Category Archives: Cybercrime

Are Ransom Payments Supporting Terrorists?

– Organizations, particularly those that recognize that they don’t have essential security and data recovery measures in place, have taken out cyber insurance, which they are regularly using to pay off ransomware attackers. I find it curious that these insurance companies seem to be willing to pay…

Schneider Targeted Yet Again

– In an April 30, 2019 article by Danny Palmer with the title “Cybersecurity: The key lessons of the Triton malware cyberattack you need to learn,” available at https://www.zdnet.com/article/cybersecurity-the-key-lessons-of-the-triton-malware-cyberattack-you-need-to-learn/ the reporter describes…

Is Encryption Evil or Just Not Worth It?

– This is a strange question for an InfoSec professional to pose, don’t you think? But it’s not so far-fetched as it may seem. Take, for example, the common assertion that most cyberattacks are at the application layer level. Whenever this is the case, then hijacked customer accounts, say, allow…

Is Secrecy Over?

– Is this not an incredible question? We’ve been bombarded over the past couple of decades with numerous cases of privacy compromise. But secrecy! Is nothing sacred anymore? Not if you read the November 12, 2017 New York Times article “Security Breach and Spilled Secrets Have Shaken the N.S.A.…

Are We Secure? And Other Ridiculous Questions

– I would expect that practically every infosec professional has been asked at one time or another “Are we secure?” by non-technical senior executives. Technical executives know better than to ask the question. But what is an appropriate answer? If you say “Yes” you have assumed all…