Reply to post: "it's not rocket science to defend against this sort of stuff."

GCHQ director outlines plan to 'go after' links between ransomware crims and state actors

Mike 137 Silver badge

"it's not rocket science to defend against this sort of stuff."

Never has been rocket science. The big problem is a combination of complacency and convenience.

It's so convenient to allow SMB and remote desktop across the firewall, let everyone browse with unfettered scripting, run a flat network with AD as the only segregation mechanism (or in the case of Equifax, leave a file of clear text server credentials on the network) that nobody stops to think about the possible consequences.

On several assignments I've had to fight to make them put documents such as pen test reports and firewall rule listings in a secure area. Mostly they've just been 'somewhere' on sharepoint.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2022