I’m Robin, founder of Cydea, the positive cyber security consultancy, and previously led BAE Systems’ Security Advisory & Technical Services business, recognised by Forrester as one of the leading information security consultancies.
I help businesses defend themselves from cyber crime and thrive in the digital world and have over fifteen years experience including advising numerous boards on how to manage crises resulting from cyber-attack.
If you’re interested in improving how you manage your cyber risk, or need help governing information security at the board level, then get in touch with me via Cydea, or connect on LinkedIn or Twitter.
More on Kaseya. The PrintNightmare continues. Farmers win 'right to repair' and Kaspersky's not-so-random number generator.
Vol. 4 Iss. 28 11/07/2021 Robin Oldham
This week More details come to light in Kaseya ransomware incident Continuing coverage this week of the ransomware attack against customers of the remote monitoring and management software vendor Kaseya. In total, around 60 Kaseya customers were compromised, who manage approximately 1,500 different organisation’s IT environments. The attack was carried out by the REvil ransomware gang who claim that ‘more than one million systems’ have been affected in the attack. The cybercrime group posted on their ‘Happy Blog’ notification that they would provide a decryptor tool that works with any of the affected organisations in exchange for $70 million in Bitcoin.Read more… ( ~7 Min.)
Kaseya VSA used to launch 'over 1,000' ransomware attacks. Security researchers cause PrintNightmare. EU grants UK data protection adequacy decision.
Vol. 4 Iss. 27 04/07/2021 Robin Oldham
This week Kaseya remote management software used to launch ransomware attacks against over 1,000 organisations A popular remote management and monitoring (RMM) product, from vendor Kaseya, has been used by cyber-criminals to launch tens, or hundreds, of ransomware attacks. The timing is deliberate: taking advantage of the Independence Day public holiday in the United States of America, when many IT and security teams will be at reduced capacity. While fewer than 40 of Kaseya’s customers are reported to have been affected, at least eight of those are IT managed service providers that use the product to more efficiently manage their customer’s IT environments.Read more… ( ~8 Min.)
MITRE and NSA want to D3FEND your network. Aussie 'safety by design' toolkit. EU launches 'joint cyber unit' to coordinate 'nightmare' attacks.
Vol. 4 Iss. 26 27/06/2021, last updated 11/07/2021 Robin Oldham
This week MITRE corporation releases D3FEND to map technical countermeasures The MITRE Corporation released a technology-focused framework called D3FEND this week. The model defines cyber security countermeasures that can be used by security teams to help defend systems from threat actors. The model was funded by the U.S. National Security Agency (NSA). Where MITRE’s previous ATT&CK model defines the tactics and techniques used by threat actors, D3FEND sets out how they may be frustrated or thwarted.Read more… ( ~6 Min.)
Suspected Cl0p members arrested. Ransomware is an 'urgent' threat to U.K. Balancing cyber supply and demand. And, Dear Intern...
Vol. 4 Iss. 25 20/06/2021 Robin Oldham
It’s the third birthday of Robin’s Newsletter! To celebrate I’m looking to help you better protect yourselves online with help from F-Secure and Cydea who together are giving away over £15,000 of cyber security products and services! The folks at F-Secure have given me 20 VIP codes for their F-Secure TOTAL suite that bundles protection against viruses and ransomware, safe online shopping, banking and advanced parental controls, a VPN to encrypt your communication and hide your IP address and a password manager with built-in breach notifications.Read more… ( ~8 Min.)
EA games source code stolen. Apple's news privacy and security features. The FBI ran An0m encrypted comms app. Ransomware thinking.
Vol. 4 Iss. 24 13/06/2021 Robin Oldham
Wow. That happened quickly. Next week will be the third birthday of this newsletter! I’m looking forward to celebrating with y’all with cake and presents! If you know someone who really should have subscribed by now, or want to spread the news, then please share this with them :-) This week Electronic Arts breached, source code stolen Attackers compromised the network of games publisher Electronic Arts and stolen over 780 GB of data, including source code for FIFA21 and the Frostbite game engine.Read more… ( ~8 Min.)
13/06/2021, last updated 13/06/2021 Robin Oldham
Making a Twitter thread from earlier in the week a little easier to digest. There are some interesting new privacy features from Apple at their World Wide Developers Conference this week: Mail Privacy Private Relay Hide My Email On-device Siri App Privacy Report I’ve seen lots written on 1-3, less on the latter, plus the potential hidden amongst the announcements. First up, the solutions here aren’t new tech: Voice Control has been in iPhone for alarms, music, etc for… 7(?Read more… ( ~4 Min.)
The U.S. continues beef with Russian ransomware gangs. Colonial Pipeline was result of compromised creds. FireEye to divest name, products business.
Vol. 4 Iss. 23 06/06/2021 Robin Oldham
Cydea is hiring! 🥳 We’re looking for someone with a couple of years of consulting experience to join us as a Cyber Risk Consultant. I’m biased, but think it’s a pretty sweet gig doing interesting things with some great clients. It pays £37K, you get six weeks holiday, plus extra for those odd days here or there you might need or want, 5% pension, bonus, pro-bono work for good causes, and some other stuff too.Read more… ( ~7 Min.)
Flashcards reveal the location of U.S. nuclear weapons. Email security tools are working? And fingerprints from photo leads to arrest.
Vol. 4 Iss. 22 30/05/2021 Robin Oldham
This week Three things for you to do this week First up, in three weeks Robin’s Newsletter will celebrate its third birthday. (They grow up so quickly!) And I’d love to hear a bit about why you subscribe, or how it is helping you. I’d like to publish a few anonymous examples from readers, alongside my reasons for writing it every week. So hit reply, and drop me a quick sentence or two about why you subscribe, and how you’d like yourself described, please!Read more… ( ~10 Min.)
Lots of ransomware: Ireland's HSE will not pay. Colonial coughed up $4.4M'. But there are Technology Detection Dogs. And they're very good dogs!
Vol. 4 Iss. 21 23/05/2021, last updated 30/05/2021 Robin Oldham
It’s all ransomware this week. Sorry about that. Though some long reads on the RSA breach and Apple’s operations in China are well worth the time. Perhaps we need a ‘troop surge’ of cyber prosecutors to deal with ransomware gangs? This week Irish health service ransomware incident continues to unfold Public healthcare in Ireland is still being disrupted as the country’s Health Services Executive enters the second week responding to a ransomware attack linked to the Conti group.Read more… ( ~8 Min.)
All the stats: it's DBIR time. Colonial Pipeline paid ransom, restored service and DarkSide disappeared. Being better at security engagement.
Vol. 4 Iss. 20 16/05/2021 Robin Oldham
This week is interesting stats Verizon DBIR 2021 and ClubCISO Information Security Maturity Report It’s that time of year again: Verizon’s Data Breach Investigations Report (DBIR) and ClubCISO’s survey of 185 CISOs too. There’s a lot to unpack from these two reports and so I’ve pulled out some highlights and interesting bits below, and would love to hear your thoughts: hit me up in either of these threads on linkedin or twitter!Read more… ( ~10 Min.)