Episódios

  • State of (CyberWar) Episode 6.2

    In part III of our Middle East cyberwarfare mini-series, Hugo Tarrida and John Salomon talk about probably the most complex topic yet - Iran.

    Following our analysis of the broader Middle East region, and of Israeli capabilities and activities, today's episode is an overview of Iran - the history of its online conflict capabilities, the history behind the establishment of these, and some major cyberattacks and influence campaigns attributed to the country and its various agencies and stakeholders.

    Notes and Links:

    As with our previous vide on Israel, it's difficult to judge the impartiality and factualness of many websites describing Iranian capabilities. We will thus stick to Wikipedia unless there’s something better - we tend to trust most US or European government agencies' and mainstream vendors' analysis, and certain reputable news sites unless there is a compelling reason not to do so.

    We lean a lot on "the usual suspects" such as the BBC, The Guardian, the Council on Foreign Relations, and particularly, Wikipedia; yes, we know you're not supposed to do that. As always, do your own homework and draw your own conclusions, we’re not here to push a narrative.

    We have our own views and opinions of current events. This discussion is not intended to endorse or condemn any particular viewpoint.

    As with Hebrew, we don't speak a word of Farsi. Online translations tend to be even less consistent than those for Hebrew, so again, your mileage may vary.

    01:24 Because someone will inevitably get mad, and we don't want that.
    02:13 Islamic Republic of Iran Armed Forces: https://en.wikipedia.org/wiki/Islamic_Republic_of_Iran_Armed_Forces (or if you prefer the official website: https://www.president.ir/en/76724)
    02:02 IRGC: https://www.cfr.org/backgrounder/irans-revolutionary-guards
    02:18 IRGC, aka "Sepah" (in Iran, according to Wikipedia): https://www.cfr.org/backgrounder/irans-revolutionary-guards - a very cursory search didn't yield an official website. Possibly they have some SEO work to do.
    02:29 Quds Force: https://en.wikipedia.org/wiki/Quds_Force
    02:34 Hezbollah: https://en.wikipedia.org/wiki/Hezbollah
    02:35 Houthis: https://en.wikipedia.org/wiki/Houthi_movement
    02:58 We may have gotten confused here - the US government has multiple pages listing sanctions on the "IRGC-CEC", but outside of these, and news articles covering these sanctions, we can't really find anything on this organization. There is, however, the IRGC Cyber Defense Command: https://www.globalsecurity.org/intell/world/iran/irgc-cyber.htm
    03:50 A lot of information comes from either US government sanctions (see above), Iranian anti-government activist groups, and vendors/CSIRTs providing threat actor information - it is surprisingly difficult to find objective, well-researched information on IRGC and regular armed forces cyber actors. The language barrier is probably a major issue.
    03:45 Information on the Supreme Council of Cyberspace (BBC: Supreme Council of Virtual Space) is slim, for example https://wilmap.stanford.edu/entries/regulatory-entity-supreme-council-cyberspace or Wikipedia´s page at https://en.wikipedia.org/wiki/Supreme_Council_of_Cyberspace_(Iran) - the official website has a lot of photos of guys in hats meeting and looking serious.
    05:07 National Information Network: https://en.wikipedia.org/wiki/National_Information_Network
    05:17 Great Firewall of China: https://cs.stanford.edu/people/eroberts/cs181/projects/2010-11/FreeExpressionVsSocialCohesion/china_policy.html - this comparison may be a bit of a stretch, although by some accounts we've read, Iran's domestic Internet offers pretty high speeds as well as content filtering/surveillance, so maybe it's not a terrible analogy.
    06:20 Al Jazeera article on the topic: https://www.aljazeera.com/news/2024/2/24/iran-unveils-plan-for-tighter-internet-rules-to-promote-local-platforms
    07:20 https://www.hackread.com/iran-biggest-cyber-army-israel/ - includes a link to INSS report on the topic (the mentioned Israeli think tank)
    07:51 Honker Union: https://www.moderninsurgent.org/post/honker-union
    07:57 2010, sorry. Article: https://www.zdnet.com/article/baidu-dns-records-hijacked-by-iranian-cyber-army/
    08:25 https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-335a
    08:32 https://www.cisa.gov/topics/cyber-threats-and-advisories/advanced-persistent-threats/iran
    08:44 For example: https://www.zdnet.com/article/mrbminer-crypto-mining-operation-linked-to-iranian-software-firm/ and https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-320a - that said, we may have gotten things a bit mixed up since there are also a lot of non-malware (of the massive-pile-of-FPGA type) Iranian cryptominers - a bunch of which were shut down in 2019 after power usage concerns: https://www.bbc.com/news/technology-48799155
    09:16 Russian government entities may not be big ransomware actors, but Russian state-affiliated and state-tolerated actors are sure a different story...
    09:40 A 2022 indictment of Iranian ransomware actors came alongside OFAC sanctions of IRGC-affiliated ransomware attacks around the same time: https://www.bleepingcomputer.com/news/security/us-govt-sanctions-ten-iranians-linked-to-ransomware-attacks/
    10:51 https://www.bbc.com/news/world-europe-62821757
    11:12 OilRig / Helix Kitten: https://attack.mitre.org/groups/G0049/
    12:42 https://www.cfr.org/cyber-operations/
    13:20 https://www.darkreading.com/cyberattacks-data-breaches/iran-dupes-military-contractors-govt-agencies-cybercampaign
    13:52 Shamoon: https://en.wikipedia.org/wiki/Shamoon
    14:00 Sony Pictures hack: https://en.wikipedia.org/wiki/2014_Sony_Pictures_hack
    14:55 Operation Ababil: https://en.wikipedia.org/wiki/Operation_Ababil
    15:24 Nope, not gonna link it
    15:35 https://krebsonsecurity.com/tag/izz-ad-din-al-qassam-cyber-fighters/
    16:37 Edalat-e Ali: https://malpedia.caad.fkie.fraunhofer.de/actor/edalat-e_ali - note that a lot of sites discussing this group seem to have a decidedly anti-regime view. Not that that's a bad thing, but we're really trying to keep it factual
    17:11 https://www.darkreading.com/threat-intelligence/iranian-apts-dress-up-as-hacktivists-for-disruption-influence-ops
    18:18 Islamic Republic of Iran Broadcasting: +https://www.abu.org.my/portfolio-item/islamic-republic-of-iran-broadcasting/ - again, the Iranian government is really not great at (at least English language/international) SEO for their own websites
    18:57 https://en.wikipedia.org/wiki/Mahsa_Amini_protests
    20:57 https://en.wikipedia.org/wiki/Censorship_in_Iran
    21:30 https://www.techradar.com/news/using-a-vpn-may-be-a-crime-under-strict-new-iran-internet-law - according to a Persian language website linked to in the above Wikipedia article, Khamenei ordered the Supreme Council of Cyberspace to ban VPNs outright in February 2024.
    23:04 AnonGhost; https://cybernews.com/cyber-war/israel-redalert-breached-anonghost-hamas/ - a lot of sites associate it with #OpIsrael, for example https://www.hackread.com/opisrael-anonghost-claims-leaking-hundreds-of-israeli-facebook-account-credentials/ - but given Anonymous' decentralized and fluid nature, who knows (a case study on JSTOR (pdf) that makes only passing reference to #OpIsrael refers to "Anon" as a group which it most certainly is not...)|
    28:18 https://www.reuters.com/fact-check/us-document-approving-8bn-military-aid-israel-is-fake-2023-10-09/
    31:14 https://en.wikipedia.org/wiki/2024_Iranian_strikes_in_Israel
    31:44 https://www.japantimes.co.jp/news/2024/04/17/world/politics/digital-misinformation-iran-strike
    33:02 https://archive.nytimes.com/thelede.blogs.nytimes.com/2008/07/10/in-an-iranian-image-a-missile-too-many/
    34:54 Press TV: https://www.presstv.ir/ - Wikipedia: https://en.wikipedia.org/wiki/Press_TV
    38:06 Also check out our episode on Chinese disinformation activities, including the 50 Cent Party: https://youtu.be/xBAJ2rBKrMc

