Air Gap, Windows, Microsoft discussed on The CyberWire - Your cyber security news connection. - Reaper botnet update, Election hacking in Kenya, Czech Republic. M&A notes. APT28's phishing. Kaspersky's offer of code review. FBI shots in the crypto wars.
And we used some algorithms the we've developed that are in the gel category of network traffic analysis nta which are specialized algorithms week devolved that by inspecting the network traffic can highlight vulnerability such as connections to the public internet what types of operating systems are running on the devices what types of pal scenes are installed in the network and using that analysis we came up with some data points that are pretty eyeopening i would say the i i'd agree will wanted to take us through some of the key findings in the report sometimes these networks are described as being hard on the outside and saw on the inside like eminem cabbies and we foundered they're definitely sought on the inside but they're actually not that hard on the outside either and there's this myth of the air gap that uh because these networks are separated from the internet or from corporate it networks and air gaps from them we we don't have to worry too much but patching more monitoring what we found was that nearly a third of these networks are actually naked to the public internet so that was the first big the second big one is that these network have a lot of legacy windows machines in them we found that riyadh or of these sites have legacy windows machines like windows xp windows 2000 with means they're not getting security pact has for microsoft anymore so even if you want at the patron which is difficult process in a note the environment impact and if you wanted to operate all of them that's a big path because they're running all kinds of skate applications that might be tied to a particular version of windows and it'll be a pretty maps of upgrade dot.