Joining us this week is Jason Steer, principal security strategist at Recorded Future. Our conversation centers on the state of threat intelligence in a rapidly changing security environment, how organizations are adapting and evolving their threat intelligence strategies, as well as Jason Steer’s outlook on some of the security challenges professionals are likely to face in the year ahead.
Rick Howard has enjoyed a distinguished career in cybersecurity, including time in the U.S. Army and as chief security officer at Palo Alto Networks. These days, I’m proud to call Rick my colleague at the CyberWire, where he serves as our chief security officer and chief analyst. Rick Howard is also creator of the podcast series CSO Perspectives, where he explores the wide spectrum of issues facing chief security officers. In an early season of that show, Rick focuses on the notion of first principles, the foundational notions on which our fundamental security ideas and beliefs rest. Rick Howard joins us this week for an overview of first principles — what it means, how to implement it, and how to convince the powers that be in your organization that it’s the right thing to do.
Bad actors continue to accelerate their use of inauthentic or captured online identities to facilitate their activities. Whether it’s phishing for credentials, making use of leaked identity databases or scraping publicly accessible information, they take advantage of weaknesses in identity management systems and inadequate awareness to make their way into and, once inside, around systems. Our guest this week is Recorded Future’s Vice President of Product Management, Jamie Zajac. She explains the ongoing challenges organizations face with identity fraud, and what can be done to prevent it.
Distributed Denial of Services attacks continue to grow in size, frequency and sophistication, and it’s in every organization’s best interest to properly prepare themselves against this sort of online attack. The team at Cloudflare recently published their 2021 Q3 report on DDoS, outlining their observations and recommendations for mitigating DDoS attacks. Joining us is John Graham-Cumming, CTO at Cloudflare, to share his insights on the state of the DDoS threat, and where things may be headed.
Joining us this week is Herbert Lin, Senior Research Scholar at the Center for International Security and Cooperation and Hank J. Holland Fellow at Stanford University. He’s author of the book, Cyber Threats and Nuclear Weapons, in which he outlines the challenges the U.S. faces in modernizing the control systems for our nuclear weapons arsenal, the dangers of connecting these systems to the internet, and the peril of feature-creep and increased complexity in the nuclear age.
Recorded Future’s Insikt Group recently published a report titled, “Cyber Threats to Veterans in 2021: Spam and Scams Exploit Support for Veterans.” The report outlines the ways online scammers are targeting both veterans themselves and people who may be sympathetic to causes that claim to support veterans. Andrew McIntyre and David Carver are members of the Recorded Future Insikt Group’s subscriptions and periodicals team, and they join us with insights from the report.
On this week’s show we welcome back Recorded Future’s Allan Liska to discuss his newly published book, Ransomware: Understand, Prevent, Recover. In the years since Allan co- authored his previous book on ransomware much has changed, with an increased sophistication from the threat actors, higher ransom demands and extortion thrown into the mix. Allan Liska explains these changes, and provides his expert insights on what organizations need to do to protect themselves from this continuing threat.
The Cybersecurity and Infrastructure Security Agency, better known as CISA, was spun up in 2018, operating under the Department of Homeland Security. In July of 2021, Jen Easterly was confirmed by the US Senate as director of CISA, and under her leadership the organization has continued its efforts toward public private partnerships in cybersecurity. CISA recently established the Joint Cyber Defense Collaborative (JCDC), an effort by the agency to lead the development of proactive cyber defense operations plans. Kiersten Todt is chief of staff at CISA, and she joins us with insights on the agency’s efforts.
Deepfakes and other synthetic media have been grabbing headlines recently for a spectrum of reasons, from unauthorized celebrity pornography to comedy memes and even alleged fraud cheating companies out of hundreds of thousands of dollars. It’s a rapidly evolving technology that, like most technological innovations, can be used for good or evil. Henry Ajder is head of policy and partnerships at Metaphysic, an organization at the cutting edge of synthetic media. He joins us to help make sense of synthetic media, and why as security professionals we need to stay vigilant about the pros and cons of the technology.
The cybercriminal group FIN7 made a name for themselves in the criminal underworld for being responsible for large-scale payment card theft campaigns, resulting in the exposure of over 20 million card records. More recently they’ve set their sights on ransomware, as well, and to support their efforts they began recruiting employees using a bogus cybersecurity company using the name Bastion Secure. Our guest today is Ilya Volovik, team lead for the threat intelligence team at Gemini Advisory, a Recorded Future company. He and his colleagues recently published research titled FIN7 Recruits Talent For Push Into Ransomware. He describes how a source reached out to describe being recruited by the FIN7 decoy company, which led to insights into some of the tools they use.
