undefined | Better HN

0 points_wldu3y ago0 comments

As an aside, those same low-level remote management tools are used by cyber actors (criminals and governments) to compromise entire organizations with ransomware and other malware. That's the real reason ransomware is such an issue today.

If corporate systems were stand-alone/isolated, we probably would not have this problem to the extent that we do.

0 comments

wongarsu3y ago

In a company with 10000 computers you don't want to have an IT person walk to each of them to roll out new software or install an update. Sure, attackers would have a harder time, but IT departments would also have to be orders of magnitude larger

gnubison3y ago

Humor me for a second: why not have them install the software themselves?

cafard3y ago

Probably because most of the users were hired to do accounting, legal work, advertising, etc., not to provide IT support.

833y ago

You must not work in IT with end users.

donkeyd3y ago

> If corporate systems were stand-alone/isolated, we probably would not have this problem to the extent that we do.

Well.. Yeah, but also... This is what we used to have and have been moving away from. We used to have on premise and then moved to SaaS. I'm pretty sure we all realized that had some security consequences, right?

_wlduOP3y ago

Compliance and audit driven organizations are more likely to do these things. They want consistency and control across the org. What they fail to realize is how that same consistency and low level control can be used against them. And, more importantly, the scale of the abuse will be as efficient as the scale of management.

It's sort of like building an encryption backdoor (only for law enforcement) and then to be shocked and surprised when criminals use it against you. Security technologists who know better are not consulted and/or their advice to isolate and diversify is not taken.

j / k navigate · click thread line to collapse