(Pt. 3): What Should You Do to Fight Back Against Cyber Attacks?
OCTOBER 18, 2019
Many small and medium-sized businesses believe they aren't a target for a cyber attack simply because they think they don't have anything an attacker would want. But, that's just the opposite. With October as national cybersecurity awareness month, we are dedicating a three-part series to the why’s, how’s, and what’s of cybersecurity for small and medium-sized businesses. In this episode of the GEEK FREAKS PODCAST, Ron, Nick, and Thony discuss what should be done to fight back against cyber attacks.
VIEW TRANSCRIPT >
Transcript Episode #11
[Pt. 3] What Should You Do To Fight Against Cyber Attacks?
Ron: (00:00) Welcome to the Geek Freaks Podcast. Before we get started, make sure to hit the subscribe button on Spotify, Apple podcast, Google podcast, Breaker, Castbox, Stitcher, and all other platforms you may be tuning in from. In the spirit of national cybersecurity awareness month. We have split the first three episodes for the month of October into a three part series. Last week I as well as our project leads, Nick and Thony discussed how cyber attackers are accessing our data and now we're moving on to the, what's here is the third part of our cybersecurity series. What should I, what you should do to fight back against cyber attackers.
Music: (00:34) [Intro Music]
Ron: (00:44) So let's talk about the fun part, fighting back, doing what we can to stop this from being bad for us. Give me your top couple things that we can do off the top of your heads. I have a list, I'm sure you guys do too, but.
Thony: (01:03) I think the number one thing is just making sure your passwords are very secure so you're not using simple phrases or you know the typical [inaudible] where is the password.
Ron: (01:13) All dogs go to lunch? Something like that. Right?
Thony: (01:18) Yup. That's all good.
Nick: (01:19) Well or like, uh, anything that's related to like, uh, what time of year it is and what year it is. Like you don't know how many time I've seen those passwords. Spring 2018 capital S.
Ron: (01:31) Hey. That's my go to.
Nick: (01:34) So it's like.
Ron: (01:35) We are getting into fall 2020 right now.
Nick: (01:38) It's like, it's not that hard of a password when you think about it cause it's like okay, it's a timeframe thing and it's like, Oh it's fall 2019. I wonder if that's the password right now.
Ron: (01:47) I see a lot of things like password one, six months later or three months later. Password two.
Nick: (01:52) What was the list recently? What was the number one? Was it password? One, two, three with a capital P.
Ron: (01:57) Oh probably.
Nick: (01:58) Let me look that up.
Ron: (01:58) Um, so my list is education, right? To train the users, what to look for and what not to do a proper firewall protection with IPS. So something that's going to do a little bit more than just passing traffic. A next gen antivirus. Right. So we know that traditional antivirus is still good and it still does its job, but there's the EDRs and stuff stuff, the applications and the antivirus that will actually hunt for the threats instead of just letting them launch and do their thing. Uh local backups on prem and remote. So making sure your shits safe. Um, two form factor authentication I think goes a long way for a login for like, it's protecting our bottoms on log-ins all the time. And then rights and passwords are on my list. So what do we need rights to? What do we actually need rights to? Versus like, Hey, you're an admin. Do whatever you need to do because it doesn't make sense anymore.
Thony: (02:48) It doesn't.
Nick: (02:49) Oh, and that's also a layer when you think about it, it's a layer of protection because if you clicked on something and it's only supposed to be a word document, all of a sudden it pops up saying, Hey, this wants to install. You need to give me credentials so I can install. You're like, Ooh, that's definitely not what it's supposed to do.
Ron: (03:03) Yeah. And it's, it's, I don't know. It's, and then what happens? You click it again.
Nick: (03:09) Well, I mean not if the user had been properly trained cause then they're going, Oh I don't have credentials to do that.
Ron: (03:14) But, no, no, I get it. Yeah. Most part of the people. But [inaudible].
Thony: (03:18) I'm just going to keep clicking until it gets installed.
Nick: (03:20) I mean there is, but, uh, I looked it up last year, 2018 the number one worst password was 123456.
Ron: (03:29) Shouldn't be allowed ever. So, so let's first we will go down my list. Does anybody else have anything to add to that list of five, six things? Education, networking, equipment, passwords.
Thony: (03:42) Keep up with updates.
