August is traditionally a bit of a slow month for IT news, but the security sector delivered some interesting and important stories. The 10 security people who were mentioned most in the US press are listed below but you can get a full list for USA, UK, France, Germany and Spain in our free report.
There are many different reasons why each of these people appear in the top 10 ranging from a debate on freedom of speech through to forecasts on what the world will be spending on security.
Matthew Prince, CEO of Cloudflare, had a challenging month. After the neo-Nazi website The Daily Stormer’s repugnant reporting on the killing of Heather Heyer during the Charlottesville rally, companies such as GoDaddy and Google refused to provide them with domain services. Cloudflare controversially continued to provide its security protection to the website, but as pressure grew in the following days they made the decision to drop it.
Prince believes that companies such as Cloudflare should not act as a moral arbiter of web content, a view that the majority would agree with. Yet, the thoughts of the Daily Stormer were perceived as sufficiently abhorrent for a critical weight of opinion from the media, both social and traditional, to eventually prompt him to act against his belief. Few would disagree with the ultimate decision that Prince made, and his decision was made easier by the fact that the site itself suggested that Cloudflare, by not cancelling its services, were supporting its ideology. Cloudflare’s volte-face was met by a counter volte-face from the media as they realised that Prince’s action might set a precedent and that censorship based on what is perceived, by some, to be abhorrent or controversial is inherently unsafe and a danger to free speech – a point that Matthew Prince has been making for some time.
For Cloudflare the genie is out of the bottle, and they are now facing pressure from an Israeli legal group to stop supporting websites that have links to Hamas and no doubt they will be subject to similar lobbying in the future. So in a month where Matthew Prince was damned for not taking action and then damned for taking action, he must be thinking that he just can’t win.
Another chap who must be wondering what hit him is Marcus Hutchins. Back in May, he was feted as a hero for stopping the WannaCry ransomware from spreading. In August, on a visit to the USA, he was arrested by the FBI for writing and selling a banking trojan. Despite his protestations of innocence, security journalist, Brian Krebs, has done what Krebs does best, and joined multiple dots to paint a picture that would suggest that Hutchins may not be as innocent as first thought. We’ll wait and see.
A summary of the next eight on the list are as follows:
- Troy Hunt – posted a searchable database of 306 million compromised passwords on his website Have I Been Pwnd. You can look on this site to see if any of the passwords you use have been compromised.
- Bill Burr – in 2003, whilst working for NIST, he recommended a protocol for constructing passwords which he now regrets.
- Eugene Kaspersky – was sued by Wetro Lan for patent infringement. Wetro Lan didn’t have a case and had to pay Kaspersky $5000 to kill the case when they realised they couldn’t win – don’t mess with Eugene!
- Rob Lefferts (Microsoft) – announced that Microsoft and Kaspersky Lab are friends.
- Lucas Apa (IOActive) – claimed that there were security vulnerabilities in some humanoid domestic and industrial robots that if hacked, the consequences could be catastrophic. Scary stuff.
- Ben Read (FireEye) had a couple of stories: 1. ‘Fancy Bear’ hacking group were using the leaked NSA exploit, EternalBlue, to target guests at hotels. 2. Asserted that China were actively attacking the Vietnamese commercial sector with phishing attacks.
- Tom Corn (VMWare) – announced new security feature for VMWare called AppDefense.
- Sid Deshpande (Gartner) – announced that worldwide spend on security products and services will be $86.4 billion in 2017, a 7 percent rise on 2016.
If you want more details on these security experts and many others that featured in the press in August then please download the free report here.