Creepbook

An online advert caught my eye. A cool USB gadget that I had to check out. I go over to the site Trendy Castle and I like what I see.

I am into photography and yes, like every geek, I like gadgets. So when I see this mini camera that is a cool USB drive, I am hooked. There is a button to add this to the shopping basket, so I click. But for some reason I never actually bought the gizmo. I was having a crazy day at work and I was probably doing some late night window shopping just to unwind. I had the site’s URL saved, and it was just a matter of time … that little baby was coming to my collection.usb nikonThe next morning I get up and have my digital routine kick in. Switch on phone, check for any e-mails, Slack and WhatsApp messages (the work never stops), and I notice I have a Facebook message. I don’t often use the Facebook messenger, but occasionally it comes in handy. But this message is not from anyone I think I know. But hang on, it has been sent by Trendy Castle… Isn’t that the Web site I just peeked at last night?! The heading of the message reads: Want the cutest (yet useful) USB drive you’ll ever own? And the familiar call to action: Leave something behind?

Just now they will be telling me about photos I take, and perhaps they will do image recognition on the photos and they will try target the people I interact with. Phew, the creepy factor here has no bounds.

How does this online store know how to find me on Facebook?

This is a warning of things to come.

I really do dig this little USB gadget, and I did order one. But whoa, I am not excited about the world we are living in. Everything we do online is tracked and exploited. I still don’t understand how they found my Facebook address – I didn’t enter my email address and I didn’t “like” anything… weird.

The word opportunity

Opportunity sounds like a positive thing, doesn’t it? I mean, if someone calls you up and passionately says “I want to share an exciting opportunity with you”, then this sounds cool, right.

The thing is, from what I have learned in life, opportunity can also be a chance to hit the bottom. Yes, opportunity also means you can fail. And statically speaking, more business ventures fail than succeed. So the next time someone wants to talk to you about an amazing opportunity then make sure you are sober when considering getting involved.

Opportunity is not just about work but also about life, and love. An opportunity to go on a date, for example, does not necessarily mean you will fall in love and live happily ever after. Just think of how many crummy dates you have been on in your life. Think about the excitement beforehand and then try remember the disappointment the next day. We have all been there.

Every opportunity means we can win or we can lose. And I believe that the chances are greater that we will lose. So, why then is the word opportunity such a positive sounding word?!

I am a positive person, and I have spent my life taking risks. I have had many ups, and downs. The opportunity roller coaster can be hectic.

Opportunity is always all around us. I keep hearing of opportunities – apparently they are everywhere. And it generally sounds so good.

This ironic word has got me thinking this week. Perhaps I am considering another opportunity and getting a bit anxious. For such a positive sounding word, it sure does bring a lot of stress. Irony indeed.

The art of deception in cybersecurity

I’ve been working in the cybersecurity space for the past 18 months. I’m no expert on the matter, but I do know about corporate relationships and selling to big companies. I spend my time working on a smart development in the deception technology space. These are a few lessons I’ve learnt:  

         The levels of skills are not what they should be. Many companies have substandard security policies and poorly configured defence technology.
         Network security is usually a grudge purchase.
         There’s a lack of maturity about risk with a matching under-investment in cybersecurity.
         Many people are not concerned about cybersecurity saying, “We are okay, we haven’t had any problems.”

Most global corporate efforts on cybersecurity have centred around securing the perimeter. But considering that most attacks come from inside organisations, corporate mindsets are now slowly evolving to include internal traps.

And this is the arena in which we play. We have partnered with leaders in the deception technology space and offer a network trap that complements your existing perimeter defence. Think of us as the motion sensor (to complement the front door) on your property. If your first line of defence is breached, then trip wires send out alerts when an infringement occurs. We notify enterprises of unsanctioned lateral movement on their networks.

If you believe you have no problems then asking you to deploy network traps is hard work. Of course, there may be a compliance parameter, which makes the proposition easier. Or perhaps you’re conducting a penetration test and want to catch hackers red-handed to see if your traps are working. Then there’s a compelling case for deception technology. But after numerous meetings, I can tell you that it’s a challenge – but important work nevertheless. The tech is smart and inspired, but if you are met with ignorance then it’s a very hard sell.

We are involved with the art of deception. It’s a way to trick hackers and to get wrongdoers to reveal themselves. An alert may be the most important thing you will ever get, and it’s there when you need it most. This is what network traps do. They sit there quietly, like smoke detectors, and if they sense something’s wrong, a silent alarm is triggered. The silence has a purpose, you don’t want to startle the hacker, but you want to know when there’s an unwelcome intruder on your network.

Magic, the art of deception, is fun and rich in storytelling and creativity. It’s the same with our traps. We have a mixed interaction honeypot called Canary, which is used by leading companies all over the world. It gives them peace of mind because it uncovers breaches on their corporate networks.

A popular magician is well-known for saying: “Magic’s the only craft that you practise constantly so you can hide your skill … with a good magician, the skill goes unnoticed.” This is also true of the IT world. If we do our jobs well, then we go unnoticed. But when IT fails, chaos ensues. And when a company is hacked, several panicked calls go out. For example, Ransomware has helped me to meet many company heads, but they are stressed and anxious when I meet them.

I enjoy my work – the tech is smart and plays a key role in helping companies avoid disaster through an early warning system.

No business wants to be hacked and read about their vulnerabilities in the next news headline. What intrigues me is when someone says: “We can’t afford to spend any more time or money on our security.” This is something I hear fairly often. But would you say this about your health? The health of your company’s network is as important as your personal health, but there are still some people who ignore this. I often hear people say: “We are okay, we’re not at any real risk.”

