Cyber Attack On JBS Shuts Down Meat Processing Across The World

originally posted by: CriticalStinker
Old guard, startups, or both?

Both. And your government.

I know Stripe is a huge up and commer that is already the largest privately held company (I think, valued at 100b). Curious if they're really worth the hype.

Their encryption is good.

a reply to: AugustusMasonicus

Well, I guess it comes down to the old addage no one is looking out for us unless we are aware for ourselves.

There's ways to compartmentalize how our accounts work and add extra layers of security.

Eventually I'm going to try and buffer and lock accounts. I know you can get the physical 2FA devices.

I used to try and do autopay type things through PayPal so I wasn't actually putting out my acct information... But PayPal is becoming the devil. Whether or not their encryption is good, I've seen absolute horror stories of PP locking people's money for 180 days or outright jacking it for "damages".

Crazy stuff we have to navigate. I operate under the assumption everyone is out to get me.

originally posted by: CriticalStinker
I operate under the assumption everyone is out to get me.

That and add that the people out to get them will also get you in the process.

The USPS will love me, I just started buying stamps again.

a reply to: AugustusMasonicus

I might have to look into going analog again.

Right now my system is Google voice number for anyone I don't consider a personal contact. Different email for anything commerce (even thinking about doing different emails for each company forwarding so I can find out who sells my data). Different bank account for bills, credit union for everything else. Than I do buffers sometimes between card and place of business.

I'm trying to get everything mostly automated without too much rigamaroo. But it takes quite a bit of legwork up front.

a reply to: CriticalStinker

It's good that you're super-proactive, the challenge is that it's only as good as the weakest level of encryption.

Just an FYI, Solarwinds, Colonial Pipeline and JB weren't clients before, despite us soliciting them, they are now.

a reply to: AugustusMasonicus

Encryption is going to be a constant battle too.

A company that upgrades and is good for now may neglect 5 years down the road.

There is a possibility, however small, that encryption gets near completely negated if they figure out N vs NP. People deem it near impossible, but with how fast we've been breaking "impossible" barriers I deem it a hypothetical to humor.

They're working on some cool projects for systems that instead use quantum entanglement to verify, potentially better than block chain. This wouldn't necessarily fix info snatching, but it could make it close to useless.

Cyber Attack On JBS Shuts Down Meat Processing Across The World

Why can't those #'s go after Facebook or Twitter.

Revenue Increase US$ 51.2 billion (2017)[1]

en.wikipedia.org...

You'd think a company that rakes in $51 billion a year would have better cyber security.

a reply to: infolurker

They claim cars and meat cause global warming. First the pipeline was hacked, then a computer chip processing factory in China burned down, now the largest meat processor in the world is hacked. And all of this after the government gets a 1.9 trillion dollar "stimulus" passed. Coincidence?

I hope people are keeping their eyes open.

America is under cyber attack. With all the police killings, the Karens calling the police on innocent people, and other rampant racism going on, should Blacks really care if America is under attack. a reply to: infolurker

a reply to: infolurker

Hello! Greeting from Brazil, the land of the JBS. Let me tell you people. Here, JBS (or J&F Holding) has the bigest marketshare in meat, thanks to BNDES. Then, they proceed to take America, land of the free lol. But J&F is playing with more than meat. Here, they have 2 fintechs, Banco Original (fintech dressed as bank) and PicPay (pay attention to that name)an app for payment, cellphone credit and you can transfer money from people to people without any takes (inmates love it lol)

So, today my ex wake up calling me and telling me to take all of my money out of PicPay because someone hacked her account and wipe out 15k from her account. Looking on teh net, I found other similar cases happen. This isn't a 10 bucks hack, they only target the people with money. Then you ask me, why would someone trust their hard earn money on a Fintech (here the regulations for fintechs are different from banks, scammers love having an account you can transfer money without ANY document verification )and have free money transfer to any REAL account using the PIX system (research, too long for americans understand that system)

So, the hacker stole more than 50k JUST TODAY, in a pattern that is repeating since 8 days ago, wiping out the money from account that use ANY system (android or iOS) and EVEN those people that use biometry instead of a password you type

The digital system of fintechs is entirely compromised. And you wont see it in any journal. look up for reclameaqui (a site to make complains on corps) and PicPay.

