Jump to content
Why are we here ..... ×

Ransomware and Cyber Security Policies


Recommended Posts

https://www.theguardian.com/technology/2021/jun/14/ransomware-is-biggest-online-threat-to-people-in-uk-spy-agency-chief-to-warn

 

I recommending reading the full article but what might be on the horizon:
 

Quote

Cameron also called for insurance companies to stop paying out ransoms – currently legal because hackers are rarely members of banned terrorist groups - ...

 

Edited by GremlinIT
  • Like 1
Link to comment

Had a fun chat with OGI about Open Attach and Ransomware ...

 

Currently, OA uses SYSTEM to modify and create folders and files. However, it uses the User's permissions to read and open files.

 

This means that I can help prevent ransomware from encrypting the data but not prevent it from exfiltrating the client documents.

 

They decided that getting someone to finish the other half of the job was a bespoke contract. Told them we can wait, far more likely another broker is affected and kicks up a storm that affects OGI rather than us.

Link to comment

Tbf - I’d be interested in comparing how the competition / alternative OGI solution aka Virtual Cabinet, manages the same situation. That’s the real benchmark / leverage. 
 

If cyber is a concern - or a requirement of your BI - I’d suggest taking a serious look at those security functions in both. Then make your choice. 
 

#whosheadisontheblock

 

Link to comment
17 hours ago, Mark Sollis said:

If cyber is a concern - or a requirement of your BI - I’d suggest taking a serious look at those security functions in both. Then make your choice. 

 

Sorry - the above was a more generic prompt for ALL brokers - particularly those who need to review their risk appetite - not aimed at you guys per-se :blink:

 

17 hours ago, Mark Sollis said:

#whosheadisontheblock

 

Ditto for this - and to make sure everyone is aware they can't blame or claim from, their supplier for their own inadequate security analysis and prevention

 

I feel your pain with the horses - but at least you found the water - that's half the battle ;)

 

Link to comment
  • Mark Sollis featured, unfeatured, featured and unfeatured this topic
  • 3 weeks later...

Latest response from OGI:

Quote

I did discuss this with engineering and we are not sure with what they are asking whether it's even achievable with the software. But if it is Engineering advised it would be chargeable. I discussed this with [hardware technician's name redacted]. 

 

My response:

Quote

This needs to go to development. OA simply needs to change its Read & Execute permissions from Windows Authenticated User to SYSTEM the same as it already does for Write and Modify permissions.

 

I don't know why development did half a job of it in the first place and that getting this on their enhancement wishlist is such an uphill battle.

Anyone else want to log a similar request and join the chorus? :D 

  • Like 1
Link to comment
On 09/07/2021 at 10:59, Mark Sollis said:

Not 24 hrs before your post! A despairing mini-rant criticising the very response you received. Feel free to add a real life instance on there - Typical Standard Response Warning 

I don't use Linked In. Good post.

My colleague had that all the time, would ask OGI support, "How do I do this?" and would receive the answer, "It can't be done." A week later they would go back to OGI with, "This is how you do it."

 

Now they don't even bother to log tickets with OGI. If OGI cared and had enough staff to put more time into working these things out with my colleague, then they would have an over all better product and better service.

  • Like 1
Link to comment
  • 2 weeks later...

I was discussing measures to guard against ransomware with an OGI support member. 

Hosts of virtual machines are not safe.

 

They had a client a few weeks ago, where the ransomware managed to get into the hosts (plural) and it destroyed the vhdx files (what a virtual machine is stored in). In a lot of instances, with limited access, more ports closed on the host and so forth, you would be inclined to believe that they are safe and only the virtual, more "public access" machines would be affected to different degrees.

 

I am now looking into making a Linux host, so that backup snapshots of a virtual machine will be safe and can easily be fired up for emergency cases.

Link to comment
  • 3 weeks later...
  • 9 months later...

Open Attach hasn't changed. It should be a database, more secure, better control over user access, find and retrieve files more quickly, et cetera.

 

Now everyone is being pushed to use MS Edge. I thought I saw a notice that you could use Firefox or Chrome, that seems to have been retracted and no one in support knows anything about it.

Not sure I want to trust payments to a web browser, which is made by the some company that produces Windows, which has 50-100 vulnerabilites each month with 1-6 of them being zero days.

  • Like 1
Link to comment
On 14/06/2022 at 17:44, Mark Sollis said:

The real question for Open GI is why is only 1 browser supported?

 

Why do you think that is?

 

10 points for each correct answer …

Partnership deals that are in the interests of Open-GI's profits and not the best infrastructure for their clients.

  • HP - (30% returns from printers to servers when I worked for a HP partner. Haven't been pleasantly surprised with 6 more years of dealing with their hardware).
  • Microsoft - Oh ook another 60 security holes and a zero-day (M$ product zero-days can only be fixed or mitigated by Microsoft) that has been actively exploited for over two months now.
  • Sophos - Tavis Ormandy of Google's top security team, charitably wrote a 30 page paper, which concludes that the company was "working with good intentions" but is "ill-equipped to handle the output of one co-operative security researcher working in his spare time". Recently, they forced through Multi-Factor Authentication for their "cloud" management site (which has a really useless, coutnerintuitve and uninformative interface), that is completely useless in a ransomware take over, you could easily be left without access to your "cloud". They should implement physical keys if they are going to push for this, not software methods that can be taken over as part of an attack. 
Edited by GremlinIT
Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Posts

    • "Exciting news for Brokers!" ???     #nope Critical mass Target customer size and profile On line only #whataboutthemasses   What do you think??
    • Hi Claire,   We took on INVU back in 2008 and still use it today in its Virtual Cabinet guise. No issues with printing from VC whether that be to network printers or pdf and there are also options to send from VC to email which can be useful.    Overall, we remain very happy with VC so have seen no real advantage to move over to OpenAttach.   One little issue is we never managed to get the automatic indexing / filing of standard OGI/OpenWord letters and emails into VC. We just click a few buttons to file them manually.   Happy to chat through further if you wish - I will be at the Members day this coming Thursday    Darren
    • Hi @Clare Carter   I probably cant advise on day to day use / issues, but may be able to help although not sure of your question   Are you still on Virtual Cabinet (VC) and how are you trying to print on OGI - and what / where from   Also - I'm pretty sure there are minimal issues with transferring to OpenAttach - what are the concerns there?  
    • Just wondering if any of the current members have previously been using Virtual Cabinet, and which originally was Invu provided by Linden House.   It is only relatively recently that Open GI have come up with Open Attach but there is an issue in transferring data.   If anyone is still using Virtual Cabinet which evolved from Invu and Linden House, could they let me know whether they had any issues with Open GI and printing.    Thanks
×
×
  • Create New...