High time for a "internet reboot" 2.0
It's high time for companies to be held accountable for breeches in a severe monetary fashion.
The only way they are going to get better at security, or take security seriously, is if it affects their bottom line in a big way if they don't.
[doublepost=1555350313][/doublepost]
And this is why I always say - never write anything down that you wouldn't want everyone to know. I'm sure the hackers will sell the email content to someone who will blackmail the victims.
I get your point but it is not just about that. Your work, research, sales, etc. may rely on email and you don’t want unauthorized access to it.
And this is why I always say - never write anything down that you wouldn't want everyone to know. I'm sure the hackers will sell the email content to someone who will blackmail the victims.
These breeches are typically not about finding users to blackmail. These are typically done to gain access to ones credentials or learn about users for informed phishing attempts.
From my experience the weakest security link in corporate environments are typically ill-informed users or just plain stupid people. Anyone with privileged access should be locked down and audited, single purpose accounts, etc.
[doublepost=1555352287][/doublepost]
That won't be sufficient, a "internet reboot" 2.0 would be much better.
For instance, your private information stays on your device, end to end full encryption mandatory for the whole internet.
Keys are in your possession, not anywhere else.
Standard opt-out for everything.
Intel communities would never allow that to happen.
[doublepost=1555352428][/doublepost]
Except this was a support agent employee's credentials that were hacked and used to get in, so how do you fine a company or hold them responsible for what someone was loose with potentially out of the work environment? Other than fire the person what more can the company do? There is always that human aspect that is the weak link.
Its hard to say what more they could have done here without facts; did the employee have it written on a sticky note at lost it being completely negligent? We simply dont have the facts
Yes, agreed it is usually stupid employees. There is much that can be done to make such people less harmful. See my above post. And yes, the companies need to take responsibility for employees.
https://www.macrumors.com/2019/04/15/microsoft-outlook-msn-hotmail-breach/
2019-04-15 17:27:00Z
52780268984608
Tidak ada komentar:
Posting Komentar