David Harley
davidharley copy 2
David Harley
Senior Research Fellow
Go to latest posts

Education? Academic background in modern languages, social sciences, and computer science.

Highlights of your career? I was a late starter (1986) as an IT professional, beginning at the Royal Free Hospital, then with the Human Genome Project (1989), then at Imperial Cancer Research Fund (1991-2001), where I wrote/co-wrote/edited a number of Internet FAQs and my first articles on programming and security. I presented my first conference papers in 1997 (at Virus Bulletin and SANS). In 2001 Osborne published Viruses Revealed (co-written with Robert Slade and Urs Gattiker): VR and the later AVIEN Malware Defense Guide (Syngress) – to which Andrew Lee also contributed – are probably the best known of my books. When I rejoined the UK’s National Health Service in 2006, I ran the Threat Assessment Centre and was the go-to person nationally for malware issues. I left to work as a freelance author and consultant in 2006, which is also when I began to work with ESET.

Position and history at ESET? Senior Research Fellow at ESET N. America. Primarily, I’m an author and blogger, editor, conference speaker, and commentator on a wide range of security issues. Like the rest of the industry, they put up with me because I’ve been around so long.

What malware do you hate the most? Malware is just code. It’s malicious people I detest. While I’ve no love of scammers, I can see that it’s easier to be honest in a relatively prosperous environment – if there is such a thing anymore – and that cybercrime can be driven by an economic imperative. But I have nothing but contempt for those sociopaths who cause harm to others for no reason except that they can.

Favorite activities? The guitar (I still gig and record when time allows), other people’s music. I love opera but don’t attempt to sing it. Photography, art, poetry, country walking – well, ambling is about as much as I can manage at my age – good food and wine, good television when I can find it...

What is your golden rule for cyberspace? Scepticism is a survival trait: don’t assume that anything you read online is gospel truth, even this adage.

When did you get your first computer and what kind was it? Amstrad PCW (primarily a word-processor) in 1986. What else would you expect a not-very-rich author to buy in 1986? :)

Favorite computer game/activity? Extra-curricular writing (blogging, verse and lyrics, articles). Digital photography and miscellaneous artwork.

The economics of ransomware recovery

When it comes to ransomware, the question of ‘to pay or not to pay’ is the source of some debate. WeLiveSecurity takes a closer look at the economics.

Ransomware: To pay or not to pay?

Is it always wrong to pay up when hit by a ransomware attack? ESET’s David Harley explores.

The data protection dustbin: Safely disposing of personal data

When it comes to the disposing of hardware, businesses must take responsibility for ensuring personal data are safely removed, explains ESET’s David Harley.

Firefighting, security and compliance

Security includes firefighting and compliance as well as systems and network management, but should the same people do it all?

Infrastructure attacks: The next generation

ESET’s David Harley revisits the Stuxnet phenomenon: How has the way we see the malware and its impact changed?

Tech support scams go with a Bing

Microsoft takes a shot at preventing support scammers from exploiting Bing Ads, explains David Harley, senior research fellow at ESET.

Vulnerabilities, exploits and patches

David Harley, a senior research fellow at ESET, offers expert answers to six important questions that concern vulnerabilities, exploits and patches.

Robocalls: where is RoboCop?

Robocalls: often a scam, usually a nuisance. Do you have to put up with them?

Support scams: What do I do now?

ESET’s David Harley returns to the theme of what to do if a scammer gets a foothold on your system – people are still worried about support scams.

Copyright and social media

ESET’s senior research fellow David Harley explores and discusses the main issues surrounding copyright and social media.

Tech Support Scams: Top of the Pop-Ups

Support scams and fake alerts are still big business. We look at scammer psychology and a little parapsychology.

ESET Presentations at Virus Bulletin 2015

Some of the good things in store for those attending Virus Bulletin 2015.

Criminals, linguistics, literacy and attribution

Linguistics and some form of textual analysis can be helpful in analysing malware and scams. Regional attribution, though, still requires caution.

Support scams, malware and mindgames without frontiers

Introduction It might not have escaped your notice that I write quite a lot about support scams, an issue in which most commentators in the security industry take only sporadic interest and tend to regard as of only niche interest. (As when a scammer is damaging their brand or product in some way, for instance

Signatures, product testing, and the lingering death of AV

Is it time to revalue the role of anti-malware? Maybe, but uninformed or intentionally misleading mutterings about signatures are not where to start.

Support Scammers and Self-Justification

Support scammers: old twisters, new twists, and scammer psychology.

Spoofed URLs: Homograph Attacks Revisited

How homograph attacks can present a spoofed, malicious link, and a case where a secure connection doesn’t guarantee a safe site.

Phone Scams: Increasing Numbers, Wider Scope

There’s a lot more to phone scams than tech support, giving rise to an escalating number of complaints. Here’s what two recent reports tell us.

(More) Confessions of a Support Scammer

David Harley examines the latest confessions of a support scammer to appear on the web, this time from a Reddit Q&A.

Phish Phood for Thought

In 2007, David Harley and Andrew Lee suggested at Virus Bulletin that poorly-designed phish quizzes did more harm than good. Has the picture changed much?

Follow us

Copyright © 2016 ESET, All Rights Reserved.