Ron: (03:43) Updates, updates, updates. Every Tuesday, right? Every Tuesday. Okay. So phishing. How do we battle phishing, boys, girls, everybody trying to be inclusive.
Nick: (03:57) Even though it's three guys at, uh.
Ron: (03:59) Well yeah, there's people listening that may be ladies.
Nick: (04:02) Uh, that one is, is that, that one I'd squarely put under training. Cause when you think about it, the phishing, it's, it's, you're never gonna want 100% get them with, um, any kind of spam filter. Cause they're constantly changing them to try to weed them out. So you're always gonna have some get through. So I think you're bigger way to stop that is training.
Ron: (04:25) Yeah. And I, I put buy, uh, training through a partner providers, something like that. Like KnowBe4 or a PhishBox or any phishing simulations that you can do. Cause the more they know, the better they're going off, they're going to be off. We get a lot of customers that get emails from the CEO at like, you know, it'd be Ron Harris and my email address is bigpimpdaddytwelve@yahoo.com and that's not my email address. It'd be, is it be awesome if it was, but it's not, but you just see an outlook. You see it says Ron Harris and you're like, Oh, this is Ron Harris, what's going on? And I'm like, Hey, give me those scratchies baby.
Nick: (05:00) Well, the worst thing is, is when you think about it, the mobile version, like on your phone outlook doesn't even show you or give you the ability to look at the email address. It's only the display name.
Ron: (05:10) Really? Yeah, I'm finna check right now.
Nick: (05:13) Unless they've updated that. The last time I checked, that was all you could see. Really couldn't see the email address.
Ron: (05:18) You can, you can see the email address now.
Nick: (05:20) Okay they must have changed that then.
Ron: (05:20) With the new version you can but some of them, I know Apple you can't, Oh Outlook. So we are all big Outlook people here. But I'll look now you can do that. And I think even if you send quarterly emails to your staff as a, like a free option, maybe you can't afford the training, but just to be like, Hey, be on the mound, you know, be on the lookout. There are certain websites I can't listen to off the top of my head that say like, Hey this FedEx phishing things going on. So prepare your staff cause like Christmas time, a holiday time, anything like that you get those, your FedEx package was delivered. Click here. That's a that's a form of phishing.
Nick: (05:52) Yeah.
Ron: (05:53) And or your paper, here's your PayPal receipt, login to look at it. That's phishing. And I think if you just train people to look at for the website, which are all very convincing in the emails, which can be very convincing, you just need to kind of give people exposure to it in a nonthreatening fashion.
Nick: (06:08) I mean the other part of that is it could just say, Hey, I've got coupons for X, Y, Z. Come click on it. You know, and you know there's people that do it, especially around Christmas time cause they're like, Ooh I could save some money.
Ron: (06:18) Hell yeah. Everybody wants to save a little bit of money. So like the, the, the five things that to look for for like spoofing or you know, I guess warnings, the emails sent from someone inside the organization or from a customer vendor or partner, which is very unusual or out of character. Right. So me Ron Harris saying I need Thony, I need some scratchers. Go to the store. I mean you'd probably do it cause I do wild things, but I you shouldn't.
Thony: (06:46) I would more than likely double check with you first.
Nick: (06:49) And that's, I think that that would warrant a phone call. Like what's up?
Ron: (06:52) Receive an email with a hyperlink that is misspelling of a known website because again, if it's me, I'd misspell things all the time. You guys are gonna be like, Oh yeah, he wants to go to the FAC book.org. Maybe. Probably not. I wouldn't spelled that bad.
Nick: (07:09) Well, even some of the links that you see then some of those like phishing emails you're talking about, they're really close to the original. They're only usually off, like some of the ones I've seen are only off by like one letter.
Ron: (07:19) Oh, I know it's super convincing now.
Nick: (07:21) You gotta really read closely or even you're like, Oh yeah, that looks legit.
Ron: (07:25) But the --- part is is people don't know how to hover over it to see where the links going before they click on it. Right. So they're clicking on it. They're out there on the adventure baby bill and...
Thony: (07:32) All it says, click here to log in. Yep. High net is actual a web address where it's, you know, we go in directly to...
Ron: (07:38) And we go and there's nothing you can't go, you're going now the trip started, cars going down the road.
Thony: (07:42) Once you go, you go. No breaks on this baby.