    Bonus links about Iranian disinformation activities:

    Natto Thoughts always has some good resources on disinformation: https://nattothoughts.substack.com/p/mideast-crisis-and-russia-cyberspace
    New York Times - "From Opposite Sides of War, a Hunt for Elusive Facts": https://www.nytimes.com/2024/01/25/business/media/misinformation-fact-checking
    Israel-Hamas armed conflict resource hub: https://www.disinfo.eu/israel-hamas-resource-hub/
    How Longstanding Iranian Disinformation Tactics Target Protests - https://www.washingtoninstitute.org/policy-analysis/how-longstanding-iranian-disinformationtactics-target-protests
    Israel-Hamas armed conflict resource hub - https://www.disinfo.eu/israel-hamas-resource-hub/

    You can find CyAN's Secure-in-Mind YouTube channel at https://youtube.com/@cybersecadvisors - and of course, our videos about cyber conflict on the State of (Cyber)War playlist here.

    All of our episodes are also available in audio format on Apple iTunes, Amazon Audible, Podcast Republic, Spotify, and Libsyn - links on our Media page.

    Original video at https://youtu.be/GAeyNb4-27A

    Intro music courtesy of AlexiAction via Pixabay: https://pixabay.com/users/alexiaction-26977400/
    Outro music courtesy of Studio Kolomna via Pixabay: https://pixabay.com/users/studiokolomna-2073170/

  • State of (CyberWar) Episode 6.1

    Join Hugo Tarrida and John Salomon for the latest part of our Middle East cyberwarfare mini-series.

    We decided to split a more in-depth discussion about the two most capable actors in the region, Israel and Iran, into two half-episodes. Join us as we look at the organizations that make up Israeli cyberwarfare and -defense capabilities, the history of Israeli state-sponsored and state-aligned cyber campaigns,

    We also take a brief tour of Israeli media and social media operations, including information, propaganda, disinformation, and manipulation.

    If you haven't watched it yet, please consider checking out our first overview of the overall Middle East situation: https://youtu.be/X3wkTszRlck

    Notes and links:

    Because of the highly emotionally and politically charged nature of current events, we can't tell how impartial many of the websites describing Israeli capabilities are or aren't. We will thus stick to Wikipedia unless there's either an original Israeli government webpage available, or a source we feel is somewhat authoritative, even if it's biased - in any case, do your own homework and draw your own conclusions, we're not here to push a narrative.

    We have our own views and opinions of current events. This discussion is not intended to endorse or condemn any particular viewpoint.

    Neither of us speaks even a bit of Hebrew. We are thus at the mercy of translation engines and webpages in languages we understand. Your mileage may vary.

