Archive for August 4, 2020

Sky News Once Again Claims Garmin Paid The Ransom….. But They Back Up Their Claims This Time

Posted in Commentary with tags on August 4, 2020 by itnerd

Last week I posted a story with Sky News claiming that Garmin had paid the people behind their ransomware attack. The people behind this are likely Evil Corp for the record as the ransomware that was used was reportedly “wasted locker”. In that story I said this:

The thing is, Sky News offers up no proof whatsoever. At least when the news that Garmin had been pwned by ransomware first appeared, there was proof from a variety of sources to back this up. But that’s not the case here. 

Well, Sky News is back, and they back up their claims this time:

According to people with knowledge of the matter, speaking to Sky News on the condition of anonymity, Garmin had initially sought to pay the ransom using another firm which specialises in responding to these incidents.

However, this firm responded that it didn’t negotiate ransom payments in WastedLocker cases due to the risk of running foul of the sanctions.

The sources said after being initially rebuked, Garmin then sought the services of Arete IR, a firm which claims that the links between the WastedLocker ransomware and sanctioned individuals have not been proven.

And:

Separate sources confirmed to Sky News that Arete IR made the payment as part of its ransomware negotiation services, although Arete argues that WastedLocker is not conclusively the work of Evil Corp.

Neither Garmin nor Arete IR disputed that the payment was made when offered the opportunity to do so.

Arete IR is a company that does the following:

Arete Advisors has assembled an elite global team of incident response experts to create unparalleled capability to assist clients in preparing for and defending themselves against a cyber-attack, from incident response readiness assessments to post-incident remediation and ongoing hunt services. Our core skills include triage, digital forensics, malware reverse engineering, remediation, managed detection response, hunt and testifying expertise. Arete works with organization of all size to provide highly customized advice specific to your industry. Arete’s advisory services provide legally defensible, compliant cyber strategies that assist the C-Suite and Boards of Directors to continuously improve the organizations’ cyber posture, by aligning cyber risk management strategy with corporate risk.

But more interestingly, they also do this:

While some companies require insureds to get funds up front, costing precious hours and days to the clients in crises. Arete, has created a simple, easy way for Breach Coaches and Insureds to immediately respond by facilitating the entire technical and financial process of purchasing the Bitcoin, while managing the negotiation with the bad actor for a flat fee, to be paid in 30 days. Allowing clients to focus on restoring their business to health

Thus it’s safe to conclude that Garmin paid the gang behind the ransomware. And the fact that neither Garmin nor Arete IR deny that they paid underscores that. So Evil Corp or whomever was behind this won. I get that the need for Garmin to get back up and running, but I am a firm believer that you should never pay the ransom as it only encourages these scumbags. So it is unfortunate that the bad guys have effectively won.

The CNE Gaming Garage Powered By AMD Is Back As A Virtual Experience

Posted in Commentary with tags on August 4, 2020 by itnerd

The CNE Gaming Garage Powered by AMD is back, bringing all the fun and EXcitement of gaming to players virtually at TheEx.comAugust 21 to 23, 2020.  Since 2017, the popular three-day event has attracted more than 150,000 attendees as part of the Canadian National Exhibition. With the cancellation of the CNE this year, fans will still be able to connect online, interact virtually, and compete for prizes.

Tournaments are being held across three popular esports titles: Fortnite (PC), the new game Valorant (PC) and Rocket League.  Both the Fortnite and Valorant titles are free-to-play.

Tournament registration is now open at TheEx.com/CNEGamingGarage and both registration and participation in the tournaments is Free.

Starting August 17th, players can participate in qualification matches to earn their place in the CNE Gaming Garage Powered by AMD broadcast weekend.   The tournament will feature Fortnite Solos, Valorant 5v5 and Rocket League Duos.  Qualified gamers will have the opportunity to battle it out for their piece of a shared $4,000 prize pool.

Tournament registration closes on Thursday, August 20, 2020.

Qualification
Beginning August 17, 2020 participants can pre-qualify to earn their place in the Gaming Garage broadcast weekend.

Important Dates
August 17th – Tournament qualification begins
August 21st – Final qualification day and first day of the live broadcast
August 22nd – Live broadcast of semi-finalists’ brackets
August 23rd – Live broadcast finals brackets

Tournaments require advance, online registration through the CNE website. To register visit  TheEx.com/CNEGaming Garage.

