Quotes on Cybersecurity, Cybercrime, Technology Risk

Also Hacking, Data Privacy and Protection, AI, Digital Abuse, Exposomics and Zemiology

This page offers things Stephen Cobb has said about technology risks, cybersecurity, cybercrime, hacking, AI, and data privacy. These may be useful for journalists, commentators, and reporters. They can be used freely "with attribution," preferably with notification of when and where they are used.

If you need an insightful quote on tech current news, please connect with us via the Contact page or DM @zcobb on Twitter.

The quotes on this page cover information security (infosec), Internet security (cybersecurity), data privacy, hackers and hacking, and the risks of criminal technology abuse (cybercrime); with a focus on malicious code (malware), artificial intelligence (AI), the Internet of Things (IoT), industrial control systems (ICS), and digital infrastructure. Also, technology harms, zemiology, health impacts, and exposomics. Many quotes are in the context of emerging threats, threat vectors, threat actors, attackers, and attack surfaces. 

Some of these technology risk quotes appear here for the first time, other quotes date back several decades; dates and original sources are provided as appropriate. For example:

“The best weapon with which to defend information is information.” — S. Cobb, The NCSA Guide to PC and LAN Security, 1996

Some quotes are provided in audio file format. For example the one above is on SoundCloud. 

Attribution: When attributing these quotes, please credit, at a minimum: Stephen Cobb, independent researcher. Preferred basic attribution is Stephen Cobb, an independent security researcher based in Coventry, England; but the following is also acceptable: Stephen Cobb, a UK-based independent security researcher.

A longer attribution and/or micro-biography would be some form of: "award-winning technologist and bestselling author Stephen Cobb, now working as an independent researcher based in Coventry, England." For more biographical details see Wikipedia, LinkedIn, and this web page (which also has links to current headshots).

Quotes on the harm caused by cybercrime

When you measure the full scale of harm caused by cybercrime it's clear that requiring or encouraging people to “go online” puts them in harm’s way. Entities telling people to go online have a duty of care to those people, a duty they're failing to uphold.

Online crime victimization not only causes people financial loss, it also negatively impacts wellbeing and life satisfaction.

Exposure to crime in real life, for example living in a high crime neighborhood, can negatively impact our physical and mental health as well as emotional and mental development.

At current levels of cybercrime, going online shares significant harmful similarities with living in a high crime neighborhood, but without the option to avoid that neighborhood, given the pressure to go online exerted by governments, utilities, banks, schools, health care providers, and others.

Quotes on Artificial Intelligence (AI)

Governments and companies are pouring money into AI without a solid grasp of how it works or even what it's made of. (Hint for dot gov folks: AI is made of code, the abuse of which is impossible to prevent.)

A lot of what is is referred to as AI in products today is not, it is machine learning.

Debates about AI too often fail to mention the fact that AI is a computer running code, the abuse of which is practically impossible to prevent.

The five ingredients with which every AI is made are chips, code, data, connections, and electricity; all five of these ingredients are vulnerable to abuse for selfish ends.

Quotes on Technology Risks

Detailed historical analysis of previous technology deployments strongly suggests that appropriate levels of protection will not be put in place until malicious abuse occurs at scale.

New technology is routinely used and abused for purposes other than those intended by its originators.

Inventors cannot control what is done with their inventions, nor can they—regardless of how clever they may be—foresee all the consequences of their creation.

The unanticipated consequences of new technologies may emerge long after they are no longer new.

Combine rapid embrace of global connectivity and complex interdependence, at scale, absent universally agreed enforceable norms of behavior and you have a recipe for disaster; one that works in both cyberspace and meatspace.

To say technology is a two-edged sword is not helpful. Sword technology has a single purpose: cutting human flesh. The number of edges doesn't change that purpose. 

Any technology deployed prior to both universal consensus as to its legitimate use and effective mechanisms to enforce that legitimacy, will be abused. 

Such abuse will, if not somehow restrained by enforceable norms, eventually push the net benefit of that technology below zero.

Until technology is liberated from patriarchal patterns of abuse, man-made-tech will continue to divide, disappoint, and damage us, while also destroying our planet.

Quotes on Digital Technology Risks

All digital technology relies on code, the abuse if which is practically impossible to prevent.

The exploitation—for selfish ends—of vulnerabilities inherent in the digital infrastructure of our current reality has increased, in scale, scope, and impact, with the emergence and consolidation of that reality. Experts have warned for decades that we weren't doing enough to deter or constrain that exploitation.

Abuse of digital technology increases during times of global or national crisis.

The growth of malware-enabled, pandemic-themed misuse and abuse of information and communications technology—the Covid Effect—has been as phenomenal as it was predictable.

Humans need to realize that they may be deploying technology faster than they can defend it from abuse, because making and selling apps is way more appealing than fixing the messes they make.

Cybersecurity

The last thing our planet needs is more vendor-funded orgs peddling—even with the best of intentions—doomed narratives about how spending more money on cybersecurity products and services will solve cybercrime.

Until US/China/Russia agree that a) unauthorized access and abuse of information systems is a criminal offense, regardless of who does it or why, and b) they enforce this norm throughout their respective countries, #CyberSecurity will remain a hot mess.

A lot more of the heavy lifting in cybersecurity must be done by governments...first taking seriously the need to achieve global consensus that abuse of digital technology is wrong, morally reprehensible, and will be prosecuted...and then funding efforts to enforce that consensus.

An international coalition to combat ransomware criminals is needed, and needs to be funded ASAP. If it is not, we could see reports five years from now about how the unbridled abuse of digital technology triggered global recession on an unprecedented scale.

Quotes on Driverless Cars, Autonomous Vehicles, and Jackware

I coined the term jackware to described malicious software that seeks to take control of a device, the primary purpose of which is not data processing or electronic communications, for example: your car. 

Jackware is a term I coined for malicious code that seeks to abuse a digital device, the primary purpose of which is not to run code.

Think of jackware as a specialized form of ransomware. With ransomware, the malicious code encrypts your documents and demands a ransom to unlock them. The goal of jackware would be to lock up a car or other piece of equipment until you pay up.

I disagree that there is "every reason to believe that self-driving cars will reduce the frequency and severity of accidents." But I do see plenty of reasons to believe that criminals will hack and abuse the heck out of driverless cars.

Note: If you found this page interesting or helpful or both, please consider clicking the button below to buy me a coffee and support a good cause while fueling more independent research and ad-free content like this. Thanks!