    02:03 CFR overview of cyberwarfare capabilities: https://www.cfr.org/cyber-operations/
    02:50 Unit 8200: https://en.wikipedia.org/wiki/Unit_8200
    03:05 Military Intelligence Directorate, aka Aman: https://www.idf.il/en/mini-sites/directorates/military-intelligence-directorate/military-intelligence-directorate/
    03:57 Unit 81: https://en.wikipedia.org/wiki/Unit_81
    05:01 Havatzalot: https://en.wikipedia.org/wiki/Havatzalot_Program - Google's horrible translation of the Hebrew wikipedia page indicates it's some kind of lily. Flowers are nice.
    05:16 Talpiot: https://en.wikipedia.org/wiki/Talpiot_program - the name's apparently some biblical reference from Song of Songs 4:4 according to their LinkedIn page, that we can't figure out
    06:55 Technion / Israel Institute of technology: https://www.technion.ac.il/
    06:56 Hebrew University of Jerusalem: https://en.huji.ac.il/
    07:30 IDF Information Security Department: https://en.wikipedia.org/wiki/Information_Security_Department - it's unclear whether it's the same as these guys: https://www.mitgaisim.idf.il/%D7%AA%D7%A4%D7%A7%D7%99%D7%93%D7%99%D7%9D/cyber-protection-unit/
    07:40 Mamram: https://en.wikipedia.org/wiki/Mamram - apparently an abbreviation of the Hebrew for "Center of Computing and Information Systems"
    09:15 This may be the Israel Innovation Authority - https://innovationisrael.org.il/en/ - we're not 100% sure though
    11:14 Stuxnet: https://www.wired.com/2014/11/countdown-to-zero-day-stuxnet/
    11:22 Specifically, Siemens PCS7, WinCC, and STEP7 control software, and various Siemens S7 programmable logic controllers (PLCs).
    22:59 TAO: https://en.wikipedia.org/wiki/Tailored_Access_Operations
    12:16 We're going to assume you're capable of looking up Snowden and his revelations on your own
    12:30 Stuxnet 2.0: https://cyware.com/news/stuxnet-20-iran-hit-by-new-more-aggressive-variant-of-powerful-industrial-control-malware-9d9c9a73
    15:37 Duqu: https://www.enisa.europa.eu/media/news-items/duqu-analysis
    15:38 Flame: https://www.bbc.com/news/technology-18238326
    15:39 Duqu 2.0: https://www.theguardian.com/technology/2015/jun/11/duqu-20-computer-virus-with-traces-of-israeli-code-was-used-to-hack-iran-talks - the Guardian is one of the outlets that linked Duqu 2.0 to Israel
    16:21 Kaspersky's Equation Group overview: https://www.kaspersky.com/about/press-releases/2015_equation-group-the-crown-creator-of-cyber-espionage
    17:13 Some info on those particular negotiations: https://www.cfr.org/backgrounder/what-iran-nuclear-deal
    17:45 The NY Times article: https://www.nytimes.com/2017/10/10/technology/kaspersky-lab-israel-russia-hacking.html
    18:38 Correction: Iranian officials disconnected oil terminals themselves as a reactive measure. BBC reporting about initial attack - https://www.bbc.com/news/technology-17811565 - and followup: https://www.bbc.com/news/technology-18253331
    19:44 Pegasus (NSO Group): https://en.wikipedia.org/wiki/Pegasus_(spyware) - interestingly, just after we finished this recording, there were reports of "fake" Pegasus variants for sale: https://www.infosecurity-magazine.com/news/fake-pegasus-spyware-dark-web/
    20:16 Kaspersky on Flame: https://www.kaspersky.com/about/press-releases/2012_kaspersky-lab-experts-provide-in-depth-analysis-of-flame-s-c-c-infrastructure
    20:51 NSO Group: https://www.nsogroup.com/
    21:18 Chrysaor: https://www.independent.co.uk/tech/chrysaor-android-spyware-app-smartphone-cameras-hack-photos-pegasus-google-a7666306.html
    21:34 https://www.calcalistech.com/ctech/articles/0,7340,L-3927410,00.html
    21:41 Should have dug just a little more: https://www.reuters.com/technology/microsoft-watchdog-group-say-israeli-spyware-used-hack-civil-society-2023-04-11/
    22:33 Again the Guardian: https://www.theguardian.com/world/2022/may/03/over-200-spanish-mobile-numbers-possible-targets-pegasus-spyware
    23:32 Start here: https://en.wikipedia.org/wiki/Rif_War - see you in a few months
    23:56 https://www.telegraph.co.uk/world-news/2024/05/17/spain-blocks-ship-carrying-weapons-israel-gaza-war/
    24:09 This is a very contentious, and very open legal question.
    24:21 (German link) https://www.sueddeutsche.de/politik/us-geheimdienst-nsa-forschte-merkel-umfassender-aus-als-bislang-bekannt-1.2876007 - caveat: it's Wikileaks. They have been known to have...issues. That said, the investigation was closed in 2015 due to insufficient evidence: https://www.npr.org/sections/thetwo-way/2015/06/12/413866194/germany-closes-probe-into-alleged-u-s-hacking-of-merkels-phone - again, make of that what you will.
    25:26 Predatory Sparrow/Gonjeshke Darande: https://www.bbc.com/news/technology-62072480 (with bonus steel mill fire video and dramatic music). Wired article with timeline of attacks: https://www.wired.com/story/predatory-sparrow-cyberattack-timeline/
    25:54 https://foreignpolicy.com/2024/04/16/iran-israel-conflict-missile-attack-cyberattacks-warfare/
    28:50 https://www.jpost.com/business-and-innovation/article-731636 - interestingly, a lot of the best investigative journalism exposing this kind of Israeli activity comes from the Jerusalem Post, Haaretz, and other Israeli news channels. Another story from Haaretz, and one from The Guardian on the topic
    31:13 Very intelligently, we failed to note down the link to the specific story. Good job. But looking for idf manipulate social media site:haaretz.com yields a bonanza of articles on the topic.
    31:51 Given Eurovision's colorful history of political controversies, we're not even going to start on this one...for the 2024 contest, there's numerous claims that the Israeli Ministry of Foreign Affairs ran a campaign to influence audience voting - here's an article (in Hebrew, use the translation site of your choice) from Ynet: https://www.ynet.co.il/news/article/sykjyhaza
    32:36 For example, via the IDF Spokesperson's Unit International Media Branch: https://en.wikipedia.org/wiki/IDF_Spokesperson's_Unit. In fairness, a lot of government agencies / armed forces actively try to shape public perception through relationships with private sector channels. The US Defense Department's relationship is a very well documented example, with the Entertainment Media Office providing personnel and equipment to film productions that follow strict rules about how the US armed forces are portrayed: https://www.latimes.com/archives/la-xpm-2011-aug-21-la-ca-military-movies-20110821-story.html (Wikipedia: https://en.wikipedia.org/wiki/Military%E2%80%93entertainment_complex). It's a safe assumption that most major militaries do not have just media and public relations teams, but actively cultivate contacts with journalists to try and influence their reporting.