In addition to the three-day esports tournaments, the CNE Gaming Garage Powered by AMD will feature Fortnite Island Freeplay (with prizing courtesy of AMD), an Online Dungeon & Dragons competitive adventure in Wildemount, and an online Magic: The Gathering “learn-to-play” tutorial, courtesy of FacetoFaceGames.com – Canada’s largest trading card game retailer. FacetoFaceGames.com will also be offering free ice cream to CNE gaming enthusiasts on a first-come, first-served basis at its Toronto store – 1398 Danforth Avenue (while supplies last).

Also included in the CNE Gaming Garage Powered by AMD is a free Virtual Robotics Competition that will take place from August 21 to September 7.

Stay tuned for details about all the attractions and events that will be available online as part of the CNE At Home virtual experience from August 21 to September 7, 2020.  For further information, visit: theex.com

Digital Defense Announces New Partner Program For Managed Service Providers

Posted in Commentary with tags on August 4, 2020 by itnerd

Digital Defense, Inc., today announced a new Managed Service Provider (MSP) partner program that empowers partners to raise their brand profile, service offerings and proof of value to their clients in the new economics of cloud and on-premises security solutions.

By 2026, 77% of cybersecurity spending is expected to be for externally managed security services.* The Digital Defense MSP Partner Program, along with Digital Defense’s cloud-native SaaS platform, Frontline.Cloud, supports the growing trend of clients procuring Security-as-a-Service from MSPs and creates actionable opportunity for MSP, MSSP (managed security service providers) and MDR (managed detection and response) partners to capture their piece of this rapidly growing market.

Proof of value is essential for MSPs who are under increasing pressure to prove their worth as clients reevaluate spending and adjust to new business models.

Frontline.Cloud boasts a true multi-tenant architecture that streamlines administration of multiple clients so MSPs can operate at scale. The platform also enables quick and easy deployment for rapid monetization. Other benefits include easy productization with an open framework of APIs, documented integrations with leading ISV solutions and robust customizable reporting that enhances the MSP’s brand and demonstrates proof of value. Building on the company’s established success with its existing partner program for global telecom service providers and VARs, Digital Defense is asserting a new value message to the MSP channel and the buying journey of their clients.

The Digital Defense MSP Partner Program offers benefits such as flexible billing cycles that align to MRR business models, self-provisioning on the Frontline.Cloud platform and procurement directly or through cloud marketplaces including AWS, Azure, Oracle and Google. To learn more about the program, benefits and how to apply, visit: https://www.digitaldefense.com/partners/channel-partners/.

*2020 Roundup of Cybersecurity Forecasts and Market Estimates, Forbes, April 5, 2020

Things Have Really Escalated In Terms Of TikTok v. Donald Trump. And They’ve Gotten Weird too.

Posted in Commentary with tags on August 4, 2020 by itnerd

Reuters is reporting that China’s ruling Communist Party blasted the efforts of the US to force a sale of TikTok to Microsoft via an editorial in the China Daily newspaper, saying it will not accept the “theft” of a Chinese tech company and is ready to respond if needed.

Now here’s how I read this. A lot of western companies build stuff in China. So I can easily see a scenario where China uses that as a way to hit back at the US. And that is certain to ratchet the tension up further.

But there’s also something weird about this whole situation. President Trump reiterated last that TikTok must sell off its U.S. operations in 45 days and that the deal must include a substantial payment to the U.S. government, otherwise the app would be banned.

I don’t mind whether it’s Microsoft or someone else, a big company, a secure company, a very American company buys it,” said Trump, according to Bloomberg. 

“It’ll close down on 15 September unless Microsoft or somebody else is able to buy it and work out a deal, an appropriate deal, so the Treasury of the United States gets a lot of money,” he added.

That honestly sounds like something a mobster would say. Think about it. A private company potentially buys another company and the government of the day wants a cut for no other reason than because it can. That’s sketchy at best as it isn’t clear how the federal government could demand a cut of a transaction between two companies neither of which it has a stake in. That’s on top of the fact that it isn’t clear how Trump can ban TikTok.

Buckle up. This is going to get interesting.