Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3
Affiliate link
 
 
 

Affiliate link: LastPass securely stores your passwords and other personal data.
Hatch

725 posts

Ultimate Geek


  #2678696 22-Mar-2021 17:35
Send private message

I’m sorry everyone, I have no sway in IT matters. The current guy (and it is just a guy) has a lot of trust with the organisation.
Not wanting to be defeatist, there’s nothing much I can do.

I mentioned to someone in authority that I had read that Microsoft had issued urgent patches a week or so ago and the conversation really went nowhere.


networkn
27390 posts

Uber Geek

ID Verified
Trusted
Lifetime subscriber

  #2678703 22-Mar-2021 17:41
Send private message

Hatch: I’m sorry everyone, I have no sway in IT matters. The current guy (and it is just a guy) has a lot of trust with the organisation.
Not wanting to be defeatist, there’s nothing much I can do.

I mentioned to someone in authority that I had read that Microsoft had issued urgent patches a week or so ago and the conversation really went nowhere.

 

Unfortunately, I suspect you are in for more pain then I'm sorry. Buckle in, it's gonna get bumpy. Sorry I can't be more encouraging. Perhaps management might need to learn the hard way, it works that way sometimes.

 

Sorry for your trouble.


networkn
27390 posts

Uber Geek

ID Verified
Trusted
Lifetime subscriber

  #2678706 22-Mar-2021 17:44
Send private message

Hammerer:

 

Hatch:

We’ve been told that the likely culprit for our security breach is someone opened a ransomware file.......

 

The culprit is the ransomware "publisher".

 

I hope your organisation isn't actually labeling a staff member as "the culprit" of the security breach. A culprit commits an illegal or evil deed. That is not a term that should be used for an inadvertant mistake even if it is negligent or doesn't follow the prescribed procedures.

 

 

 

 

We encourage our customers to not take a puniative approach to security breaches. In our experience, it stops people from admitting issues, difficult to detect at times, which puts the organization at risk.

 

We encourage customers to take a "how can we do this better next time" approach instead. A person feeling like they might get in trouble, may not be entirely forthcoming about the extent of the mistake they made, making tracking the full width and breadth of a breach difficult.

 

 




sparkz25
751 posts

Ultimate Geek
Inactive user


  #2678711 22-Mar-2021 17:49
Send private message

networkn:

 

Hatch: I’m sorry everyone, I have no sway in IT matters. The current guy (and it is just a guy) has a lot of trust with the organisation.
Not wanting to be defeatist, there’s nothing much I can do.

I mentioned to someone in authority that I had read that Microsoft had issued urgent patches a week or so ago and the conversation really went nowhere.

 

Unfortunately, I suspect you are in for more pain then I'm sorry. Buckle in, it's gonna get bumpy. Sorry I can't be more encouraging. Perhaps management might need to learn the hard way, it works that way sometimes.

 

Sorry for your trouble.

 

 

Sounds like the IT Guy ignored all the messages or hadn't read the news over the last few weeks.

 

As Networkin has mentioned, you could be in for a bumpy rollercoaster ride, Good Luck


xpd

xpd
Trash bandit
11927 posts

Uber Geek

Retired Mod
ID Verified
Trusted
Lifetime subscriber

  #2678818 22-Mar-2021 21:04
Send private message

Or he just dosent have enough experience to understand exactly what the exploits were doing. 

 

If you get on with your boss, maybe suggest that the tech guy gets signed up to some mailing lists etc - but by sounds of it, he just gets called in when needed so he may not check his email that often for it to be worthwhile.

 

 





       Gavin / xpd / FastRaccoon

 

Website - Photo Gallery - Instagram

 

 


michaelmurfy
/dev/ttys0
10979 posts

Uber Geek

Moderator
ID Verified
Trusted
Lifetime subscriber

  #2678882 22-Mar-2021 23:51
Send private message

Hatch: I’m sorry everyone, I have no sway in IT matters. The current guy (and it is just a guy) has a lot of trust with the organisation.
Not wanting to be defeatist, there’s nothing much I can do.

I mentioned to someone in authority that I had read that Microsoft had issued urgent patches a week or so ago and the conversation really went nowhere.

 

That really sucks to hear but good on you for taking that step to mention the exploit it in the first place.

