Category Archives: Security

My interview with Research Professional about the dilemma faced by organisations on whether to pay ransomware.

China have launched a global data security initiative, outlining principles to be followed in domains ranging from personal information to espionage. It is an interesting move given the global politics which are taking place now between China and the West.

The global data initiative contains eight proposals. It suggests that states handle data security in a comprehensive, objective and evidence-based manner, and oppose ICT activities that use data to conduct activities that undermine other states’ national security and interests.

It calls on states to oppose mass surveillance against other states, and to refrain from asking domestic companies to store data generated and obtained overseas in their own territory. States should respect the sovereignty, jurisdiction and governance of data of other states, and any bilateral data access agreement should not infringe upon the judicial sovereignty and data security of a third state. It also requests that ICT products and service providers not install backdoors in their products and services to illegally obtain user data, or manipulate users’ systems and devices. It also aks that ICT companies should not seek illegitimate interests by taking advantage of user dependence on their products, nor force users to upgrade their systems and devices.

The US led backlash against Chineese tech companies seems to show no signs of slowing down. Recent weeks have seen the U.S. accussing China’s technology companies such as TikTok of posing national security threats by collecting user data and sending it back to Beijing. It can be difficult to disentangle legitimate national security concerns from traditional xenophobia against Chinese companies. Huawei have strived to be open in their dealings with national network operators as best exemplified in the UK where the National cyber security centre manage introspection of the core code for backdoors and the most damaging insight to date seems to be a difference in production code and supplied test equipment but a multitude of legitimate reasons for such an anomaly exist. Initiatives like this can only be welcomed at this time. The 8 proposals so seem like the address US concerns. It remains to be seen however how the initiative is viewed by foriegn powers. One aspect that most will agree with is that we all need transparency for the forthcoming cyber-world and intiatives like this if adopted can be for the greater good of all.

So you didn’t patch your iPhone today….and you read that there is a “Zero day threat” against your phone OS/apps….you feel vulnerable. OK.

So, this is then where I talk about blah blah blah but ultimately if I feel that person is genuinely scared (as I have often found many women to be…..especially very clever women), then I will ultimately end up talking about threat actors.

Treat actor is just a fancy technical name for ‘enemy’. I will make this short by stating there are three kinds of threat actors (in my head at least) – Government, Hackers and amateurs.

Government – means rogue governments. I ignore true democratic countries which for the most part try to use resources to protect against real national security treats. I live between the UK, Ireland and France and not one of these ‘home lands’ would ever be a treat to me. So government means that you should worry about this treat actor if you are person of influence or a politician. Then you should hire cybersecurity experts….like me. I may not protect them against advanced persistent threats for long but I would know which extra yard to go to have reasonable and fair security.

Hackers are a threat to all from the politician to the postman. All of us need to be sensible about updating devices and software and in trying to have strong secure unique passwords on all sites. However many hacker attacks are simply indiscriminate and your insecure webcam or password dump was simply happened upon by them.

Amateurs are basically those who are looking to tap their spouses phone, or a pupil trying to hack a teacher’s computer. Yes some can be serious as they can involve perverse men harassing women but these against are usually carried out by physical access to the hacked victims phone.

So what is the point to this? What I am trying to explain is that the majority of the public really do not understand a real cyber threat to them. Yes, all of us industry have to keep in mind that there is real cyberwar. There are real battles happening now in the world and the more we can encourage honest men and women into true jobs in the industry, the better for us all. I hate when I read about a scam on some person. I hate ransomware which causes so much disruption in this word. However when I say these words, I am reminded of how tempted I have been in the past to use any skills I have, to earn dishonest money ….by basically stealing it….that simple. This breaks a golden commandment….I just thank God I can see the stars tonight if I desire……honesty always leads to a freer mind.

My interview on BBC Radio Foyle about Zoom shares hitting a record high on Monday as the company announced blowout earnings for the second quarter of 2020.

The video conferencing platform has seen explosive growth in 2020, fueled by the increase of remote work during the Covid-19 pandemic. It made as much money in the past three months as it did in the entirety of 2019, beating the already-optimistic predictions of analysts.

My interview with Information Age on IoT’s role in helping cities become more sustainable.

My interview with the Irish Times on the need for risk assessments to ascertain the risk to customer data.

My interview with Sputnik News on the problems caused by the Office of Qualifications and Examinations Regulations which resulted in chaos.

My interview on Highland Radio about some of the more dangerous online scams during covid-19.

My interview with CNN Prima News (Czech Republic and Slovakia) about President Donald Trump announcing he is banning the Chinese-owned video-sharing app TikTok in the US.

My interview with New Statesman on preventative measures Twitter could have taken to prevent the phishing attack which led to the recent hack.