Expert(s):
Thycoticfeature_status*/ ?>
Chief Security Scientist

Comments Dotted : 13
October 19, 2020

Experts Reacted On News: British Airways Fined £20m For Data Breach
Our job in cybersecurity is to make it difficult for criminals to protect the business and customers data.
The recent news recording another huge ICO (Information Commissioners Office) fine of £20m this time against British Airways for failing to protect the personal and financial details of more than 400,000 of its customers is another reminder to protect and secure privileged access as cybercriminals will allow look to gain privileged access as it allows them to move around the network and gain access to sensitive files or databases including employee and customers personal data. The.....Read More
The recent news recording another huge ICO (Information Commissioners Office) fine of £20m this time against British Airways for failing to protect the personal and financial details of more than 400,000 of its customers is another reminder to protect and secure privileged access as cybercriminals will allow look to gain privileged access as it allows them to move around the network and gain access to sensitive files or databases including employee and customers personal data. The investigation found that the attacker discovered a username and clear text password of a privileged domain administrator account left in an unsecured file that once in the hands of a criminal hacker literally means it is game over. Organizations must prioritize privileged access security and never leave domain admin accounts unprotected in clear text within a file otherwise it is an easy win for the criminals. Our job in cybersecurity is to make it difficult for criminals to protect the business and customers data.  Read Less
July 22, 2020

ISC Russia Report – CISO Comments On Cyber Attacks Facing Government
it is important that political efforts are prioritized and countries must work together to reduce the safe havens
No one country can win a cyberwar alone and this means it is critical to have international cooperation to defend and respond offensively to aggressive cyberattacks. The UK must adopt a cyber defence league similar to what Estonia introduced after the 2007 cyberattacks and CV19 which involved Cyber Volunteers helping defend the Healthcare services during COVID-19. The UK must bring together both public and industry expertise to defend democracy when under cyberattack and at the same time,.....Read More
No one country can win a cyberwar alone and this means it is critical to have international cooperation to defend and respond offensively to aggressive cyberattacks. The UK must adopt a cyber defence league similar to what Estonia introduced after the 2007 cyberattacks and CV19 which involved Cyber Volunteers helping defend the Healthcare services during COVID-19. The UK must bring together both public and industry expertise to defend democracy when under cyberattack and at the same time, creating an international cyber offensive to incapacitate the origin of cyberattacks. However, it is important that political efforts are prioritized and countries must work together to reduce the safe havens that cybercriminals have operating from countries out of reach from prosecution.  Read Less
June 10, 2020

Babylon Online GP Service Suffers Data Breach
While the risk was limited, it is a scary thought that sensitive patient data via video consultations could be accidently disclosed.
While the risk was limited, it is a scary thought that sensitive patient data via video consultations could be accidently disclosed. This is a reminder of how important the principle of least privilege is along with strong access controls that reduce accidental data disclosures. This has become an all too common occurrence, as highlighted in the recent 2020 Verizon Data Breach Investigations Report which revealed that human error and misconfigurations are on the rise and contributing to many .....Read More
While the risk was limited, it is a scary thought that sensitive patient data via video consultations could be accidently disclosed. This is a reminder of how important the principle of least privilege is along with strong access controls that reduce accidental data disclosures. This has become an all too common occurrence, as highlighted in the recent 2020 Verizon Data Breach Investigations Report which revealed that human error and misconfigurations are on the rise and contributing to many data breaches.  Read Less
May 14, 2020

Expert Reaction on City Index breach
The value of credit card data alone being sold on the dark markets is at an all-time low.
Organised cybercrime is on the increase and financial details continue to be a top target. Criminals will always try to gain unauthorized access to where the money is and the global stock markets and FX market surely has a lot of it, making it a very attractive target. However, stealing the numbers alone are no longer sufficient value and it means cybercriminals are more coordinated in their attacks to steal as much data as possible to increase the rewards of the crime. Digital Insider.....Read More
Organised cybercrime is on the increase and financial details continue to be a top target. Criminals will always try to gain unauthorized access to where the money is and the global stock markets and FX market surely has a lot of it, making it a very attractive target. However, stealing the numbers alone are no longer sufficient value and it means cybercriminals are more coordinated in their attacks to steal as much data as possible to increase the rewards of the crime. Digital Insider trading is also another area on the increase by criminal hackers which is why companies such as City Index are a prime target, not to deploy ransomware like most security incidents, but to gain insights on making small changes to data that could result in billions in financial profit for criminal organizations or Nation States which is untraceable. The value of credit card data alone being sold on the dark markets is at an all-time low usually somewhere between $3 - $10 but can go much higher depending on credit limit. However, verified credit cards or credits cards that have been combined with other sensitive personal information such as name, DoB and home address can go for much more. This is why data breaches containing personal data are a growing concern as it can lead to identity theft or access to greater privileges or data. City Index has recommended to reset passwords though I would recommend to even do more; get a password manager that makes unique, complex passwords as well as use Multi-Factor Authentication where possible. This should act as an important reminder never to reuse passwords and today it should be common sense to be using a password manager to make your online security more manageable and secure.  Read Less
May 12, 2020

