GDPR-based extortion is a dangerous myth

After the third body, the series of murders becomes less “mysterious” as we are getting hints of a dodgy business deal (a house, or a painting) or a guilty family secret from over 20 years ago. Someone has been blackmailing someone else over this, rather than solve the issue or go to the police. This detective story trope must be plaguing the minds of some GDPR story writers at the moment – forgetting that the blackmailer is usually the 3rd if not already the 2nd murder victim.

Looking to feed the nervous sentiment over the upcoming GDPR, or hunting for follow-up threats to cryptoransomware, the information security trade press is currently producing many stories about GDPR extortion. These stories are not just presenting extremely unlikely scenarios, but by their prominence they actually introduce an unnecessary risk.

Emphasis member Eerke Boiten responds to these stories with an article in Computing.

The Kent Cyber Security Centre

Academics from the School of Computing:

  • Julio Hernandez-Castro is a Professor in the School of Computing. His main research areas are Computer and Network Security, Cryptography and Crytptanalysis, Steganography and Steganalysis, Data Loss Prevention and RFID Security.
  • Budi Arief is a Senior Lecturer in the School of Computing. His research interests include cybercrime (especially in understanding the human aspects involved), computer security, and the Internet of Things, with a strong overarching element of interdisciplinary research.

We have two Research Associates working on the EMPHASIS project: Orcun Cetin and Osama Abu Oun.

Orcun Cetin is a Research Associate at the University of Kent’s School of Computing. His research focuses on the economics and human aspects of cybersecurity, where he uses qualitative and quantitative methods to answer questions related to cybersecurity policies and cybercrime victimisation.

Osama Abu Oun is a research associate in the School of Computing at the University of Kent. His research interests include technical aspects of cybersecurity, virtualisation, fog/edge computing and internet of things.

Two PhD students are also working in topics related to ransomware: Jamie Pont and Calvin Brierley.