Hacked (RTE One @ 21:35)

neonman

Program on cyber-security tonight on RTE One called Hacked. Hoping it is good.

http://entertainment.ie/tv-highlight/Hacked/387384.htm

ItHurtsWhenIP

It probably won't do anything for infosec types, but I hope it makes the rest of the public wake up to threats that are out there.

neonman

ItHurtsWhenIP wrote: »

It probably won't do anything for infosec types, but I hope it makes the rest of the public wake up to threats that are out there.

I agree with you on that one. There is still a lot of people out there that wouldn't second guess clicking on a link in an email and entering some PII. Even basic password complexity is another one. password123 anyone?

neonman

neonman wrote: »

I agree with you on that one. There is still a lot of people out there that wouldn't second guess clicking on a link in an email and entering some PII. Even basic password complexity is another one. password123 anyone?

My expectations arent high for this, but if it educates a couple of people it would be worth it.

I used to work in a place where we started doing phishing campaigns as a means of educating people and improving awareness. We did a trial run in the office and one of the people who got caught was an account manager who made a complaint to the CSO saying there should have been a warning sent out about the phishing message we were going to send out so he would know not to click on the links. :rolleyes:

Also I worked in a mobile phone provisioning company a while back. On the first day I logged in with my user ID and was prompted to set a password. It said "Must be 3 characters or more".

Hollister11

Also on rte Thursday @ 10:15

Cloud Control: Who owns your data.

Hollister11

Hollister11 wrote: »

Also on rte Thursday @ 10:15

Cloud Control: Who owns your data.

Thats going to be cringey isn't it?

ItHurtsWhenIP

Deleted User wrote: »

...
I used to work in a place where we started doing phishing campaigns as a means of educating people and improving awareness. We did a trial run in the office and one of the people who got caught was an account manager who made a complaint to the CSO saying there should have been a warning sent out about the phishing message we were going to send out so he would know not to click on the links. :rolleyes:

I sent a PDF to a friend's work email one day and they told me that their thought police ... sorry HR people came down on them for breaching the rule about getting attachments from external sources. They had to go and take a "refresher" course.

Deleted User wrote: »

Also I worked in a mobile phone provisioning company a while back. On the first day I logged in with my user ID and was prompted to set a password. It said "Must be 3 characters or more".

So 123 it was then!!! :rolleyes:

Dermot Illogical

I think I saw someone from here in the trailer they've been screening.

Dermot Illogical

Dermot Illogical wrote: »

I think I saw someone from here in the trailer they've been screening.

They're onto us Cyril!

bonzodog2

Anyone else having trouble streaming it? Is it too early to suspect the Lizard People, or the Iranians? :-D

neonman

The first half of the show has been hard to watch. The presenter is doing my heading. Repeating everything..so far they haven't even made recommendations if accessing free wifi like use a VPN or just even checking that the website is using encryption ssl / https. It's all very well and good showing horror stories but if you don't educate them what's the point.

ItHurtsWhenIP

Just finished watching it there.

It definitely wasn't for infosec types, though I believe it gave a lot of eye openers, in a relatively simple way to the general audience about how easy it is to be compromised.

I agree with @neonman that they didn't go into solutions enough. Christ almighty not only would a VPN have protected that girl whose e-mail was compromised, but 2FA - come on ta fcuk - the most simples of protections! :cool:

I was a little unimpressed with the woman at the end from Coder Dojo who seemed to think that the kids don't need to learn how to protect themselves but rather that they should learn to be good digital citizens. That's all very laudable, but if they don't know how to lock their doors, then the evil doers are just going to waltz on in and take what they want. :mad:

I'm curious as to who the "saw someone from here in the trailer they've been screening" is?

ItHurtsWhenIP

ItHurtsWhenIP wrote: »

Just finished watching it there.

It definitely wasn't for infosec types, though I believe it gave a lot of eye openers, in a relatively simple way to the general audience about how easy it is to be compromised.

