Stop saying yes

We learned last year that the Russian Carbanak hacking group were planning to target hospitality businesses. We learned this week that they’re succeeding, and extracting ransom (or causing disruption) at luxury hotels all over the place, including in Britain. What incredibly sophisticated technique are they using to penetrate security? Are there basements full of hollow-eyed … Continue reading Stop saying yes

You’ve got to love the English legal system

Who’d have thought an 18th century legal case would be relevant to 21st century database theft? We have a relatively recent law on ownership of databases, The Copyright and Rights in Databases Regulations 1997, another part of the infosec legal thicket. This law formed the basis of a successful claim for damages against a salesman … Continue reading You’ve got to love the English legal system

Give a man a fish, or teach him to fish?

I've been asked why, despite being a technologist by background, I don't write about tech, or cover the most recently exposed exploits. Most security professionals spend most of their time selling, implementing, maintaining and monitoring technology. Most customers looking to improve their security think of it in terms of buying product - upgrading firewalls, buying … Continue reading Give a man a fish, or teach him to fish?