    Bonus links from Hugo:

    https://www.disinfo.eu/israel-hamas-resource-hub/ - a list of resources surrounding disinformation in the Israel-Hamas conflict
    Our friends at Natto Thoughts on disinformation in the Mideast conflict: https://nattothoughts.substack.com/p/mideast-crisis-and-russia-cyberspace
    The New York Times on fact hunting in the Israel-Hamas conflict: https://www.nytimes.com/2024/01/25/business/media/misinformation-fact-checking-israel-hamas.html

    Original video at https://youtu.be/KtshVacVwZ0

    You can find CyAN's Secure-in-Mind YouTube channel at https://youtube.com/@cybersecadvisors - and of course, our videos about cyber conflict on the State of (Cyber)War playlist here.

    All of our episodes are also available in audio format on Apple iTunes, Amazon Audible, Podcast Republic, Spotify, and Libsyn - links on our Media page.

    Intro music courtesy of AlexiAction via Pixabay: https://pixabay.com/users/alexiaction-26977400/
    Outro music courtesy of Studio Kolomna via Pixabay: https://pixabay.com/users/studiokolomna-2073170/

  • Estão a faltar episódios?

    Clique aqui para atualizar o feed.

  • In today's conversation, Craig Rowland joins us to talk about the often overlooked significance of Linux as a key part of global communications and computing infrastructure, and discuss various types threats targeting Linux systems.

    Malware, attackers, and techniques are often very distinct from those seen on Windows; Craig shares insights all of these from his extensive experience both writing and reverse-engineering Linux malware.

    Craig is CEO of Sandfly Security, a New Zealand-based provider of Linux threat behavior scanning tools. Full disclosure: John Salomon is a paid consultant to Sandfly Security.

    Notes from the video:

    03:48 I can't find a source for the 95% figure, but a 2023 ZDNet article says 90%, which seems to be the most common figure: https://www.zdnet.com/article/linux-has-over-3-of-the-desktop-market-its-more-complicated-than-that/
    03:55 Percentage of top million websites running Linux is another interesting statistic, which seems to be well above 90%. For example: https://gitnux.org/linux-statistics/
    04:08 https://www.linuxinsider.com/story/the-flying-penguin-linux-in-flight-entertainment-systems-65541.html etc. etc.
    05:54 France's Gendarmerie Nationale: https://en.wikipedia.org/wiki/GendBuntu
    06:40 https://www.zdnet.com/article/linux-not-windows-why-munich-is-shifting-back-from-microsoft-to-open-source-again/
    14:10 A propos, F5 has some interesting ways of using web shells as an attack vector: https://www.f5.com/labs/learning-center/web-shells-understanding-attackers-tools-and-techniques
    14:40 "attacks on kubernetes" is a fun web search string. Same for "attacks on S3 buckets". Enjoy.
    14:56 https://redis.io/solutions/messaging/
    15:42 https://en.wikipedia.org/wiki/Patch_Tuesday
    17:40 To be fair, Bob in Accounting is a pretty powerful entry point to the organization for various types of cyberattackers.
    19:35 Mirai botnet: https://www.cloudflare.com/learning/ddos/glossary/mirai-botnet/
    19:37 NoaBot: https://www.akamai.com/blog/security-research/mirai-based-noabot-crypto-mining
    20:35 Chroot (change root directory): https://wiki.archlinux.org/title/chroot
    27:42 PuTTY: https://www.putty.org/
    29:45 There are several cryptojackers that try to neutralize competing malware, e.g. ChaosRAT https://www.trendmicro.com/en_th/research/22/l/linux-cryptomining-enhanced-via-chaos-rat-.html or Jenkins https://www.f5.com/labs/articles/threat-intelligence/new-jenkins-campaign-hides-malware--kills-competing-crypto-miner
    35:30 For example LockBit: https://www.akamai.com/blog/security/learning-from-the-lockbit-takedown
    35:37 My mistake - AvosLocker is also a Linux port of Windows malware: https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-avoslocker - HiddenWasp may be a better example: https://www.trendmicro.com/vinfo/us/security/news/cyber-attacks/hiddenwasp-malware-targets-linux-systems-borrows-code-from-mirai-winnti
    35:42 Diamorphine LKM rootkit: https://github.com/m0nad/Diamorphine
    36:44 https://core.vmware.com/esxi - an example is ESXiArgs ransomware: https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-039a
    38:42 Abuse.ch MalwareBazaar: https://bazaar.abuse.ch/
    38:49 Fraunhofer FKIE Malpedia: https://malpedia.caad.fkie.fraunhofer.de
    39:35 You could just run a Linux version of the virus aquarium: https://xkcd.com/350/
    39:52 A few examples of VM detection: https://www.cynet.com/attack-techniques-hands-on/malware-anti-vm-techniques/
    41:15 Joe Sandbox: https://www.joesandbox.com/
    42:10 No I won't, because I can't find it. Bit of Baader-Meinhof going on there...
    42:59 https://www.youtube.com/@SandflySecurity

