Archives For cyber

They all say they’ve got it covered…no one does!  Here is a summary article from one of my contacts at DiData…great info, thanks Matt.


  • “Our systems are probed thousands of times a day and scanned millions of times a day,” – speaking of government defense systems…
  • “We are experiencing damaging penetrations — damaging in the sense of loss of information. And we don’t fully understand our vulnerabilities,” – Now I feel safe!
  • Hackers have already penetrated the U.S. electrical grid and have stolen intellectual property, corporate secrets and money, according to the FBI’s cybercrime unit. In one incident, a bank lost $10 million in cash in a day. (Yet your clients all have it covered!)
  • “We’re talking about terabytes of data, equivalent to multiple libraries of Congress.” – (But those in the SMB don’t need to worry – right!)
  • United States military would need to prepare for fallout from a cyber attack, which could leave cities in the dark or disrupt communications. – (If you don’t offer DR planning, you might reconsider)

When your clients say, “We’ve got it covered”, remember, most are just ignorant, some are lying.  Don’t take no for an answer – instead educate them on what is really going on, and drive forward with the sale.  Take advantage of my latest ebook on selling through assessments… it’s free!

© David Stelzl, 2010



Unexpected Shutdown!

February 26, 2010 — Leave a comment

Imagine your website or Internet access being unexpectedly shut down as a result of a court order!  This morning’s Wall Street Journal has such a report.  The victim here is Stephen Paluck who’s address was apparently discovered by Microsoft in a search for botnet-type activities.  Of course Paluck claims he is not involved in illegal computer dealings, and this is likely the truth.  So what is happening?

Here is the scoop and the article reference:

  • Pg A3 of the Wall Street Journal – Microsoft Battles Cyber Criminals
  • What they’re up to: The court order was issued to Microsoft to, without notice, “take down a global network of PCs suspected of spreading spam and harmful computer code.”
  • Possible issues:  Cybercrime is a problem, however these botnet nodes are people’s systems, and are used to conduct business.  So if they are also compromised and operating as Zombies, there needs to be remediation…however, just cutting them off might be rash.
  • Your clients:  This has already happened – meaning it will likely happen again.  If your clients are infected and part of one of these networks, they may be next.  Imagine just being cut off from the network – the impact is big!  This calls for regular assessments and a cleaning up of the network so your client is not part of the bot problem.  Paluck was shut down because his system was compromised (at least that is the most likely case), so if it had been clean, he wouldn’t be writing letters by hand today.

If you’ve been to my workshop on selling security, I talk about the information stored in university systems which are targeted by identity thieves.  Here’s a report on recent attacks against public school systems.  Hackers are cyphoning off data, transferring it to money mules for laundering, and making off with amounts from 100,000 to 200,000…no one’s been caught according to this report.  At the end of the article, a link takes you to some information on small/medium business, another sought after target.  Both generally have poor security and have not wanted to invest in the past.  Justification requires a demonstration of how easy it is – generally through an assessment of some sort.  The long term potential of these type of accounts is great for small resellers with strong managed security offerings.