 

Seeing you have not mentioned the company you work for, or the IT company on here it could be maybe worth showing this thread to your boss - likely not going to do anything, but you've got a whole bunch of industry professionals basically saying you need to shift to cloud based email (Office 365 or similar) along with ensuring patching + Windows Updates occur frequently. I work for a large corporate and we have to apply Microsoft patches all the way to Production within 48 hrs from Microsoft releasing them - being a large corporate you can imagine how many 100's of servers needs patching. Your IT guy can handle 1 if I can handle the 80 assigned to me in a single night :)

 

I know you won't say but it sounds like you may have some older equipment (Windows Server 2008 R2 / Exchange 2010 / Windows 7) still up and running which is a huge risk for the business and all customers as a whole. Disclose that you got compromised to CERT + your customers (this is a requirement I believe) and be prepared for a bumpy ride.

 

Furthermore - self-hosting Exchange especially on an ISP often leads to email delivery problems which is bad for business email :)





Michael Murphy | https://murfy.nz | https://keybase.io/michaelmurfy - Referral Links: Sharesies | Electric Kiwi
Are you happy with what you get from Geekzone? Please consider supporting us by making a donation.


richms
25168 posts

Uber Geek

Trusted
Subscriber

  #2678885 23-Mar-2021 00:17
Send private message

TBH if that is their attitude to one of the most critical business requirements, I would be looking for another job because this could be the straw that breaks the customers trust in the place.

 

Another thing, Any personal service you have logged into from work, or have used works email as a way to reset the password need to be taken care of before they start to go thru the dumps they will have taken from the server before destroying it.

 

Once they are onto the dump, they will register a similar domain name and start emailing customers with requests to pay new accounts, get customers to open malware "invoices" that they were not expecting with a template that looks exactly like ones that have been sent from the business in the past, and all sorts of other nasty things to try to get more people to let them into their systems.

 

 





Richard rich.ms



freitasm
BDFL - Memuneh
73986 posts

Uber Geek

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #2678932 23-Mar-2021 08:41
Send private message

Office of the Privacy Commissioner | Privacy breaches

 

"Under the Privacy Act 2020, if your organisation or business has a privacy breach that is likely to cause anyone serious harm, you must notify the Privacy Commissioner and any affected people as soon as you are practically able."

 

AskUs | Article | Do we have to report privacy breaches? | Office of the Privacy Commissioner

 

"You may also have obligations to report the privacy breach to other organisations. You should definitely report the breach to your organisation's privacy officer, and you may also have contractual and professional obligations to report the breach to other parties. If the incident involves computer systems, then you should report the incident to CERT NZ. If the incident involves the possibility of identity theft, you should contact IDCare."

 

If as the result of this breach there could be some personal information compromised (and this means a lot of things in this context) then your company must report or otherwise be fined. 





Are you happy with Geekzone? Consider subscribing or making a donation.

 

 

 

freitasm on Keybase | My technology disclosure 

 

These links are referral codes: Sharesies | Mighty Ape | Norton 360 | Lenovo laptops | GoodsyncGeekzone Blockchain Project


Jogre
174 posts

Master Geek


  #2678941 23-Mar-2021 08:50
Send private message

Hatch: I’m sorry everyone, I have no sway in IT matters. The current guy (and it is just a guy) has a lot of trust with the organisation.
Not wanting to be defeatist, there’s nothing much I can do.

I mentioned to someone in authority that I had read that Microsoft had issued urgent patches a week or so ago and the conversation really went nowhere.

 

Trust within the organisation or knows the owner personally and catches up for golf every second Tuesday?

 

The number of advisories about the vulnerability are staggering so there's no excuse and as mentioned, blaming staff is really not on and is the sign of a weak personality/lack of professionalism. Any breaches we're involved in that result from staff clicking on something is an opportunity for training and improvement not finger-pointing. As Security partners, that's our failure to train and patch.


xpd

xpd
Trash bandit
11927 posts

Uber Geek

Retired Mod
ID Verified
Trusted
Lifetime subscriber

  #2678955 23-Mar-2021 09:06
Send private message

I think everyone has said what needs to be said, only thing you can do now, is hope this is a wake up call for the boss and some changes are made.

 

 

 

Along those lines....

 

Years ago, I used to look after a small companies office, they were concerned about losing data etc - they had an old PC in a corner doing nothing so I set it up as a basic file server and backup system.