    Craig on LinkedIn: https://www.linkedin.com/in/craighrowland/
    Sandfly Security: https://sandflysecurity.com

    Check out the rest of CyAN's media channels on https://cybersecurityadvisors.network/media - and visit us at https://cybersecurityadvisors.network

    Intro/outro music courtesy of Studio Kolomna via Pixabay: https://pixabay.com/users/studiokolomna-2073170/

    Original video available at https://youtu.be/W-7edx7Le6Y?si=NOoOy1kF3KiVOPUe

  • In today's episode of State of (Cyber)War, Hugo Tarrida and John Salomon talk about the background and current state of cyber conflict in the Middle East.

    We give an overview of some of the major state actors involved, and zero in on the structures, groups, and motivations of the two main regional adversaries - Iran and Israel.

    Notes and links:

    Due to the volume of supporting links and text, we've listed them on the CyAN blog, available here: https://cybersecurityadvisors.network/2024/04/10/state-of-cyberwar-episode-5-notes/

    Original video episode avaialable at https://youtu.be/X3wkTszRlck

    Hugo Tarrida on LinkedIn: https://www.linkedin.com/in/hugo-tarrida-32915a204/

    John Salomon on LinkedIn: https://www.linkedin.com/in/johnsalomon/

    Check out the rest of CyAN's media channels on https://cybersecurityadvisors.network/media - and visit us at https://cybersecurityadvisors.network

    Intro music courtesy of AlexiAction via Pixabay: https://pixabay.com/users/alexiaction-26977400

    Outro music courtesy of Studio Kolomna via Pixabay: https://pixabay.com/users/studiokolomna-2073170

  • In today's episode of State of (Cyber)War, Hugo Tarrida and John Salomon talk about China's approach to cyberwar. What is the history behind Chinese cyber capabilities? What are Chinese geopolitical, economic, and social objectives that drive their international cyber activities? What are some of the biases that we should be aware of when evaluating the trajectory of China and its cyberwar abilities?

    Also don't forget to check out our previous video about Chinese disinformation activities here: https://youtu.be/xBAJ2rBKrMc

    Notes and links:

    Hugo Tarrida on LinkedIn: https://www.linkedin.com/in/hugo-tarrida-32915a204/
    John Salomon on LinkedIn: https://www.linkedin.com/in/johnsalomon/

    Wikipedia article worth reading about Chinese cyber warfare: https://en.wikipedia.org/wiki/Cyberwarfare_by_China

    05:42 Granted, Stuxnet was a joint US-Israeli venture - https://en.wikipedia.org/wiki/Stuxnet
    07:06 https://www.reuters.com/world/russia-says-its-working-major-new-agreement-with-iran-2023-12-12/
    14:05 Titan Rain - https://en.wikipedia.org/wiki/Titan_Rain
    Related: Operation Aurora (2009) - https://en.wikipedia.org/wiki/Operation_Aurora
    15:20 https://www.npr.org/2022/05/11/1098368201/a-spying-scandal-and-the-fate-of-western-sahara
    17:07 The case of Wen Ho Lee, one of several perpetrators of military espionage: https://sgp.fas.org/crs/nuke/RL30143.pdf
    20:30 https://nattothoughts.substack.com - Nellie Ohr and her team do excellent analysis work
    20:50 "An Analysis of China's Great Cannon" - https://www.usenix.org/system/files/conference/foci15/foci15-paper-marczak.pdf
    Shoutout to fellow UC Berkeley CSUA member Nick Weaver for co-authoring this paper)
    27:48 E.g. "The 'Century of Humiliation' and China's National Narratives" - https://www.uscc.gov/sites/default/files/3.10.11Kaufman.pdf
    29:42 Belt and Road Initiative - https://www.cfr.org/backgrounder/chinas-massive-belt-and-road-initiative
    32:38 Referenced here: https://en.wikipedia.org/wiki/Chinese_information_operations_and_information_warfare ("Definitions" section)
    32:45 The Three Warfares: https://apps.dtic.mil/sti/tr/pdf/ADB372300.pdf
    34:04 The Nine-Dash Line: https://chinaus-icas.org/research/map-spotlight-nine-dash-line/
    34:52 In fact, ruled to be explicitly illegal by the Permanent Court of Arbitration in 2016:
    https://pca-cpa.org/en/news/pca-press-release-the-south-china-sea-arbitration-the-republic-of-the-philippines-v-the-peoples-republic-of-china/
    36:19 US FBI director Christopher Wray recently warned about this: https://www.npr.org/2024/01/31/1228153857/wray-chinese-hackers-national-security

    The State of (Cyber)War is a project by members of the Cybersecurity Advisors Network (CyAN), with an interest in information security topics relevant to geopolitics, military cyberdefence, diplomacy, and other international topics. We discuss various aspects of both current and past issues from the point of view of interested amateurs with varying degrees of experience in the field, in a not-always-entirely-serious format.

    Visit the Cybersecurity Advisors Network at https://cybersecurityadvisors.network

    Intro music courtesy of AlexiAction via Pixabay: https://pixabay.com/users/alexiaction-26977400/

    Outro music courtesy of Studio Kolomna via Pixabay: https://pixabay.com/users/studiokolomna-2073170/

    Original YouTube video at https://youtu.be/HLVPDojARh0

  • Join James Briscoe and John Salomon in the latest episode of the State of (Cyber)War podcast as they discuss the People's Republic of China and some of its disinformation capabilities.

