Be first to hear of our new jobs. Save your searches for exact matches.
Send us your CV and we'll help you plan your career move.
we recruit experts in Threat & Vulnerability Management and Cloud Security.
Apply for jobs anywhere, anytime by logging into your jobseeker account.
Blackthorn Trace is one of the UK's first niche Cloud & Cyber Security recruiters,
dedicated to the fields of Threat & Vulnerability Management and Cloud Computing & Security.
We do things differently company providing key digital services.
Focused on helping our clients to build a successful business on web and mobile.
February 04, 2019
With the nights long and dark, what better way to spend an evening than huddled up in the warm with a good cyber crime movie, maybe wondering what the world would be like if it were real? Thriller, sci-fi, action, horror, espionage: the cyber threat has touched seemingly every cinematic genre, just as it’s become an increasingly big fact of life. Here’s our selection of cyber crime movies to get you through the next week.
While searching for video games, an adolescent Matthew Broderick inadvertently hacks into a military supercomputer, activating the US’s nuclear arsenal…and bringing the world to within a whisker of World War 3. Over three decades on, the message remains just as relevant: watch out what the kids are doing online.
Quote: David Lightman: Is it a game...or is it real?
Joshua: What's the difference?
Likelihood rating: You never know (remember Stuxnet, anyone?)
When high-tech terrorists take control of America’s technological infrastructure and hold the country to ransom, it’s up to everyone’s favourite rogue cop, John McClane, to team up with an ace hacker to save the day. Cue the barrage of one-liners and increasingly insane set-pieces (a juggernaut racing a Harrier Jump Jet on a collapsing flyover) and you’ve got yourself an old-fashioned action flick with a contemporary flavour.
Quote: Matt Farrell: You just killed a helicopter with a car!
John McClane: I was out of bullets.
Likelihood rating: More than you think.
When a group of chatroom buddies start receiving mysterious messages from a dead friend’s account, they write it off first as a simple glitch, then as a hacker. But when they start being gruesomely murdered, the group are forced to confront the part they each played in her untimely demise.
Quote: Blaire Lily: Please, Laura we are not bad people...we are good people.
Laura Barns: Really? Are you sure about that?
Likelihood rating: While cyber bullying is very much an unwelcome reality, you don’t often encounter the vengeful supernatural manifestations of former victims online.
Cyber criminal Keanu Reeves discovers that the reality we know is actually a computer simulation used by a race of super-advanced robots to enslave mankind. With a handful of other escapees, a load of guns and an unnecessary amount of leather, he sets about releasing humanity from its sleepy shackles.
Quote: Morpheus: What is real? How do you define ‘real?’ If you’re talking about what you can feel, what you can smell, what you can taste and see, then ‘real’ is simply electrical signals interpreted by the brain.
Likelihood rating: Low (not that you’d be able to tell the difference.)
After a hard drive containing the details of undercover agents is stolen, MI6 comes under full-blown cyber attack – shortly before its headquarters are blown up. Bearing the weight of an alarmingly brooding backstory, James Bond duly sets out to track down the perpetrator, facing off against a creepy former MI6 agent-turned-cyber terrorist with a personal agenda.
Quote: Raoul Silva: Destabilise a multinational by manipulating stocks. Easy. Interrupt transmissions from a spy satellite over Kabul. Done. Rig an election in Uganda. All to the highest bidder.
James Bond: Or a gas explosion in London.
Likelihood rating: It’s hard to imagine a betrayed former employee putting so much effort into their revenge when they can just post a negative comment on Glassdoor.
Mild-mannered father Will Smith stumbles across video footage of a congressman being assassinated, at the order of a corrupt National Security Agency official who wants to pass controversial surveillance legislation. Subsequently framed for murder, Will forms his most crucial collaboration since Jazzy Jeff – in the form of an ex-intelligence agent – and sets about proving his innocence.
Quote: Edward Lyle: The government's been in bed with the entire telecommunications industry since the forties. They've infected everything. They get into your bank statements, computer files, email, listen to your phone calls... Every wire, every airwave. The more technology used, the easier it is for them to keep tabs on you. It's a brave new world out there. At least it'd better be.
Likelihood rating: Pretty high (News of the World, WikiLeaks.)
A sadistic cyber serial killer posts live feeds of his murders online – and the more hits he gets, the faster they die. It’s up to an elite cybercrime division of the FBI to track him down before the entire country starts watching, sending his site stats – and victim count – through the roof.
Quote: Owen Reilly: [Watching his victim in a tub filling up with acid] You know if no one was watching right now, you'd just be sitting in water. But the whole world wants to watch you die, and they don't even know you.
Likelihood rating: Very
If you’re looking to hire the right cyber security professionals to avoid these scenarios or you’re looking for a cyber security job where you can save the day on a regular basis, contact us now.
