CQ-Contest
[Top] [All Lists]

Re: [CQ-Contest] ARRL contests results site down

To: "cq-contest@contesting.com" <cq-contest@contesting.com>
Subject: Re: [CQ-Contest] ARRL contests results site down
From: jpescatore--- via CQ-Contest <cq-contest@contesting.com>
Reply-to: "jpescatore@aol.com" <jpescatore@aol.com>
Date: Wed, 22 May 2024 10:59:04 +0000 (UTC)
List-post: <mailto:cq-contest@contesting.com>
I've worked in what is now called cybersecurity my entire career, the last 10 
years (before retiring late in 2023) at SANS, a large cybersecurity training 
and information company. I'm still an editor on the bi-weekly newsletter where 
working consultants/trainers ccomment on news items. Below is what ran Tuesday 
- the ARRL piece is towards the end:
 NewsBites Volume XXVI – Issue 40 | SANS NewsBites
Note the last comment doesn't quite understand what the ARRL is...
73 John K3TN

Editor's Note

As a ham radio operator (K3TN) this one hit home! The ARRL hasn't put out much 
information, but many systems remain unavailable a full week after the 
incident. This will be a good case study for the IT and IT security problems 
small/medium-sized non-profit organizations face with small IT staffs. 
Pressures to meet demands for new services often consume staff and budget that 
are needed to assure reliability and security (today's buzzword is 
'resiliency') of existing crown jewel services. Another common problem: CEOs 
and Boards need to have it driven home that security through obscurity ('Who 
would attack us??') doesn't exist on the internet any more than it exists in 
Tornado Alley.


John Pescatore

ARRL is saying they don't believe the member database is affected. And while 
the information is public, much is available from the FCC, that database 
represents an authoritative connection of that information to the member. If 
you're an ARRL member, be on the watch for phishing emails leveraging your 
information.


Lee Neely

The ARRL is the communication system of last resort in the event of a "Black 
Sky" event and may be required to coordinate a cold start of the grid. However, 
it is highly resilient, and this application is not a single point of failure.


William Hugh Murray

_______________________________________________
CQ-Contest mailing list
CQ-Contest@contesting.com
http://lists.contesting.com/mailman/listinfo/cq-contest
<Prev in Thread] Current Thread [Next in Thread>