrypting Wi-Fi Woes Our journey begins with the cornerstone of your digital fortress: Wi-Fi encryption. No secret stays safe forever, and that includes your Wi-Fi password. We delve into the importance of encrypting your Wi-Fi, ensuring that your digital stronghold remains impenetrable. Password Party Extravaganza "abc123"...

info_outline
The Mobile Malware Menace: Protecting Against Evolving Threats show art The Mobile Malware Menace: Protecting Against Evolving Threats

Craig Peterson - Secure Your Business, Your Privacy, and Save Your Sanity

In today's fast-paced digital age, staying ahead of the curve is not just an advantage; it's a necessity. From the electrifying world of electric vehicles to the intricate web of mobile security, and the visionary influence of Elon Musk, there's a lot to unpack. Join us on this insightful journey as we explore key topics that are shaping the future of technology. 1. Electric Vehicles (EVs): Paving the Way for a Green Future The surge in popularity of electric vehicles is undeniable. We delve into the latest advancements, innovations, and the environmental impact of EVs, providing you with a...

info_outline
Scan Smart, Stay Safe: Mastering the Art of QR Code Defense show art Scan Smart, Stay Safe: Mastering the Art of QR Code Defense

Craig Peterson - Secure Your Business, Your Privacy, and Save Your Sanity

In a world dominated by QR codes, the risk of falling prey to digital tricksters is on the rise. Fear not, fellow entrepreneurs, for we've decoded the secrets to outsmarting these cyber hosers and keeping your digital fortress secure! QR Code Unveiled: Understanding the Basics Let's kick things off with a deep dive into the world of QR codes. Learn what makes them tick and how scammers exploit these seemingly innocent codes to compromise your cybersecurity. The Rise of AI and Its Role in QR Code Shenanigans Artificial Intelligence (AI) has ushered in a new era, and unfortunately,...

info_outline
Digital Media Ownership Debunked: The Tactical Octopus Unveiled show art Digital Media Ownership Debunked: The Tactical Octopus Unveiled

Craig Peterson - Secure Your Business, Your Privacy, and Save Your Sanity

In the ever-evolving landscape of digital media, the illusion of ownership can be shattered with a single tactical move. Recently, the PlayStation community experienced a rude awakening when paid content was abruptly removed - and no refunds were given. This underscores a widespread issue: do you own the digital shows and movies you 'bought'? Topics Explored in the Article: Tactical Octopus Unveiled: Delve into the intricate tactics used in the digital realm that challenge the perception of ownership. IRS Alert: Explore the unexpected connection between the IRS and your digital...

info_outline
Digital Armor: Safeguarding Your Online Presence with Chrome, Firefox, and Safari show art Digital Armor: Safeguarding Your Online Presence with Chrome, Firefox, and Safari

Craig Peterson - Secure Your Business, Your Privacy, and Save Your Sanity

Securing your online activities in today’s digital world is a top priority, and the trio of web browsers—Google Chrome, Firefox, and Safari—stand as formidable guardians against cyber threats. Let's embark on a journey into the intricacies of these browsers' advanced protection features to fortify your online experience. Chrome's Shielding Arsenal Google Chrome takes the lead with robust security measures. From safeguarding against phishing attempts to fortifying defenses against ransomware attacks, Chrome stands tall as a digital fortress. Explore its advanced protection features to...

info_outline
Unmasking Gift Card Scams: A Growing Online Threat Exposed! show art Unmasking Gift Card Scams: A Growing Online Threat Exposed!

Craig Peterson - Secure Your Business, Your Privacy, and Save Your Sanity

Unmasking Gift Card Scams: A Growing Online Threat Exposed! Gift card scams are prowling the digital landscape, targeting unsuspecting online shoppers like never before. In this article, we'll dive deep into the murky waters of online scams involving gift cards, Amazon, credit cards, and more. Buckle up, because the world of online shopping is not as secure as it seems. Signs You're Being Scammed These online tricksters have mastered the art of deception: Too-good-to-be-true offers Urgent demands for payment via gift cards Threatening legal action if you don't pay up - yikes! (It isn’t the...

info_outline
Click Like a Pro: Insider Tips for Safe Online Shopping show art Click Like a Pro: Insider Tips for Safe Online Shopping

