Uber and TFL – Power to Individuals? Not under Labour

September 22, 2017 at 8:36 pm | Posted in Musings | Leave a comment
Tags: , , , ,

So, to the surprise of no one who pays attention to City Hall in London the TFL has banned Uber for reasons which to be frank are petty to say the least. Especially as many of the reasons that they state for blocking of Uber are actually the responsibility of the TFL themselves under the relevant acts of parliament.

However, with the Taxi Cab Unions putting Labour in control of City Hall this decision does not surprise me.

With 3.5 Million people using Uber and over 300k people having signed a petition against the ban already in just four hours.

However, one thing this does expose is the current Leadership of the Labour party’s distaste for ordinary people.
If there is anything that puts power to individuals to have freedom of choice and a choice of power away from the state is to Ban it.

The Labour party believes that the state is the solution to everything.

It is not, if the state is the answer to every problem then why can’t it rise to the challenge of adapting to new solutions and industries?

Because it cannot and today’s decision is a reminder of Labour’s gut instincts when it comes to any challenge and it is to Ban it. If Labour wins the next election expect your freedom of choice to slowly vanish starting with services such as Uber, Netflix and JustEat.

Advertisements

CCleaner – Trusted Application Compromised

September 18, 2017 at 4:16 pm | Posted in Cyber Security | Comments Off on CCleaner – Trusted Application Compromised
Tags: , , , , , ,

Cisco’s cyber threat intelligence division TALOS released details today of a major exploit that it has discovered within popular PC clean up program CCleaner.

TALOS’s investigation began last week when they noticed that the latest installation of CCleaner was triggering Cisco’s Advanced Malware Protection systems indicating that the software was malicious.
Further investigations indicated that within the download for CCleaner there was a hardcoded commander and control request to download malicious software through a Backdoor.

Cisco immediately informed the manufacturers of CCleaner of the exploit and a fresh version has been released.

If you have CCLeaner 5.33 please do download the latest version immediately as this has fixed the potential issue.

The bigger concern is that millions of people could have downloaded this application from a trusted supplier since the exploit was installed by the attacker and shows the importance of cyber security in order to maintain brand reputation as like Neytra attack earlier this year this is a trusted application.

for further reading check out TALOS’ blog
http://blog.talosintelligence.com/2017/09/avast-distributes-malware.html

More Authoritarianism in Venezuela & lack of condemnation from Labour Leadership

September 14, 2017 at 5:00 pm | Posted in Musings | Comments Off on More Authoritarianism in Venezuela & lack of condemnation from Labour Leadership
Tags: , , , , ,

Venezuela’s descent into tyranny and oppression continues at a startling pace. With Starvation increasing to the point that the leadership are now urging people to breed Rabbits to eat after all they have raided the Zoo’s already for food. 1

How much more will it take to get a condemnation from the leader of the Labour party?

Despite international condemnation, the leader of the Labour party all he could do was to do a Donald Trump and condemn both sides, despite clear evidence of this coming from one source.

In the case of Venezuela, it is the government, in the case of the incidents in Charlottesville it was the Far Right.

My previous post on Venezuela did get some comments regarding Saudi Arabia and Apartheid South Africa and Conservatives failure to condemn them.

Again, this rises the point of the insufferable feeling of being “right” on the left wing.

This fact remains, the Leader of the Labour Party saw Venezuela as the way forward and that we should be emulating it.

There is no one in the leadership of the Conservative Party who wanted or wants to emulate Apartheid South Africa or Saudi Arabia.

We now know that behind the Scenes the UK government under Margret Thatcher did more than any other government to end Apartheid, and to quote Nelson Mandela himself to the shock and dismay of Labour party leadership of the 80’s and 90’s.

Mrs Thatcher is “An enemy of apartheid”

Yet the leadership of the Labour party commended Venezuela as a beacon and now refuses to formally condemn now it has become an Authoritarian state.

1: As an aside eating Rabbits is a terrible idea and one that could only come from a Socialist government as Rabbit is not a good eating meat and can lead to Protein poisoning.

Equifax Compromised – Potential cost of $72 Billion

September 8, 2017 at 3:00 pm | Posted in Cyber Security | Comments Off on Equifax Compromised – Potential cost of $72 Billion
Tags: , , , , ,

Equifax, one of the big three Credit checking agencies announced last night that cyber criminals had gained access to its customer database and potentially about 143 Million of its customers have been compromised.

This is particularly concerning as the attackers had access to Equifax’s systems for almost two months and the level of information that was access, social security numbers, addresses, dates of birth, credit card numbers.

This is one of the worst data breaches I have seen in years and the response from Equifax has been poor.

For starters, they registered a new domain in order to respond to queries from 45% of the US adult population if they have been compromised in the breach. The Security companies promptly blocked it as potential phishing website as several have sprung up since.

Most damning of all, executives were allowed to sell millions in stock options after the breach was detected internally.

I cannot see this not going down the legal route.

However, this particular Data Breach allows us to put a potential cost of the Breach to it excluding the brand damage and any law suits.

Equifax is offering its Identity protection and credit monitoring services to all US residents who could have been affected by this breach.

That is around 300 million people, and the service costs $240 a year ($20 a month)

That is a potential cost of $72 Billion Dollars.

A good cyber security solution doesn’t cost that much.

August 2017 White Board Update

September 4, 2017 at 5:00 pm | Posted in Cyber Security | Comments Off on August 2017 White Board Update
Tags: , , , ,

So the White board has been wiped for the new financial month at work and now I can reveal the statistics behind the last financial month of the incidents recorded in August.

As a reminder the criteria to get on this list is that the Breach/Attack needs to be reported in major media outlet and be over 5000 records in size.

