Wake up calls
WannaCry hit around 150 countries, unleashing ransomware indiscriminately against hospitals, telecoms providers, and an assortment of companies across all verticals and of all sizes.
So, it’s not wrong to suggest, as Microsoft President Brad Smith did, that the governments of the world should treat this attack as a wake up call.
However, there’s one snag. As Alina Selyukh states in this article, there have been decades of cyber ‘wake up calls’ with little evidence that anyone has woken up.
The question for the security industry is, whether yelling from the bottom of the stairs like a parent trying to wake up a teenager is the solution, or would they need to resort to more drastic measures?
What is consent?
Consent is one of those topics that gets a lot of air time for the wrong reasons. Not least of all when it comes to making someone a cup of tea - as in this great video.
But in the realm of security, and more specifically the General Data Protection Regulation (GDPR) there is the issue of consent that is getting a lot of air time. Many are interpreting the regulation to mean that under GDPR consent is a mandatory requirement for all processing of personal data.
This well-written article articulates what GDPR does and doesn’t say about consent, and why it’s not always mandatory.
Free course by Troy Hunt: The GDPR Attack Plan
Biker gang hacks Jeeps
A biker gang allegedly stole and smuggled to Mexico over 150 Jeep Wranglers. They did this by matching VIN’s with credentials stolen from a Jeep dealer that contained the information needed to cut and program duplicate keys.
This serves as another reminder of how connected functionality can be taken advantage of by miscreants. So one has to wonder how much liability should rest with the Jeep for pairing sensitive data with publicly visible VIN.
The rise of ‘stalkerware’
While everyone is looking at the theatrics on display - the NSA or other government agencies with a vast array of surveillance tools, it can be easy to overlook the dangerous, and potentially life-threatening rise of stalkerware which enables domestic violence.
Online harassment and cyberstalking
This software company may be helping people illegally spy on their spouses
Abusers using spyware apps to monitor partners reaches ‘epidemic proportions’
Economic analysis of ransomware
Economists have figured out how to extract the most profit from ransomware. A recent paper from three University of Kent researchers makes several suggestions at how ransomware developers can increase their bottom line.
Today ransomware developers may not worry too much about perfecting their pricing strategy, owing largely to high infection success. As individuals and companies become more resilient to attacks, they will likely look to such models to increase their profitability.
Economists have figured out how to extract the most profit from ransomware
(PDF) Economic analysis of ransomware
Privacy
The unfortunate downside to being almost constantly digitally connected is that people have become deaf to the cries for privacy.
Want to understand how data is leaked in online advertising? Check out this short animation.
There was no golden age of air travel
Finally, in non security news... Air travel seems to be sinking to an all time low. With seats getting crammed together, in-flight services declining, pointless and invasive airport security checks, and to top it all off, there’s the occasional system outage.