Ron: (07:45) Did I receive an email that normally get during work hours but it was sent at an unusual time, right? I typically, I don't anymore, but I used to send a lot. I used to do a lot of work at night and you guys would all get emails. So it's not out of the ordinary for me, but like other people are probably not getting emails from their bosses at two, three o'clock in the morning. Um, you know, and I'm trying not to do it anymore. Either way. Um, is the sender asking me to click on a link to open an attachment to avoid a negative consequence or to gain something of value? So that goes back to your coupons.
Nick: (08:14) Yup.
Ron: (08:15) Want some coupons? Yes. I do. Click on this. Oh, dammit. I got God, I don't have a business relationship nor past communication with the sender. So that's something to be mindful of too. Like, do I know this person? Just some people are just like, hell yeah. Coupons, baby. I don't know who Victor Braum is, but he sent me some coupons and I'm going to get them. So be aware of urgency. Check for spelling errors. Consider the salutation. Like a lot of phishing emails are like Sir Ron Harris like I'm not a sir anywhere or Dr. Ron Harris. That'd be cool. But I'm not a, don't trust the display name. Look at the actual email address. If it does seem shady, make sure you check that. Uh, don't believe everything you see that goes back to the coupons. Check the email signature, that kind of stuff. Anything to add about phishing?
Nick: (09:00) Not that I can think of.
Thony: (09:01) No.
Ron: (09:02) And then what happens if you get one, let your provider know so they can block it immediately.
Nick: (09:07) Yup.
Ron: (09:08) Don't click on the links. So there's ongoing education wrapped around this, right? So there's KnowBe4, which we use is great. We've been testing a couple of customers every month, uh, and they're getting better. We've seen a huge improvement on that. Then there's the official line from Barracuda, which we haven't used. And then there's like PhishingBox, which is free, DUO has a free phishing test you can do. So there's all kinds of things for people to do. Um, but I think it's important that they do test people. We did a test a long time ago about Slack. Remember that? And you guys clicked on it.
Nick: (09:34) Yeah. I do.
Ron: (09:35) Now you're pretty scared to get emails from me. It's not good. Not good. I do send out real emails. Uh, what else? Physical threats. So the edge, the perimeter of your network, the firewall that's out there. I put a picture of a LyncSys and I said, if you have this, you need to go back to the store and buy a real firewall.
Nick: (09:55) Oh, well preferably not one off of Best Buy shelf, preferably.
Ron: (10:00) Well, I get that. And it will work in a jam and pinch.
Nick: (10:02) It will in a jam. But like they're not as like thorough as something like we use like the Meraki, which has the intrusion detection prevention and the, the alerts basically when it detects that somebody has gotten in.
Ron: (10:17) So you want something that goes a little bit deeper?
Nick: (10:19) Oh yeah.
Ron: (10:19) Through more thorough, job on the traffic and that's, I think if you're an SMB owner or a decision maker or somebody that can influence that, spend money on the perimeter, on the firewall, on the access points, something that you can manage and see traffic on.
Nick: (10:37) And don't leave the guest's network as no password please.
Ron: (10:42) That still happens?
Nick: (10:43) Oh yeah. That's still happens.
Ron: (10:45) Does ours have a password?
Nick: (10:46) Oh yes, it does.
Ron: (10:48) You hear that we're secure. It probably goes right to our server though, so.
Nick: (10:53) It does not. I have that blocked. Thank you very much.
Ron: (10:55) Well that's the other thing too. People don't know if you know...
Nick: (10:57) I know, I know. They'll, they'll stand up another wifi thing like, yeah, the guest network and, yeah,
Thony: (11:02) And they can't access.
Nick: (11:03) Exactly.
Ron: (11:04) I used to give the, some of the old guys that worked here --- because they'd always be like, we have to block all the ports on the firewall or on the switch, so they terminate all the switches. We did it for one customer and then a guy went there and he couldn't get it, couldn't get it to work and couldn't figure out why. It's because we were super secure on the switch. Right?
Thony: (11:17) Yeah.
Ron: (11:18) But then it brings up a better point, like you said the other day, like you could literally go into a lobby someplace with a cat5 cord and plug in and be a part of their network.
Thony: (11:25) Some guy did that and he was, he used a test hacking these people. He was doing what a KnowBe4 does, right. So he went into the lobby, plugged into an ethernet port gained access to the entire network.