Cybersecurity Expert On Intel Thunderbolt Port Flaw
Unfortunately for this attack, there is no easy fix and any vendor’s hardware exposed by this attack.
The Thunderbolt flaw exposed on millions of computers is a serious issue as it allows an attacker only a matter of minutes to bypass the device security that keeps unauthorized users out. Though luckily for this attack, it does require physical access and requires visible tampering so it can only happen when an attacker is alone for several minutes with your computer. This means leaving your computer for only a few minutes gives an attacker the ability to gain access to your data, activity.....Read More
The Thunderbolt flaw exposed on millions of computers is a serious issue as it allows an attacker only a matter of minutes to bypass the device security that keeps unauthorized users out. Though luckily for this attack, it does require physical access and requires visible tampering so it can only happen when an attacker is alone for several minutes with your computer. This means leaving your computer for only a few minutes gives an attacker the ability to gain access to your data, activity and accounts. It might be worth making it a little bit more difficult and placing tamper resistant stickers over your device screws to at least make any tamper more visible, though this by itself is not full proof. Making sure to log off when you leave your device unattended makes it more difficult, though again, not impossible for the attacker to gain access. Anything you can do to force the attacker to take more time being successful for such attacks increases the risks of them getting exposed. At this time, I have not seen any evidence of this attack being used though it does raise questions to how long attackers may have known about this. Unfortunately for this attack, there is no easy fix and any vendor’s hardware exposed by this attack will need to come up with creative ideas to make it more difficult and fully resolve the vulnerability.  Read Less
May 07, 2020

World Password Day – Cybersecurity Expert Comments
Ensure that you have started to use passphrases to help make your password long and include some complexity as well.
World Password Day is a day to review your password hygiene to ensure you are up to date with the latest best practices. It is always important to review your current password habits and one of the most important topics this year is which of your passwords is the only thing protection your accounts, meaning you have not combined it with another security control such as two-factor authentication. Passwords are usually the only security protecting most people’s sensitive information and this.....Read More
World Password Day is a day to review your password hygiene to ensure you are up to date with the latest best practices. It is always important to review your current password habits and one of the most important topics this year is which of your passwords is the only thing protection your accounts, meaning you have not combined it with another security control such as two-factor authentication. Passwords are usually the only security protecting most people’s sensitive information and this year you should do a detailed review of what your bad habits are. Most passwords can be easily cracked, with approximately 20% of passwords using commons known words that are available in dictionaries, making them easily guessed. For many, passwords are used repeatedly for all types of accounts, such as your corporate Salesforce login, your Facebook account or your bank. And for some, that favorite password may be older than your current relationship. The problem is that it’s putting you at risk of identity theft, ransomware, an online account hack, computer viruses and more. It is also important when you do change your password to only perform this task from a safe network and not a public location. This year, review your password best practices. Ensure that you have started to use passphrases to help make your password long and include some complexity as well, although the debate about how frequent you should change your password continues. My recommendation is that it should not be older than one year. It’s best not to wait until you are notified about a data breach as it usually means cybercriminals had access for longer than two hundred days.  Read Less
February 20, 2020

Experts Insight On Ransomware Attack Forces U.S. Gas Pipeline To Shut Down
A strong incident response plan and business continuity should be a top priority.
Cyber security of critical infrastructure is absolutely crucial, as the consequences of an attack can be severe and widespread with the potential on having a cascading effect on other facilities or suppliers. Cyberattacks against the energy sector can have rippling effects to other critical infrastructure that depends heavily on energy such as hospitals without power, logistics on hold and transportation delays such as road, rail and flights, meaning that major cities within 24 to 48 hours can.....Read More
Cyber security of critical infrastructure is absolutely crucial, as the consequences of an attack can be severe and widespread with the potential on having a cascading effect on other facilities or suppliers. Cyberattacks against the energy sector can have rippling effects to other critical infrastructure that depends heavily on energy such as hospitals without power, logistics on hold and transportation delays such as road, rail and flights, meaning that major cities within 24 to 48 hours can run out of food, which could easily lead to chaotic events. In this case, the attacker gained access to the network via a phishing email which gave the attackers a way into both the facility’s IT network and their OT network, and to defend against such attacks an organisation needs a balanced approach between strong technology and employee training. Enforcing a least privilege strategy will limit the damage if an employee does accidently fail victim, but from a human standpoint it is important that employees are empowered to speak and report when they identify suspicious activity as an early warning can allow the IT department to catch early attempts and add them to the email filter to prevent similar attacks. One major security lapse that was highlighted was the lack of incident response and business continuity plan relating to cyber-attacks meaning this facility was not ready to deal with modern day cyber incidents. A strong incident response plan and business continuity should be a top priority for all critical infrastructure providers and it should be tested.  Read Less
January 29, 2020

