Inspiring Innovation

Standard

This week, I had the pleasure of attending the latest CompTIA Board of Directors meeting.  We were in New York City for this meeting and as a result, had the opportunity to tour the SAP Leonardo Center in the beautiful new Hudson Yards development.

SAP has four Lenoardo Centers located in Bangalore, India, New York City, Paris, France and Sao Leopolo, Brazil.  These are inspiring places.

Our tour took place on the 48th floor of the New York center and we learned from our hosts, about how SAP is driving innovation and encouraging start-ups in an open, collaborative environment.  In some cases, SAP’s venture fund may invest in some of these businesses.  In others, SAP customers may simply leverage the resources at the innovation center to help accelerate their growth.  Our hosts were Marvin, orginally from Germany and Charlotte, a native of Denmark.

You may click on each image above for a caption.  Being on the 48th floor, the innovation center has amazing views, but more importantly, a strong message.  The center stives to support the 17 United Nations Sustainable Development Goals (SDGs) to transform our world.  These goals are:

  1. No Poverty.
  2. Zero Hunger.
  3. Good Health and Well-being.
  4. Quality Education.IMG_2347
  5. Gender Equality.
  6. Clean Water and Sanitation.
  7. Afforable and Clean Energy.
  8. Decent Work and Economic Growth.
  9.  Industry, Innovation and Infrastructure.
  10. Reduced Inequalities.
  11. Sustainable Cities and Communities.
  12. Responsible Production and Consumption.
  13. Climate Action.
  14. Life Below Water.
  15. Life on Land.
  16. Peace, Justice and Strong Institutions
  17. Partnerships for the Goals.

E_SDG_logo_with_UN_Emblem_horizontal_rgb-e1531342065592

As our tour continued, we learned about projects to provide real-time data to allow airports to operate more efficiently.  Imagine security officers being able to be deployed to open more screening lanes based on a heat map of the security checkpoint.  Or how about an aircraft being redirected to a gate that has more of the needed ground services close by, instead of having to wait for vehicles to travel across the ramp.  All making the operations more efficient and the traveling experience more timely and less stressful.

We saw all sorts of examples of virtual reality and other technologies enabling wonderful innovation to improve our world.  Of course, I loved the ice hockey virtual reality example above in the lower right :).

IMG_2376.JPG

Above is a picture of most of the CompTIA Board Members and Staff, who were able to tour the Innovation Center, thanks to our fellow-Board member John Scola of SAP, 3rd in from the left.

And finally, some of the incredible views from the 52nd floor terrace.

Time Running Out on Old Versions of Windows

Standard

The following was published in the April 14, 2019 editions of Foster’s and Seacoast Sunday.

Do you run Windows 7 on your computer at the office or at home? Do your servers run Windows Server 2008? If the answer to either question is yes, you’ve got less than nine months to replace these operating systems.

Win7-Win10

Why? Because Microsoft is ending support for both Windows 7 and Windows Server 2008 on January 14, 2020, nine months from today. That is not a lot of time, not at all. Windows 7 has been the most widely installed version of the Windows operating system on desktop and laptop computers. Depending on which estimates you believe, Windows 7 is still thought to be running on approximately half of the PCs in use worldwide. This is a staggering number.

Depending on the generation of your computer, you may or may not be able to update a Windows 7 computer to Windows 10, Microsoft’s latest version of the Windows operating system. If your computer is less than five years old, you may be able to upgrade it and still have it perform well, though many computers will simply need to be replaced. As people keep their computers longer, upgrading to the latest operating system may not provide acceptable performance due to increased resource requirements and capabilities that older hardware may not be able to support.

While nine months may seem like plenty of time to get a Windows 7 computer upgraded, especially for businesses that may have several, in not dozens or hundreds of computers to upgrade, time is absolutely of the essence. We have already experienced significant shortages in critical computer components through the first quarter of 2019. Intel CPUs were severely constrained since late last year, and this pushed out delivery dates for every major computer manufacturer to the point where back orders stretched well over a month. This situation may only worsen and organizations put stress on the supply and demand cycle for computer manufacturers.