On our case it was used a PIX key (can be your ID, your cell number, email or ISS) that has an email with a name that i cant find anywhere (obvious). The email is spectrumshop.inc@gmail.com. The only Spectrum i found references is an IT company with a spy face (from my predictions, maybe the hacker is ironic)) The bank account that receive the stolen money was Nubank (poorly secured, every month someone clone their cards). And the name of the robber was Igor Pereira Magalhães. The only reference of that name is a minor who lives in the middle of nowhere and clearly without any skills for that. But... I still have a flag up with that boy. Im waiting for the others names of scammers to pop up and cross that.

But, the most strange thing is: How can they know who to hack, any cell system, change the first password (that gives acess to the app) and change the second password (for transactions), even with people that use biometry as passwords. They are supposed to have the biometry of the person. How the f... did they bypass it? Even with iOS that is so "secure". People from dfferent states where hacked. Some people lost 27k.

But wait theres more. The picpay app is a e-wallet, so you can store and put your credit card data there to shop. They are putting cloned or stolen credit cards in hacked accounts, some even with cards taken in the name of person that had the account hacked and wiping out eveything.

How they didnt block ANY tranfers higher than 5k after midnight? Yesterday was holiday, maybe the sec team extended the holiday?

The J&F are the holding, but the "paper holder" are some little enterprise from... CAYMAN ISLANDS.

They lure people with high cashback and stakes that pay 3x more than a stable bank. I guess it works. But WHY they dont take any measures to counter the thieves? Because they dont give an F.

a reply to: AugustusMasonicus
Exacly! look at my reply from the first post. Really scared that they can even "hack" people that use biometric as password.

originally posted by: MindLock
Exacly! look at my reply from the first post. Really scared that they can even "hack" people that use biometric as password.

Yeah, and stuff like that happens all day every day.

I know this sounds horrible to say, but there's a part of me which is almost glad to see some of this stuff happening. Not the beef industry particularly, mind you, but just in general. I will explain.

Personally, I don't think there is some grand "greeny" conspiracy out there. That's not what's going on. It's just that the people who tend to be hackers also tend to be radicals, so it stands to reason their targets will be things they oppose politically. Maybe there's a grander conspiracy, but if there is I doubt it originates inside this country. Anyway, that's a topic for a different thread I guess. Back to my explanation...

I work in the sector. And, I know the vulnerabilities. Most people would be utterly astonished if they knew how the "real" game is played. It is so far different from what people imagine it's almost laughable. InfoSec is like a Vegas game; sometimes you win, and sometimes you lose. There's no absolute one "right" way. Truly 'perfect' and bulletproof security can only be achieved by mashing the "Power" button on your computer, phone or other connected devices, and then unplugging them and removing any batteries. That's the unfortunate reality of it.

InfoSec is an almost impossibly delicate balance on a truly razor thin edge between production and better security. Oh sure, virus/malware protection companies tell people they're bulletproof, but they're not, far from it actually. On the one hand you can implement security which is so good it paralyzes an organization, or so weak it leaves it wide open to attack. Somewhere in the middle lies the right balance. Herein lies the Vegas part of the equation. Security is like an odds game. You implement the most security where your biggest risks or threats are, and lesser security where the risks are less. If the balance of risk suddenly shifts then an organization is vulnerable. If they react fast enough then nothing happens, but people fail to understand just how vast the playing field is. Reacting fast enough is not as easy as it sounds. It's a very complex field, and the threats are almost too numerous to count...and those are just the ones you know of! Then there's all the threats you don't even know of yet, and you have to be postured to react to those too.

So, why am I 'almost glad' to see these things happening? Well, even though I work in the sector, I personally believe we have collectively put too much stock (i.e. trust) in electronic systems...way too much. We're now at a point where people are forced to have blind trust in an industry where there should be none. There is an expectation there will always be a safety net, and that safety net doesn't exist. It just doesn't.

In the old days there always used to be a paper copy in a file somewhere. Today, oftentimes this no longer exists. There was a gold bar to back up every dollar. In short, there was a path back to the foundation of every process, and a manual process which could take its place in a crisis. This path no longer exists, and it should. We should never put so much trust in electronic systems that we simply cannot survive without them...and that's where we are right now.

Just 10 short years ago no computer would have ever paralyzed the beef industry. Would have never happened! Too many manual processes were still in place. Just 20 years ago no computer would have paralyzed the movement of oil from point 'A' to point 'B'. But all these things HAVE happened now, and people just throw their hands up and wonder how we got here. Maybe it's time to re-evaluate what things really NEED to be "connected", and what things maybe don't benefit from it.

Trust me, it really CAN be worse!! MUCH, MUCH, worse....and it WILL be soon enough, IF...WE...LET...IT![