Reading the short article it feels like the old routine of 1. Cyber incident, 2. sparse information in all directions, 3. after fixed, all personnel returns to old habits with higher level of insecurity against a blurry, unspecific threat and back to square one. while the few sec op folks try to train employees to better secure the systems without really improving the crucial understanding of how such incidents really work. Or do I completely misinterpret such causalities?
> “Maintain a high level of vigilance and verify the legitimacy of CBO communications by confirming with the sender via telephone that they sent the message,” the note continues.
Depends how sophisticated and incentivized the attacker, of course.
Man, and I thought government was inefficient before. Now, after every message they receive, they must then call the person to verify the message before responding. Which naturally means, they then must call you back to verify you sent the response. Electronic messaging was meant to do away with this phone tag scenario, yet now they want to ensure messaging is dependent on phone tag.
Since it's obviously impractical, the procedure will be worked around or ignored 99% of the time. The phone logs will however allow for the picking of a convenient scapegoat in the wake of a future attack.
If only telecomms made any sense for the 25th century with easily verifiable sender identification, and it would block malicious, spoofed, and spam messages before they ever got to your phone in the first place.
Reading the short article it feels like the old routine of 1. Cyber incident, 2. sparse information in all directions, 3. after fixed, all personnel returns to old habits with higher level of insecurity against a blurry, unspecific threat and back to square one. while the few sec op folks try to train employees to better secure the systems without really improving the crucial understanding of how such incidents really work. Or do I completely misinterpret such causalities?
>Reading the short article it feels like the old routine
Difference being the shutdown will make remediation much harder and take longer.
Sounds about right.
you missed "increase budget and capabilities of overseers"
[dead]
> “Maintain a high level of vigilance and verify the legitimacy of CBO communications by confirming with the sender via telephone that they sent the message,” the note continues.
Depends how sophisticated and incentivized the attacker, of course.
Man, and I thought government was inefficient before. Now, after every message they receive, they must then call the person to verify the message before responding. Which naturally means, they then must call you back to verify you sent the response. Electronic messaging was meant to do away with this phone tag scenario, yet now they want to ensure messaging is dependent on phone tag.
Since it's obviously impractical, the procedure will be worked around or ignored 99% of the time. The phone logs will however allow for the picking of a convenient scapegoat in the wake of a future attack.
If only telecomms made any sense for the 25th century with easily verifiable sender identification, and it would block malicious, spoofed, and spam messages before they ever got to your phone in the first place.