Inspired by recent movements in Europe, where tech giants like Airbus have advocated for a sovereign fund to support local technology sectors, this article explores Australia’s strategic need to develop sovereign satellite communication systems. As digital connectivity becomes increasingly crucial, the time to fortify our …
Information Security News Elon Musk’s Starlink Could Be Used to Transmit Australian Election Voting Results The Guardian by Josh TaylorThe Guardian reports that Elon Musk’s satellite internet service, Starlink, is being considered as a potential method to transmit voting results in Australian elections. This proposal …
Recorded Future reports that “Signal has stopped responding to requests from Ukrainian law enforcement regarding Russian cyber threats”.
https://therecord.media/signal-no-longer-cooperating-with-ukraine
This comes hot on the heels of ongoing spats in Sweden, where law enforcement demands backdoors into secure messaging apps like Signal and WhatsApp, France, where a controversial amendment to the “Narcotrafic” law would have mandated encryption backdoors in order to simplify surveillance of drug traffickers, the UK, where the Home Office is engaged in a struggle with Apple to disable certain encryption functionalities for UK iCloud users, and others.
As with the European Union’s now-dead “Chat Control” legislative proposal, CyAN has consistently opposed encryption back doors. They are dangerous, and will damage confidence in secure commerce, voting, privacy, and other cornerstones of a strong, free, and democratic civil society.
Speaking as a very strong sympathizer of Ukraine’s cause: Signal is being consistent about ensuring the integrity of end to end encryption. Law enforcement should focus on endpoints.
Any highly secure, anonymous tool will be used by bad actors, it is inevitable. Keeping such tools secure is as much in Ukraine’s interests as in everyone else’s; if Signal is willing and able to help anyone access messages, then Russians will also figure out a way to get in (that’s bad, by the way.)
Law enforcement and intelligence agencies have a history of demanding access to encrypted data at rest and in transit, usually for perfectly understandable reasons and founded in good intentions. This is an extremely dangerous slippery slope, and the damage from such access is far greater than any benefits.
I want Ukraine to prevail, and to win its fight for freedom and independence against Russian aggression. I recognize that Russia is a hotbed, even state sponsor, of cyberattacks, fraud, and other menaces to our prosperity and stability, and I applaud Ukraine’s tireless efforts as part of a broader global coalition fighting these. I also fully recognize that the country is in a desperate situation; it’s completely rational and understandable that Ukrainian agencies would want any advantage they can muster in what is an existential struggle for the country. Legal, social, and economic niceties tend to take a back seat when someone is bombing your civilians and infrastructure without provocation.
That said, having the luxury of not having to face such a direct threat (yet?) we can afford to take a more strategic view. Not having access to encrypted messages of Russian cybercriminals may hamper Ukrainian countermeasures; it will not cripple their capabilities. At the same time, it doesn’t matter where and why a precedent for accessing secure, private communications is set – once the door is open, it will not close. The ongoing flurry of legislative, law enforcement, and intelligence agency demands for encryption backdoors needs constant vigilance and opposition; just because we may strongly sympathize with a cause doesn’t mean we should allow it to be a justification for something that is potentially much more damaging in the long term.
Please welcome our newest member from Dubai, Abid Malik! Abid Malik isn’t just a GRC and cybersecurity advisor—he’s a strategist who turns risk management into business opportunities. With 20+ years of experience across banking, fintech, and multinational sectors, he helps businesses strengthen security, navigate regulations, …
Information Security News EU Looks to Tech Sovereignty with EuroStack Amid Trade War Biometric Update by Masha BorakThe European Union is making significant strides towards tech sovereignty with the development of EuroStack, a comprehensive technology initiative aimed at reducing dependence on foreign tech giants amid …
Last Friday, I attended the launch of The Cost of Domestic Violence to Women’s Employment and Education at the University of Technology Sydney. Written by the renowned researcher and writer Anne Summers, this report lays bare how domestic violence and coercive control disrupts women’s financial independence and long-term security.
The event also featured a dynamic Q&A with Jess Hill, journalist, author, activist and advocate extraordinaire, whose expertise in domestic violence issues added depth to the discussion, highlighting the need for systemic change.
