Newsflash – US Nuclear secrets leaked online through Shadow IT

by | Jun 16, 2021 | Security

This sounds like a nightmare that could never happen.

US soldiers have been putting sensitive information online in non-secure third party websites. It defies belief, yet we’re reading that it happened. The story popped up on ‘Gizmodo’ .

It is alleged that US Soldiers were saving sensitive information on a couple of common flashcard sites, presumably of things they were trying to memorise and learn.  It seems these are common learning tools used in universities to help students memorise facts.  That works well so long as the facts aren’t top secret!  Even worse, their settings were on ‘public’ not ‘private’!

It’s a classic warning about the risk of people, however well intentioned, saving critical data online in places the organisation is unaware of, and can’t control. That’s why our new KARE for Security S2 plan helps identify use of these sites in your organisation.

For more detail : Why you need to know all the cloud services that your organisation uses – part 2 – (US DoD Nuclear Secrets!) – IT Solutions and Managed Services (kinetics.co.nz)

Tracking Shadow IT is part of our KARE for Security S2 plan.

MFA is important, but it is no silver-bullet.

MFA is important, but it is no silver-bullet.

There are no silver bullets. No one can guarantee you won’t be hacked, but we can make it harder. We can reduce your cyber-risk by taking reasonable steps to make it harder to hack you. The key is to have layers of security, and to keep reviewing the technology in use...

Disaster at Kinetics

Disaster at Kinetics

Sometimes, it feels like there is only bad news.    All businesses face challenges with suppliers, our own people and even some of our customers.  As managers, we work hard to get ahead of issues and create systems to mitigate problems, but there’s always something. ...

MS OFFICE ZERO DAY ATTACK – MAY 31st

MS OFFICE ZERO DAY ATTACK – MAY 31st

One of the scariest news items to wake up to is that there is a ‘zero-day’ vulnerability in a common piece of software. That means that the hacking community has found an opportunity to hack a bit of software and there is no update yet – ‘zero’ days to apply a fix....

Is MFA driving you mad?

Is MFA driving you mad?

Getting tired of having to open your phone for access? If so, you are not alone! But, its necessary. Hackers are counting on you suffering from an excess of having to reach for your phone to approve access, with something called “MFA Fatigue Attacks”.MFA Fatigue...

When QR codes go bad

When QR codes go bad

Thanks to Covid, we’re all familiar with QR codes. Of course, with Covid, we were using the official tracer app to scan them, but in normal use, you can just use your phone’s camera to open the link. It’s a great way to make it easy to visit a website without having...

Is nothing safe?  Fake logins!

Is nothing safe? Fake logins!

Every day, there is a new cyber-threat to watch out for, and to warn friends and colleagues about. I’m frequently stunned when talking to friends and colleagues that these threats are abstract and academic.   For the sake of absolute clarity, these cyber risks...

When hacking can help.

When hacking can help.

Ukraine is pretty well known for tech innovation. In fact it was worth $US6.8 Billion last year  Ukraine’s Booming Tech Outsourcing Sector at Risk After Russian Invasion - WSJ.   On top of that ‘legitimate’ work, Ukraine has also been home to some of the...