Authentic8 Blog Author: Scott Petry

Scott is Co-Founder and CEO of Authentic8. Prior to Authentic8, Scott founded Postini and served in a variety of C-level roles until its acquisition by Google in 2007.

The Long Con: Antivirus and Your Data

Illustration: The Long Con: Antivirus and Your Data - Authentic8 Blog

Officials and security researchers have named antivirus (AV) vendors as the new weak link in enterprise and government networks. They claim that sensitive files of the U.S. National Security Agency, the Republic of Korea Armed Forces and U.S. companies were targeted and exfiltrated thanks to the software that should be protecting the endpoint.

Antivirus solutions have been around since the mid-1980s. We gave them file system permissions to scan every file. Then we allowed access OS processes to scan active code. Then we allowed vendors to take our data to the cloud for “enhanced” security.

Now, as with many other services, our trust is used against us. The same AV tools that were supposed to help us fight malware are used as a backdoor to steal sensitive information and stage cyber attacks. This feels like a long con perpetrated by the antivirus industry.

Which vendors can you trust?

The irony is that for years we’ve been paying vendors to

So Much Leaking.

Illustration: So Much Leaking. - Authentic8 Blog

In the wake of the devastating WannaCry and NotPetya ransomware campaigns, it was hard to imagine that things could get more embarrassing for the IT profession.

That double whammy was possible because IT administrators left firewall ports 445 and 139 open, which allowed the ExternalBlue exploit to take hold. Thousands of companies around the world paid the price for IT's negligence.

Despite all the attention, many organizations still haven’t taken the simple step to close the obviously open ports.  Once they get hit, regulators and litigators will likely have a field day. Nobody can say IT wasn’t warned.

And now, just a few short weeks later, we learn that security researchers have discovered numerous preventable data leaks that exposed personal, sensitive data of hundreds of millions of users.  Where did they find this data?

On Amazon - where else?  The go-to web service for storing large amounts of data. Impacted organizations include:

WannaCry? Cry Over Too Much Complexity

Illustration: WannaCry? Cry Over Too Much Complexity - Authentic8 Blog

There’s plenty of blame to go around for WannaCry (a.k.a. Wcry, Wanna Decryptor), the ransomware that hit more than 200,000 organizations in 150 countries. Let’s focus on a driver behind this malware campaign that hasn't been widely discussed: complexity.

*

WannaCry encrypted files on Windows computers in hospitals, train stations, shipping hubs, automotive manufacturing plants and power companies (among others), then demanded a ransom - payable in BitCoin -  to unlock the files on the victim’s PC.

Once delivered to a Windows machine, this ransomware exploits a security hole in the file transfer protocol used in Microsoft networks. For in-depth information, I recommend the  Wcry US-CERT Alert and Everything you need to know about the WannaCry / Wcry / WannaCrypt ransomware on Troy Hunt’s blog.

Who’s behind it? We still don’t know. As for who’s to blame, let the finger pointing begin:

ISPs & Privacy: Why it Matters, and How to Cover Your A$$

Illustration: ISPs & Privacy: Why it Matter, and How to Cover Your A$$NEWS, POLICY

Both the US Senate and the House of Representatives have cleared the way to remove privacy rules for internet service providers (ISPs) like AT&T, Charter, Comcast and Verizon. The President  signed the executive order to repeal these rules, which were originally put in place by the FCC in 2016 to protect consumers on the web. 

While the nation’s largest ISPs have pushed hard for this move, most internet users in the U.S. are only now learning that their entire web browsing history may be collected, sold, and/or used for marketing purposes - no  “opt-in” or other permission required.

This is a good time to take a step back and assess what it all means. The privacy rules were fairly recent and had not yet been enacted.  And, it's not back to the old state - the lawmakers went a step further, issuing a joint resolution that aims to ensure that the FCC will be barred

Book Review: What They Really Do With Your Medical Data

Thumbnail: Book Review: What They Really Do With Your Medical Data - Illustration for Authentic8 blog review of Our Bodies, Our Data by Adam TannerSECURITY, IDENTITY, NEWS

Happy Data Privacy Day.  A new book provides an in-depth look at the commercial trade in patient medical data.  Sensitive data, a vibrant market, and not much cause for celebration.

*

A while ago, I wrote about the wave of data breaches at healthcare organizations and medical identity theft that is impacting millions and what we can do to protect ourselves better.

One of the readers of that post was acclaimed journalist Adam Tanner, who has reported on data collection and consumer privacy since 2012.

Adam and I have had an ongoing discussion on data privacy and security matters since we met a few years ago.  He was covering the issue for Forbes, and I had a chance to brief him on our secure browser solution.

A few weeks ago, he kindly directed my attention to an unknown - to me, at least - aspect of our personal medical records. I thought our medical data was sacrosanct.  Protected by regulatory