Mattermost Overview + Air Gapping

https://tube.rebellion.global/w/sLWWsNPJgGusux4Fdpv1at

This story is from 2017. But how many #CriticalInfrastructure systems and #NuclearPowerPlants still use outdated software that's vulnerable to #Malware attacks!

Windows 95, 98 And XP Still Power Much Of The Pentagon’s Critical Infrastructure

by Brittany Goetting — Saturday, April 29, 2017, 05:28 PM EDT

"Microsoft ended support for #WindowsXP in 2014, but the Pentagon currently pays Microsoft to continue providing support for the outdated OS. The majority of the computers equipped with Windows XP or older are thankfully not connected to the internet. The computers are nevertheless vulnerable to cyber attacks, especially if they are connected to other computers with internet access.

"Haegley is currently working on transitioning all the devices to Windows 10 and pushing for an extension of their bug bounty program. Last spring the Department of Defense released a list 138 vulnerabilities and offered roughly $150,000 USD to bug bounty hunters. Haegley hopes that senior staff within the Pentagon will be supportive of the program. He noted, 'The best and brightest could help us get through that'.

"As of last spring, the Department of Defense still uses Compass. This system is a command and control system that is used for deliberate and crisis action planning, strategic mobility analysis, and mobilization and deployment movement execution. It runs on a #Windows2008 Server and is programmed in Java. It also uses a 2009 Oracle 11g database. The United States nuclear force still runs on IBM Series/1 computers and uses #FloppyDisks designed in the 1970's to coordinate some of its functions. These operational functions include intercontinental ballistic missiles [#ICBMs], #nuclear bombers, and tanker support aircraft."

https://hothardware.com/news/windows-95-98-and-xp-still-power-a-majority-of-the-pentagons-critical-systems

#Cyberattack #CyberWarfare #AirGapping #USBStick #NoNukes #NoWar #NoNuclearWeapons

Still the case in 2024!!!

6 Things You Won't Believe Still Run #WindowsXP

By Sydney Butler
Published Jul 20, 2024

"Industrial control systems operate and monitor large systems like #NuclearPower plants, automated production lines, #WaterPurification plants, and so on. Windows XP might still be used in some of these large systems for a few reasons. For one, many of these systems can't be taken offline for long, since they provide critical services or goods. There may also be a massive loss of income if they go offline to be updated. Especially given how there are likely to be bugs in new software and operating systems. It might also be necessary to replace perfectly working hardware to work with new software.

"Upgrade plans for major industrial systems can take years to plan and execute, and if everything is working just fine, there's little incentive to do it. Many of these systems aren't even connected to outside networks.

"This is why it was necessary to sneak #USBDrives into facilities to infect them with #malware like Stuxnet. This is a practice known as '#AirGapping' and if your system doesn't need to be online, it shouldn be seen as a basic security measure."

https://www.howtogeek.com/things-you-wont-believe-still-run-windows-xp/

#Stuxnet #CyberWarfare #CriticalInfrastructure #NoNukes #RethinkNotRestart

Gibt es Kundenstimmen zu #CloudNordicAttack & entstandenem Datenverlust?

Welche Methoden zur Härtung von #Backup-Systemen & -Prozessen kennt Ihr?

Würdet Ihr bei Cloudnutzung auf eigenes #offsiteBackup verzichten?

#ransomware #cloudnordic #backupandrestore #itsec #itsecurity #rechenzentrum #wiederanlaufplan #wiederherstellungsplan #isolation #snapshots #systemarchitektur #Angriffsvektoren #airgap #airgapping #airwall #worm #revisionssicher #ire #recovery #backupandrecovery #offsite #devops

@Joseph @deviantollam nope.
They can only seize data they can access...

Never heard of #airgapping?

It's so common most of my employers/clients did and still do so to this day...
https://mstdn.social/@kkarhan/110690278519286340