Craig Peterson - Secure Your Business, Your Privacy, and Save Your Sanity

Hey savvy shoppers, gather 'round for a tale as vital as your grandma's pie recipe! Ever felt the sting of an online shopping scam? Fear not, I've got the lowdown on dodging those traps. Let's kick things off with a cautionary yarn and dive into the nitty-gritty. Spotting a Phony Website: Detective hat on! Check URLs for weird symbols and misspellings. A padlock symbol next to the URL is a good sign. Evaluating Sellers on eBay and Etsy: eBay and Etsy, our online treasure troves! Check seller ratings, reviews, and authentic photos. Don't fall for smoke and mirrors. Buying Big Ticket Items:...

info_outline
 
More Episodes

Welcome!

Good morning, everybody. I was on WTAG this morning with Jim Polito.  He had a few questions about VPNs, seems like it is a little confusing for people to understand that they were designed for something completely different than what people are using them for today and that is where the problems are coming from. Then I broke some big news about the Federal Register changes and DOD contractors and sub-contractors that went into effect last night at 5 pm. Then we got a little light-hearted with a brief discussion about Love and Zoom. Here we go with Jim.

For more tech tips, news, and updates visit - CraigPeterson.com

--- 

Automated Machine Generated Transcript:

Craig Peterson: [00:00:00] We're giving you an emergency regulation, right now you have 48 hours notice and you have to actually secure your systems by December 1st. We now have people who can audit you, who have secret clearances or better and they're going to start that audit December 1st.

Hey, good morning everybody. Craig Peterson here. Mr. Jim Polito was in his studio for the first time in many months. He sounds much better there in the studio. We got into VPNs. What is the problem? What is this whole thing called zero-trust, and how's that going to be affecting us here in days, weeks, months ahead. Also huge, huge, huge, huge announcement. Federal register. If you do anything for anybody that does anything for the Department of Defense, including mowing their lawns. A big change in the federal register. You are now in serious trouble. If you don't meet these guidelines, that has been published for a couple of years. This NIST 800-171, but anyhow, I mentioned that is Whoa!

So here we go with Mr. Polito

Jim Polito: [00:01:16] A great Tuesday segment, it would be a great segment any day of the week. He is our good friend and tech talk guru. Craig Peterson. Good morning, sir.

Craig Peterson: [00:01:28] Hey, good morning, Jim. How are you?

Jim Polito: [00:01:31] I'm good. I'm good. I'm actually, I never thought the day would come and this will be the second topic, but I never thought the day would come that Craig Peterson and I would be talking about dating. We're going to talk about dating. We're going to talk about dating in the age of COVID, but before we get to that, you have some really big news you provided me with. Okay. So I understand the concept of a VPN. A VPN so that you can work securely from home or another remote location, and yet still have access to everything.

Every computer, every little bit of hardware you have in software and drives that you have to say your business now. Thank God Danny has this, uh, my former producer now. Program director, because Danny can, uh, if I need something VPN in from home and do it or fix it or whatever, uh, now you're saying that VPN, what? Isn't the. Gold standard anymore. What's going on?

Craig Peterson: [00:02:46] We have to remember where VPN came from in the first place. You know, it's been over 20 years ago, but I had three megabits worth of internet here at the house and it was costing me, 20 years ago, about $6,000 a month to have three megabits worth of internet. Yeah, exactly. So I had internet here at the house so I could work at home and that network was then routed through, of course, the phone company had all of those lines and that they went to the office and then the whole VPN concept came along. What we could do now is run a virtual network link.

So rather than paying the six grand a month, for me to be able to connect to the office or my house. I could now connect the two networks together, just over the internet. So my cost went from about 6,000 a month to about 150 to $200 a month back then. It was a huge win. Yeah. That's what they're designed for is for the networks to connect together. And that is the problem. If you connect your home network to the office network, you now have a huge problem because all of the attack surfaces, all of the computers in your home, that really cool internet coffee pot that you bought that is really a computer that happens to make coffee is now gained access to your network at the office. That's where the problem is.

This is the internet of things that you often talk to me about, right?

