Markus Jakobsson

Last updated
Markus Jakobsson
Alma mater University of California, San Diego
Occupation(s)Computer Security Researcher, Entrepreneur, Writer
Scientific career
Thesis Privacy vs. authenticity (1997)
Doctoral advisor Russell Impagliazzo
Website www.markus-jakobsson.com

Markus Jakobsson is a computer security researcher, entrepreneur and writer, whose work is focused on the issue of digital security.

Contents

Career

Markus Jakobsson is currently Chief Scientist at Artema Labs, a company with the mission of disrupting and improving the crypto and NFT markets. Prior to his current role, he has been Chief Scientist at ByteDance; Chief of Security and Data Analytics at Amber Solutions, and Chief Scientist at Agari.

Prior to that, he was a senior director at Qualcomm as a result of Qualcomm acquiring FatSkunk in 2014; Jakobsson founded FatSkunk in 2009, and served as its CTO until the acquisition. Prior to his position at Qualcomm, Jakobsson has served as Principal Scientist of Consumer Security at PayPal, held positions as the Principal Scientist for Palo Alto Research Center and RSA Security, and served as vice president of the International Financial Cryptography Association. [1] [2] Prior to these positions, he was a member of the Technical Staff at Bell Labs, and held a position at Xerox PARC. [3] In addition, Jakobsson serves as an expert witness and is a member of the software and networking litigation group Harbor Labs. [4]

He has a background in higher education, having served as an associate professor at Indiana University where he was also a cybersecurity researcher and co-director of the Center for Applied Cybersecurity Research. [5] [6] He has also served as an adjunct associate professor at New York University. [7]

Companies founded and advisory positions

In, 2021, Jakobsson co-founded Artema Labs. In 2004, Jakobsson was one of the founders of the digital security company RavenWhite. [8] The Silicon Valley company offers device identification technologies and other authentication solutions for businesses that pair customer identity with digital privacy. [9] In 2006, he launched securitycartoon.com with Dr. Sukamol Srikwan. [10] A website using comics to teach security awareness and understanding among the average internet user, it became the basis for the company Extricatus, which developed Fastwords, an online password creation system where users create secure passwords made of a string of everyday words in order to make them easy to remember. [11] [12] In 2009, Jakobsson co-founded Fatskunk, a company that targets malware that attacks wireless devices such as tablets and smartphones. [13] He founded ZapFraud Inc in 2013. ZapFraud is an IP holding company with a portfolio related to targeted email attacks, including phishing and business email compromise. Markus has served on the advisory boards for Metaforic, a VC-backed company that markets software that other developers can incorporate into their own for greater security, and Lifelock, an identity protection company. [14] [15] In addition, he is a visiting research fellow of the Anti-Phishing Working Group (APWG), an organization focused on reducing cybercrime. [16]

Education

Jakobsson holds a PhD in computer science from the University of California at San Diego, as well as master's degrees from both the University of California at San Diego and Lund University in Sweden. [17]

Academic research

Jakobsson's early research publications were focused on cryptography. [18] Later research emphasis was aimed at understanding and preventing fraud. [19] [20] [21] With Filippo Menczer and two students, he also conducted live experiments on Internet users in order to determine the ways users were likely to fall victim to various forms on online fraud. [21] [22] His later research was focused toward mobile security and the detection of malware on mobile platforms. [23]

In a 1999 paper he, together with Ari Juels, coined the term "proof of work", a central concept in cryptocurrencies such as Bitcoin. [24]

Personal life

He is the brother of Hampus Jakobsson, an investor and tech entrepreneur, and Andreas Jakobsson, a professor of mathematical statistics at Lund University. [25]

Bibliography

Jakobsson is the author or editor of a series of books and studies dealing with the world of internet security and its practical applications for businesses and individual users. [26]

Related Research Articles

<span class="mw-page-title-main">Timeline of computer viruses and worms</span> Computer malware timeline

This timeline of computer viruses and worms presents a chronological timeline of noteworthy computer viruses, computer worms, Trojan horses, similar malware, related research and events.

<span class="mw-page-title-main">Phishing</span> Attempt to trick a person into revealing information

Phishing is a form of social engineering where attackers deceive people into revealing sensitive information or installing malware such as ransomware. Phishing attacks have become increasingly sophisticated and often transparently mirror the site being targeted, allowing the attacker to observe everything while the victim is navigating the site, and transverse any additional security boundaries with the victim. As of 2020, it is the most common type of cybercrime, with the FBI's Internet Crime Complaint Centre reporting more incidents of phishing than any other type of computer crime.

<span class="mw-page-title-main">Botnet</span> Collection of compromised internet-connected devices controlled by a third party

A botnet is a group of Internet-connected devices, each of which runs one or more bots. Botnets can be used to perform Distributed Denial-of-Service (DDoS) attacks, steal data, send spam, and allow the attacker to access the device and its connection. The owner can control the botnet using command and control (C&C) software. The word "botnet" is a portmanteau of the words "robot" and "network". The term is usually used with a negative or malicious connotation.