Sure, not every company has the same level of risk, but if you think hacking won’t affect your business, you are mistaken. And it’s just a matter of time. Every company will get hacked sooner or later.

The art of deception is creative and inspired, but is often misunderstood. When we witness an illusion, we often guess how it will work out. And when it comes to your company’s cybersecurity, then there’s no need to guess. We are here to help because this is what we do.

The paradox of progress

All technological advancements have had one aim: to make our lives better. And of course, to save us time. But there is a startling paradox: the more ways we invent to save time, the less time we seem to have.

The pace of the world is getting faster and faster. A friend of mine recently shared an insightful line that she heard at a leadership forum, “Today is the slowest day of the rest of your life.” A scary thought to contemplate. Yes, where does the time go???

With all technology there is good and bad. The car seems like a marvelous idea. But when the car became a reality no one ever considered drunken drivers, for example. Such a serious problem this is, that getting a “DUI” in America can ruin a person’s life. Driving under the influence is no laughing matter. And of course, there are accidents, and thefts and carjackings. Yes, cars bring their fair share of problems. And the same goes for just about everything we invent or develop.

Airplanes are a miracle, but the world is afraid of terror attacks and hijackings. Mobile phones are another wonder, but we are glued to them, as if we were getting news that the world is about to end.

Let’s consider the online world made possible by the Internet. It brings us so much, and at the same time, it presents so many challenges. Loneliness is a leading disease and all this digital connectedness has disconnected our analogue souls.

We do things online constantly and we make ourselves more and more vulnerable. Social media is a key example – people put all kinds of personal info online and never think twice about it. Hackers out there are using this against us, and online crime is on the up and up.

New things hit the market, and we jump right in, and before we know it, we are anxious. So we pass new laws, and try and educate people, and then we invent new things to help us enforce these laws. The car led to the breathalyzer, the airplane must have had something to do with the widespread adoption of x-ray machines at airports, and the mobile phone has led to all kinds of depression medications, well, that is my guess. And of course, the Internet has paved the way for cyber-security firms, building firewalls, and developing anti-virus software, etc.

When you look at the modern day corporation, one of the biggest concerns is about data protection. Imagine if a hospital had its patients’ records exposed or modified. Think for a minute what would happen if a bank’s data got deleted. If you woke up tomorrow and logged on and saw a zero balance on your bank account… let’s not even go there. And what if government servers were compromised. Phew, there is no telling where this could all go… but, one thing is for sure, modern organizations need to start taking their infrastructure’s safety a lot more seriously.

Companies today need to do all they can to make sure they are not being breached, and “owned”, as the cyber-security world refers to it. Protecting your organization’s critical servers is a given. And with this, being made aware of a breach is fundamental. But this is a subject for another discussion.

Today I simply want to comment that with the good, comes the bad. We are living at warp speed and with each passing month we are embracing more and more tech. It is a miracle, yes, but also, it has a dark side.

This festive season I wish we all switch off a bit, and try and get some offline time. The souls of the world desperately need it.

Mobile phone scare

My friend Saki runs a fairly big business, and he gets people calling him and asking, “Did you just call me ?” This happens at least once a month. Phishing is not only about e-mail, but also, mobile phones. Going after a big fish, what is referred to as whaling, is a serious problem. Criminals are honing in on CEOS all across the globe. In this example, someone who knows Saki, and who has his number on their phone, gets a call from a fake Saki with some hard to hear instruction like “We need pay this vendor the following amount that we owe them.”

Spoofing an outgoing mobile phone number is a big issue.

With very little imagination you can see how scary this can be. Imagine you’re an IT engineer, and you get a call on your phone from what appears to be the head of your organization, saying something like “We have an emergency, This is urgent. Please reset the password on the firewall to abc123.” Phew!

I was watching a YouTube video recently, which showed how a lady called a bank help-desk and had a crying baby in the background, and that was enough to tip the scales and get them to cough. Apparently a crying baby puts the person on the other end of the phone line under pressure and they feel compelled to help what sounds like a desperate customer. So, if you get a call from Saki’s number and you hear a crying baby, be a bit suspicious. #justsaying

Hacking continues to get more and more creative, and more and more crazy. And this phone stuff is really terrifying. A friend of mine in Europe got hit with a phone scam last week, which I am told is starting to rear its ugly head more and more. My friend arrives for a meeting in Geneva, and his mother gets a call with someone going “Your son is in Geneva and has been detained at the airport – you need to urgently pay $1000 to help him get released.” His mother freaks!

Yes, computers on the Internet and the people who use these machines are vulnerable. But when it comes to mobile phones and some of these new scams, well, this is just a different kind of terror altogether.

Banking on Bitcoin

http://www.imdb.com/title/tt5033790/

“We have banks that have ATMs on every street corner of America. And those banks know very well that that cash could be getting used for drugs. And yet, that’s fine, they are allowed to do that, no one gets into trouble. But Charlie sells Bitcoins to a guy who sells Bitcoins to someone who uses drugs, and he goes to jail. He was an entrepreneur that started building this industry. He built services that people found useful. When bankers almost destroyed the world economy, and none of them got in trouble whatsoever. And here we have this 23 year old kid and he goes to jail, because he started building an alternative.”

At the bank …

Boudreaux was called into his bank to discuss his accounts.

“Your finances are in terrible shape,” the banker stated. “Your checking account is way overdrawn, and your loan’s are overdue.”

“Yeh, I know.” said Boudreaux. “It’s my wife, Marie. She’s out of control.”

The banker asked Boudreaux, “Why do you allow your wife to spend more money than you have?”

“Mais, to tell de truth, Mr. Banker,” replied Boudreaux with a deep sigh, “because I’d rather argue wid you than wid her!”