#4 - Life’s a Breach - Is My Data Safe?

#4 - Life’s a Breach - Is My Data Safe?

December 12, 2017

No! Thanks for reading (listening).

It could be worth defining what a data breach actually is.

Cyber security people often refer to three essential pillars upon which anyone responsible for data must adhere. They are called the CIA, oddly. Not to be confused with the American super-spy organisation or the FBI, NSA, USPI (US Postal Inspectors of course) or NCIS (whatever the hell that actually is… is it even real?)

The CIA of cybersecurity stands for Confidentiality (can you keep my secret), Integrity (can you make sure my secret cannot be accessed or changed by anyone else), Availability (can anyone else deny me access to it).  If somebody screwed up any of these it’s a problem. A data breach is when a company royally screws up the first one, Confidentiality, and allows data about us, that we trusted them to keep on the down low, available to others.

Two of the most high profile examples which occured in 2017 were of course Equifax and Uber. I could easily spend this whole time ripping into the Equifax breach alone but thankfully, John Oliver and Last Week Tonight have already done a stellar job of that. I highly recommend checking that out.

The Uber breach was also super fun and also had in common with Equifax an attempt to cover it up, or, at least pretend it wasn’t happening for a while.  The Uber/Equifax policy on disclosure is somewhat akin to Homer Simpson, aptly putting it…”I’ll hide under some coats and hope that somehow everything will work out!”

The Uber breach was extra special in that they actually paid the hackers to shut-up and destroy the data they stole so no worries there right? Because hackers have a really rock solid code of ethics. Uber even said they had evidence to suggest data was destroyed. What evidence exactly was that? A screen shot of an empty directory called “Stuff we Stole from Uber” or perhaps they just send them a empty USB stick in the mail with a post-it note saying “See! Gone! We cool?” I’m not totally convinced. Have a quick surf through Dream Market (other Dark Web Marketplaces are available) and see what’s there.

But how do these things happen in the first place? 

Read more in the official show notes

#3 - The Mysteries and Insecurities of IoT (a.k.a The Internet Of Things 2017)

#3 - The Mysteries and Insecurities of IoT (a.k.a The Internet Of Things 2017)

November 28, 2017

The Internet of Things! Oh! That! The Internet… got it… Of… no problem… Things… nope you lost me.

When I first heard the term IoT I had no f*cking idea what it was and what it meant. Obviously it was made completely clear when I was told what it stood for…

How long did it take, and who came up with that catch phrase?  And why on earth did it stick?  Internet of Stuff would have been IOS and we can’t have Apple breathing down our necks. Internet of Devices? What stopped us there? The Institute of Directors perhaps? Those biz savvy suits play hardball about being top dog on the google search so we couldn’t usurp that acronym. So here we are with IoT.

Regardless of how we got here… IoT is a buzzword/acronym/TLA (three letter acronym)/phrase which only through the atrition of use is starting to become somewhat understood.

Defering to wikipedia (give that guy some money) it’s defined as: “The Internet of things (IoT) is the network of physical devices, vehicles, home appliances, and other items embedded with electronics, software, sensors, actuators, and network connectivity which enable these objects to connect and exchange data.”

Teddy "Creepy" Ruxpin

Teddy “Creepy” Ruxpin

It’s that last bit… the “network connectivity” that is the critical new element that creates IoT.  We’ve had the “physical devices, vehicles, home appliances, and other items embedded with electronics, software, sensors, actuators”…and of course the machine that goes “ping!” for a while now in the form of TVs, toasters, baby monitors, lawn mowers, ovens, heart monitors and teddy bears. Yes Teddy Bears. I’m thinking of that old scary Teddy Ruxpin thing from the 80s. It haunts me in my nightmares.

Read more on our blog/shownotes page.

#2 - The Ransomware Show (2017)

#2 - The Ransomware Show (2017)

November 14, 2017

This is one of those subjects that has struck everyone from the techno security guru to the average person who might simply be trying to do their job.  Ransomware brands such as Goldeneye, Petya (and its counterpart NotPetya), Cryptolocker, CryptoWall, Locky, WannaCry and very recently, Bad Rabbit (to name only a few) have been making headlines across the globe.

I’ll start by taking a quick step back and just define Ransomware before I discuss how it tricks us into letting it in the door. I'll then take you through the stages of it's existence and finally what we can do to be better in the face of quickly advancing and mutating Ransomware attacks.

2017 was the year of the Ransomware... or is it?  2018 is just around the corner so only time will tell.

Check out the full blog article based on this podcast on the Codifyre website.

Follow on twitter

Like on Facebook