Many sources are predicting significant shortages of available computers by the third quarter of the year, based on present trends. It would not at all surprise me to see a rush on PC demand come the summer months, when many companies look to undertake significant disruptive projects during the traditional summer vacation season. Certainly, replacing large fleets of computers across departments and entire companies may be easier to manage when more people than usual are on vacation. I am concerned those individuals and organizations that wait until summer to start planning these replacements may not be able to complete them before the end of support.

When support ends, no updates will be released for these operating systems and you can be assured that hackers will be waiting in the wings to exploit unprotected systems. You do not want to be caught in that coming wave. In fact, many cyber insurance policies require that you maintain currently supported hardware and software in order for the coverage to protect you in the event of a cyber related incident. The risks of inaction are significant.

The situation for Windows Server 2008, the operating system running many servers still today is no less of a concern. Servers are naturally more complex to replace than an individual PC. Servers are the foundation of IT infrastructures and support the applications, databases and services that we all rely on every single day. Together, the end of support of each of these versions represents a growing threat and trend that we all need to be aware of. As technology advances, companies like Microsoft and others simply cannot maintain the level of support necessary to keep them all supported indefinitely. The threat landscape is simply too fluid to devote the significant resources to keep all of these versions supported.

If you have yet to focus on this, I urge you to make this your number one IT priority this year. Talk with your IT department or IT partner and be sure you have a plan to act now, not later. You will need every bit of time between now and the end of the year to plan, budget, procure and implement. As the saying goes, time is a wasting. Make yourself a note to start your plan tomorrow morning, if you have not already.

VPN Vulnerability

Standard

InsecureVPNDo you use a VPN to connect to your office network?  If you do, you should be aware of a vulnerability alert issued by CERT (Computer Emergency Response Team) yesterday.  Many major VPN’s require an update to ensure safety.

I have pasted the CERT announcement below:

Multiple VPN applications insecurely store session cookies

Vulnerability Note VU#192371

Original Release Date: 2019-04-11 | Last Revised: 2019-04-11


Overview

Multiple Virtual Private Network (VPN) applications store the authentication and/or session cookies insecurely in memory and/or log files.

Description

Virtual Private Networks (VPNs) are used to create a secure connection with another network over the internet. Multiple VPN applications store the authentication and/or session cookies insecurely in memory and/or log files.

CWE-311: Missing Encryption of Sensitive Data
The following products and versions store the cookie insecurely in log files:
– Palo Alto Networks GlobalProtect Agent 4.1.0 for Windows and GlobalProtect Agent 4.1.10 and earlier for macOS0 (CVE-2019-1573)
– Pulse Secure Connect Secure prior to 8.1R14, 8.2, 8.3R6, and 9.0R2

The following products and versions store the cookie insecurely in memory:
– Palo Alto Networks GlobalProtect Agent 4.1.0 for Windows and GlobalProtect Agent 4.1.10 and earlier for macOS0 (CVE-2019-1573)
– Pulse Secure Connect Secure prior to 8.1R14, 8.2, 8.3R6, and 9.0R2
– Cisco AnyConnect 4.7.x and prior

It is likely that this configuration is generic to additional VPN applications. If you believe that your organization is vulnerable, please contact CERT/CC at cert@cert.org with the affected products, version numbers, patch information, and self-assigned CVE.

Impact

If an attacker has persistent access to a VPN user’s endpoint or exfiltrates the cookie using other methods, they can replay the session and bypass other authentication methods. An attacker would then have access to the same applications that the user does through their VPN session.

Solution

Apply an update
Palo Alto Networks GlobalProtect version 4.1.1 patches this vulnerability.

CERT/CC is unaware of any patches at the time of publishing for Cisco AnyConnect and Pulse Secure Connect Secure.

