The Normalization of the Unacceptable

On 04 June 2024, multiple hospitals in London declared a “critical incident” following a ransomware incident targeting a pathology services company called Synnovis. The incident resulted in multiple medical practices, including major hospitals, being unable to perform tasks such as blood transfusions or rapid testing of blood samples. Cascading impacts of Read more…

Mind the (Air) Gap

Following the ransomware incident impacting Colonial Pipeline operations in May 2021, many parties asked how such a disruption, impacting one of the main arteries delivering refined petroleum products to the Eastern and Southeastern United States, could occur. Based on information available, the intrusion did not directly impact Industrial Control Systems Read more…

Understanding or Publicizing the Adversary?

In April 2021 the Babuk ransomware gang, already a concerning entity, gained additional notoriety for compromising the Washington, DC police department. As part of this incident, the criminals threatened to release confidential files relating to police operations to spur payment. The group in question earlier gained attention for the combination Read more…

The Unbearable Frequency of PewPew Maps

I recently made a joke online relative to a major – and very respected, if geopolitically controversial – security company advertising its revised “Cyberthreat Real-Time Map”. As many members of the security community are aware, “threat maps” – referred to derisively as “pewpew” maps – are heavy on eye-candy but Read more…