loader from loading.io

Welcome! Why Hackers Like Outsourced MSPs plus more on Tech Talk with Craig Peterson on WGAN

Craig Peterson - America's Leading Security Coach

Release Date: 09/18/2020

AS HEARD ON: WGAN Mornings News with Matt Gagnon: Elections, Hacking, USB Safety show art AS HEARD ON: WGAN Mornings News with Matt Gagnon: Elections, Hacking, USB Safety

Craig Peterson - America's Leading Security Coach

Good morning everybody! I was on WGAN this morning with Matt Gagnon and started off this morning talking about Iran and the letters sent to some of US Voters. They were purported to be from the Proud Boys but were from Iran.  We also discussed a bit about Election Hacking and then got into, How safe are our USBs? Here we go with Matt. These and more tech tips, news, and updates just visit - CraigPeterson.com --- Automated Machine Generated Transcript: Craig Peterson: [00:00:00] Typically what's been happening is that the polling places go to the Secretary of State's website, enter in the...

info_outline
AS HEARD ON - The Jim Polito Show - WTAG 580 AM: Search Terms, Letters to Voters, Iran,  show art AS HEARD ON - The Jim Polito Show - WTAG 580 AM: Search Terms, Letters to Voters, Iran,

Craig Peterson - America's Leading Security Coach

Welcome! Good morning, everybody. I was on WTAG this morning with Jim Polito.  We got into a lengthy discussion about some letters purported to be to democrats from the proud boys. Then we talked about Hunter Biden and recycling phones. Here we go with Jim. For more tech tips, news, and updates visit - ---  Automated Machine Generated Transcript: Craig Peterson: [00:00:00] In the US, it says you will vote for Trump on election day, or we will come after you. No, this is really scary. It's reached voters and multiple States. Now, obviously, as I said, the Feds are involved. Hello...

info_outline
AS HEARD ON NH Today WGIR-AM 610: Iranian Email and Other threatening Letters, Ransomware in Louisiana  and The National Guard, Election Result Vulnerability  show art AS HEARD ON NH Today WGIR-AM 610: Iranian Email and Other threatening Letters, Ransomware in Louisiana and The National Guard, Election Result Vulnerability

Craig Peterson - America's Leading Security Coach

Welcome, Good Monday morning, everybody. Craig Peterson here. I was on with Scott Spradling on NH Today. We discussed the threatening Email and letters being received by voters and where they came from. We talked about Google search terms. Then we discussed why The National Guard has been called up in Lousiana to deal with Ransomware. We wrapped up today's discussion with election security in the light of revelations by the FBI and DHS about Nation-State Actors accessing our election systems through known vulnerabilities in the Secretary of State Websites. Here we go with Scott.  These...

info_outline
 Hunter Biden and Computer Repair Shops plus more on this Tech Talk with Craig Peterson Podcast show art Hunter Biden and Computer Repair Shops plus more on this Tech Talk with Craig Peterson Podcast

Craig Peterson - America's Leading Security Coach

Craig gets into some detail about why Hunter Biden's laptop that he took to a shop and never picked up is now in the hands of the FBI/DOJ and the things he did wrong when he took it in for service -- and no -- it has nothing to do with Russia. For more tech tips, news, and updates, visit - CraigPeterson.com --- --- Automated Machine-Generated Transcript: Craig Peterson: [00:00:00] Yeah, I'm sure you heard about Hunter Biden, and what happened with his computer when he took it in for repairs? How about your computer? We'll be getting into that right away, right off the top. And then...

info_outline
 Data Privacy and Computer Repair plus more on this Tech Talk with Craig Peterson Podcast show art Data Privacy and Computer Repair plus more on this Tech Talk with Craig Peterson Podcast

Craig Peterson - America's Leading Security Coach

Craig continues his explanation about computer repairs and what you can and must do to protect your data and privacy. Back up your data! Also, the proper way to destroy old disks. For more tech tips, news, and updates, visit - CraigPeterson.com --- --- Automated Machine-Generated Transcript: Craig Peterson: [00:00:00] Do you know, what's on your computer? Do you know what they do with it? At some of these repair shops that you take your computer when it gets slow and something breaks? When you're just trying to figure it out? What the heck is happening here, man? We've got an...