I agree with @neonman that they didn't go into solutions enough. Christ almighty not only would a VPN have protected that girl whose e-mail was compromised, but 2FA - come on ta fcuk - the most simples of protections! :cool:

I was a little unimpressed with the woman at the end from Coder Dojo who seemed to think that the kids don't need to learn how to protect themselves but rather that they should learn to be good digital citizens. That's all very laudable, but if they don't know how to lock their doors, then the evil doers are just going to waltz on in and take what they want. :mad:

I'm curious as to who the "saw someone from here in the trailer they've been screening" is?

Im not sure I'd agree thats what the girl from CoderDojo was saying. I thought she was saying that ignorance to the problems is what facilitates the problems, and giving kids access to code from an earlier age opens them up to a wide range of possibilities as well as educating them on the dangers.

The IBM woman unimpressed me.

And I know who from boards was on it.

neonman

Thinking about the program more it seems it was more to scare people from using the internet look at all these types of attacks and how easy it is for "hackers" to get your information.

It would have been good to at least try to educate the non tech people watching it by including suggestions when online what to look out for like https/ssl, turn on 2fa for email and other services that offer it. Suggest a VPN while using public wifi etc.

I did enjoy the USB experiement that was good.

neonman

neonman wrote: »

Thinking about the program more it seems it was more to scare people from using the internet look at all these types of attacks and how easy it is for "hackers" to get your information.

It would have been good to at least try to educate the non tech people watching it by including suggestions when online what to look out for like https/ssl, turn on 2fa for email and other services that offer it. Suggest a VPN while using public wifi etc.

I did enjoy the USB experiement that was good.

VPN and 2fa were mentioned at the end but it was almost a throwaway comment. I would have liked to see more information on it as well.

I never use public Wifi. I use the hotspot on my smartphone. Everyone has a smartphone nowadays(even my Ma has a smartphone). Meteor offer all you can eat data for a 20 quid top up. Showing people how to setup a smart phone hotspot would improve things significantly.

neonman

Deleted User wrote: »

VPN and 2fa were mentioned at the end but it was almost a throwaway comment. I would have liked to see more information on it as well.

I never use public Wifi. I use the hotspot on my smartphone. Everyone has a smartphone nowadays(even my Ma has a smartphone). Meteor offer all you can eat data for a 20 quid top up. Showing people how to setup a smart phone hotspot would improve things significantly.

They were mentioned alright and at the time I thought at last !! But that was just it a passing comment on it. Sure when the hacker turned good guy started talking about Firewalls I'm sure most of the people watching were thinking what the hell is a firewall? They could have done a cut away and showed a graphic describing what it does and how it protects a network and then returned to the topic/interview.

neonman

neonman wrote: »

They were mentioned alright and at the time I thought at last !! But that was just it a passing comment on it. Sure when the hacker turned good guy started talking about Firewalls I'm sure most of the people watching were thinking what the hell is a firewall? They could have done a cut away and showed a graphic describing what it does and how it protects a network and then returned to the topic/interview.

That part annoyed me. "Ive hacked firewalls costing half a million in 5 minutes". Oh really?

ItHurtsWhenIP

Deleted User wrote: »

Im not sure I'd agree thats what the girl from CoderDojo was saying. I thought she was saying that ignorance to the problems is what facilitates the problems, and giving kids access to code from an earlier age opens them up to a wide range of possibilities as well as educating them on the dangers.

The IBM woman unimpressed me.

And I know who from boards was on it.

Fair enough, I must have misinterpreted what she said so.

The IBMer was completely dull. I can't remember what she even talked about.

Deleted User wrote: »

That part annoyed me. "Ive hacked firewalls costing half a million in 5 minutes". Oh really?

And then saying that he didn't even know they were there, so poor were they. I can see a lot of now poorly informed MDs/CEOs hauling their poor IT Provider/CIO/CSO in for a grilling on their expensive firewalls.

There was me thinking he was the person from "on here" ... .

spaceHopper

What about Ervia admitting they have been breached?

ItHurtsWhenIP

spaceHopper wrote: »

What about Ervia admitting they have been breached?

Like all Critical Infrastructure, it would be unwise to think it was not under constant attack, even leading to breaches. As he said, these were caught and stopped from going any further.

A former boss of mine was going around last year saying the sky was falling because of the Ukraine breach. He's not a tech, but had business interests there, which I think has since lost him some money. :rolleyes: