If you’re not in the public eye, you’re not likely to get hacked for fun. Anonymous et al are in it for the oxygen of publicity. Most hackers are in it for the money. So to understand your risk, you need to follow the money. How can hackers monetise you? Firstly, by using you as … Continue reading How does this hacking thing work, then?
A chain is only as strong as its weakest link. Are you that link? Hackers don’t come in through the firewall. They come in, most of the time, through a much easier route: the staff. How? By exploiting basic psychology, and being prepared to do a little research. The easiest way to get someone’s password … Continue reading 6 rules to avoid disaster: a practical guide to phishing and spear-phishing
Most people’s image of cyber-crime comes from the media. A slovenly teenager sits in a darkened room, typing frantically in front of a bank of screens. Cut to shirtsleeved workers, typing in equally frantic defence in front of their screens. At some point the hacker is “through the firewall” and has complete control. Shortly afterwards … Continue reading Why security awareness training is more important than firewall upgrades
By rights, 2015 should be the year of cyber security. After all, 2014 was the year of cyber-security failure. Just consider some of the highlights: Target Michaels JP Morgan Sony Pictures Viator Home Depot Goodwill Nieman Marcus US Postal Service iCloud (if none of the others mean anything to you, this one will. Just think … Continue reading What a year it’s been – review of IT security 2014
You probably won’t win £108 million on the lottery. But you will get hacked… There are times when I find it harder than usual to stay upbeat. As I’ve said before, much of what we do as IT security professionals feels like preaching Armageddon to atheists. They’re convinced it won’t happen, so they don’t really … Continue reading It could be you