As I sat in the standing-room-only audience, one question kept running through my mind:
What tangible steps must institutions take to ensure they don’t just acknowledge this crisis, but actively intervene?
Anne delivered a keynote exposing the economic toll of domestic violence, showing how abuse limits women’s access to employment and education. Jess’s insightful questions deepened the conversation, stressing the urgent need for systemic change.
Their discussion underscored a chilling reality: leaving isn’t just about physical safety—it’s about digital and economic safety, too. If an abuser can still track a survivor through hacked accounts or control their finances, they remain trapped.
The report’s findings confirm what many survivors already know: domestic violence locks women out of economic independence.
The report makes it clear: economic security is one of the biggest barriers to escaping domestic violence. And if institutions don’t take proactive steps, they are complicit in maintaining the status quo.
As we contemplate these challenges, the critical role of cybersecurity—particularly end-to-end encryption—becomes glaringly apparent.
Survivors of coercive control often face digital surveillance, forced account access, and online monitoring, making encryption not just a cybersecurity measure, but a life-saving tool.
Institutions must prioritise encryption in their digital safety initiatives, ensuring that survivors can:
✔️ Access support services securely, without fear of being monitored.
✔️ Communicate with legal, financial, and mental health services safely.
✔️ Regain digital autonomy in a world where abusers increasingly weaponise technology.
Survivors don’t just need protection—they need secure autonomy over their communications, finances, and digital lives.
This isn’t just about awareness—it’s about action. Institutions that claim to support women must walk the walk, not just talk the talk.
Here are five practical, immediately implementable steps that workplaces, universities, and unions must take to proactively combat domestic violence and coercive control:
Universities, workplaces, and unions should collaborate to offer regular digital safety check-ins where individuals can:
✔️ Secure their devices from tracking apps and spyware.
✔️ Review and strengthen privacy settings on work and personal accounts.
✔️ Learn about secure communication tools, like end-to-end encrypted messaging, to protect themselves from cyberstalking and coercive control.
✔️ Understand the warning signs of digital surveillance and how to respond.
Every institution must commit to making digital security a non-negotiable right. These clinics must be practical, confidential, and institutionally backed, providing survivors with the immediate tools to secure their digital independence.
Support systems must go beyond the basics. Many institutions offer Employee Assistance Programs (EAPs) or generic counselling services, but few are tailored for survivors of coercive control. Institutions must provide:
✔️ Specialist legal assistance for women navigating financial and digital abuse.
✔️ Psychological support that understands the long-term impact of coercive control.
✔️ Emergency interventions that provide real, tangible pathways out—including financial assistance and secure housing options.
It is no longer enough to say “help is available”. That help must be structured in a way that makes it truly accessible to women facing complex, tech-enabled abuse.
Policies that react to incidents are no longer enough. Institutions must proactively design out the loopholes that abusers exploit. This means:
✔️ Regular compliance reviews to ensure policies account for coercive control tactics, not just physical abuse.
✔️ Ensuring data-sharing policies protect survivors, preventing abusers from exploiting privacy loopholes.
✔️ Flagging high-risk patterns—such as repeated password resets or location-sharing updates—just as financial institutions flag fraud.
Workplaces, universities, and unions must actively train staff, leaders, and support teams to recognise the warning signs of both domestic violence (DV) and coercive control (CC). Abuse doesn’t always leave bruises—digital surveillance, financial restrictions, and psychological manipulation can be just as damaging.
Unions have historically played a key role in advocating for workplace protections. This must now extend to digital safety and coercive control awareness. They should:
✔️ Ensure workplace policies account for DV and CC protections, including digital abuse considerations.
✔️ Push for survivor-first employment policies—allowing employees to change work emails, request payroll confidentiality, or flag an abuser’s interference.
✔️ Advocate for institutional commitments to survivor support, ensuring that affected employees and students are not left vulnerable.
This report isn’t just another study—it’s a wake-up call.