Nick: (11:37) To me it's kind of wild. Why, why do you have ethernet ports in your lobby that that doesn't make sense.
Thony: (11:41) I mean it could have been, you know, it's not really a lobby. They just call it a lobby.
Nick: (11:45) Yeah. I guess.
Ron: (11:47) Could have been where they were going to put the, uh, printer or some receptionist desk or anything like that around. Right. Um, so the other, the, Oh, go ahead.
Nick: (11:55) Well, I was going to say, but you know, with that kind of thing, it's, it's, those should be unplugged then if, you know, nobody should really be at those locations that your best thing is just to unplug them.
Ron: (12:05) Yeah. But the, the other easier part too is like, Oh, I light them all up baby in case we're gonna use 'em cause nobody wants that call like this port's broke and you're like, Oh let me go run out a three foot patch cord to ya. So again, yeah, you're right. Yes, 100%. But what always gets in the way of security is laziness. Laziness, right. You don't want to be inconvenienced. You don't want to do that because then I've got to run back over there. I don't want to do that. Yep. So the other thing too, and I, it's wild to think this, but antivirus, right, is still a hot topic on the streets. Everybody needs it. Everybody wants it. Windows defender is the, has been scoring super high on antivirus charts. Like even the independent ones. And I was like, I can't figure out why. So then I asked some people and it's because it sees the most action.
Nick: (12:48) Yeah. Cause nobody installs one anymore. They're just like, ah, Microsoft's got me, I should be fine.
Ron: (12:53) And the only problem for us, like you can't control it. Right. So we have, we can't do anything with it or manage it.
Thony: (12:59) No.
Ron: (12:59) So like the traditional ones, the Symantec and McAfee, the ESets, the web routes, the trend micro, like two of the vendors that I just listed were hacked on their, in their own networks, uh, six months ago. So they're kind of useless. But we're, we used to have them, you know what I mean? We, we did Symantec for about four weeks and then we had to change it all.
Nick: (13:20) Well and the markets also changing cause like when you think about, um, and antivirus is kind of on its way out because it's the whole idea of why not catch it before it runs instead of catching it and cleaning it up after the damage has been done.
Ron: (13:33) Well, you guys did a lot of, uh, I think the past two or three years, you guys did a lot of research on antivirus when we were looking for alternatives. Our solution and the traditional antivirus is just that like, go ahead and run. Oh, you're doing bad. Oh, stop, stop, stop, stop, stop. Where now the, the scheme of it is, is like, Oh, you're, you are going to do bad --- .
Nick: (13:55) So I'm not even gonna let you run.
Thony: (13:58) Yeah. It's proactive.
Nick: (13:59) Yup.
Ron: (13:59) Which is crazy to me. It's more expensive. Like we spend through our nose for it, but it also has saved or ---a lot. I'm granted Sentinel One will kill the machine off the network...
Nick: (14:08) If it's bad enough.
Ron: (14:10) ... if it sees an anomaly. That's screwed us before. But you know, carbon black, Cylance, SentinelOne, all those new advanced EDRs I think are going to be the way of the future. And I'm very happy with the product itself that we have right now.
Nick: (14:24) Oh yeah.
Ron: (14:24) This is not a SentinelOne commercial, but very happy with it.
Nick: (14:28) Not only that, but it kind of gives you, cause I mean going back to like you were saying about people just click until it runs. You don't know how many times it's SentinelOne alerts have come in one right after the other because whoever is, you know, oh it didn't run that time. Let me...
Thony: (14:42) Let me try it again.
Nick: (14:43) Let me try it again.
Ron: (14:44) All gas, no brakes baby. And I think that's the --- part of humans is, that's how we are.
Nick: (14:50) That's why we need a product like that, that like basically help ourselves like stop ourselves. Like cause without that, I mean it would just be the whole scenario of yeah it ran and it did bad things.
Ron: (15:00) We, I think that should be tattooed on every person is all gas no brakes. You think about like back in the day when you'd go to the printer and there'd be a whole --- ream of paper. Oh man. Luis, you gotta edit this. A whole ream of paper on top of the printer because they printed the same thing 19 times because they were like, it's not printing, it's not printing, it's not printing. It's not printing and then it prints a billion times.
Nick: (15:21) Well, or it's the scenario, well it didn't print, so I'm going to call the provider and the provider fixed it, but they never change. They never stopped the job. So all those jobs are sitting there queued up waiting to go.