info_outline
Continuation of The Considerations Surrounding Privacy and Computer repair plus more on this Tech Talk with Craig Peterson Podcast show art Continuation of The Considerations Surrounding Privacy and Computer repair plus more on this Tech Talk with Craig Peterson Podcast

Craig Peterson - America's Leading Security Coach

Craig continues his explanation of what you need to do if you have to take your computer to a shop to be repaired. This segment covers encryption. For more tech tips, news, and updates, visit - CraigPeterson.com --- --- Automated Machine-Generated Transcript: Craig Peterson: [00:00:00] We're going to talk right now a little bit more about removing that personal data before you send it in for repair and a couple of other things that you need to know about your rights when it comes to repairs. Hey, you're listening to Craig Peterson. Thanks for joining us today. Next up is probably...

info_outline
DHS and FBI Warning about Election Hacking plus more on this Tech Talk with Craig Peterson Podcast show art DHS and FBI Warning about Election Hacking plus more on this Tech Talk with Craig Peterson Podcast

Craig Peterson - America's Leading Security Coach

Craig explains why DHS and the FBI are warning us about Election Hacking and why it individual State Website Security is the culprit. For more tech tips, news, and updates, visit - CraigPeterson.com --- --- Automated Machine-Generated Transcript: Craig Peterson: [00:00:00] We've talked about the potential here of hackers getting into our election systems and what are they going to be able to do?  No, I've never been really big on this, but now FBI and DHS, well they're both disagreeing with me. Hey everybody. Welcome back. You're listening to Craig Peterson. I've talked about...

info_outline
IRS and Data Aggregators plus more on this Tech Talk with Craig Peterson Podcast show art IRS and Data Aggregators plus more on this Tech Talk with Craig Peterson Podcast

Craig Peterson - America's Leading Security Coach

Craig discusses how the IRS gets around collecting data on US Citizens.  They buy the information from these private Data Aggregators like our friends at Equifax - who by the way collect tons of information on you without your permission (you have no say in what information they collect) and then sell it! For more tech tips, news, and updates, visit - CraigPeterson.com --- --- Automated Machine-Generated Transcript: Craig Peterson (2): [00:00:00] Coming up in this hour, we're going to talk about the IRS. Yes. Investigated for using location data without a warrant. We're going to...

info_outline
Data Aggregators and Biometric Databases plus more on this Tech Talk with Craig Peterson Podcast show art Data Aggregators and Biometric Databases plus more on this Tech Talk with Craig Peterson Podcast

Craig Peterson - America's Leading Security Coach

In this very busy segment, Craig addresses a number of tech issues that are in the news right now. First off BEC scams.  Business Email Compromises are also commonly known as Spear Phishing scams and target executives.  In the past, many came from outside the US but this has changed.  Next, he discusses what happened with Excel and the loss of some Covid data.  Then he explains why the IRS is looking at Cryptocurrency on people's tax returns. So let's get into it! For more tech tips, news, and updates, visit - CraigPeterson.com --- --- Automated Machine-Generated...

info_outline
Dangers of Biometric Databases and CLEAR's new focus plus more on this Tech Talk with Craig Peterson Podcast show art Dangers of Biometric Databases and CLEAR's new focus plus more on this Tech Talk with Craig Peterson Podcast

Craig Peterson - America's Leading Security Coach

Craig discusses CLEAR and why what they are doing now is NOT a good idea. These biometric databases can be hacked just like any other database.  The Danger is - there is no way to guarantee 100% security of your data and if it gets hacked -- You can't change your biometrics! For more tech tips, news, and updates, visit - CraigPeterson.com --- --- Automated Machine-Generated Transcript: Craig Peterson (2): [00:00:00] Hey, who has your biometric information? Is it really a problem? You've got your phone, you unlock with your face or your, maybe your fingerprint, your thumbprint....

info_outline
 
More Episodes

Welcome!