It’s not enough for institutions to acknowledge this crisis. They must act. Policies must be rewritten. Digital security must be prioritised. Support must be proactive, not reactive.
The cost of silence is too high. Inaction is complicity.
We have the tools. The only question is—do we have the will to use them?
📖 Read the full report here: The Cost of Domestic Violence to Women’s Employment and Education
Kim Chandler McDonald is the Co-Founder and CEO of 3 Steps Data, driving data/digital governance solutions. She is the Global VP of CyAN, an award-winning author, storyteller, and advocate for cybersecurity, digital sovereignty, compliance, governance, and end-user empowerment.
Information Security News Latin American Orgs Face 40% More Attacks Than Global Average Dark Reading by Nate NelsonOrganisations in Latin America are experiencing a surge in cyberattacks, facing 40% more incidents than the global average. This alarming trend underscores the unique cybersecurity challenges in the …
Every year, Safer Internet Day reminds us of the importance of making the internet a safer place for everyone. Initially conceived as a tool to connect people and make life more convenient, the internet has evolved into a cornerstone of modern living. Yet, it has also become a breeding ground for a darker reality: the business of cybercrime.
The digital revolution has opened countless doors, but it has also created lucrative opportunities for cyber attackers. These bad actors are no longer lone individuals operating in the shadows. Today, cybercrime is a sophisticated industry with its own ecosystem, leveraging the same technologies meant to enhance our lives to exploit, disrupt, and profit.
Cybercrime has become an extraordinarily profitable enterprise. According to recent studies, the global cost of cybercrime is expected to reach trillions of dollars annually, surpassing the GDP of many countries. Ransomware attacks, phishing schemes, data breaches, and fraud campaigns are not random acts of chaos; they are carefully orchestrated operations driven by clear business goals.
Much like legitimate businesses, cybercriminals rely on a variety of strategies to ensure their success. They conduct reconnaissance, analyse market opportunities, and even perform risk assessments to maximise their returns. They’ve built dark web marketplaces to sell stolen data, malware, and hacking tools, creating an underground economy that rivals legitimate industries in scale and sophistication.
The internet was designed to make life easier, but in the hands of cyber attackers, it can turn into a tool of destruction. For example:
The dual nature of technology—its potential to be both beneficial and harmful—poses a unique challenge for society. The rise of artificial intelligence (AI) has only amplified this risk, enabling more targeted, scalable, and automated attacks.
The integration of AI into cyber attacks represents the next wave of challenges. AI-powered malware can adapt and evolve, making it harder to detect and mitigate. Social engineering attacks, such as phishing, can leverage AI to craft hyper-personalised messages that are almost indistinguishable from legitimate communications.
The irony is that the same AI tools used by organisations to strengthen their defenses are also being weaponised by attackers to undermine them. This arms race underscores the critical importance of vigilance and innovation in cybersecurity.
Days like Safer Internet Day serve as important reminders of our shared responsibility to protect the digital world. Governments, organisations, and individuals must work together to address the risks posed by cyber attackers. Here are some practical steps everyone can take:
The Road Ahead
The internet remains a powerful tool for good, but we must recognise that its potential for harm grows alongside its benefits. Cyber attackers are not going away; they are evolving, driven by a business model that thrives on opportunity and innovation.
As we celebrate Safer Internet Day, let it be a moment of reflection and action. By understanding the business model of cybercrime and taking steps to protect ourselves and others, we can help ensure that the internet remains a space for connection and progress—not exploitation and harm.
Together, we can build a digital future that is not only more connected but also more secure.
Cyber Threat Intelligence Manager | CyAN APAC Director | CISM, CEH, CRISC, ATT&CK® SOC & CTI
Read the original post on LinkedIn: Safer Internet Day: The Business Model of Cyber Attacks in the Digital Era
Connect with Saba Bagheri, PhD on LinkedIn: Saba Bagheri, PhD
Flaw found in stalkerware apps, exposing millions of people. Here’s how to find out if your phone is being spied uponBitdefender by Graham Cluley A significant security flaw discovered in stalkerware apps has exposed millions to potential spying, significantly compromising user privacy. This vulnerability allows …