Ron: (15:32) Ready to rip it up. So now that we, we're, we're covering, we're covering the edge with the firewall, we're educating our users on the inside. I guess we have to talk about our existing data, right? Because that's important. That always gets overlooked and we obviously care about it as providers. And I would imagine if you went to a potential customer, if I sat down with a potential customers like, Hey, you have two terabytes of data and in one click that can all be gone and everything you've worked for the last 30 years is never recoverable. They'd be like, Oh, that sucks. Like that's bad. But people don't think like that until it's too late.
Thony: (16:06) Right.
Nick: (16:07) Yup.
Ron: (16:08) So does anybody besides me want to talk about backups because I have a list of backups, but I'm sure you guys have lists and stuff that you would like to bring to the table. Okay. I'm into the backups, so, all right. Kind of the best practices backup daily. All right. Um, 60 days of backups available, whether on prem or in the cloud, get the data off site. I think that's the most overlooked thing.
Nick: (16:34) Oh yeah.
Ron: (16:34) That is to remove it from the building.
Nick: (16:37) I mean how many times have we gone in to talk to somebody and they're like, Oh yeah, we got these tape backups of, you know, I occasionally take home with me. Well, when's the last time you took it home? Oh, three Oh, maybe six months ago.
Ron: (16:48) Oh yeah. And it goes back to when's the last time you tested those restores? I mean, we've had issues where we've had old backups that we needed to restore and we, they work, but they don't work so good. I mean, you know what I mean? You got to put in a little extra effort to kick the tires a little bit, light the fires.
Nick: (17:02) Yeah.
Ron: (17:03) But we have to do it. It has to be a mindset of like, okay, we got to fire this up, we got to do this. You know, it's, I know that our application does it pretty much automatically so we don't have to worry about it. But there's a lot of people that still use windows back up and there's a lot of people that still use some of these free things. And I don't think they're doing it as much. And I don't think they have an offsite, they don't want to incur that $6 a month cost to get your data offsite. It's worth it 100% it's worth it to get it out. I don't care if it's six bucks, 250 bucks, $1 million, Oh million dollars. A little aggressive, but just get it off site. And then I think the other thing that people don't, and we kind of took our lumps on this as to, is to have a restoration plan. Right? When we had a customer that we've only had one customer that ever got in trouble with ransomware to an extent right outside of the computer and we didn't have a restoration plan for them. We knew that we had to restore their shit stuff. We knew we had to restore it, but in what order did we do it? We did it and what makes most sense to what we thought the business needed, right? Accounting, CAD, whatever, whatever, so on and so forth. When it was actually opposite to them and we learned and we did it and we have a restoration plan and all that other fun stuff, but I don't think people are testing it, know what they need to back up, know how they're going to back it up in the event of an emergency where they're going to back it up. Because if their servers on fire, they don't really have another backup server. So are they going to spin it up in the cloud or are they just going to be like, well, we've got to get a new server and then we can restore it. There's a lot of things to think about when it comes to your data and that people just don't think about.
Nick: (18:38) Well yeah cause like going off of that, like it's easy to set up a backup, but do you know how to restore the backup? Do you have extra equipment? Do you have anybody trained that can do this for you? Cause sometimes restoring is kind of tricky.
Ron: (18:51) Well, I think that's half the battle, right? Let's think about some of the free stuff. Geez Luis, you're going to have to beep beep a lot of stuff.
Nick: (18:58) I like how you come in at this point, I've been just thinking in my head how many times I've done that. And it's at this point that you starting to be conscious of it.
Ron: (19:04) Um, so think of like Carbonite, right? You can back your pants up. You could do go crazy. It will do it all. But to restore it, it comes down at like 10 kilobytes a second.
Nick: (19:13) Well, and it's also, that's one that is all restricted by your internet. So if you have really crummy internet, um, it could take you three, four weeks to get one valid backup. Because you have so much data and your upload speed is so low, it takes forever.
Ron: (19:31) Yeah. And I don't, I it's crazy to think.
Nick: (19:33) Yeah. There's still places that have terrible internet.
