Cyber Security

Luke Hally

Blog

Join me as I undertake my Masters of Cyber Security

Latest Posts

Categories
Capstone project Cloud security Cyber & the law Cyber ethics Cyber leadership & governance Cyber ops Cyber risk & resilience Cybersecurity foundations Cyber threats & crime Data security & privacy Security engineering
Tags
Attack lifecycle Aviation Biometrics Cyberwar Data Encryption Government Human Factors Privacy Quantum Security Culture Social engineering Zero-trust
Security engineering

Bitcoin and blockchain

Thanks to my involvement in fintech, I’ve been around the edges of bitcoin and blockchain for a while Traditional money relies on a trusted third

Read More »
September 17, 2021 No Comments
Security engineering

Hash definitions and attacks

There’s a lot to remember about hashes, so I’m bringing the definitions into one place as a reference. Term Definition Avalanche effect Small changes in

Read More »
September 15, 2021 No Comments
Security engineering

Block Modes

DES (Data Encryption Standard) and AES (Advance Encryption Standard) are both block ciphers. The message is broken into blocks and each block is encrypted and

Read More »
September 15, 2021 No Comments
Security engineering

Error Types

What are type I and type II errors? They sound fancy but are quite simple to understand and are a good way to look at

Read More »
September 14, 2021 No Comments
Security engineering

Hashes and Cryptographic Hashes

Encryption is the glamourous part of confidentiality, today we will look at hashes. We’ll cover regular and cryptographic hashes, a bit of history then we’ll

Read More »
September 14, 2021 No Comments
Security engineering

The Telegraph Problem, MACS

Integrity of messages is a problem that is as old as messengers. In the old days, people would seal a message, they knew they couldn’t

Read More »
September 13, 2021 No Comments
Security engineering

Risk

Risk is something we deal with all of the time, and humans are good at assessing some risks and bad at assessing others. But, we

Read More »
September 13, 2021 No Comments
Security engineering

Symmetric Ciphers

A long post today, we’ll recap of classic ciphers, look at the history of modern symmetric ciphers. Finally we’ll look at entropy, a way of

Read More »
September 13, 2021 No Comments
Security engineering

RSA Practice

Now that we covered asymmetric cryptography and and how RSA works, there’s nothing like working through equations to understand them. So let’s do some practice

Read More »
September 3, 2021 No Comments
Security engineering

Asymmetric Cryptography

We learnt about the basics of cryptography when we learnt about ciphers and secrets. These involve symmetrical cryptography, meaning that the person doing the enciphering

Read More »
September 3, 2021 No Comments
Security engineering

Merkle Puzzles

Merkle puzzles are the first publicly recorded example of asymmetric cryptography. It was devised by Ralph Merkle, he was trying to work out a way

Read More »
September 2, 2021 No Comments
Security engineering

Security Engineering

The start of a new course this week – Intro to Security Engineering, where we look at applying engineering principles to security. Although cyber security

Read More »
September 1, 2021 No Comments
Cybersecurity foundations

Learning from others

This week we were tasked with investigating how an engineering problem was solved in another discipline. For my engineering problem, I’ve chosen the dome of

Read More »
September 1, 2021 No Comments
Cybersecurity foundations

Shift Security Left

Shifting Security Left is a paradigm that encourages a proactive, rather than reactive – approach to security. The term is in reference to the software

Read More »
August 10, 2021 No Comments
Cybersecurity foundations

Zero Click Hack Exposed

An interesting and concerning security in the news this week. It has been alleged that Israelli Cyber Surveillance Company, NSO’s software has been used by

Read More »
August 8, 2021 No Comments
Cybersecurity foundations

Data lakes

A data lake is a lot of data. Lots of pieces of useless information, all floating around made useful by proximity and manipulation. As security

Read More »
August 2, 2021 No Comments
Data security & privacy

NSW government data breaches

I’ve noticed an ongoing pattern for the NSW government. They don’t appear to be able to keep data safe. It was reported on 1 September

Read More »
August 2, 2021 No Comments
Cybersecurity foundations

State Surveillance

Not many people like the idea of state surveillance. But first we need to recognise that surveillance can have good and bad aspects – it

Read More »
August 2, 2021 No Comments
Cybersecurity foundations

One time pad

A one time pad is what’s known as a perfect cipher. Without the key it is uncrackable and can’t be brute forced. The penny dropped

Read More »
August 1, 2021 No Comments
Cybersecurity foundations

Identity Theft

Identity theft is a major problem. It occurs when criminals collect enough of your personal information to convince people that they are you. What sort

Read More »
July 29, 2021 No Comments
Cybersecurity foundations

Website trackers

Data hungry website We all know that websites are tracking us all of the time, as I mentioned the data tracking economy when I explored

Read More »
July 28, 2021 No Comments
Cybersecurity foundations

Password management

Considering what I have learnt this week (in this post), I’ve decided it’s time to cast a critical eye over my own password management practices.

Read More »
July 25, 2021 No Comments
Cybersecurity foundations

About passwords

How do people treat passwords? The Avast report about Americans and passwords makes for disturbing reading. https://press.avast.com/83-of-americans-are-using-weak-passwords  Many Americans use personal information such as partner’s

Read More »
July 24, 2021 No Comments
Cybersecurity foundations

Brute force and time

What is the longest it would take someone to brute force a password based on certain criteria? The worst case for the hacker? I’ve wondered

Read More »
July 23, 2021 No Comments
Cybersecurity foundations

classical ciphers

This week we looked at classical ciphers. I enjoyed this, looking at the ingenious ways that clever people have come up with hiding messages in

Read More »
July 21, 2021 No Comments
Cybersecurity foundations

Unshredding a document

This week we were challenged to physically destroy some data. I’ve chosen to unshred a document. Not a special document , just some junk mail

Read More »
July 20, 2021 No Comments
Cybersecurity foundations

Secrets

The problems with secrets Secrets are interesting. People want to keep secrets, people want to find secrets, people want to share them. They are important

Read More »
July 19, 2021 No Comments
Cybersecurity foundations

Spot the Insider

For an activity this we were tasked with finding an example of an insider attack. An insider attack could be carried out by a true

Read More »
July 14, 2021 No Comments
Cybersecurity foundations

Directors liable for cyber attacks

According to The Age, the government is considering making company directors liable for cyber attacks. With cyber crime costing Australia around $3.5 billion a year,

Read More »
July 14, 2021 No Comments
Cybersecurity foundations

WA Police loopholing check in data

While learning about patterns in security, a recent news story came to mind when scope creep was mentioned -specifically systems and data being created or

Read More »
July 5, 2021 No Comments
Cybersecurity foundations

The Essential Eight

Introduction Want to know how to protect yourself and limit the damage caused by a cyber attack? The Essential Eight was released by the Australian

Read More »
July 2, 2021 No Comments
Cybersecurity foundations

Intro

Welcome to my cyber security blog! A quick introduction before we start. I’m Luke Hally, I’ve had a varied career in digital: making websites for

Read More »
June 29, 2021 No Comments

© Copyright 2021, Luke Hally