    This informal conversation includes discussion about Chinese foreign election interference, domestic social media manipulation, Taiwan, China's foreign political and economic interests and more.

    John Salomon - https://www.linkedin.com/in/johnsalomon/
    James Briscoe - https://www.linkedin.com/in/jimbriscoe/

    02:10 Xi Jinping's new year's address, via CCTV: https://youtu.be/TEd3CtcL1pU?si=MAiKGP-SPjm8cjCe
    02:50 Xi Zhongxun, Chinese revolutionary leader: https://en.wikipedia.org/wiki/Xi_Zhongxun
    04:00 Taiwanese elections 2024: https://en.wikipedia.org/wiki/2024_Taiwanese_general_election
    04:08 Kuomintang: https://en.wikipedia.org/wiki/Kuomintang
    04:27 Democratic Progressive Party: https://en.wikipedia.org/wiki/Democratic_Progressive_Party
    05:45 1992 Consensus: https://thediplomat.com/2022/07/the-1992-consensus-why-it-worked-and-why-it-fell-apart/
    07:15 These are the Valemax ore carriers: https://vale.com/w/fleet-of-ships-serving-vale-receives-first-ore-carrier-in-the-world-equipped-with-rotor-sails
    09:12 50 Cent Party: https://en.wikipedia.org/wiki/50_Cent_Party
    09:52 Nine-dotted line: https://en.wikipedia.org/wiki/Nine-dash_line
    10:04 Belt and Road Initiative: https://www.cfr.org/backgrounder/chinas-massive-belt-and-road-initiative
    13:00 https://www.reuters.com/article/idUSSIN277923/
    13:43 NY Times article on the topic: https://www.nytimes.com/2023/09/11/us/politics/china-disinformation-ai.html
    14:15 https://en.wikipedia.org/wiki/2023_Chinese_balloon_incident
    14:42 A lot of this is obviously speculation. https://www.wired.com/story/east-palestine-ohio-train-derailment-tiktok/
    16:42 Asia Infrastructure Investment Bank: https://www.aiib.org/en/index.html
    19:35 An article about PRC influence on the Taiwanese elections: https://www.theguardian.com/world/2024/jan/09/taiwan-presidential-election-china-influence
    20:32 https://www.npr.org/2023/11/30/1215898523/meta-warns-china-online-social-media-influence-operations-facebook-elections
    21:05 A US State Department briefing on this topic: https://www.state.gov/briefings-foreign-press-centers/how-the-prc-amplifies-russian-disinformation
    24:15 United Front Work Department: https://en.wikipedia.org/wiki/United_Front_Work_Department
    26:25 Some points about interference in US elections: https://gdil.org/russian-and-chinese-influence-actors-and-operations-against-the-american-electorate/
    29:34 Hundred Years of Humiliation: https://en.wikipedia.org/wiki/Century_of_humiliation
    30:30 The Avoidable War, by Kevin Rudd: https://www.avoidablewar.com/
    32:23 Natto Thoughts: https://nattothoughts.substack.com/
    32:26 The disinformation handbook (part I): https://nattothoughts.substack.com/p/disinformation-handbook-a-concise

    A few links on the topic worth reading:

    Chinese information operations against Taiwan:

    https://therecord.media/taiwan-elections-china-interference
    https://www.theguardian.com/world/2024/jan/09/taiwan-presidential-election-china-influence
    https://thediplomat.com/2024/01/beijing-tries-to-capitalize-on-taiwans-controversial-rocket-alert/
    https://thediplomat.com/2024/01/rip-off-the-blindfold-let-taiwanese-civil-society-learn-from-ukraine/
    https://fpri.org/article/2023/12/whats-at-stake-in-upcoming-taiwan-election/

    General Chinese disinfo operations:

    https://www.rand.org/pubs/commentary/2023/10/dismantling-the-disinformation-business-of-chinese.html
    https://www.defenceconnect.com.au/joint-capabilities/13356-report-massive-chinese-disinformation-campaign-uncovered-on-youtube

    https://medium.com/doublethinklab/propaganda-analysis-how-different-actors-in-chinas-information-ecosystem-portray-the-ukraine-war-ac82713c2f68
    https://www.npr.org/2023/11/30/1215898523/meta-warns-china-online-social-media-influence-operations-facebook-elections

    The State of (Cyber)War is a project by members of the Cybersecurity Advisors Network (CyAN), with an interest in information security topics relevant to geopolitics, military cyberdefence, diplomacy, and other international topics. We discuss various aspects of both current and past issues from the point of view of interested amateurs with varying degrees of experience in the field, in a not-always-entirely-serious format.

    Visit the Cybersecurity Advisors Network at https://cybersecurityadvisors.network

    Intro music courtesy of AlexiAction via Pixabay: https://pixabay.com/users/alexiaction-26977400/
    Outro music courtesy of Studio Kolomna via Pixabay: https://pixabay.com/users/studiokolomna-2073170/

    Original YouTube video at https://youtu.be/xBAJ2rBKrMc

  • Welcome to episode 2 of CyAN's State of (Cyber) War series.

    Today, James Briscoe and John Salomon talk about Japan - its national cyberdefence capabilities, the regional and global threat landscape, regulations and laws, and how all of these are evolving in the face of changing geopolitical realities and technologies.