Craig explains why Hackers have found a new target that they love and why it might put you in jeopardy.

For more tech tips, news, and updates visit - CraigPeterson.com

---

Read More:

Managed IT Providers: The Cyber-Threat Actors' Gateway to SMBs

Think You're Spending Enough on Security?

DHS Braces For 'Potential EMP Attack' As Presidential Election Nears

US Sanctions Russian Attackers for 2020 Election Interference

Cyber-Risks Explode With Move to Telehealth Services

Why online voting is harder than online banking

Price gouging and defective products rampant on Amazon, reports find

Ransomware Has Gone Corporate—and Gotten More Cruel

---

Automated Machine-Generated Transcript:

Craig Peterson: [00:00:00] Welcome everybody. Hey, if you think that your IT being outsourced is going to somehow protect you from the bad guys. Unless they are a security service provider, I've got some news for you.

Hello everybody. Craig Peterson here. A welcome and glad you joined us here on news radio 98.5 And AM 560. I also want to remind everybody that you can find me online. You can listen to this as you are a hold of radio range, even just go ahead and. Ask your favorite platform, whether it's Google or Alexa to play, WGAN we'll give you some more or details a little bit later on in the show today, but let's start with our top story of the day today.

 That has to do with managed IT providers. Now, a lot of businesses are trying to do the whole information technology thing themselves. You've probably heard different ads. In fact, there's one group that advertises frequently here on WGAN, and this is kind of a big deal when you get right down to it. Are you better off taking care of your IT yourself? Or are you better off having someone else do it?

Then when you really dig into it, the bigger question I think is, does it make sense to just use a regular IT company to outsource everything? Or should you again have specialties? No, it's like you've got a department inside your business that might do the finance stuff. You've got another department that obviously handles IT. You got sales, you got marketing. They're all fine-tuned. It is very difficult to find a third party that's fine-tuned, if you will, to cover everything that you might need from an IT side.

Well, we have been finding out some very interesting numbers lately. There's a great article I have up on my website from DarkReading. That's talking about this.

Basically, most of these MSPs or managed IT providers managed services providers. Have become a major gateway for the bad guys to break into small and medium businesses. I mean major gateway.

We've seen this ourselves just as recently as last week. We've been working with some managed service providers now to provide them with managed service security services because it's impossible for them to do the best job.

I just saw a mailing I got today from a company called SonicWall. They make firewalls, which are just fine for businesses that aren't heavily regulated, but they do not meet the requirements for more heavily regulated businesses. SonicWall's out there sending out these mailings saying, We've got it all. All you need is us.

That also reminds me of a mailing I got from Microsoft and I saved it. I just could not believe this. This must have been 20 years ago now maybe a little longer, actually, when I think of it, we're saying, Hey, listen, security is a real problem, but if you have Windows XP and Microsoft office, rest assured that your security is virtually guaranteed. I shook my head at that, decades ago in this sort of stuff still happening today. So many companies are out there lying and misrepresenting.

Now. I get it, you guys, this is not your forte. It's not the forte, cybersecurity of most managed services providers. Frankly, I think the vast majority of these companies that are trying to help you out with the IT, just don't realize what they should be doing and what's required of you, right?

You go to them because they are the experts. They tell you what you need, right. Isn't that the reason to write the checks.  I've found the same thing being true inside a lot of companies where you have your own IT people and those IT people are trying to keep things straight.

And man, I've been working on this cybersecurity quiz thing. What are the main activators behind cybersecurity and where are you at? It's a self-evaluation thing that you can do as a business. Right now I've got the technical ones all done, and I'm working on one for the business owner C-level to understand where they're at and where they might need to go with it.

For years, cybersecurity has really been the area that big businesses, enterprises, what we used to call them here. And the enterprise was like a big business, a publicly-traded company. Nowadays we're adopting more of the European definition of enterprise, which is any business out there, but cybersecurity is been really the area that large businesses don't have to worry about.

What the bad guys have found that small and midsize businesses have also been the target of attacks, but historically those attacks have been the broad-based phishing attacks, or they're trying to run a worm around the internet. It's just a target of opportunity. From small business and medium business standpoint, the number of times they might be hacked or the damages caused were probably reasonable, you could get insurance for it.

