Mac attack

After years of enjoying relative security through obscurity, many attack vectors have recently proved successful on Apple Mac, opening the Mac up to future attack. A refection of this is the final quarter of 2016, when Mac OS malware samples increased by 247% according to McAfee. Even though threats are still much lower than for Windows OS users, Mac users cannot afford to be blissfully complacent as they may have been in the past.

Continue reading

Securing autonomous vehicles


Roborace unveiled the design for their autonomous race car at Mobile World Congress in Barcelona this week. Without a driver the car is lightweight and high performing. Powered by four 300kW motors which run off a 540kWh battery, the vehicle is capable of speeds up to 200 mph.

Continue reading

Times are a changin’

At the start of a new year we look ahead to identify broad technological advancements with disruptive potential – and examine likely security implications. I believe there are two trends which will shape IT security in a profound way.

Continue reading

The changing face of ransomware

2016 saw a rapid rise to prominence of ransomware, with estimates of $1 billion in proceeds going to ransomware threat actors making it a major crime activity. I’ve written before about ransomware (here, here and here) – this post looks at interesting recent developments.
Continue reading

Winner at the Great British Entrepreneur Awards 2016

I am thrilled to have won the Great British Entrepreneur of the Year Award for cyber security at a gala event at the Lancaster Hotel in London last night. Thanks to the judges for selecting us ahead of finalists from companies such as Sophos, DarkTrace, Becrypt and others.


Cutting through the Dyn

Last Friday (21 Oct), one of the largest DDoS attacks ever seen, created widespread internet outage affecting services from Twitter, AWS, Reddit, Netflix, Spotify, CNN, Paypal, NY Times, WSJ, and others. The attack was directed at Dyn, a domain name service provider, whose servers interpret internet addresses, directing web traffic to the affected companies. Dyn are like an internet postal code or zip code lookup system. A statement from Dyn reported traffic from “10s of millions of IP addresses”, and customers of affected sites were unable to access web services for about two hours. Two things stood out about this DDoS attack: (1) The increased traffic was not aimed directly at the networks affected, but targeted at DNS servers hosted by Dyn, and (2) The attack was conducted through a botnet of infected IoT devices, known as Mirai.
Continue reading

Untangling quantum entanglement

Symmetrical encryption is far quicker and less resource-intense than public/private key encryption, but has the downside that the symmetrical key needs to be distributed among parties. For this reason, we use public/private key encryption to secure the transfer of the symmetrical key, and then use symmetrical encryption to secure the actual data that needs to be transferred. But what if our symmetrical key was somehow available to the other party without us transmitting it to them? That could make the encryption process faster, less resource-intense and safer.
Continue reading

AI – the upcoming transformation of digital security

Earlier this year I wrote some thoughts on Artificial Intelligence (AI). The concept of AI first originated in the mid-1950s as attempts to develop machines more like humans. Machine learning is a subset of AI and emerged in the mid-1980s. Deep learning techniques have only been refined over the past three or four years, and are a subset of machine learning.
Continue reading

Killer Robots

Earlier this month, a Dallas police SWAT team used a Remotec Andros robot to deliver half a kilogram of C-4 explosive to eliminate a crazed sniper. The problem was resolved without exposing even more police lives to danger. The age of the Terminator is here. The Andros robot is also designed to be fitted with accessories such as a 12-guage semi-automatic shotgun. This incident raises questions about the use of killer robots.
Continue reading

Brexit and InfoSec

Last week’s EU referendum was the most important political decision of the UK in many decades. In the aftermath of a surprise result, the past few days have been tumultuous with the resignation of Britain’s Prime Minister, a plummeting of the currency and stock exchange values, turbulent situations for both main political parties, and renewed pressure on the breakup of the UK itself. The full consequences of the EU decision is largely unknown at this point. As these dramatic events unfold, Britain and Europe are clearly in a state of flux and much about the future remains uncertain.
Continue reading