    A few notes from our chat:

    02:25 US-Japan 1960 joint security treaty: https://www.mofa.go.jp/region/n-america/us/q&a/ref/1.html
    02:37 Article 9 Japanese constitution: https://en.wikipedia.org/wiki/Article_9_of_the_Japanese_Constitution
    02:45 SCAP: Supreme commander allied powers
    02:58 Japan Self Defense Forces: https://en.wikipedia.org/wiki/Japan_Self-Defense_Forces
    05:01 2019 US-Japan security treaty update: https://www.mofa.go.jp/files/000470738.pdf
    06:54 national security strategy end of 2022: https://www.cas.go.jp/jp/siryou/221216anzenhoshou/nss-e.pdf
    08:14 Lazarus Group: https://www.aljazeera.com/news/2023/12/9/us-japan-south-korea-launch-new-efforts-to-counter-n-korea-cyber-threats
    10:35 Lazarus Group's cryptocurrency thefts: https://www.coindesk.com/markets/2023/12/01/north-korean-hackers-lazarus-group-stolen-3b-in-cryptocurrency/
    11:29 https://www.dragonflyintelligence.com/news/japan-shift-to-a-more-offensive-cyber-posture-in-2023/
    11:35 https://asia.nikkei.com/Politics/Japan-to-quadruple-cyber-defense-forces-meeting-threats-head-on
    12:47 The 2016 revision in question: https://www.mofa.go.jp/files/000143304.pdf
    13:37 The spending increase to 2% request: https://www.reuters.com/business/aerospace-defense/japan-makes-record-defence-spending-request-amid-tension-with-china-2023-08-31/
    13:59 It's actually 2% as well: https://www.nato.int/docu/review/articles/2023/07/03/defence-spending-sustaining-the-effort-in-the-long-term/index.html
    14:39 CCDCOE: https://ccdcoe.org/
    14:46 Locked Shields exercise: https://ccdcoe.org/exercises/locked-shields/
    15:33 The official in question was former US Director of National Intelligence Dennis Blair: https://japannews.yomiuri.co.jp/politics/political-series/20221122-72394/
    16:05 The Japanese National Security Strategy allows for development of a posture for information warfare and introduction of active cyber defence in cybersecurity. It will create a government information warfare department, allowing government to aggregate and analyze the situation on disinformation originated abroad. The National Center for Incident Readiness and Strategy for Cybersecurity is to be restructured to establish an new organisation to coordinate policies between the police and JSDF. This will allow for active cyber defence against attackers. Training for 4000 cyber ‘warriors’ and 16k cyber-capable JSDF members over 5 years is also foreseen. The Ministry of Foreign Affairs plans AI to enhance monitoring of information and intelligence analysis. Furthermore, defence industry profit margin will be permitted to increase to a max of 15%.
    16:45 The Nagoya port ransomware attack of July 2023: https://www.bloomberg.com/news/articles/2023-07-06/nagoya-port-delays-restart-following-alleged-ransomware-attack
    17:10 The Chinese cyberattack on the Japanese defence network:
    https://www.japantimes.co.jp/news/2023/08/08/japan/japan-china-hack-defense-network/ - WaPo article: https://www.washingtonpost.com/national-security/2023/08/07/china-japan-hack-pentagon/
    17:23 KillNet ceases attacks on Japan: https://english.kyodonews.net/news/2022/09/9846d4bf7aee-pro-russia-hacker-group-stops-cyberattacks-on-japan-due-to-money-woes.html
    20:17 2023 Amendments to Telecommunications Business Act: https://www.dataguidance.com/news/japan-amendments-telecommunications-business-act-enter
    20:20 Unauthorized Computer Access Law (UCAL): https://iclg.com/practice-areas/cybersecurity-laws-and-regulations/japan

    James Briscoe on LinkedIn: https://www.linkedin.com/in/jimbriscoe/
    John Salomon on LinkedIn: https://www.linkedin.com/in/johnsalomon/

    Check out the rest of CyAN's media channels on https://cybersecurityadvisors.network/media - and visit us at https://cybersecurityadvisors.network

    Original YouTube video version: https://youtu.be/Fmuno8ohJPs

    Intro/outro music courtesy of AlexiAction via Pixabay: https://pixabay.com/users/alexiaction-26977400/

  • Welcome to episode 1 of CyAN's new State of (Cyber) War series.

    Join John Salomon and James Briscoe in a discussion of offensive cyberoperations involving Russian actors, parallels to historical attacks on civilians, expectations and limitations of information operations, and more.

    A few notes from our chat:

    05:10 James' research paper on Russia/Ukraine: https://www.linkedin.com/feed/update/urn:li:activity:6899132398601162752/
    05:30 Conti ransomware group: https://flashpoint.io/blog/history-of-conti-ransomware/
    08:55 2016 Ukraine power grid attacks: https://www.wired.com/story/russia-ukraine-cyberattack-power-grid-blackout-destruction/
    11:15 Stuxnet: https://en.wikipedia.org/wiki/Stuxnet
    12:47 James' follow-up work: https://www.linkedin.com/feed/update/urn:li:activity:6944843584533581824/
    14:35 The Dukes: https://www.cfr.org/cyber-operations/dukes
    Cozy Bear: https://www.crowdstrike.com/adversaries/cozy-bear/
    NotPetya: https://en.wikipedia.org/wiki/2017_Ukraine_ransomware_attacks
    18:32 Lazarus Group: https://www.trendmicro.com/vinfo/pl/security/news/cybercrime-and-digital-threats/a-look-into-the-lazarus-groups-operations
    20:11 2022 Yandex Moscow taxi hack: https://www.euronews.com/my-europe/2022/09/02/gridlock-as-hackers-order-hundreds-of-taxis-to-same-place-in-moscow
    20:25 2023 GUR Russian state tax service hack: https://therecord.media/ukraine-intelligence-claims-attack-on-russia-tax-service
    23:22 2022 Belarus railway hack: https://www.theguardian.com/world/2022/jan/25/cyberpartisans-hack-belarusian-railway-to-disrupt-russian-buildup
    24:04 Alexander Lukashenko and the Ukraine invasion map: https://www.independent.co.uk/news/world/europe/lukashenko-ukraine-russia-belarus-invasion-map-b2026440.html
    25:23 Syrian Electronic Army: https://en.wikipedia.org/wiki/Syrian_Electronic_Army
    29:03 Momotarō no Umiwashi came out in 1942: https://en.wikipedia.org/wiki/Momotar%C5%8D_no_Umiwashi