Like most emerging technologies, artificial intelligence can be used for good or bad, depending on who’s using it, their intentions and how they apply it. There can also be unintended consequences, which presents policy makers with challenges when trying to apply guard rails to things like AI. Our guest today is Megan Jacquot. She’s an associate cyber security threat intelligence analyst at Recorded Future. On today’s episode, Megan describes her work with international non profit ForHumanity, and how they aim to be an informed source for policy makers who are setting the rules of the road on the future internet.
Recorded Future’s Insikt Group recently discovered a new Canada-focused darknet marketplace called WeTheNorth. This localized criminal marketplace features a variety of illegal goods and services for sale, many of which pose a threat to local and global enterprises. WeTheNorth administrators have gone to great lengths to create a marketplace geared toward protecting Canadian buyers and sellers and fostering a relatively safe place to complete transactions. On this week’s episode we welcome back Recorded Future threat intelligence analyst Charity Wright to provide insights on WeTheNorth and the techniques she and her colleagues used to analyze the group.
Our guest this week is Harry Kemsley. He’s president of national security and government at defense intelligence organization, Janes. Prior to joining Janes, he spent 25 years in the Royal Air Force. Harry Kemsley is author of a recent opinion piece published in The Hill, titled In OSINT we trust? In it, he makes the case that many intelligence organizations around the world would do well to increase their use of open source intelligence. To do that, there are cultural issues regarding the reliance on classified sources that may need to be overcome, but in the end, he believes the benefits are worthwhile.
Our guest this week is Kimberly Grauer. She is the director of research at Chainalysis, where she examines trends in cryptocurrency economics and crime. Kimberly Grauer joins us with insights on the state of cryptocurrency around the world, the cultural and regional considerations that play into adoption by individuals, organizations and governments, and where she thinks things are headed.
Ransomware threat actors continue to make their way into systems of organizations big and small all over the world, leading to business interruptions, financial loss, and reputational damage. Even more troubling are recent reports attributing loss of life to ransomware attacks on medical facilities. Our guest this week is Recorded Future threat intelligence analyst Dmitry Smilyanets. He brings his experience and unique insights to the conversation, with the latest tactics, techniques and procedures he and his colleagues are tracking from ransomware operators.
Our guest this week is veteran journalist and author Dina Temple-Raston, the newest member of the team at The Record by Recorded Future. Her distinguished career has included assignments at Bloomberg, The New York Sun, and most recently NPR, where she was a member of their Breaking News Investigations team. She shares her own professional story, why she chose to join the team at The Record, and how she sees cybersecurity journalism shaping up in the coming years.
Recorded Future’s Insikt Group recently published a report titled, Dark Covenant: Connections Between the Russian State and Criminal Actors. The report outlines the categories of cyber criminals enjoying privileged status within Russia, along with their often fluid relationships with official Russian authorities. Joining us to discuss the report is a Senior Threat Intelligence Analyst from Recorded Future’s Insikt group. Due to the sensitive nature of the report and her part in gathering information in it, we are respecting her request to remain anonymous.
Joining us this week is John Kelly, founder and CEO of Graphika, a software as a service platform for contextual influence mapping, social media marketing, advertising and analytics. He shares his career journey toward the formation of Graphika, and explains the foundational principles behind mapping complex online social networks, the challenges it presents, and what it means for a world faced with ever-increasing levels of disinformation and influence operations.
Our guest this week is Gunter Ollmann, chief security officer at security analytics firm Devo. He shares his insights on the history and evolution of security analytics, the challenges organizations face when implementing them, the network effects of cloud migration, as well as strategies for making the case to the organizational powers that be that security analytics are a wise investment.
Scholars and researchers from the think tank New America recently released an education policy initiative titled, Teaching Cyber Citizenship — Bridging Education and National Security to Build Resilience to New Online Threats. The report outlines challenges facing educators when it comes to preparing students for the online world, describes the broad spectrum of reasons why it’s important that they are properly prepared, and provides resources and potential solutions for communities and school systems to adopt. Joining us this week are two of the report's coauthors, Lisa Guernsey, director of New America’s Teaching, Learning and Tech Program, and Peter W. Singer, strategist and senior fellow.