• @TwitchingCheese
    link
    English
    11
    edit-2
    2 months ago

    I get that it’s not the point of the article or really an argument being made but this annoys me:

    We could blame United or Delta that decided to run EDR software on a machine that was supposed to display flight details at a check-in counter. Sure, it makes sense to run EDR on a mission-critical machine, but on a dumb display of information?

    I mean yea that’s like running EDR on your HVAC controllers. Oh no, what’s a hacker going to do, turn off the AC? Try asking Target about that one.

    You’ve got displays showing live data and I haven’t seen an army of staff running USB drives to every TV when a flight gets delayed. Those displays have at least some connection into your network, and an unlocked door doesn’t care who it lets in. Sure you can firewall off those machines to only what they need, unless your firewall has a 0-day that lets them bypass it, or the system they pull data from does. Or maybe they just hijack all the displays to show porn for a laugh, or falsified gate and time info to cause chaos for the staff.

    Security works in layers because, as clearly shown in this incident, individual systems and people are fallible. “It’s not like I need to secure this” is the attitude that leads to things like our joke of an IoT ecosystem. And to why things like CrowdStrike are even made in the first place.