About Bruce Blackshaw

Bruce has been writing software professionally for almost 25 years, and has worked in a number of industries, including commercial software development and investment banking. He has wide experience in encryption, security, and network protocols such as SSL/TLS, SSH, SFTP and FTPS. Bruce currently works on developing CompleteFTP.

Operational technology security and the Internet of Things

One aspect not discussed in our recent post on security issues and the Internet of Things (IoT) is the increasing trend of connecting operational technology systems to the internet. This leads us to the vitally important issue of operational technology security.

Operational Technology (OT) refers to hardware and software that monitors and controls physical devices, processes and […]

By |June 16th, 2016|Blogs, Discussion|Comments Off on Operational technology security and the Internet of Things

Ransomware again

We only just discussed the growing threat of ransomware – cyberattacks where victims’ data is encrypted by attackers and they must pay a fee to have their data decrypted.

The University of Calgary confirmed this week that it has been forced to pay $20,000 in bitcoins to decrypt its email server and other files after a ransomware attack. Apparently, decryption […]

By |June 11th, 2016|Blogs, Discussion, Hacking|Comments Off on Ransomware again

The growing threat of ransomware

What is ransomware?
Ransomware is a real and growing threat. Although it has been around for many years, it is only more recently that ransomware has become more prominent. The release and rapid spread of the ransomware program Cryptolocker in 2013 was primarily responsible, although there are now a variety of imitators.

What is ransomware? As the name suggests, […]

By |June 3rd, 2016|Discussion|Comments Off on The growing threat of ransomware

LinkedIn hack and password encryption

You might remember the LinkedIn hack of 2012. Their password encryption was extremely poor, and it was easy for anyone who obtained the leaked password files to retrieve the original passwords. At the time it was announced that 6.5 million accounts had been compromised.

Password hashing
Actually, passwords are rarely encrypted (which implies they can be decrypted) – instead […]

By |May 26th, 2016|Announcements, Blogs|Comments Off on LinkedIn hack and password encryption

Major advance in random number generation

An advance in random number generation? Who cares? What’s so important about improving the way we generate random numbers, and how does this tie in with security?
What are random numbers?
Random numbers are numbers that are completely unpredictable, and they are of paramount importance in cryptography.  Most cryptographic algorithms depend in some way on random numbers, usually […]

By |May 20th, 2016|Announcements, Blogs|Comments Off on Major advance in random number generation

Another SWIFT hack

We recently reported that the SWIFT financial network for international bank transfers was compromised. Now there has now been another SWIFT hack.

SWIFT representatives, the New York Fed and Bangladesh Bank (which was the source of the hack) recently met in Basel, Switzerland to discuss the initial cyber fraud. There has been accusations on both sides about […]

By |May 13th, 2016|Announcements, Blogs|Comments Off on Another SWIFT hack

Vehicle hacking is here

You might remember the infamous Jeep hack last year, in 2015. In a scary demonstration, Charlie Miller and Chris Valasek demonstrated their ability to remotely control almost everything, including steering and braking. They could even kill the Jeep’s engine. The hack was done 10 miles from the car – and could have been performed from up […]

By |May 7th, 2016|Blogs, Discussion|Comments Off on Vehicle hacking is here

SWIFT bank transfer network hacked

The SWIFT bank transfer network has been hacked.

The Society for Worldwide Interbank Financial Telecommunication (SWIFT) is a Belgian co-operative owned by 3,000 financial institutions. SWIFT is a secure network for sending financial transactions between these institutions. It’s how international bank transfers are made.

SWIFT doesn’t actually send money – it sends messages that instruct payments […]

By |April 28th, 2016|Announcements, Blogs|Comments Off on SWIFT bank transfer network hacked

Short URLs expose cloud security holes

Cloud security
We’ve discussed some of the issues associated with cloud security previously. Many companies store confidential documents in the cloud, often unknown to companies themselves. Individuals simply use cloud-based services for collaboration because they are convenient.

Recently, a new security issue for cloud-based services has been flagged, this time to do with short URLs.
What are […]

By |April 22nd, 2016|Blogs, Discussion|Comments Off on Short URLs expose cloud security holes

Vendor trust and the Internet of Things

We recently discussed the potential security and privacy issues surrounding the Internet of Things (IoT)  – the rapidly growing network of “smart” devices we use that are connected via the Internet. Unfortunately, security and privacy are not necessarily high priorities for many technology companies. They are in a race to develop features that will establish their […]

By |April 19th, 2016|Blogs, Discussion|Comments Off on Vendor trust and the Internet of Things