Author: cyberdotuk

In his latest blog post for cyber.uk, Chris Ratcliff tackles the threat posed by the Internet of Things and asks what we can do to meet the security challenges we face with more and more devices connecting to the internet.

How do you feel about being a pawn in someone else’s battle? It may sound odd, but there are currently people scanning the internet to try and take control of the gadgets and gizmos that you and I plug into our home internet connections. They’re not looking to steal our banking details or passwords or personal photos, they just want our data connections.

There have now been reported Distributed Denial of Service (DDoS) attacks peaking at 1.1Tbs of data, and this new attack vector is through the Internet of Things (IoT), that slightly odd term meaning smart TVs, light bulbs, security cameras, fridges and everything else that manufacturers think should be connected to the internet. When a vulnerable device is found, it is compromised and code uploaded to it so that when directed by a remote server, it will send junk traffic through a target. Read More

Yesterday Yahoo confirmed that it was the target of the biggest known cyber attack in history. In 2014, 500m Yahoo accounts were compromised, with data including names, email addresses, telephone numbers, date of births, hashed passwords (most with bcrypt) and security question answers, some of which were unencrypted. Yahoo has claimed that this attack was carried out by a state-sponsored attacker. Read More

A couple of days ago I was interviewed on LBC radio about the recommendation from FBI director Jim Comey that everyone should cover their webcams.  You can listen to what I had to say here:

The media response to this advice (much like the response to the fact that Mark Zuckerberg covers his) seems to have been one of surprise. However, for most in the cybersecurity industry, it won’t come as a shock. I’ve covered my laptop webcam for years as one of many precautions to stay safer online. Read More

In the final blog post of Chris Ratcliff’s series about speaking at a security conference, it’s SteelCon 2016 and the day of the presentation itself. Read on for a presenters-eye-view of standing up and giving a talk – and why, if you haven’t already, you should give it a go.

So far in these blog posts I’ve gone from never having set foot in a security con, to doing my first talk to preparing my latest one. This post is the talk itself… Read More

In the second of a great three-parter, Chris Ratcliff talks us through what it’s like to go from attending security conferences to speaking at them. This post is specifically about honing the idea for a CFP through to preparing the presentation in its entirety. If you’ve ever thought about speaking at a conference, these posts are full of helpful, reassuring and practical advice. If you’re already experienced in conference speaking, there will be so much you can relate to (hi, google image search!) and probably something you can learn from, too.

Read More

Biometrics hit the headlines again recently with news that Barclays is rolling out voice recognition technology to its telephone banking customers as a replacement for passwords. In recent years, there has been an increased focus on biometrics, for example with many people getting used to fingerprint technology to access iPhones. It’s an interesting subject from a cybersecurity point of view, as any new technology brings with it the opportunity / threat of compromise, demonstrated, for example, by this story about exploring 3D printing to bypass fingerprint access to an iPhone. Read More