Ron: (19:36) Yeah. A lot of places. Um, so yeah, back up, always back up. Keep as much as you can know what you're going to restore when it hits. Cause it's not if it's going to hit, it's going to hit and you just got to figure out how you're gonna manage that. Right. How are you gonna manage that chaos and then having, um, either a partner like us or another provider that you can work through that with. And then the other thing that's kinda hot in the streets is two form factor authentication. We just kinda turned it on for everything. I think I have, I was gonna count this. I have, I have nine of our applications turned on with two form factor.
Thony: (20:15) Ooo let's see how many I have.
Ron: (20:18) That's just your work. All right. I don't wanna I don't want to dog myself out.
Nick: (20:21) I'm going to say I have seven cause it's like this plus the Microsoft authenticator that I have to use. So.
Ron: (20:26) Oh, didn't even count that.
Thony: (20:28) Yeah, I got eight. Gotcha beat by one Nick.
Nick: (20:30) I don't know which one you guys got?
Thony: (20:32) So seven then.
Ron: (20:33) So, two form factor, Authy free?
Nick: (20:36) Yeah, Authy is free. And the nice thing about it over like a lot of people think, okay I gotta do the Google one, that the downside of the Google one is it doesn't back anything up. So if your phone fries or gets wet or cause like not every phone is waterproof yet. So if it gets wet, it gets broken, it gets stolen. You don't like recovering those accounts is a pain in the butt. And I don't really want this to turn into an Authy ad, but Authy gives you the ability to back up all of that authentication information. So as soon as you get that new phone log into your account and there's all your authenticators again.
Ron: (21:09) Okay. But what if Authy gets hacked?
Thony: (21:12) That's a double edged sword, right?
Nick: (21:13) Yeah. Well, I don't think that's as big of a deal unless they get sourced their source code of the algorithms because those are rolling codes. So unless they can actually get the actual algorithm that each one of your accounts is running, it's not that big of a deal where like if they get the, okay, they've got, what is it like 30 seconds before it renews?
Ron: (21:34) Oh, I don't know. Yeah, maybe.
Nick: (21:36) Something like that. So it's like okay, they'd get that one and they'd have to know your exact password at that moment to then do it. Yeah. So unless they actually get the algorithm, I don't see it being a problem, which I guess that would be what they would be targeting. So I guess that would be the problem.
Ron: (21:51) I love it. It's a pain in our --- and I know that you guys hated when we went to it, but like logging into the computer and have to be able to say yep, that's me logging into the computer.
Nick: (21:57) Oh, I didn't even count that one. Yeah, we've got that one too. So that nine for me then. I got the, I got, I got to do the Google authenticator. So it's nine for me.
Ron: (22:05) Well you guys are monsters, but that goes, it goes to my same question too about I shouldn't have yawned. Um, like password keepers, right? Those are all stored in the cloud. If thems goes down like every, every time you save your password in your browser and you sync it...
Nick: (22:22) Ooh, that's not a good way. Cause that's not really encrypted.
Ron: (22:25) Correct. That's what scares me too.
Nick: (22:26) Yeah. The amount of people that just save it in Google, that's not really the best way to do it. So it's not encrypted.
Ron: (22:31) So in other ways, when you get these applications, you get the two form factor. Boom. You've got to enter your six digits, boom you're in and nobody can get any of that. They got your password without your six digits, your six digits. Yep. So two form factor. Check it out. Hot girl on the street. Hot girl summer, two form factor summer. That's all I got. And a user's rights and passwords. So back in the day, circa 1999, nine, you always gave everybody admin rights pretty much right to their PCs. It was just something we did, just something we did. And that doesn't have to happen anymore. The only reason that have to happen was because of the programs, bad programs. Oh Luis. Um, and I don't think that is necessarily a thing anymore. I mean we still see it with some of our older programs, but I think for the most part you really don't need to be admin to run stuff.
Nick: (23:17) Oh, to run it. No, but so you know, any updates or anything like that, which I know some of our clients get annoyed with every time they have an update to something that they've got to call us. But it's like, Hey, the other side of this is this is protecting you from accidentally running something that you shouldn't.
Ron: (23:31) Again, it goes back to the inconvenience of having to pick up phone call and complaining about it, but we're trying to save our bacon and your bacon and the event of bacon being cooked.
Nick: (23:41) Stolen, I think. But yeah.
Ron: (23:42) Bacons being stolen and burnt. Burnt bacon's the worst.
Thony: (23:46) Oh my goodness.
Ron: (23:47) All right. So my rundown for passwords is strong passwords, symbols, capital letters, numbers, complexity, right?
