Since the implementation of the EU’s General Data Protection Regulation (GDPR) in May, media reports of data breaches have skyrocketed. British Airways, Facebook, Ticketmaster, and Cathay Pacific are all organisations that have made headlines over the last months showing the breadth of sectors affected worldwide by data compromises.
Compliance-driven pieces have been a relatively common occurrence in the media since the application of GDPR. We however aim to look in this blog post at GDPR from a threat actors’ perspective. With GDPR bringing in major changes on the management and transfer of data, threat actors are likely to find innovative ways to exploit and benefit from these changes.
Some industries are more likely to attract particular kinds of threat actors than others. The retail and hospitality industries for instance are very attractive targets for cyber criminals as both collect and process large quantities of personal and financial data. This is similar to the banking industry but, whereas major bank breaches are now considered to require sophisticated operational procedures and have become the preserve of highly specialised groups, the retail and hospitality industries remain prime targets for criminals of all capabilities.
Our historical understanding of protest as a means of political upheaval tends to be rooted in the idea of direct conflict between two clearly defined agendas or ideologies – between grassroots activism and state apparatus, for instance. We imagine crowds marching and holding placards, voicing their dissent in unison.
However, as we become increasingly interconnected and conduct more of our lives online, technology is changing our conceptions of protest and direct action altogether.
There is a general consensus that Russia interfered in the 2016 US Presidential Elections. According to the US intelligence community, it has been assessed with ‘high confidence’ that Russia used nation state proxy groups to influence the outcome of the presidential election in favour of Donald Trump.