Four Types of Cybercrime

Let’s start with four. More are available. There are more sub-divisions than there are branded coffee outlets in London.

Personally, I’d never heard of malvertising but it’s a big problem in India at the moment. Identify theft we are all aware of but how many of us really take this seriously. I always imagine someone coming up to you in the street & talking about your most personal information – all stuff you’ve shared online.

Cyberstalking – a nasty, very personal attack which can be motivated by money or something even worse.

Spam & Phishing – team this one up with a bit of social engineering & it’s like finding an irritated scorpion in your sleeping bag that was in a real bad mood even before you sat on him. Just one click, that’s all it took. So convincing. Click on the mysterious link, go on, we’re friends now – Clickie Click Here

(Note to my few readers – yeah things are a bit simple at the moment on my blog. Yeah there are lines in the drawings. That’s just how it is. I’ll keep updating the site as I learn stuff but if you’re an MSc student from somewhere or a 20 year security veteran who knows what a container is, hey you’re not gonna learnt a lot here.)

Here’s a graphic to summarise what’s in my brain:

New Picture (3)

 

 

7 Odd things in cyber security

Here are some of my early observations as a noob on the wacky world of cyber security.

(1) It’s complex. Lordy is it complex. No one really seems to understand it. We don’t even really grasp the scope of the risks. That explains why even our hospitals are vulnerable to relatively simple cyber-attacks. That should worry us shouldn’t it? If all the PhD’s in the industry don’t get it, what chance do we have? To paraphrase Whoopi Goldberg in Ghost :-

tumblr_mkwuxusXbm1qbshgko4_250

(2) We’re told North Korea is a backward nation, cut off from the world & isolated from everyone. Yeah – even if they are, they still managed to (digitally) pull the pants down on businesses & organisation across the world. What does this teach us? Well, we are told that cyber-crime is a relatively easy game. That’s not good. Also, it gives an amazing new avenue for any Bond villains redundant since the Cold War.

(3) I went to a cyber security event last week. I came away with a stack of brochures. And some branded socks. For some reason, everyone was giving away branded socks. One of the big messages was that there’s a skill shortage. The industry goes on & on about this one. Metaphorically, they’re hammering pieces of wood over the windows and locking the doors, they’re so short of qualified people. And yet, as a noob, there are multiple qualification & accreditation paths & little in the way of a structured route into the professional for career changers. Basically, it stinks of professionals that have a vested interested in keeping the pool of qualified talent limited. The only real growth is in people to write more articles about how short the industry is of qualified professionals.

DSCF6221
Training Materials from the 1980s. Step 1 – Call the Ministry

(4) A snotty but smart teenager who spends a lot of time in his bedroom can bring the FBI & the US Army to its knees. Seriously, if these guys can’t defend their digital baggage then why bother renewing that McAfee subscription. (Seriously though, do keep your virus protection updated. It does do something, apparently.)

(5) No one cares about data until it goes where it shouldn’t. Edward Snowdon taught us this. Of course, a few people worry about it. But, most of us need a saline drip just to stay alive in any data protection training. It’s just below going to the dentist on everyone’s ‘what I don’t want to be doing’ list.

(6) There are lots of different aspects to cyber security. I learnt this from a brochure. There’s the network stuff – that’s all I really knew about. There’s the software angle. Even the people angle. Who would have thought it? I met the National Cyber Security crew from MI5 at the conference. Their ethos is ‘a pratt with a USB stick is just as dangerous as a Russian hacker with a bit coin account.

(7) Finally, block chain is nothing to do with plumbing. I read an article on it but still do not understand entirely what it is. I know it’s good to drop into conversation if you work in tech circles. You should also try Gamification. That’s another good one. Block chain is a buzzword. We should really find out what it is.

If in doubt – What the F*&* is Blockchain?

An adventure begins…

This isn’t my first blog. I’ve got a trail of graveyard blogs behind me. From zombies to deserts. Now a new blog – cyber security.

This blog is going to be a weird look into the world of cyber security. Weird because I’m no expert. I’m learning on the job. Just like the rest of the world.

There are lots of very clever people in the cyber security industry. Some of whom I’ve met and will hopefully appear on the blog from time to time. Like 007 in binary form – the heroes and heroines of a secret war.

Weird because I hope that it will have a broader appeal that just a review of the latest technical jargon. Cyber security should be in the public domain. My first prediction is that they’ll soon start calling is something different. Like Cyber Welfare or Digital Health or something no one has thought up yet.

I hope, in time, we’ll have some technical experts on to help us understand what in the hell’s going on in cyberspace.

So that’s it. A new blog on cyber security. A subject guaranteed to turn folks off. Let’s try and make it a bit more…spicy….

cropped-sean_in_the_bunker.jpg