Author: Josh Keeley
January 07, 2019
With cyber security systems constantly shifting and cyber attackers shifting with them, threats come from new directions all the time – whether they’re variations on perennial cyber nuisances such as phishing, malware and ransomware, or plucked from a deep, dark corner of cyberspace. Here are a few of the major cyber threats we’re expecting to see in 2019.
Phishermen are increasingly realising that there’s little point casting out a huge net in the hope of catching anything and everything. Or in other words, sending the same email to hundreds of employees of all levels, for limited reward. So instead, they’re increasingly trying their hand at whaling: high-value phishing attacks targeting CEOs, CSOs, CFOs and anyone else with a company credit card. After all, it’s easy enough to find out a CEO’s contact details from Google – and the rewards are so much greater. Watch out for harpoons.
The smash and grab
By targeting websites with high-value, high-volume transactions, hackers will only need to pull off a handful of e-heists in order to make huge gains. Exploiting a loophole in an organisation’s web infrastructure, hackers inject a sneaky bit of code that allows them to snatch data while transactions are in progress. These attacks are the epitome of opportunism: silent, swift, on-the-fly. They’re the cyber equivalent of performing a train robbery between stops. In September 2018, hackers used such an attack to steal the credit card details of 380,000 BA customers.
Organisations don’t just need to think about protecting their web infrastructure, but also testing the security of their live transactions through transaction stack security.
The perilous plug-in
There’s talk of a rise in USB-based attacks, with hackers infiltrating organisations’ endpoints using USB mechanisms that bypass blocking and security systems. One of the more famously disruptive examples of recent years came in the form of Stuxnet. A malicious computer worm which targets SCADA systems, Stuxnet is believed to have harmed Iran’s nuclear programme after someone found a random USB lying suspiciously around the carpark...and made the mistake of plugging it in.
Abuse of privileged access
With a lack of privileged access management (PAM) in many organisations, particularly SMEs, there’s almost an open invitation for cyber criminals to target an entire market. If administrative rights in a firm have been configured so that the user can access the whole network, and the firm doesn’t have the security in place to prevent code executing itself at that level, hackers will have free reign to cause some serious damage.
The weakest link
Many organisations are affiliated to dozens or even hundreds of third party suppliers. That’s a lot of bases to cover. So cyber attackers will increasingly probe organisations’ networks, hoping to gain access to their data via a supplier who’s connected to their corporate systems.
Organisations need to ensure not only that they’re protected, but that their partners and supply chain are protected too – along with any information that passes between them. Automated testing can reveal what data’s available to the public and identify holes in the infrastructure, so organisations can see where their suppliers need to improve.
Too many organisations do not control who and what has access to the cloud service. It’s easy enough to set up a new user in a number of different cloud services, but it can become difficult to keep track of things when someone changes roles or leaves the company. Without the right restrictions or basic governance in place, users can often access sensitive data through their username and password. Organisations will need to keep a close eye on their users’ individual access and permissions to ensure the right user is accessing the right data with the right device.
The hidden door
Connection brings convenience. But it can also bring chaos. Hackers are increasingly getting into corporate networks by targeting unprotected “internet of things” devices such as air conditioning systems, CCTV and…fish tanks.
Nicola Eagan, CEO of cyber security firm Darktrace, recently revealed that hackers had stolen thousands of data entries from a casino’s high-roller database after gaining access to the network via the thermometer of a fish tank in the lobby. With this kind of access now a growing problem, there are calls for new laws outlining minimum security standards for internet of things devices. These days, you almost need eyes in the back of your head.
It’s all very well having the right security software in place. But as we move through 2019, the key for organisations will be to arm their users with effective cyber security training. As cyber criminals look for new angles, as cyber threats continue to come from every conceivable direction – and a few that aren’t so conceivable – an educated workforce will be far more equipped to meet the cyber security challenges of the future.
If you’re an employer looking for the right cyber security talent or you need advice on how to protect your business from cyber threats, we’d be happy to talk to you. If you’re a job seeker looking for your next great cyber security job, we’ve got access to the best opportunities on the market. Speak to one of our experts now.
Ellie, a Cloud Consultant at Blackthorn Trace, is a very smart, tenacious and detail-oriented professional. She successfully holds both the interest of the client and the candidate in her mind, whilst being conscientious and handling every conversation in a patient manner with a full discussion of the topic.
Cloud Engineer - Contractor
Blackthorn Trace, and in particular Josh Keeley, is an expert in recruiting candidates into the cyber security industry. His knowledge of the UK market is excellent and he is my first port of call for career movement advice. They have in-depth practical knowledge while their ability to help candidates seamlessly transition into new roles is second to none.
Cyber Intelligence Lead
We enlisted the help of Blackthorn Trace this year to recruit for very hard-to-fill positions. They provided me with candidates whofitted my requirements perfectly, filling every position I was recruiting for.The candidates have also spoken very highly of them. Blackthorn Trace are now my go to agency and I cannot recommend them enough.
IT Security Manager