<span class="mw-page-title-main">Social engineering (security)</span> Psychological manipulation of people into performing actions or divulging confidential information

In the context of information security, social engineering is the psychological manipulation of people into performing actions or divulging confidential information. A type of confidence trick for the purpose of information gathering, fraud, or system access, it differs from a traditional "con" in that it is often one of many steps in a more complex fraud scheme. It has also been defined as "any act that influences a person to take an action that may or may not be in their best interests."

<span class="mw-page-title-main">Internet security</span> Branch of computer security

Internet security is a branch of computer security. It encompasses the Internet, browser security, web site security, and network security as it applies to other applications or operating systems as a whole. Its objective is to establish rules and measures to use against attacks over the Internet. The Internet is an inherently insecure channel for information exchange, with high risk of intrusion or fraud, such as phishing, online viruses, trojans, ransomware and worms.

<span class="mw-page-title-main">Scareware</span> Malware designed to elicit fear, shock, or anxiety

Scareware is a form of malware which uses social engineering to cause shock, anxiety, or the perception of a threat in order to manipulate users into buying unwanted software. Scareware is part of a class of malicious software that includes rogue security software, ransomware and other scam software that tricks users into believing their computer is infected with a virus, then suggests that they download and pay for fake antivirus software to remove it. Usually the virus is fictional and the software is non-functional or malware itself. According to the Anti-Phishing Working Group, the number of scareware packages in circulation rose from 2,850 to 9,287 in the second half of 2008. In the first half of 2009, the APWG identified a 585% increase in scareware programs.

<span class="mw-page-title-main">Security token</span> Device used to access electronically restricted resource

A security token is a peripheral device used to gain access to an electronically restricted resource. The token is used in addition to, or in place, of a password. It acts like an electronic key to access something. Examples of security tokens include wireless keycards used to open locked doors, or a banking token used as a digital authenticator for signing in to online banking, or signing a transaction such as a wire transfer.

A transaction authentication number (TAN) is used by some online banking services as a form of single use one-time passwords (OTPs) to authorize financial transactions. TANs are a second layer of security above and beyond the traditional single-password authentication.

A password manager is a computer program that allows users to store and manage their passwords for local applications or online services such as web applications, online shops or social media.

On Internet usage, an email bomb is a form of net abuse that sends large volumes of email to an address to overflow the mailbox, overwhelm the server where the email address is hosted in a denial-of-service attack or as a smoke screen to distract the attention from important email messages indicating a security breach.

Voice phishing, or vishing, is the use of telephony to conduct phishing attacks.

Antivirus software is computer software used to detect and stop malware and viruses. This article compares notable antivirus products and services, and is not a deep analysis of the strengths and weaknesses of each.

Internet safety, also known as online safety, cyber safety and electronic safety (e-safety), is the act of maximizing a user's awareness of personal safety and security risks to private information and property associated with using the Internet, and the self-protection from computer crime.

<span class="mw-page-title-main">Kaspersky Lab</span> Russian multinational cybersecurity and anti-virus provider

Kaspersky Lab is a Russian multinational cybersecurity and anti-virus provider headquartered in Moscow, Russia, and operated by a holding company in the United Kingdom. It was founded in 1997 by Eugene Kaspersky, Natalya Kaspersky, and Alexey De-Monderik; Eugene Kaspersky is currently the CEO. Kaspersky Lab develops and sells antivirus, internet security, password management, endpoint security, and other cybersecurity products and services.

<span class="mw-page-title-main">Multi-factor authentication</span> Method of computer access control

Multi-factor authentication is an electronic authentication method in which a user is granted access to a website or application only after successfully presenting two or more pieces of evidence to an authentication mechanism: knowledge, possession, and inherence. MFA protects user data—which may include personal identification or financial assets—from being accessed by an unauthorized third party that may have been able to discover, for example, a single password.

Trusteer is a Boston-based computer security division of IBM, responsible for a suite of security software. Founded by Mickey Boodaei and Rakesh K. Loonkar, in Israel in 2006, Trusteer was acquired in September 2013 by IBM for $1 billion.

Avalanche was a criminal syndicate involved in phishing attacks, online bank fraud, and ransomware. The name also refers to the network of owned, rented, and compromised systems used to carry out that activity. Avalanche only infected computers running the Microsoft Windows operating system.

SmartScreen is a cloud-based anti-phishing and anti-malware component included in several Microsoft products, including operating systems Windows 8 and later, the applications Internet Explorer, Microsoft Edge. SmartScreen intelligence is also used in the backend of Microsoft's online services such as the web app Outlook.com and Microsoft Bing search engine.

