Prairie Trail Logo

Home
Sign up

Views from the Prairie

November 2025

Cybercrime and Resiliency

Cybercrime is growing year after year. It is a big business and the major players in cybercrime operate as a business. They even have research groups, user manuals, and "franchises" for people who want to start up their own cybercrime business. AI has reduced the cost to commit cybercrime and is allowing many opportunistic attacks. Are you ready to be attacked? The costs of a cybercrime attack can be in the millions and many businesses have failed after such an attack.

The cost of being attacked can be quite large and vary by the type of attack. Some attackers want the data you have while others simply want to steal money or demand ransom. Scams are mainly targeted against individual employees who have the right to move money. Larger attacks are for stealing sensitive data or for demanding ransom. Supply chain attacks are intended to get criminals into larger corporations through an attack on a supplier who might not have the same security.

Nearly everybody is vulnerable to phishing attacks. Sophisticated techniques and AI are currently being used to allow for well-crafted phishing attempts including AI generated phone calls using corporate officer voices.

The speed of business depends on trust. Cybercrime misuses that trust in order to commit crimes. After many attempts to train people, it does not seem to be possible to train employees to not fall for phishing attempts. Everyone will fall for some scam.

A better defense assumes that people will fall for scams or phishing attempts and works to limit the damage. For example, family members can be trained to say a specific phrase to show that they are really the person calling (breaking the "fake relative call" scam). Corporate employees can be taught to ask for a specific authorization phrase before transferring money based on a phone call.

A "defense in depth" is used to limit how much damage any one failure can inflict. Each layer in requires a different type of access control. Yes, this does add costs to day to day operations, but that cost has to be contrasted with the costs of any possible cybercrime.

A resilient system is one that can be attacked and quickly recover without a huge cost. These systems have to be maintained, updated, and monitored to remain resilient. Bugs, new employees, new procedures, etc. all contribute to new openings that can be used by attackers to gain entry. Resiliency is a constant effort.

Because the costs of data storage have dropped, it is possible for most organizations to have all their data saved in ways that can preserve the corporation through any ransom attack. It is very difficult for a ransom attack to encrypt data on permanent media that is offline during the attack.

It is not possible to prevent cybercrime attacks. However, it is possible to limit their effectiveness and for a business to design their systems and operations in order to survive multiple attacks.


What is your time line?

Warren Buffet is known for stating that he wants to own a stock forever. Yet, his company sells stock on a regular basis. Public companies are under pressure to perform quarter by quarter. Other companies have gone private to avoid the short-term thinking on Wall Street. Short-term thinking can seep through a company and cause all sorts of challenges. There can be pressure to cut corners, short change business ethics, and more. What is your time line?

While short-term thinking can result in good profits for a while, it tends to inhibit proper investment in operations, new products, and even new markets. Short-term thinking can result in social harm and environmental problems. For example, simply look at all the mine debris left behind by the gold miners and the many uncapped oil and gas wells causing trouble. It also tends to devalue the employees. Some managers have pushed employees to the point where valued employees quit.

Some people talk about needing to be "good ancestors" meaning that they need to leave things so that their grandchildren and later generations can enjoy the land and society. Thinking in terms of how to properly pass our land, our society, and our country down to future generations allows for some very creative thinking. It also asks us to consider exactly what it is that we actually have today.

The results of a long-term perspective can be better profitability through strategic investments, hiring better workers by offering a good vision of the future, and better community relations as the company works for the good of all. Such a vision justifies investments in a better supply chain, improved risk management, and allowing workers to have side projects which can often result in innovative products and services.

Risky World

Those of us who know about cats and how they find nice places to curl up would not be surprised that hundreds of stray cats found a warm place and collected there. Unfortunately, the place was on top of a bunch of bitcoin mining equipment and caused the equipment to malfunction.


About

This newsletter is posted here as well as sent via mail and email. If you wish to receive updates, please sign up above.

To unsubscribe from this newsletter / Blog, please click here

Recent Issues

  1. 25Jan.html
  2. 25Feb.html
  3. 25Mar.html
  4. 25Apr.html
  5. 25May.html
  6. 25Jun.html
  7. 25Jul.html
  8. 25Aug.html
  9. 25Sep.html
  10. 25Oct.html

Prior Years

  1. 2024
  2. 2023
  3. 2022
  4. 2021
  5. 2020
  6. 2019
  7. 2018
  8. 2017
  9. 2016
  10. 2015
  11. 2014
  12. 2013
  13. 2012
  14. 2011
  15. 2010
  16. 2009
  17. 2008