Quotes on Cybersecurity, Cybercrime, Hacking, and Data Privacy

If you need quotes about technology risks, such as cybersecurity, cybercrime, hacking, and data privacy, then please enjoy these quotes from the Cobbs—on technology risks and related topics—for journalists, commentators, and reporters. They can be freely "used with attribution," preferably with notification of when and where you've used them.

If you need an insightful quote on tech current news, please connect with us via the Contact page or DM @zcobb on Twitter.

The quotes on this page cover information security (infosec), Internet security (cybersecurity), data privacy, hackers and hacking, and the risks of criminal technology abuse (cybercrime); with a focus on malicious code (malware), artificial intelligence (AI), the Internet of Things (IoT), industrial control systems (ICS), and digital infrastructure. Many quotes are in the context of emerging threats, threat vectors, threat actors, attackers, and attack surfaces. 

Some of these technology risk quotes appear here for the first time, other quotes date back several decades; dates and original sources are provided as appropriate. For example:

“The best weapon with which to defend information is information.” — S. Cobb, The NCSA Guide to PC and LAN Security, 1996

Some quotes are provided in audio file format. For example the one above is on SoundCloud

Attribution: When attributing these quotes, please credit, at a minimum: Stephen Cobb, independent researcher. Preferred basic attribution is Stephen Cobb, an independent security researcher based in Coventry, England; but the following is also acceptable: Stephen Cobb, a UK-based independent security researcher.

A longer attribution and/or micro-biography would be some form of: "award-winning technologist and bestselling author Stephen Cobb, now working as an independent security researcher based in Coventry, England." For more biographical details see Wikipedia, LinkedIn, and this web page (which also has links to current headshots).

Quotes on Technology Risks

"Detailed historical analysis of previous technology deployments strongly suggests that appropriate levels of protection will not be put in place until malicious abuse occurs at scale."

"New technology is routinely used and abused for purposes other than those intended by its originators."

"Inventors cannot control what is done with their inventions, nor can they—regardless of how clever they may be—foresee all the consequences of their creation."

"The unanticipated consequences of new technologies may emerge long after they are no longer new."

"Combine rapid embrace of global connectivity and complex interdependence, at scale, absent universally agreed enforceable norms of behavior and you have a recipe for disaster; one that works in both cyberspace and meatspace."

technology is not a two-edged sword, but neither is it neutral. Some technologies, like swords, are easier to abuse than others. In developing new technologies, ease of abuse must be considered, as should the stability of the environment into which the tech is launched

Any technology deployed prior to both universal consensus as to its legitimate use and effective mechanisms to enforce that legitimacy, will be abused. 

Such abuse will, if not somehow restrained by enforceable norms, eventually push the net benefit of that technology below zero.

Until technology is liberated from patriarchal patterns of abuse, man-made-tech will continue to divide, disappoint, and damage us, while also destroying our planet.

Quotes on Digital Technology Risks

"All digital technology relies on code, the abuse if which is practically impossible to prevent."

"The potential for abuse of digital technology—particularly that which does not rely on limited physical resources—is asymmetrical in the advantage is confers."

"The exploitation—for selfish ends—of vulnerabilities inherent in the digital infrastructure of our current reality has increased, in scale, scope, and impact, with the emergence and consolidation of that reality. Experts have warned for decades that we weren't doing enough to deter or constrain that exploitation."

"Abuse of digital technology increases during times of global or national crisis." 

"The growth of malware-enabled, pandemic-themed misuse and abuse of information and communications technology—the Covid Effect—has been as phenomenal as it was predictable."

Humans need to realize that they may be deploying technology faster than they can defend it from abuse, because making and selling apps is way more appealing than fixing the messes they make


The last thing our planet needs is more vendor-funded orgs peddling—even with the best of intentions—doomed narratives about how spending more money on cybersecurity products and services will solve cybercrime.

Until US/China/Russia agree that a) unauthorized access and abuse of information systems is a criminal offense, regardless of who does it or why, and b) they will enforce this norm throughout their respective countries, #CyberSecurity will remain a hot mess.

A lot more of the heavy lifting in cybersecurity must be done by governments...taking seriously the need to achieve global consensus that abuse of digital technology is wrong, morally reprehensible, and will be prosecuted...then funding efforts to enforce that consensus.

"an international coalition to combat ransomware criminals" is heeded, and funded ASAP. If not, we could see reports five years from now about how the unbridled abuse of digital technology triggered global recession on an unprecedented scale

Quotes on Artificial Intelligence (AI)

Governments are now pouring money into AI without a solid grasp of how it works or even what it's made of. (Hint for dot gov foks: AI is made of code, the abuse of which is impossible to prevent.)

"A lot of what is is referred to as AI in products today is not, it is machine learning."

"Debates about AI too often fail to mention the fact that AI is a computer running code, the abuse of which is practically impossible to prevent."


Quotes on Driverless Cars, Autonomous Vehicles, and Jackware

"I coined the term jackware to described malicious software that seeks to take control of a device, the primary purpose of which is not data processing or electronic communications, for example: your car." 

Jackware is a term I coined for malicious code that seeks to abuse a digital device, the primary purpose of which is not to run code.

 "Think of jackware as a specialized form of ransomware. With ransomware, the malicious code encrypts your documents and demands a ransom to unlock them. The goal of jackware would be to lock up a car or other piece of equipment until you pay up."

"I disagree that there is "every reason to believe that self-driving cars will reduce the frequency and severity of accidents." But I do see plenty of reasons to believe that criminals will hack and abuse the heck out of driverless cars."

Note: If you found this page interesting or helpful or both, please consider clicking the button below to buy me a coffee and support a good cause while fueling more independent research and ad-free content like this. Thanks!

Button says Buy Me a Coffee, in case you feel like supporting more writing like this.