Hack The Planet

Because if you don't, who will?

Monday, January 11, 2021

A new year, but what has changed…

As the clock struck 00:00 on January 1st, 2021, I felt a sense of hope. The year 2020 will be in our history books as one that tested the human spirit, and saw the best and worst of mankind. From a global pandemic, to some of the largest, and most high profile hacks, how could 2021 not be better? Well, I guess this is where the hold my beer meme should go.

Within a week we are not just talking about hacks, or politics, but full blown insurrection in the USA. When the armed mob of right wing domestic terrorists stormed the Capitol, it put an end to the idea that 2021 would be the gentler year that the previous. There continues to be more and more information being released on this attack on democracy, so we will see what these next few weeks bring.

One of the threads on this attack that has received attention on the InfoSec Twittersphere is that there were many unlocked workstations in pictures taken by the insurrectionists, and a laptop was stolen that may have included sensitive information. While there were a lot of takes on this, Jack Daniel made the most important one, pointing out that the safety of the people was the priority. We can sit back behind our keyboards thinking, “If an angry mob was storming my building I would definitely lock my workstation”, but let’s not kid ourselves, we would be fleeing.

There are measures that can be taken to get the human out of the loop, and with our threat model severely modified after the Capitol attack, here are a few to think about. Faster inactivity locks, so that if you aren’t actively working on the computer it will lock itself in a shorter time frame. This isn’t perfect, but it is easy and low impact. There is also proximity devices, that automatically lock a computer once the device is out of range. There are other options as well, and I am sure we are going to see them becoming more normal after Jan 6th.

When we look forward to the rest of the year, I think it is important to make sure we are trying to find ways to make security easier, to make it a default state.

Stay safe out there.

posted by holliday at 12:41 pm  

Powered by WordPress