Huawei Set For Controversial Limited Role In UK 5G Networks – Experts Reactions
However, they did commit to improving security by committing to invest $2 Billion.
The latest news emerging that Huawei will have a limited role in the UK’s deployment of the UK 5G network, excluded from the core network and capped at 35% is surely going to cause some disagreement between the Five Eyes Intelligence Alliance. Irrespective of which vendors are chosen for the UK 5G network they should all be going through a serious Risk and Threat Assessment to determine how to deal with the future cyber-attacks and threats, so this should not be including only Huawei but all .....Read More
The latest news emerging that Huawei will have a limited role in the UK’s deployment of the UK 5G network, excluded from the core network and capped at 35% is surely going to cause some disagreement between the Five Eyes Intelligence Alliance. Irrespective of which vendors are chosen for the UK 5G network they should all be going through a serious Risk and Threat Assessment to determine how to deal with the future cyber-attacks and threats, so this should not be including only Huawei but all vendors must be treated equally. In my opinion it is good to de-risk technology, so you are not solely dependent on a single point of failure. The use of Huawei will surely mean that encryption is going to be critical to maintain confidentiality of communications as with all infrastructure designs there is usually configuration mistakes or design flaws that could mean sensitive data goes via Huawei equipment at some point in the future. The downside of this decision is, as we know from the previous assessment released on Huawei, they have poor cybersecurity practices and known vulnerabilities. However, they did commit to improving security by committing to invest $2 Billion. It does mean choosing Huawei will likely result in an increased operational cost to keep the systems patched, harden systems and configure correctly. With all decisions sometimes you are sacrificing security and operational costs by choosing the cheapest hardware and I was once told you are not rich enough to buy cheap things, we must make decisions based on the ROI and Lifespan of the hardware not the upfront costs. Overall given that the UK are heading for BREXIT and pending trade agreements with the US and EU this decision could impact some of those talks.  Read Less
January 28, 2020

Cybersecurity Experts Weigh In On Jan. 28 Data Privacy Day
If you sacrifice privacy you are also sacrificing security and ultimately ends in a lack of trust.
It can be argued that the end of privacy as we know it is closer than you may think. In essence, privacy allows citizens to be free and when you take away or constrain privacy, you take away citizens freedom. The reality today is that almost everyone is being tracked and monitored 24/7 with thousands of cameras recording your expressions, fashion, interactions and speech to determine what you need, what you might be thinking and who you are meeting. Algorithms can even determine what your.....Read More
It can be argued that the end of privacy as we know it is closer than you may think. In essence, privacy allows citizens to be free and when you take away or constrain privacy, you take away citizens freedom. The reality today is that almost everyone is being tracked and monitored 24/7 with thousands of cameras recording your expressions, fashion, interactions and speech to determine what you need, what you might be thinking and who you are meeting. Algorithms can even determine what your next action might be. Privacy should be universal. However, we tend to have different definitions of privacy in the digital world as opposed to physical world. EU GDPR has been a ground-breaking change that set new regulations around digital privacy, empowering citizens with clear cut rights around consent and transparency of their personal information online. It was a step in the right direction and has drawn a line in the sand into what’s acceptable and what’s not acceptable in terms of data privacy, collection and processing. Some governments are looking to abolish privacy from their citizens altogether - citing terrorism as the reason. Ironically, these same governments have also stated the need for end to end encryption to protect against new risks; with Huawei’s involvement with 5G being a prime example. Encryption is a citizen’s right to have digital privacy just as we do in the physical world. Privacy, security and trust must come as a package; they are all related and needed in order to build a cyber resilient society. If you sacrifice privacy you are also sacrificing security and ultimately ends in a lack of trust. We hear the term ‘data is the new oil’ however I disagree with this. Humans are the new oil - we are the ‘product’ and data is the commodity which is transacted to create value, so it stands to reason that technology companies are data hungry and want as much of this information as possible.  Read Less
December 17, 2019

Comment: New Orleans Government Shut Down By Massive Cyber Attack
While the actions of the New Orleans city government appear extreme they have done the right thing as preventing data from being destroyed is better than having to recreate it.
The recent actions by the New Orleans city government’s declaration of a state of emergency shows the effect that a cyber-attack can have on a city. In my experience, sometimes it is better to shut things down to prevent systems from becoming encrypted by ransomware as well as to prevent employees from clicking on phishing attempts that could see accounts becoming compromised. It is better to have a temporary loss of service rather than deal with recovering from a ransomware attack......Read More
The recent actions by the New Orleans city government’s declaration of a state of emergency shows the effect that a cyber-attack can have on a city. In my experience, sometimes it is better to shut things down to prevent systems from becoming encrypted by ransomware as well as to prevent employees from clicking on phishing attempts that could see accounts becoming compromised. It is better to have a temporary loss of service rather than deal with recovering from a ransomware attack. However, it shows that when critical services are unavailable or processes go back to manual it can create major service disruptions. While the actions of the New Orleans city government appear extreme they have done the right thing as preventing data from being destroyed is better than having to recreate it.  Read Less