Thony: (23:55) Yup.
Ron: (23:55) Longer the better. Not probably feasible for some people.
Thony: (24:02) Don't make it dictionary words either.
Nick: (24:04) Yeah.
Ron: (24:05) My passwords 11 characters long.
Nick: (24:07) That's pretty good.
Ron: (24:08) Symbols, letters, numbers, unhackable. Oh it's blueberry 42 exclamation point.
Nick: (24:18) I was going to, I, I don't know if I'd say unhackable because you know, I'm sure they could eventually figure it out if they had enough time.
Ron: (24:24) Avoid using the same password on multiple websites. Cause that scares the beans out of me too. Cause my Gmail password I used to use for everything. So if Gmail get...
Nick: (24:33) They get that one. Yeah. They get everything.
Ron: (24:35) Because all they have to do is like hit the big stuff.
Thony: (24:38) Well what if it's like a super secure password though? It's not a dictionary word. It's all character.
Ron: (24:43) Yeah. But if they get burned, they still got it right?
Nick: (24:45) Yeah. And then all they have to know is what you use. So if they know you use like Facebook, LinkedIn, they know what your bank account is like or like what bank you use, which you know, it's usually the big boys so they could just take that password and use it everywhere once they have it. So even if it's a, uh, I'd say even like a 15 character, like just randomly generated. Yeah, it's going to take him forever to get it. But once they've got it, they've got everything. So that's the problem with that. And that's, that's kinda nice when you use something like last pass that you can have it generate and store all your passwords in, which is encrypted. Um, because then every time you go somewhere you can tell it to generate it and it stores it all. And then there's like one master password that you have to basically make it real difficult, um, to then store, cause that that's, that's the big, that's the big caveat right there that if you go through and you're like, yeah, I randomly generated all my passwords, bout my master password is real simple. Uh Oh.
Ron: (25:43) And then the other thing too is never used this. I know this is like best case or whatever, whatever it's called. What's it called?
Thony: (25:50) Best practice.
Ron: (25:51) Best practice, boom. As I say, best case scenario, never use your work passwords or your home pass for your home passwords and vice versa. Right. So if my Gmail gets hacked, it doesn't put in jeopardy my Office365 or AD account. Right. I think people get in the same habit of being like, well, this is my password. This is the one password I use for everything. Blueberry 42 exclamation point is my password for my bank and my home, my computer log in, my work login, my Facebook profile, my...
Thony: (26:20) My life.
Ron: (26:20) Yes, my OkCupid password, my farmer's meet only.com password. Like it's the same password for everything. And that's, don't do that. That's not a smart move. So, and stop writing down your passwords.
Nick: (26:32) Oh, you don't know how many times I've seen that on somebody's desk.
Ron: (26:34) I bet a few. Even our current customers, if you go and flip over keyboards, you're gonna find passwords.
Nick: (26:38) Yeah. Oh yeah. I know certain ones or the other one that irritates me are the ones that share passwords.
Ron: (26:44) Ooh, that's not good. That's nasty.
Nick: (26:45) Oh I know. And trust me there several of our clients that do that and I cringe every time and I tell them not to do it, but they still do it.
Ron: (26:52) So then to kind of go backwards on user rights too, I think the, the bigger thing to keep in, in, in mind is if your computer can see it and you get ransomware, the ransomware can see it. So if you have access to shares to write into shares or program files, then I'm sorry baby, it's all over.
Nick: (27:10) [inaudible] well here's the caveat to that. If you're using a program, say like a windows backup to backup your server and you don't have an offsite copy, I believe ransomware can actually encrypt that stuff.
Ron: (27:23) Oh yeah. Veem anybody can back up.
Nick: (27:25) Yeah.
Ron: (27:25) Oh god. Can you imagine that.
Nick: (27:26) Then what are you going to do.
Thony: (27:27) When you're doing that work in encrypted?
Ron: (27:28) Yep. We got, we got back ups boss. Oh ---. Those aren't encrypted. We're closing the doors boss.