Nasty Tax Phishing Scam

Standard

It’s that time of year again, tax time.  This is also a time for increased hacker activity, trying to trick you in to clicking links and opening attachments related to your taxes.  The activities are designed to get you to enter your credentials to what may look like a real web site, but is really one that is only designed to steal you username and password to access your real data.  Another activity is to get you to open something that will silently install malware on your computer, which is designed to quietly watch all that you do in the hopes of stealing valuable information.

I want to share a very nasty example of one such risk.  This is a classic phishing email, trying to trick me into clicking on a link that looks very legitimate.  In the image below, I have redacted any sensitive or identifying information to protect myself and my accounting firm.  They have already taken necessary steps to insure their systems are safe in the wake of this.  It points out the very serious risk that accounting firms are facing.  The nasty thing about this message is that it includes actual email messages exchanged last September, 7 months ago!  This gives the message an aire of authenticity, when it is anything but.  Check it out below and be extra vigilant and check every sender address, link and attachment before you take any action…

Accounting Phish

 

Time For A Fireside Chat On Cybersecurity

Standard

This was originally published in the March 31st editions of Foster’s and Seacoast Sunday.

This past Thursday, Onepath held a Cybersecurity Fireside Chat at the Harvard Club in downtown Boston. We were honored to bring Brian Shield, vice president for information technology for the Boston Red Sox and Eric Rosenbach, co-director of the Harvard Kennedy School’s Belfer Center for Science and Internal Affairs and former assistant secretary of defense for global security together for this intimate and informative chat.

I have participated in many events like this over my career and for those in attendance, they were witness to one of the absolute best cybersecurity talks I have ever witnessed. Despite their impressive credentials and experience, Brian and Eric were incredibly gracious, humble, down to earth and relatable. They shared their experiences throughout their careers in dealing with the evolving cybersecurity threat landscape and shared many actionable tips to help others improve.

Eric shared the three things that most concern him when it comes to the current cybersecurity threat landscape. First is ransomware, a malicious software you can be tricked into launching on your computer that will encrypt all the data that computer can access. This renders the data inaccessible. When anyone tries to access the data, they are presented with a ransom note they must pay to regain access to the data. Eric shared that one of his great disappointments with our nation is that ransomware came to be because of leaks from the NSA and Department of Defense of offensive cyber weapons that fell into the hands of bad actors and adversarial nation states. He expects ransomware to continue to evolve.

Second, he shared his belief that nation states will continue to be the lead bad actors. Cyber is an asymmetrical weapon that can level the playing field for adversarial nations that cannot compete with the West militarily. As an example, he shared that countries like North Korea use ransomware to raise funds to get around sanctions and as we now know, the Russian government launched info ops to seed dissent to create doubts about our democracy. He expects such info ops to continue and evolve. Third, Eric feels artificial intelligence will help defensively, but could also be used to increase the effectiveness of AI based info ops.

Brian talked about the importance of intellectual property within organizations like a Major League Baseball organization. From the medical information about their players to the extensive database of prospective players, these are some of the most important assets of the organization and protecting them is a priority. A compromised account of a former MLB team employee spurred the MLB to act and create a cybersecurity program for all MLB teams.

cyber_shield_knowledge1Cybersecurity requires a holistic approach. It’s not just about deploying defensive technologies. Education and a culture of awareness and prevention are critical to an organization’s success in keeping itself safe. You can deploy all the technology available and still be a victim due to an uneducated user making a poor choice.

Incident response plans are critical. The last thing you want to do is create a plan while responding to a cybersecurity incident. Brian and Eric recommended doing a table-top exercise to test your plan before you need it. This will help identify gaps, whether it is how to restore access to critical IT systems or how to inform your employees, customers and the public should you have an incident.

Cybersecurity is very interconnected. Private industry is constantly being targeted. Assume you are and recognize we are all on the front line. Eric said he feels we have an obligation to our country to confront and protect ourselves against these threats. He feels it is our patriotic duty to do so as this is a national security issue for us all. Imagine if bad actors are able to disrupt enough businesses or cause failures for iconic American brands. It could shake the confidence of our society, thus the imperative to take this more seriously than we ever have.

