The festive season is nearly upon us; and while you might be dreaming about cookies of the sugary and Christmas themed type, European judges have other ideas. The other type of cookie – and most likely the more frequent – are those used on websites to store small amounts of information on our local endpoints to assist with functionality.

Picture a heist. Picture that heist involving a hundred million people or more. Picture how that may look; imagine how that might sound. You’d be forgiven for imagining simultaneous full-scale bank robberies with alarms blaring and guns blazing, but this isn’t what heists look like anymore. Heists are silent. Heists hit millions, even billions, at one time from one remote location.

We are often told that security is a game of when, not if - data breaches and cyber attacks for a long time have not been a roll of the dice but instead, a ticking clock. Cybercrime is such a lucrative and somewhat untraceable activity that the cross-hairs do not discriminate.

With all the headline breaches focusing on the more high profile victims of cyber breaches, you could be forgiven for thinking that the SMB sector is overlooked by hackers in favour of the big prize targets such as Ashley Madison, Three Mobile, Facebook, Yahoo, LinkedIn and Target. That isn’t the case, SMB’s are in fact taking the brunt of cyber-attacks and in some cases providing a route into the bigger high profile targets…

2017 may be remembered as the year of the botched cyber heist, when mass infections of ransomware variants embarrassed some of the world's largest and most famous organisations but earned their creators little more than notoriety. With mystery surrounding identity and motive, we may never get to the bottom of the full story but we may be able to draw some conclusions by following the money.

If there was a person in the world who didn’t know what ransomware was, they probably do now. On Friday the 12^th of May 2017, what was initially dismissed as an issue on NHS (National Health Service) England’s IT system quickly developed into a global incident involving computers, laptops and servers in 150 (and still counting) countries.