•             Average Time between Attack/Breach 2.25 Days.
•             Over a Million Records Compromised
•             7 Cyber Attacks & 12 Data Breaches.
•             Two Large Scale DDoS Attacks this month
•             One Data breach was undiscovered for 14 years.

Some of the more interesting cyber security incidents of the last month has been the attempted attack of the Scottish Parliament and the news that due to an insider threat a hospital in the United States suffered a data breach that went undetected for fourteen years.

There was also the HBO Data breach where a Cyber Criminal attempted to blackmail HBO in order not to leak the data of the latest Game of thrones series.

However, even though the UK has been on holiday for much of the month of August the Cyber security incidents have now slowed down or eased off and have remained consistent with July.

Kenya Election Result Overturned – Electronic voting Part 2

September 1, 2017 at 4:00 pm | Posted in Cyber Security, Musings | Comments Off on Kenya Election Result Overturned – Electronic voting Part 2
Tags: , , , , ,

It has been a month since I posted previously about electronic voting and my preference for pen and paper as it is more challenging to compromise that method.

https://guygrandison.wordpress.com/2017/08/01/electronic-voting-its-hard-to-hack-a-piece-of-paper/

Today it has been announced that the Supreme Court of Kenya has overturned the election result of the recent presidential election due to failures in the electronic voting system.

Now the court has not revealed if this was a result of a Cyber Attack or Data Breach and whether it was malicious or not. However, it has revealed that one of the reasons for the overturning of the result was the failures of the electronic voting system.

Given the history of “rigged” elections in some African countries I can understand the desire to go to electronic voting as it is easier than filling ballot boxes with false ballots and the mantra of “vote early, vote often.” It seems though in this case that this has failed to move by as well.

I will read the full report from the Court with interest.

Monitoring Logins – Why have I logged in from the far east?

August 30, 2017 at 4:00 pm | Posted in Cyber Security | Comments Off on Monitoring Logins – Why have I logged in from the far east?
Tags: , , , ,

During my recent trip to the United States, I was logging onto email systems and other systems from a different country and outside normal expected times. As such the systems, I was logging into (both professional and personal) demanded additional levels of authentication beyond username and password.

Multifactor authentication has now advanced to the point that tracking user behaviour (location, MAC address and login times for example) can be used as an additional authentication layer as opposed to a traditional token code.

You can view your successful and unsuccessful login on most personal websites to confirm it Is you and it is important to do this.
Monitoring logins is an easy and effective method of mitigating Data Breaches as if you can identify that a user or account is logging in from an unexpected location when they are not expected to be there you can lock the account down and prevent potential data breach.

Many attacks and breaches have been caused by stolen credentials and by simply monitoring login activity then this particular avenue of attack can be mitigated and the threat reduced.

Returning to Normal Schedule – Intuitive Networks

August 29, 2017 at 4:17 pm | Posted in Cyber Security | Comments Off on Returning to Normal Schedule – Intuitive Networks
Tags: , , ,

For the majority of the last few weeks I have been abroad in the United States attending a conference with work to discuss strategies for the upcoming financial year but also to learn more about what is coming up.

There is a lot coming up in terms of technology and strategy from Cisco but for the time being I think the best way to see what is coming is to ask Peter Dinklage.

Innovation and intuition is the most human element of all, we learn and we adapt we go from there.

July 2017 Cyber Incident Report

August 2, 2017 at 3:00 pm | Posted in Cyber Security | Comments Off on July 2017 Cyber Incident Report
Tags: , , ,

So the White board has been wiped for the new financial month at work and now I can reveal the statistics behind the last financial month of the incidents recorded in July.
As a reminder the criteria to get on this list is that the Breach/Attack needs to be reported in major media outlet and be over 5000 records in size.

  • There were Six Cyber Attacks and Thirteen Data Breaches.
  • Over 150 million records were compromised.
  • Financial Costs of the Cyber Incidents this month is estimated to be over $1.2 Billion.
  • Insider Threats continue to be a weakness of all organisations.
  • Average time between each incident is just 2.3 Days.

The largest and perhaps the most interesting was the UK Parliament attack and the Nyetya malware attacks of late June, the effects of which are still being felt today. Companies such as TNT are still trying to recover from the attack that compromised their network.

Electronic Voting – It’s Hard to Hack a piece of Paper

August 1, 2017 at 3:00 pm | Posted in Cyber Security | Comments Off on Electronic Voting – It’s Hard to Hack a piece of Paper
Tags: , , , , ,

One topic of conversation that comes up quite regularly for me is when people discuss electronic voting machines or voting online. With arguments in favour such as it will increase turnout and that it is more accessible. However, while I work In Cyber Security I will always be against electronic voting for the simple reason of, nothing is 100% secure.

Anyone in the security industry who says that a technology is 100% protected is lying.

There are still accusations that the US elections were tampered with and those rumours will continue for many years unless evidence is found. While it is possible to commit fraud using the UK’s traditional methods of pen plus paper and postal voting. The scale and the difficulties of doing it on a large scale is incredibly difficult.

This past week has reinforced my opinions on the weaknesses of electronic voting machines. At the Ethical hacking conferences in the USA this past week, various ethical hackers and researchers were invited to try and compromise the electronic voting machines used in past elections as recent as 2015.

Within 30 to 90 minutes, every machine type gifted to them was compromised with the researchers able to change hypothetical votes, play minesweeper and have the machines play videos.

Some of the machines could even be compromised remotely via wireless networks. It has been a pretty damning set of research and reinforces the point that with current technology no electronic voting machines cannot be 100% secure.

The ability to change thousands of votes just by messing with a spreadsheet and given the risk all organisations have against insider threats these machines cannot be considered physically secure either when not used in election season.

I’ll stick to my pen and paper for the time being.

Next Page »

Create a free website or blog at WordPress.com.
Entries and comments feeds.