While daunting on the surface, we have access to more resources than ever. A simple thing everyone can do is use two factor authentication across all of your accounts. A great resource to determine how to enable two factor authentication is https://twofactorauth.org. Check it out and enable your accounts. It’s your patriotic duty.

Onepath’s Top 5 Cybersecurity Threats – April 2019

Standard

Stay informed on the latest in information security with these five handpicked articles from around the web.


GT

Georgia Tech Stung with 1.3 Million-person

Data Breach

SC Magazine

Georgia Tech reports that it suffered a data breach when a web application exposed the information of 1.3 million current and former students, student applicants, and staff members.


Norsk Hydro

Ransomware Behind Norsk Hydro Takes on

Wiper-like Capabilities 

ThreatPost

LockerGoga, the malware that recently took down Norsk Hydro, has taken the industrial world by storm as researchers race to uncover more about the mysterious ransomware. Here’s what we know.


Insurance Risks

Insurers Gear Up for Continued Rise

in Cybersecurity Attacks

Onepath

As cyber attacks rise, insurance companies collaborate on a program to help companies evaluate the effectiveness of security products and services.


Cyber Event

Why Cybersecurity Culture

Is a Leadership Responsibility  

Onepath

When it comes to cybersecurity, there’s a cultural shift taking place. Brian Shield, CIO for the Boston Red Sox, and Eric Rosenbach, former assistant Secretary of Defense for Global Security, discuss the current state of global security and what leaders can do to help defend the United States.


Dark Web Dog

What Is the Dark Web and Why Should You Care?

Alert Logic

You’ve probably heard of the term “dark web,” but what is it exactly?
And why does the dark web matter?

Onepath Career Fair

Standard

If you’re interested in a career in Information Technology Services in the Merrimack Valley or Southern New Hampshire, Onepath is hosting a Career Fair this Saturday, April 6th from 9 AM to Noon.  Bring your resume for an instant, on-site interview!  Details below.

2019 Onepath Career Fair.jpg

Citizens Bank Resolution…At Long Last

Standard

citizensbank.png

After six months of seemingly never ending delays and frustration, my saga with Citizens Bank is finally resolved.  The resolution is credit to a very empathetic and helpful woman named Amelia at the New Hampshire Banking Commission.

After lodging complaints with the New Hampshire Attorney General’s Office and the United States Comptroller of the Currency and reopening the report we filed with the Portsmouth New Hampshire Police Department, Citizens Bank finally did the right thing, in under a week.  The AG’s office referred to the case to the Banking Commission and even though Citizens Bank is not under the enforcement of the State, Amelia reached out to her contacts at Citizens Bank and got the President of the NH/VT region for Citizens Bank to call me.

After speaking with the President and describing the situation, a check for my mother’s missing money is on the way.  No more affidavit’s, no more back and forth phone calls, letters and frustrations.  On Friday, the woman at the Office of the Chairman called to provide the tracking information for the payment and to see how I wanted to resolve the matter of the overdraft on our personal account, after the account was confirmed permanently closed.  I requested that in lieu of the fact that Citizens Bank was not returning my mother’s money with interest, I felt it would be a proper gesture of good will on the banks part to just make this matter go away and remove the negative report on our account.  Within hours, she called me back to let me know my request had been approved.

This long, frustrating saga is finally resolved.  I leave it to you to draw your own conclusions about Citizens Bank.  I still strongly feel that Citizens Bank is one hundred percent responsible for what happened.  I am thankful that they finally did what was right and are returning my mother’s money and erasing any remaining issues on our personal accounts.  At the end of the day, none of this ever should have happened and that’s what still concerns me most.  I can only hope that this situation will cause Citizens Bank to investigate thoroughly how this happened and why it took six months and the involvement of so many agencies and resources to resolve.

What A Great Cybersecurity Event

Standard

This morning, Onepath hosted a cybersecurity event at the Harvard Club in Downtown Boston.  Over my career, I have participated in many events like this, but I have to say that this was the best event that I have been fortunate to be a part of.  Every attendee echoed similar thoughts.

