I’ve worked in cybersecurity for more than 25 years, dealing with issues that range from security governance and policy to product design and technical security issues. One of the challenges that my colleagues and I face is that few people have been taught the basics of cybersecurity, making security discussions more difficult than they need to be. Questions like, “Is this product...
Updated 2021-02-20 with response from McAfee. Criminals will try almost anything to separate people from their money. Here is another example of another unsophisticated scam that some domain owners may, unfortunately, fall victim to.In summary, website owners may receive a message like this one through the contact form on their site. I have redacted the domain name and removed hyperlinks so that...
There are only two things that surprise me about this: First, we found out about it. It’s refreshing to see a municipal government coming clean (excuse the pun) about their water plant being hacked, Second, the attacker’s motivation appears to have been to injure people. Normally these days we would expect ransomware, but this criminal was intent on harming residents. This article...
Many of us are concerned about global surveillance and unnecessarily intrusive government powers. But there is an even bigger danger lurking around the corner: Insecure IoT devices are being turned into cyberweapons. Causing widespread Internet disruptions is easier than ever.
You can read more in my column this week.
In my column this week I wrote about padlocks and parallels with cybersecurity. One of the many things I enjoy about writing is talking to companies about their products. When I started on the article, I reached out to several padlock manufacturers including Master Lock, Abus, and Abloy. Surprisingly, none of them would talk about their products to a security columnist! In my quest for an expert...
According to the Identity Theft Research Center (ITRC), in the United States there were 780 publicized data breaches in 2015 that exposed 177,866,236 records. That doesn’t include undetected breaches or those that targeted intellectual property instead of personal data. Here in Canada we don’t know how many breaches occurred and what the practical impact of the breach notification...