The Exploit

Notes from the Front Lines of Penetration Testing

Hurricane Ida: Limiting the Damage

Hurricane Ida: Limiting the Damage

Written by

Scottie Cole

As someone who has lived through several hurricanes and worked as a first responder for years, my heart breaks for our neighbors on the Gulf Coast and inland areas who are now assessing the damage from Hurricane Ida. For those who haven’t experienced it, devastation doesn’t begin to describe the aftermath of such a powerful storm.

While we hope and pray for the people who were in the storm’s path, I want to offer a few tips from the cybersecurity career I’ve pursued since leaving emergency services work 16 years ago:

  • Scammers strike when we’re most vulnerable. Don’t let your guard down now.
  • Be mindful of what you post on social media. Giving too much personal information could lead to identity theft or give a criminal the location of your home you just evacuated. Provide personal information only to valid sources like FEMA, the Red Cross, and your insurance companies.
  • Be on high alert for phishing emails disguised as aid requests. Legitimate rescue personnel (volunteer or professional) will never ask for money. Donate to the Red Cross, Salvation Army, or a local organization you already know and trust.
  • Rely only on reputable sources for critical information. Social media is good for keeping up with friends and relatives, but it’s also full of misinformation and scams. Double-check important news by cross-referencing it on local, state, or federal government pages, or with reliable media. Also, remember that there are a lot of “fake” media pages.
  • If you’re in an area that is hard hit and don’t have cell phone service, turn off your phone. The phone will die more quickly if it’s searching for a cell tower. Turn it on later and see if cell service is restored. If not, turn it back off, and try again later.
  • Likewise, don’t send sensitive information over public WiFi. In the wake of a disaster, it’s all too easy for scammers to intercept traffic and collect passwords, credit card numbers, banking information, and other private data.

We can’t prevent hurricanes, and it’s likely there will always be scammers and hackers among us. However, a little caution can help us avoid being victims of a man-made disaster at the same time we deal with nature’s worst destruction.

Written by

Scottie Cole

Scottie has over 20 years working in IT. He has experience with systems administration, networking and wireless, and security. He currently holds certifications as a GIAC Penetration Tester (GPEN) and a Certified Information Security Professional (CISSP). In his spare time, he enjoys learning new technologies, being with family, fishing and going to the beach.

Scottie Cole
Scottie has over 20 years working in IT. He has experience with systems administration, networking and wireless, and security. He currently holds certifications as a GIAC Penetration Tester (GPEN) and a Certified Information Security Professional (CISSP). In his spare time, he enjoys learning new technologies, being with family, fishing and going to the beach.

Posted on

Categories:

Also by Scottie Cole
  • Wireless Series: Using Wifite to Capture and Crack a WPA2 Pre-Shared Key for Penetration Testing
  • Cisco Releases Patch for CVE-2025-20188 – 10.0 CVSS
  • The CrowdStrike Outage: Lessons Learned
  • Cool Tools Series: Host Discovery in Penetration Testing

Human Vs AI Pentesting

While AI tools offer speed in detecting known vulnerabilities, they fall short with 20-35% false positives and only 50-65% success on complex threats like business logic flaws, as per mainstream reports from Verizon and OWASP. Human penetration testers at Raxis deliver 85-90% detection rates, precise prioritization, and ethical adaptability, ensuring your organization stays ahead of real-world attacks.

Learn More

Partner With Raxis

Partnering with Raxis empowers your business with elite penetration testing services, competitive reseller pricing, and recurring revenue opportunities, all backed by a proven track record of excellence and a commitment to staying ahead of evolving cybersecurity threats.

Learn More

Penetration Testing

Tailored, expert-led penetration testing services that uncovers hidden vulnerabilities using real-world hacker techniques, providing actionable insights to strengthen your defenses and protect against sophisticated cyber threats.

Learn More

Read More From The Exploit

  • Dangers of Storing Sensitive Data in Web Storage: 5 Real Attack Scenarios

    Dangers of Storing Sensitive Data in Web Storage: 5 Real Attack Scenarios
    By Ryan Chaplin • August 26, 2025
    Read More
  • Choosing a Penetration Testing Company: Part 3

    Choosing a Penetration Testing Company: Part 3
    By Caroline Kelly • July 29, 2025
    Read More
  • Microsoft Releases Security Patch for Actively Exploited On-Premises SharePoint Vulnerabilities

    Microsoft Releases Security Patch for Actively Exploited On-Premises SharePoint Vulnerabilities
    By Jason Taylor • July 22, 2025
    Read More
  • Choosing a Penetration Testing Company: Part 2

    Choosing a Penetration Testing Company: Part 2
    By Brad Herring • July 1, 2025
    Read More

Ready to See Raxis One In Action?

See how we transform traditional pen testing into interactive security intelligence that keeps you informed every step of the way. From real-time attack progression to detailed remediation guidance, Raxis One gives you unprecedented visibility into your security posture as it’s being tested.

Schedule a Demo