 

In the past couple of years, I got a call asking for assistance because they got hit by ransomware - told them to tell the IT guy they were using to check the backup drive etc. 

 

Thats when they told me. 

 

The "server" had died a year earlier and they hadn't told me although I had been in touch for other issues.

 

Thankfully the database system they used had been copied to another PC in the office and that system had not been turned on in a week, so they ended up only losing a weeks work. 

 

They now work in the cloud. 

 

 





       Gavin / xpd / FastRaccoon

 

Website - Photo Gallery - Instagram

 

 


Jogre
174 posts

Master Geek


  #2679040 23-Mar-2021 10:24
Send private message

Had a similar one, walked into business to pitch for managed IT support. Currently done by friend of boss. HP server sitting in plain view, failed HDD lights on 2 of the 5 disks. Offered to get HP to resolve without obligation, was told IT guy all over that. Went and saw them a month later and was taken outside and was quietly told they were recovering from a major outage with no backups available...


1101
3043 posts

Uber Geek


  #2679281 23-Mar-2021 14:17
Send private message

We all all making alot of assumptions here . We only have hearsay from someone who isnt directly involved

It could be the IT guy hand his hands tied by customer reluctance to spend money until things break
It could have been system on its knees & unpatchable , I know of 'servers' made from old PC's(yes) and in a barely usable state
I have Clients who ignore all advice .

 


we dont know for sure that this was caused by unpatched exchange .
we dont know if IT was under any sort of support contract .


richms
25168 posts

Uber Geek

Trusted
Subscriber

  #2679450 23-Mar-2021 17:30
Send private message

1101:

 

we dont know for sure that this was caused by unpatched exchange .
we dont know if IT was under any sort of support contract .

 

 

It happened. Therefore the person providing IT services failed.

 

If the place will not spend on correct infrastructure the only solution is to fire them as a client and let them go on their own.





Richard rich.ms

xpd

xpd
Trash bandit
11927 posts

Uber Geek

Retired Mod
ID Verified
Trusted
Lifetime subscriber

  #2679812 24-Mar-2021 12:44
Send private message




       Gavin / xpd / FastRaccoon

 

Website - Photo Gallery - Instagram

 

 


1101
3043 posts

Uber Geek


  #2680211 25-Mar-2021 10:52
Send private message

richms:

 

If the place will not spend on correct infrastructure the only solution is to fire them as a client and let them go on their own.

 

 

Sorry , but that sort of attitude really p*sses me off.
Its a service, not a dictatorship.

 

What happened to do the best you can within their budget .
What happened to help them as much as poss, give advice, try to steer them in the right direction. Even if all advice is ignored
What happened to Help them when it all falls over completely (thats when IT will make the money from the client).
What happened to I'll do what I can , on your terms , rather than F you go somewhere else

Ive had to deal with that sort of nightmare IT attitude , from both sides of the fence .



1 | 2 | 3
Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic





News and reviews »

D-Link G415 4G Smart Router Review
Posted 27-Jun-2022 17:24


New Zealand Video Game Sales Reaches $540 Million
Posted 26-Jun-2022 14:49


Github Copilot Generally Available to All Developers
Posted 26-Jun-2022 14:37


Logitech G Introduces the New Astro A10 Headset
Posted 26-Jun-2022 14:20


Fitbit introduces Sleep Profiles
Posted 26-Jun-2022 14:11


Synology Introduces FlashStation FS3410
Posted 26-Jun-2022 14:04


Intel Arc A380 Graphics First Available in China
Posted 15-Jun-2022 17:08


JBL Introduces PartyBox Encore Essential Speaker
Posted 15-Jun-2022 17:05


New TVNZ+ streaming brand launches
Posted 13-Jun-2022 08:35


Chromecast With Google TV Review
Posted 10-Jun-2022 17:10


Xbox Gaming on Your Samsung Smart TV No Console Required
Posted 10-Jun-2022 00:01


Xbox Cloud Gaming Now Available in New Zealand
Posted 10-Jun-2022 00:01


HP Envy Inspire 7900e Review
Posted 9-Jun-2022 20:31


Philips Hue Starter Kit Review
Posted 4-Jun-2022 11:10


Sony Expands Its Wireless Speaker X-series Range
Posted 4-Jun-2022 10:25









Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.