Nick: (27:34) Which that's, that's kinda like, that's the encryption command, which I know I'm going to have to look it up. I feel like they've changed but I know at one time the encryption information that they used like, cause we use Synology for the onsite backups to store everything. And at the time Synology didn't recognize that command. So even if you sent it to it, it wouldn't encrypt anything because it didn't understand the encryption command that they were sending. Um, which I don't the part, I don't think Synology has changed at all that they would, you know, accept the old command. It's, it's whether, um, they have become wise to that and have added an extra command that would then cause a Synology to do it. But um, that is one nice thing to have like it to be a different kind of setup instead of just like a, a hard drive that's plugged into the server that you just run windows backup.
Ron: (28:28) And that's scary to think. Oh I'm sorry. Your backups got encrypted. So I guess to does anything, you guys got anything to add before we wrap it up? Cause I wanted to kinda hit the hot topics one more time to give everybody a little takeaway.
Thony: (28:41) Nope.
Ron: (28:41) Silence. Crickets I don't have a cricket button. Nope. Nope. That's a scary button. So kind of the, the best practices to make sure you're up on your education and you're educating your staff right as you're, you're, you're doing the KnoeBe4 is you're, you're saying, Hey, if you get a weird email, come see me before you execute on that weird email. Don't click on every ad you see, not everybody's trying to sell you a dope pair of Keds or air force ones or Jordans, whatever the case is. And just being aware, aware of what you're doing. If you're at a trade show and you're grabbing the USB, maybe format it in some form or fashion before you actually jump into it and start executing the files on it. Um, you know, just being aware of your surroundings and what you're doing with it. And be smart about your passwords. Be smart about what your, what links you're clicking on. Hover over the hyperlink before you click it. That will give you a little bit of a preview. Um, backups, keep them off the network if possible. Make sure they're happening at some form or fashion of a pattern. 30 to 60 days. Get them off site. Um, rights. You don't need rights to everything cause if you have rights to it, the bad guys in the viruses have rights to it. So be mindful of that and check that. Sometimes I think it'd be smart to audit some of that stuff too, but harder to do and uh, yeah, I I don't, did I miss anything boys?
Nick: (30:02) Not that I can think of.
Ron: (30:03) You keep looking at that notepad. Like there's some good on it and I'm waiting for that nugget to come out.
Thony: (30:07) Keep your up or equipment upgraded.
Ron: (30:09) Oh yeah, that's a good one. That's a, I mean...
Thony: (30:11) Just cause that firewalls good that first time that you know, five years ago doesn't mean it's still good.
Ron: (30:15) I, yeah and true. I don't know if that longer than that. That's another heart. That's another conversation, right? It's people make that emotional investment into that $1,200 firewall. Like our firewalls go from anywhere between $840,000 like they're expensive, but they're expensive because they.
Nick: (30:30) Get all the updates and they have all the fancy features, which that's, that's part of it's a updating it and B being aware of when it is hit end of life. Yeah. Because even our, you know, there's some Meraki equipment we have back there that you know, it's basically end of life. So that's why we've pulled it because it's no longer going to be supported.
Ron: (30:48) Don't be afraid to spend the money on it.
Nick: (30:50) Correct.
Ron: (30:50) I think that's the number one thing is spend the money on the things that matter. Whether it's a good backup, good firewall, good antivirus, spend the money because, well three bucks here is ransomware for $6,000 or whatever it is.
Nick: (31:03) I was going to use the Baltimore one, but yeah, like 16 million. Yeah, that's what I was going to say. Like okay. To like protect themselves theoretically say it costs them $300,000 that's still a heck of a lot cheaper than what their ransomware bill was.
Ron: (31:18) Yeah. No I don't. I agree. And I think people need, we need to pay more attention to it. As a business owner, as a business, you need to pay more attention to your security, whether it's a physical threat, whether it's a computer, whatever the case is, you got to pay attention to it because it's now something because we're under attack every day and they happen, unfortunately on a daily basis. So I appreciate it, boys. Thanks for your feedback. Uh, if you, you know, have any questions for me, I'm sure I can answer them. You guys haven't? No. Okay. No questions. Cool. I didn't know I was going to ho how I wanted to wrap that up, but it wasn't with questions. So thanks for listening to the podcast. We appreciate it and make sure to check out the next episode or the next release and subscribe on Spotify and Google and all the other platforms that you listen on. Um, Luis is hiding behind the camera and I gotta go. Thanks everybody. Bye bye.
Nick: (32:08) Bye.
Thony: (32:10) See you.
Ron: (32:11) A little late on that Thony.
Music: (32:15) [Outro Music].