IMG_2142.jpeg

We billed this event as a fireside chat.  The main speakers were Brian Shield, VP/IT for the World Champion Boston Red Sox and Eric Rosenbach, Co-Director of the Harvard Kennedy School’s Belfer Center for Science and International Affairs and former Assistant Secretary of Defense for Global Security.

The discussion with Brian and Eric was outstanding.  They made things so relatable and for individuals with their experience and responsibilities, they were so humble, down to earth and relatable.  They had the room riveted the entire time.  Thank you to everyone who came out for this event!

Following are some of the highlights from the chat:

  1. Ransomware like the latest LockerGoga will continue to be problematic and most likely grow. The worst Ransomware came from NSA and DoD leaks of offensive cyber weapons.
  2. Nation States will continue to lead bad actors. It’s an asymmetric weapon that non-democratic countries can use against more powerful western countries.  Many countries are unable to compete with the traditional military power of the United States and NATO, but hacking and other cyber weapons and attacks level the playing field.  North Korea uses ransomware and other cybercrime to raise money to get around sanctions. Look for more info ops like what the Russians did in the 2016 elections.
  3. AI will help defensively, but we need to look out for info ops that may look very real but be fake. Think of online videos from a political candidate that’s not really the candidate. How do we know what’s real and what’s not?
  4. Cybersecurity is a holistic approach. It’s not just technology, it’s a leadership issue. CEO’s and Boards need to have raised awareness.
  5. Incident response plans are critical. The plan must be tested as you don’t want to test it when you first have to activate it.
  6. Cyber security is very interconnected. Private industry is being targeted. We are all on the front line. It’s important to the national security of our country to educate our workers on how to remain safe.  Eric feels this is a duty we have to our country. We must address the threat. We need to change the culture and improve investment.
  7. Social Media monitoring can give you insight into whether or not your organization may be targeted.
  8. Worry about the threat actor that infiltrates and hangs around for several months. That’s a big concern of Brian’s.
  9. Your corporate assets are highly vulnerable in foreign countries like China.  It was recommended to never bring your personal or corporate cell phone or computer.  Get a burner, solely for the trip.
  10. Your reputation may hang on your supply chain! Be sure they have good cybersecurity and put requirements and penalties into your contracts.
  11. Everyone should be using 2FA.

I wrapped up the chat by sharing a few stories that reinforced some of the above.  Finally, I concluded with the following concluding statement from recent CompTIA testimony before the US Senate Committee on Small Business and Entrepreneurship titled “Cyber Crime: An Existential Threat to Small Business” delivered by CompTIA EVP Elizabeth Hyman:

“While the challenge that lies ahead of us can seem overwhelming and almost too great a burden to bear, it is one we cannot afford to ignore. By working together and continuing to embrace the private-public partnership that has long benefited the cybersecurity ecosystem, we can do a great deal to help better prepare small businesses, and business of all sizes, for the cybersecurity threats they are facing.”

What’s your plan for addressing your cybersecurity risks and educating your workforce on their role?

Technology Employment Expands

Standard

Following up on my post from a week ago, How Do We Fill Millions Of Open Tech Jobs?, I wanted to share some really interesting stats from CompTIA‘s newly released Cyberstates 2019 report.

According to the report, more than a quarter million tech jobs were created last year.

Here are a couple of interesting stats for the New England region:

  • New Hampshire had the second strongest growth in tech jobs at 4.2%.
  • Massachusetts had the highest concentration of tech workers at 11.3%.

“Cyberstates 2019 (#cyberstates) is based on CompTIA’s analysis of data from the U.S. Bureau of Labor Statistics, the U.S. Bureau of Economic Analysis, EMSI, Burning Glass Technologies Labor Insights, and other sources. Estimates for 2018 are subject to change as government data is revised and updated. The full report, with complete national, state and metropolitan level data, is available at https://www.cyberstates.org/.”

Cyberstates