this post was submitted on 03 Feb 2024
210 points (98.2% liked)

Technology

58397 readers
4943 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago
MODERATORS
L3s
[email protected]
[email protected]
[email protected]
enu
[email protected]
L4s
210
AnyDesk confirms production systems were breached. (www.thestack.technology)
submitted 8 months ago by [email protected] to c/technology
14 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] filister 18 points 8 months ago* (last edited 8 months ago)

That's very lame to say. The incentives of hackers to hack you and compromise your system is very very low. You don't represent any interest to them. So having just blocked port 22 and disabled ICMP can do the task to detract a big chunk of the automated attacks.

On the other hand commercial services are very high profile hacking targets and the attack vectors are a lot more sophisticated. Plus if you have a company, you need also to allow your employees to be able to work and you need to give them certain privileges to access the data they need. And guess what, not everyone is super careful and people make mistakes.

Once you start building stuff, you inevitably introduce bugs and dependencies, the bigger the project, the bigger the dependencies and patching all of them becomes harder and more time consuming.

Big corporations like MS, Google, Apple, etc. are having extremely strict and restrictive policies, including a huge cyber security engineers teams, and this is extremely expensive, especially for smaller companies, who are more focused on their product.

So please don't think that these companies are run by idiots but a single human mistake can lead to this compromise. And sorry to disappoint you but you aren't a cyber security guru either. Just hackers don't care about you which saves your ass.