EN
  • Cyber stability
  • Secops
  • Risks management
  • Digital transformation
  • Digital Sovereignty
  • Cybercrime
  • Industry and OT
  • Fraud
  • Digital identity
  • Cyber +
    • Who In The World Is Tristan?

    Who In The World Is Tristan?

    Written by
    The Editorial Team
    FIC
    About
    Find all the articles of the inCyber Editorial Board below! Editorials, interviews, videos and much more.
    Learn more
    12.07.20
    Risks management Secops
    #analyses #editorials #expert papers #opinions
    Who In The World Is Tristan?
    Who In The World Is Tristan?
    04
    MIN
    Who In The World Is Tristan?
    Image Child privacy and protection: finding the right balance in the fight against dangerous sexual content
    Risks management
    04.09.24 Risks management
    Next article
    Child privacy and protection: finding the right balance in the fight against dangerous sexual content
    Read
    04
    MIN
    Image Artificial Intelligence: What are the 5 major cyber threats for 2024?
    Risks management
    03.20.24 Risks management
    Next article
    Artificial Intelligence: What are the 5 major cyber threats for 2024?
    Read
    03
    MIN
    Image Jean-Jacques Latour: "To date, we have not identified any new threat linked to artificial intelligence"
    Risks management
    03.18.24 Risks management
    Next article
    Jean-Jacques Latour: “To date, we have not identified any new threat linked to artificial intelligence”
    Read
    06
    MIN
    Image Storage must form the core of an enterprise cybersecurity strategy
    Risks management
    03.14.24 Risks management
    Next article
    Storage must form the core of an enterprise cybersecurity strategy
    Read
    05
    MIN

    We are in 2017. Tristan is hired as Project Manager for a large local authority. This is his very first job and he is determined to make a lasting impression.

    He is tasked with the implementation of a software package very recently purchased by his employer, which gathers all the personal data of the agents, the audience, etc. – in other words, everyone – in order to be prepared for the GDPR.

    Tristan is well aware of the importance of this mission and knows that failure and delays are not an option.

    Tristan has always been a model student, diligent, and scrupulous. He contacts the software company that won the tender and starts reaching out to the technical department.

    His project is rolled out on a server provided by the network system administrator. He hits off with his fellow project managers who help him to connect it to the HR management system, then to the system managing the general public’s Social Assistance requests, to the financial third parties, to the institutional contacts, etc.

    The board did not deem it necessary to hire a real independent and qualified CISO, given the fact that the system administrators had assuredly proven their skills. As a testament to that, Tristan is asked to create a unique separate account identified in the directory for each login.

    The passwords include 16 characters and are highly protected. All accounts are neatly classified in the configuration files of the application.

    The project is slowly put together, piece by piece; Tristan will be ready for May 2018. He prepares for his presentation to his boss and his director. He works till late in the evening and overtime to be ready for the following day. But suddenly the demo crashes.

    Slightly panicked, he contacts the software publisher:
    “This project is due tomorrow morning; I can’t afford to crash the demo!”
    He is good friends with the publisher. It lends him a hand on the spot:
    “I’d need a visual of the Front server. Do you have a TeamViewer account?”.
    “I’ll open one up right away.”
    At that very moment, Tristan is more worried about the success of his presentation than about security matters. He downloads the 12th version of TeamViewer and installs it in the Front server, as requested by the publisher. He sends them the remote access codes immediately.

    Fast forward to two hours later, and everything is back to normal, with a functional demo. Tristan can return home to sleep peacefully. He is ready for the following day.

    The demo goes without a hitch; the project is a success. As the years go by, he is tasked with more and more important projects and is regularly promoted.

    On 24 February 2020, chaos reigns in the office when he shows up at work. The newly hired CISO stops him:
    “I need every project that has access to payroll software. It seems you have one.”
    Tristan catches up to speed after a few explanations and conversations with his co-workers: all HR, social, and financial systems and databases have been breached and encrypted, with a sample of all the board member’s salaries sent from an untraceable email address. They are asked to pay a 230 Bitcoin ransom, or the data will be made public and the systems will remain inaccessible.

    After a few days of forensic analysis, the consulting firm reports that the hackers entered through the TeamViewer access that he had been left open on his app’s server and exploited CVE-2018-16550 to force their way in. The data logs show that they had made several login attempts since last December before succeeding late January. Subsequently, they traced their way up to the other devices connected to the app and were able to block them, since all the passwords had been stored unencrypted in the configuration files.

    Conclusion of the analysis report: “Never leave open and unsupervised access to TeamViewer, LogMeIn, remotePC, or any other Remote Desktop software!” Signed: Camille.

    End of the story: Tristan is punished for having done a good job, and his current employer still fails to understand that the fault lies in organizational issues related to project management. He should never have been left alone to handle his project, and the installation of any software program capable of opening a breach in the system must involve the consultation of a specialist aware of cyber risks.

    Yet, this conclusion is not present in the report. Indeed, even if Camille is aware of such an issue, her job is not to report that kind of problem… to avoid offending the egos of some customers in the relevant Department…

    Tristan exists in every one of us, and very few managers listen to Camille’s advice.

    The Editorial Team
    12.07.20
    Articles by the same author:
    1
    04.08.24 Cybercrime
    AT&T data theft: 73 million accounts compromised
    Read
    01
    MIN
    2
    04.08.24 Industry and OT
    Kaspersky notes slight decrease in attacks against ICS 
    Read
    02
    MIN
    3
    04.05.24 Digital Sovereignty
    DMA: European Commission to investigate Alphabet, Apple and Meta 
    Read
    02
    MIN
    4
    04.02.24 Digital Sovereignty
    Atos/Eviden: Airbus throws in the towel (again)
    Read
    02
    MIN
    Image Child privacy and protection: finding the right balance in the fight against dangerous sexual content
    Risks management
    04.09.24 Risks management
    Next article
    Child privacy and protection: finding the right balance in the fight against dangerous sexual content
    Read
    04
    MIN
    Image Artificial Intelligence: What are the 5 major cyber threats for 2024?
    Risks management
    03.20.24 Risks management
    Next article
    Artificial Intelligence: What are the 5 major cyber threats for 2024?
    Read
    03
    MIN
    Image Jean-Jacques Latour: "To date, we have not identified any new threat linked to artificial intelligence"
    Risks management
    03.18.24 Risks management
    Next article
    Jean-Jacques Latour: “To date, we have not identified any new threat linked to artificial intelligence”
    Read
    06
    MIN
    Image Storage must form the core of an enterprise cybersecurity strategy
    Risks management
    03.14.24 Risks management
    Next article
    Storage must form the core of an enterprise cybersecurity strategy
    Read
    05
    MIN
    Stay tuned in real time
    Subscribe to
    the newsletter
    By providing your email address you agree to receive the Incyber newsletter and you have read our privacy policy. You can unsubscribe at any time by clicking on the unsubscribe link in all our emails.
    Stay tuned in real time
    Subscribe to
    the newsletter
    By providing your email address you agree to receive the Incyber newsletter and you have read our privacy policy. You can unsubscribe at any time by clicking on the unsubscribe link in all our emails.