MSGID: 2:221/1.58@fidonet e4329dc1   
   REPLY: 100.fidoinet@1:2320/105 2319aec7   
   PID: OpenXP/5.0.43 (Win32)   
   CHRS: ASCII 1   
   TZUTC: -0400   
   Hello Mike!   
      
   ** On Thursday 07.05.20 - 16:58, Mike Powell wrote to AUGUST ABOLINS:   
      
    >> Eg. People at work don't need to access Facebook or expose company   
    >> computers to malicious site   
      
    MP> Well... where I work, we have people whose job it is to locate persons.   
    MP> One of the sources they use is Facebook.  For whatever reason, a lot of   
    MP> less than intelligent crooks will try to send us false contact data but   
    MP> then post all about themselves on social media.  :)   
      
   OK..  I see the relevance for collection agencies especially when needing     
   to locate persons.  But even then, it would be wise to isolate work     
   terminals for internet searches from the internal network used for     
   accessing company accounts.   
      
   But I was thinking of places like hospitals and medical centers. In     
   October last year a large medical center with offices all over the     
   province/country was struck with a security breach.  Then, a month later     
   it was announced that is was ransomware.  This was clearly activated by     
   clicking on a false link.   
      
   https://www.cpomagazine.com/cyber-security/lifelabs-data-breach-the-    
   largest-ever-in-canada-may-cost-the-company-over-1-billion-in-class-    
   action-lawsuit/   
      
   "15 million Canadians affected is over 40% of all Canadians".   
      
   "In the public statement, LifeLabs indicated that they made some sort of a     
   payment to retrieve the stolen data. The company did not elaborate on the     
   nature of the attack."   
      
   Ha.  The nature was ransomeware, and some old ninny probably clicked on     
   fake link in their personal email or on a non-company related website.   
      
      
   Then, there were a few other ones earlier than that:   
      
   https://www.cbc.ca/news/technology/ransomware-ryuk-ontario-hospitals-    
   1.5308180   
      
   https://www.cbc.ca/news/canada/kitchener-waterloo/rural-hospitals-in-    
   southwest-ontario-hit-by-ransomware-attack-1.5301947   
      
   "The main vector for attacks is people, through phishing or the more     
   targeted spearphishing attacks," in which hackers gather information using     
   deceptive emails or websites, he explains. "Ninety percent of breaches     
   start with a person."   
      
   The solution seems simple enough.  Disallow access to unapproved     
   destinations, especially from the computers that are networked to patient     
   records!   
      
      
     ../|ug   
      
   --- OpenXP 5.0.43   
    * Origin:  (2:221/1.58)   
   SEEN-BY: 1/123 90/1 120/340 601 226/30 227/114 702 229/101 426 452   
   SEEN-BY: 229/664 1014 240/5832 249/206 317 400 292/854 317/3 322/757   
   SEEN-BY: 342/200   
   PATH: 221/1 280/464 229/101 426