What is a cybersecurity executive order?

(this is from our newsletter — sign up at thecompadre.com)

Tom Bossert, Homeland Security Advisor, explains the executive order to the press

What’s in the news…

Last week a global cyberattack took place prompting the White House to issue an executive order reviewing government cybersecurity practices…

What is cybersecurity?…

It’s when you secure your cyber. More technically, it’s protecting computer systems connected to the internet from being infiltrated by people wishing to steal, destroy, hold ransom, or just screw with, your personal/private information.

Tell us a joke about cybersecurity…

Your security software is so out of date that last virus it found was the one that killed off the dinosaurs…

Breaking it down…

Cybersecurity walks into a bar…jk — enough with the bad jokes…

How do you like your cyberattacks? Often? Because they are happening more frequently. These attacks are orchestrated by very tech savvy people who’ve decided they can use their mad typing skills to do people harm. And while most of the time they aren’t hacking missile silos, the damage they do to individuals, businesses, and even governments can be no joke.

In the latest episode of “As the world gets hacked”…

Cool version: A group of bandits, with anonymity masks, held over 300k people hostage in a large digital stadium. Then, they ransomed each person back to his or herself for $300 in bitcoin (digital currency that most people don’t understand) and said if they paid, no one would get hurt. Everyone paid, no one was hurt, and the bandits rode off with $90 million of green. Uber and Lyft had a field day driving everyone home.

Not as cool (but definitely more factual) version: The National Security Agency found a vulnerability in older versions of Microsoft’s Windows software, which is used by lots of people throughout the world [Insert Bill Gates’ net worth]. A hacking group named ’Shadow Brokers’ stole the vulnerability from the NSA and published it for all the world to see. Someone (possibly looking at you, North Korea) took that info and created what’s called a ‘ransomware’ name WannaCry, which locks a user out of their own computer until they pay a ransom. The $300 bitcoin demand was real — even if the rest of the ‘cool version’ was a lie.

Who was affected? Fedex, Nissan, Hitachi and Deutsche Bahn, your favorite German railway company. The most impactful target was 16 of U.K.’s National Health Service hospitals, which prevented access to patient records, etc.

Fun Fact: A British security researcher found that the original ransomware virus could be stopped if this domain was registered: iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com. They had tried www.pleasestopholdingeveryonescomputershostage.com first… but were grateful their second guess worked. It cost them $10.69 to register the domain and stop the initial attack.

Other Fun Fact: Always install security software updates.

Alrighty…back to the cybersecurity executive order. The President ordered the heads of federal agencies to review their cybersecurity and gave 3 months to do so, while also making them responsible for their efficacy. While the order doesn’t instill a lot of new policy it does mandate that the agencies use the cybersecurity standards published by the National Institute of Standards and Technology. President Trump wants a kumbaya effort here, folks.

Some people have criticized that the IT systems and software (along with it’s security) can be too old and vary greatly from agency to agency. Guess those agencies haven’t figured out that team work makes the cybersecurity dream work.

In spite of other headlines swirling around politics-land, this executive order is welcomed news by most everyone. These efforts couldn’t come at a better time with hackers threatening to release a stolen version of the new Pirates of the Caribbean…

As Tommy from 7th grade would tell it: Computers run software which is a bunch of code that runs the programs we use…some people find flaws in the software and use them for bad purposes…Some of those people found a flaw in Microsoft software and were able to lock a lot of people out of their own computers…they demanded a ransom…a smart dude in Britain helped find a problem to stop the attack…all of this made the White House create an executive order demanding fed agencies check the locks on their cyber doors and tell the President how secure their rooms are…the White House is going to work on improving our tech security so we aren’t hacked by bad dudes