But that has all changed now. The insurance companies and we've talked about a couple of these on the show before, are not paying out the policies. If you have a cyber insurance rider, for instance, as a regular end user,  just a home user, many home policies now come with a cyber insurance rider. So if your identity is stolen, they will help you to recover the damage that was done, right. You can never really recover identity. You're not going to get it. Back. It's not gonna all of a sudden become safe, but they all help you with the damage. So anything that was bought in your name it'll,  they'll back it out, any bad credit report backs them out. The same thing was available for the small, medium, and, even the large business markets where you pay a rider, and then if you do get attacked then okay, the insurance will pay for it.

When you look at the numbers, I think you might come to a different realization. Where right now about a year, a quarter of all businesses are hacked per year. There is some security event that occurs in about a quarter of all, all businesses. That's a lot. What was the fee for your premium as a small business? Was that fee just an add on, an extra 25 bucks a year, a quarter a month, whatever is, I, I know biggie. Well, what's happened is the insurance companies have realized that they can put requirements on you. That's one of the things we do. We have special scanning software that allows us to scan a network and look for standard insurance requirements. You know, the stuff the insurance companies usually want. No, we're not the only ones, I'm not the lone ranger out here.

There are other companies that have these tools. There are some free checklists you can find online. I would encourage you to use them. Nowadays, if your information is stolen, if you are hacked, they're going to go through that list and say, did you comply with this? Did you comply with that? Did you comply with the other thing? If not, they're going to fight you.

That's true for the mega-breaches like Equifax has been fighting their insurance company in the courts. We've seen everything all the way down to little companies that are fighting it in the courts. Then on top of it, not only is a cyber insurance stuff, a threat, and a problem. It goes to the next level. And the next level, when it comes to all of this is. Is your business going to survive?

You got hacked and you have to fight with the insurance company.  If the regulators find out, if your business is regulated, which nowadays is pretty much every business out there, what is it 300 million? Oh, it, you won't get into that right now. All of the people here in the US plus the businesses and all of the hundreds of thousands of regulations anyways.

What's going to happen when the regulators find out you were hacked? That's when the real problems come up. The regulators are going to come in and there is a checklist, whether it's a NIST checklist, the CMMC, the HIPAA/HITECH, whatever it is, you are going to be held responsible.

So. What are the bad guys found? It's kind of like going back to the Willie Sutton misquote, right? Which is why did he Rob banks all that's where the money was. Turns out that isn't a legitimate quote, but you know, that's okay. He, he robbed the banks or bank robbers, Rob banks, because they keep cash there. They keep gold. They keep silver, back in the day. So they'd go in and Rob them.

Well, where are all of the keys to the kingdom when it comes to your computers? Well, they live in the IT department. Don't they, IT can get on, can give you access to stuff. They can take away access from staff, right? That's what it does. And they can be pissed off and leave your employ. If they leave your employment, what happens? Do you have automated systems that remove access for the IT people?

Cybercriminals have now figured out that these low-end small businesses that are out there calling themselves managed services providers, managed IT providers are a great way.  If they break into one of those, we've seen major security holes for the tools almost all of these companies are using. If they break into one, those, they now have the keys to the kingdom for 50-100 companies out there. So be very, very, very careful.

Cybercriminals understand the average managed services provider cannot keep your data safe internally inside their own networks or in yours. So just like that Pandora's box is open.

Hey, you're listening to Craig Peterson. If you're going to hop in the car, the truck, and drive, hopefully, you've got Siri with you, maybe Google, maybe Alexa can listen to us there.

Just say, Hey, Alexa, play WGAN stick around. Cause we'll be right back.

You're listening to Craig Peterson.

---

More stories and tech updates at:

www.craigpeterson.com

Don't miss an episode from Craig. Subscribe and give us a rating:

www.craigpeterson.com/itunes

Follow me on Twitter for the latest in tech at:

www.twitter.com/craigpeterson

For questions, call or text:

855-385-5553