The following outline is provided as an overview of and topical guide to computer security:

Internet security awareness or Cyber security awareness refers to how much end-users know about the cyber security threats their networks face, the risks they introduce and mitigating security best practices to guide their behavior. End users are considered the weakest link and the primary vulnerability within a network. Since end-users are a major vulnerability, technical means to improve security are not enough. Organizations could also seek to reduce the risk of the human element. This could be accomplished by providing security best practice guidance for end users' awareness of cyber security. Employees could be taught about common threats and how to avoid or mitigate them.

References

  1. Honan, Mat. "What To Do After You've Been Hacked | Gadget Lab". Wired. Wired.com. Retrieved 2013-03-07.
  2. "Interviews Markus Jakobsson". Bankinfosecurity.com. 2007-01-29. Retrieved 2013-03-07.
  3. "Dr. Markus Jakobsson PayPal Principal Scientist Consumer Security, Past Principal Research Scientist RSA Security and PARC - Canadian IT Manager's Blog - Site Home - TechNet Blogs". Blogs.technet.com. 2011-09-21. Retrieved 2013-03-04.
  4. "Harbor". Harborlabs.com. Archived from the original on 2013-06-23. Retrieved 2013-03-04.
  5. "Technology | Users face new phishing threats". BBC News. 2004-10-20. Retrieved 2013-03-07.
  6. Jon Brodkin (2007-08-10). "Phishing researcher 'targets' the unsuspecting". Computerworld.com. Archived from the original on 2013-06-28. Retrieved 2013-03-07.
  7. "eWeek - Author Biography - Markus Jakobsson - News & Reviews". eWeek.com. 2008-04-30. Retrieved 2013-03-04.
  8. "Markus Jakobsson". ITworld. Retrieved 2013-03-07.
  9. "Study: More phishing suckers out there than we thought". Networkworld.com. 2006-10-18. Retrieved 2013-03-07.
  10. "SecurityCartoon.com". SecurityCartoon.com. Retrieved 2013-03-07.
  11. "Hunting For A Password That Only You Will Know". NPR.org. NPR. Retrieved 2013-03-07.
  12. Daniel Lyons (2011-06-26). "Fastwords: The New Online Password Security - Newsweek and The Daily Beast". Thedailybeast.com. Retrieved 2013-03-04.
  13. Naone, Erica (2010-03-05). "Hunting Mobile Threats in Memory | MIT Technology Review". Technologyreview.com. Retrieved 2013-03-07.
  14. "Software Immune System". Metaforic. Retrieved 2013-03-04.
  15. "Identity Theft Protection - Avoid ID & Credit Fraud". LifeLock. Retrieved 2013-03-04.
  16. SparkCMS by Baunfire.com. "About APWG | APWG". Antiphishing.org. Retrieved 2013-03-04.
  17. Markus Jakobsson (2012-08-28). "Markus Jakobsson: Executive Profile & Biography - Businessweek". Investing.businessweek.com. Retrieved 2013-03-04.[ dead link ]
  18. M. Jakobsson; K. Sako & R. Impagliazzo (1996). "Designated Verifier Proofs and Their Applications" (PDF). EUROCRYPT'96: Proceedings of the 15th Annual International Conference on Theory and Application of Cryptographic Techniques. Berlin, Heidelberg: 143–154. Retrieved 2013-04-02.
  19. V. Griffith; M. Jakobsson (2005). "Messin ' with Texas: Deriving Mother's Maiden Names Using Public Records" (PDF). Applied Cryptography and Network Security. Lecture Notes in Computer Science. New York, NY. 3531: 91–103. doi:10.1007/11496137_7. ISBN   978-3-540-26223-7 . Retrieved 2013-04-02.
  20. M. Gandhi; M. Jakobsson & J. Ratkiewicz (2006). "Badvertisements: Stealthy click-fraud with unwitting accessories" (PDF). Journal of Digital Forensics Practice. 1 (2). Retrieved 2013-04-02.
  21. 1 2 T. N. Jagatic; N. A. Johnson; M. Jakobsson & F. Menczer (2007). "Social phishing" (PDF). Commun. ACM. 50 (10): 94–100. doi:10.1145/1290958.1290968. S2CID   15077519 . Retrieved 2013-04-02.
  22. T. N. Jagatic; N. A. Johnson; M. Jakobsson & F. Menczer (2007). "Designing and Conducting Phishing Experiments" (PDF). IEEE Technology and Society Magazine. Retrieved 2013-04-02.
  23. M. Jakobsson & K. Johansson (2010). "Retroactive Detection of Malware With Applications to Mobile Platforms" (PDF). HotSec 2010. Washington, DC. Retrieved 2013-04-02.
  24. Jakobsson, Markus; Juels, Ari (1999). "Proofs of Work and Bread Pudding Protocols". Secure Information Networks: Communications and Multimedia Security. Kluwer Academic Publishers: 258–272. doi: 10.1007/978-0-387-35568-9_18 .
  25. "Andreas Jakobsson".
  26. "Markus Jakobsson: Books, Biography, Blog, Audiobooks, Kindle". Amazon. Retrieved 2013-03-04.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.