Is the US building Stuxnet 2/3? Cyber tools that can act behind isolated (even air-gapped) networks to cause physical destruction, sometimes called “cyber weapons”, a generalised term, not exactly justified considering how such tools work (but in simplified cases, it is sometimes used).
This was the functionality of Stuxnet…
Read more
A very dangerous cyber tool has been identified and analysed. It’s targeting industrial control systems - the hardware/software that is often running at industrial sites (like manufacturing, but also power grids, nuclear plants, and go figure). Based on these analyses, I make a big picture assessment.
Created by…
Read more
Privacy and data protection assessment of the eID Regulation.
This assessment is prepared in response to a request by the LIBE Secretariat in the name of the MEP Cristian Terhes (rapporteur of eID file; requested on 19.01.2022). The focus of this assessment is data protection and privacy. Although…
Read more
Can phishing precautions and training cause harm? It turns out this may be true in many cases.
Phishing is the act of gaining a victim's confidence to convince them to engage in self-harming activities, for example leading to self-hacking their systems, parting with money, or data. Or of their peers,…
Read more
I already devoted some space to cyber insurance. Since then, the situation evolved.
Oh no, cyber insurance
Cyber insurers have a big problem: it is unclear how to “assess” the risk. Some events might be especially tricky. This means a lot of risk to the insurers. They are, for example,…
Read more