Yeah. It's the internet of things, plus if you've got teenage boys, where are they going online? Right. What are some of the worst, the worst places you can think of? And so now all of these computers that are infected can now spread laterally out there and, and that's just a huge problem.

So, yeah, VPN, as you said is no longer the gold standard. In fact, I've got to make a quick announcement here in just a second about their defense the national register just had an emergency update as of 5:00 PM yesterday, but this all ties in.

Because what we're moving towards now is what is called a zero-trust network.

It's a way different concept than most people are used to than businesses are using, But the idea is why should you connect your home network to the office network? Because that's dangerous as heck. Okay. A zero-trust network as any device that wants to speak to another specific device has to be approved to not only does that device have to be approved to talk to the other device, but the protocol it is using has to be approved.

So it has gotten very very different in this world today because of all the hacks going on and the zero-trust is what you're going to start seeing a right, left and center here over the next year or two. Moving away from just the concept of an open VPN.

Jim Polito: [00:06:05] Wow. We're talking with our good friend, Craig Peterson, tech talk guru, and all about all things technical.

Now. The VPN in terms of security as you were talking, I mean, it was the gold standard. Isn't this just a race every time we turn around. So this new system that you're talking about, won't it have a shelf life, won't it at some point be useless against the bad guys.

Craig Peterson: [00:06:38] You can have a great point.

It's always been a game of oneupmanship between the defenders and the attackers. That's why zero-trust comes into play. Yeah. There are going to be problems with the implementation. The biggest problem we see is stuff being misconfigured. Businesses are completely misconfiguring the VPNs. Heaven forbid they have to try and figure out zero-trust. That's where we're going to see the biggest problems is with misconfiguration. But the whole concept behind zero trust says basically, no, there is no one that's going to shift because everything has to be approved and what we're trying to do with this is stop the lateral movement.

So if your business gets infected with something, Nowadays, it ultimately ends up being ransomware much of the time, but it gets infected. The bad guys if they've got ransomware in your machine, don't do what they used to do a few years ago. What they do right now, Jim and these guys are smart. Right? What does that make money doing? The good stuff.

Jim Polito: [00:07:44] Yeah,

Craig Peterson: [00:07:44] But what they're doing is, they've got ahold of Jim Pollito's son's computer. Yeah. And so they don't immediately encrypt it. They don't immediately pop up a notice saying, Hey, you've got ransomware. Like they used to do.

 What they're doing now is they spread laterally inside your network. So their software looks for files that have interesting names, it uploads them to the bad guys. So they can have a look at that. The bad guys might hop onto your computer now and poke around saying, Hey, wait a minute.

Your Jim Polito's son works for this health management company and it looks like they might have some assets. So now the bad guys are looking at your computer. I mean the bad guy's actual intelligence, not programming. So these people are looking at it saying, Oh, wait a minute. Here, we've got medical records, we've got all of this stuff and now they evaluate, okay.

So what do we think this is worth. We're into the town of Worcester's computer network. What should we do now? Well, let's infect some more machines because we're in now. So they start spreading to other desktops here. You know, Jim Polito's his son's girlfriend's computer, who also works there in the town.

Now they have visibility into everything, but they've also copied many of these files out of your network. So this might go on for weeks and businesses aren't even noticing this because they don't track any exfiltration of data. Most businesses. So they're pulling all of this data out and now what they do is they encrypt everything on your computers and they pop up a notice saying you have one of two choices.

You can either pay us X dollars. And if it's a town it's probably more along the lines of  $10 million dollars

Jim Polito: [00:09:38] Yeah.

Craig Peterson: [00:09:38] You can either pay us that and we'll give you the decryption keys. By the way, they have a help desk now where you can contact the help desk and they'll help you out. Or what will happen is we'll just release all of the tax records of everybody in the town, or all of the medical records of everybody in your medical office or all of the records of all of your customers? Yeah, it's crazy.

Jim Polito: [00:10:01] Yeah.

Craig Peterson: [00:10:01] You know, I've been saying businesses aren't doing this, and this is where the federal register thing comes in. There was an emergency order. If you will, last night here.

On the defense acquisition regulation system from the department of defense. Finally, finally. They basically said all of you contractors out there, the DOD subcontractors, we know you've been lying to us about your compliance with these rules that have been out for two years and so we're giving you an emergency regulation right now.

