cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
rslade
Influencer II

Facebook down over Thanksgiving ...

... but only sporadically, so we're not safe yet ...


............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
8 Replies
Beads
Advocate I

An attack on a noticeable holiday when people would want to share photos and update friends and family? Not to mention a long weekend? Ugh! Do these bad actors have no sense of shame? The audacity of it all.

 

- b/eads

Shannon
Community Champion

 

Causing downtime for a service / site availability is essentially a bad thing, but this being Facebook, I'm tempted to overlook that.   Man Wink

 

 

 

 

Shannon D'Cruz,
CISM, CISSP

www.linkedin.com/in/shannondcruz
Caute_cautim
Community Champion

@ShannonWhat is better a Facebook outage or the whole of Azure O365 for 4 hours during a critical patch, which then took out the whole of O365 - resilience?

 

Regards

 

Caute_cautim

Shannon
Community Champion

 


@Caute_cautim wrote:

@ShannonWhat is better a Facebook outage or the whole of Azure O365 for 4 hours during a critical patch, which then took out the whole of O365 - resilience?

 

Regards

 

Caute_cautim


That would depend on perspective --- from mine, it's the former, coz I don't make use of Facebook, and it's not allowed at my office, nor do any of our business services depend on it. With Azure, I make use of Office 365, & the organization uses the Azure could to host assets, so its unavailability would affect me.

 

Someone making extensive use of the Facebook services --- groups, calling, etc. --- for personal / corporate requirements might prefer the latter.

 

(Now if we're talking about WhatsApp services --- despite it being owned by Facebook --- I'd be affected by the unavailability, coz I tend to use that a lot.)

 

 

BTW, I'm assuming this wasn't a trick question   Man Wink

 

 

 

Shannon D'Cruz,
CISM, CISSP

www.linkedin.com/in/shannondcruz
Caute_cautim
Community Champion

@ShannonNo trick question.  Although very interested to see how your organisation uses WhatsApp despite the very public admissions that some Government Agencies had been using the same solution and had been hacked due to its use.   I don't know how many times, I have had to say it, or convince people - simply WhatsApp for corporate purposes is not secure, and although convenient to many is not a safe way to conduct organisational business.  You would be far better off with "Signal". 

 

But using WhatsApp for organisational business is simply not good.  Even my organisation has made a deliberate policy that employees must not use it for organisational business purposes - not just a question of Facebook owning, it is absolutely and utterly unsafe.

 

However, as you know no system is entirely secure, for obvious reasons.

 

Unfortunately, a lot of organisations have gone down the Azure O365 with the promise of substantial discounts for Government agencies worldwide.   It works, but as the Cloud Basic's course go through and emphases - you need more resilience.   Cloud Computing is becoming a commodity, but do not put all ones eggs in the same basket.  All it takes is a good DDoS, a network fault to cause excessive latency or a human being to think, lets do this patch now, whilst everyone is not watching.  

 

Regards

 

Caute_cautim

 

 

Caute_cautim
Community Champion

Shannon
Community Champion

 

 

@Caute_cautim, what I meant in my post is that I make personal use of it --- but a sad fact is that it's also used by our organisation, for communication between internal teams in the IT. It's primarily because of the fact that it is dirt cheap, so people tend to make use of that to alert one another.

 

I've never advocated this, and pointed out that it's unreliable, not to mention vulnerable, as you mentioned.

 

(Alas, there a currently bigger risks to be mitigated in our organization, so I'm not bringing this up often at work for now.)

 

You're probably aware of the fact that WhatsApp calling is blocked in K.S.A --- which I find odd given that a lot of other VoiP applications like IMO & Skype work fine --- but the messaging isn't. It's about the same in the U.A.E. but Skype is also blocked there.

 

 

 

 

Shannon D'Cruz,
CISM, CISSP

www.linkedin.com/in/shannondcruz
Beads
Advocate I

Many determined attacks happen over long holiday weekends as long as I have worked in InfoSec over the decades. I didn't think it would be necessary to prompt the reader to put a '/s' tag on the post or invoke Poe's Law for the unsuspecting.

 

There were many such incidents over the long holiday weekend here in the United States and felt pretty par for the course looking at my internal incident log over the weekend. Nothing too serious just annoying to fairly serious.

 

I will be ever so much careful for you in the future.

 

- b/eads