You have 48 hours' notice. You have to actually secure your systems by December 1st. We now have people who can audit you, who have secret clearances or better. They're going to start that audit on December 1st.

Jim Polito: [00:10:54] Wow.

Craig Peterson: [00:10:54] So just we're talking about, um, you know, company X that make power supplies for DOD contractors, right? This is the power supply. There are no smarts in there. They now have to comply with these new, which are called CMMC rules that are out there. These are just the set of compliance stuff. And they said you have to do it now. Quit. pencil whipping the forms because we're going to be taking a close look.

Oh, and by the way, It's only federal prison time as much as 10 years and millions of dollars worth of fines. Okay. So finally, the feds are getting upset about all of this and, and you've asked me before, what are we going to do about it? How can we make happen? Well, let me tell ya when we get some CEOs going to prison, Jim.

Ears are going to get a little bigger. I think as people listen with these auditors coming in with their sharp pencils, having a good look at the security. So again, here I am on a soapbox. Sorry.

Jim Polito: [00:12:01] No, it's okay. It's okay. It was, it was a complete story. Yeah, it's gotta be done now quickly before we leave, on the lighter side, Zoom. Is the new singles bar. Is that what you're trying to tell me? Because, by the way, I know you have concerns is about Zoom and the security associated with Zoom for businesses to lose proprietary information over Zoom. But Zoom is new, Hey, what's your sign, you know, is the new singles bar.

Craig Peterson: [00:12:36] Yeah, I love this. If this is absolutely amazing here. People are getting married later in life, or not getting married at all. Our fertility rates have plummeted to 1.7. Now, this is going to make it even worse. But businesses and now roof dating groups, you know, we used to have the fast dating. You remember George doing that on Seinfeld? Like 30 seconds eight? Yup. It's. So now. Yeah, speed dating. So now all of this is happening on Zoom businesses or having happy hour. Some of them are sending out little bottles of wine and all of the employees do Zoom. You have to see each other getting drunk and it's spreading into dating more and more and more. It's a fascinating thing. Really changed South here, Jim.

Jim Polito: [00:13:33] Wow. Well, you know, I mean, come on. It's the age of COVID and, maybe that's more effective. You get a look at the person, you can hear them talk, you know, you don't have to give them your personal number. It's just a Zoom thing. If the man or woman is a loser, while you're all set, it's like, yo, I gotta go. I gotta go. I'm all set. I gotta, I ain't gotta go, you know, uh, That's a good thing that you and I aren't out there anymore.

That's a good thing. Yeah. Craig Peterson folks now, uh, Craig, I think I got a correction from Danny. It's 11 o'clock on Sundays. On WHYN, WTAG. That's what he's telling me now. Craig Peterson show. That's what he's telling me.

So we'll have to, we'll have to make sure about that, but in the meantime, how can folks more information from the tech talk guru?

Well, you can always go to my [email protected]. But if you have specific questions, especially now, I can send you guys, if you drop me in a line the information here on the changes to the federal register.

If you make anything that is bought by any DOD, contractors, your business just changed at 5:00 PM last night. Just email me M E @craigpeterson.com. I'll send you some of these articles that are out there. The changes by the DOD. Just email me and with any question, I answered dozens a week, just

[email protected].

All right, Craig, we'll talk to you next week. Always a pleasure, always some great surprises.

Craig Peterson: [00:15:18] Thanks, Jim. Take care.

Jim Polito: [00:15:20] Bye-bye.

Craig Peterson: [00:15:21] Hey, I got to get busy right now because there are a lot of companies that need some help and I gotta make sure everybody knows, and I am finishing up right now our first little three- minute videos.

It's taking me a long time, first time around, right. It always does, but things will go a lot swifter here in the future.

We're planning on doing this every Tuesday and Thursday. So keep an eye on your emails for that.

Take care, everybody. Bye-bye.

--- 

More stories and tech updates at:

www.craigpeterson.com

Don't miss an episode from Craig. Subscribe and give us a rating:

www.craigpeterson.com/itunes

Follow me on Twitter for the latest in tech at:

www.twitter.com/craigpeterson

For questions, call or text:

855-385-5553