    Original YouTube video is at https://youtu.be/VlP_L3xX2Lo

    James Briscoe on LinkedIn: https://www.linkedin.com/in/jimbriscoe/
    John Salomon on LinkedIn: https://www.linkedin.com/in/johnsalomon/

    Check out the rest of CyAN's media channels on https://cybersecurityadvisors.network/media - and visit us at https://cybersecurityadvisors.network

    Intro/outro music courtesy of AlexiAction via Pixabay: https://pixabay.com/users/alexiaction-26977400/

  • Juan Ignacio Nicolossi, PRODAFT Team Leader for threat intelligence, joins us today from Chile to discuss the Snatch ransomware group. Active since mid-2018, Snatch has caused havoc in a variety of companies and government agencies.

    In this episode, we discuss Snatch's techniques, the significance of how they use stolen information, and how their approach to what's important to customers means for the future of extortion.

    CISA #StopRansomware Snatch advisory: https://www.cisa.gov/sites/default/files/2023-09/joint-cybersecurity-advisory-stopransomware-snatch-ransomware_0.pdf

    Ransomlook.io Snatch profile: https://www.ransomlook.io/group/snatch

    ALPHV (BlackCat) regulatory extortion article: https://www.darkreading.com/risk/alphv-ransomware-group-files-sec-complaint-against-own-victim

    PRODAFT is a Netherlands-based cyber-threat intelligence analysis firm - their website is at https://prodaft.com

    Full disclosure: John Salomon is a paid, part-time advisor to PRODAFT.

    Juan Nicolossi's LinkedIn profile is at https://www.linkedin.com/in/juan-ignacio-nicolossi-baeza-286b035a/

    Check out the rest of CyAN's media channels on https://cybersecurityadvisors.network/media - and visit us at https://cybersecurityadvisors.network

    Intro/outro music courtesy of Studio Kolomna via Pixabay: https://pixabay.com/users/studiokolomna-2073170/

    Original video version at https://youtu.be/g5yiScRofxU

  • Dmytro Bilash joins us for a conversation about online disinformation - what it is, how it adversely affects democratic societies, who's behind it, and how we can combat this major and growing threat to social cohesion and political and economic stability.

    A few contextual link from our discussion:

    Dr. Egor Zakharov of the Swiss Federal Polytechnic Institute, Zurich (ETHZ) - AI expert, and participant in the ITBN AI&disinformation fireside chat: https://ait.ethz.ch/people/egorzakharov

    John Oliver/Last Week Tonight segment on Myanmar-related hate speech on Facebook: https://youtu.be/OjPYmEZxACM

    The Assault on Intelligence, by Michael V. Hayden: https://www.penguinrandomhouse.com/books/566537/the-assault-on-intelligence-by-michael-v-hayden/

    Offline, by Crooked Media - episode on TikTokers "discovering" Osama Bin Laden's "Letter to America": https://youtu.be/kk84mCHWds8

    Shaping Europe's Digital Future - Tackling online disinformation: https://digital-strategy.ec.europa.eu/en/policies/online-disinformation

    Finland is winning the war on fake news - CNN, 2019: https://edition.cnn.com/interactive/2019/05/europe/finland-fake-news-intl/

    Dmytro Bilash is a cybersecurity expert and investor, and co-founder and Chief Business Development Officer of Osavul, a Ukrainian AI cyberdefence firm. Visit them at https://www.osavul.cloud/

    You can find Dmytro on LinkedIn at https://www.linkedin.com/in/dmytro-bil

    Check out the rest of CyAN's media channels on https://cybersecurityadvisors.network/media - and visit us at https://cybersecurityadvisors.network

    Original video at https://youtu.be/XQonzP3OVXU

    Intro/outro music courtesy of Studio Kolomna via Pixabay: https://pixabay.com/users/studiokolomna-2073170/

  • Kojo Osei Amoyaw-Osei is a master's candidate at EM-Lyon Business School. He joins us today to discuss his thesis project for the MSc programme in Cybersecurity and Defence Management.

    Businesses face a growing set of challenges when building their information security maturity - specifically, Kojo has identified three core paradoxes in his research:

    1) Personalisation - delivering personalised experiences while respecting privacy preferences
    2) Regulation - balancing regulatory compliance with data-driven strategies and innovation
    3) Trust - earning and maintaining trust by adopting transparent data practices, implementing robust data security measures, and demonstrating responsible data use

    This episode of the CyAN Secure-in-Mind video and podcast series turns our usual format around, as Kojo interviews John Salomon, the usual host of these sessions, based on his extensive experience in the industry, as part of his thesis research.

    EM Lyon MsC in Cybersecurity and Defence Management: https://em-lyon.com/en/news/who-will-you-learn-msc-cybersecurity-defense-management-program

    Kojo on LinkedIn: https://www.linkedin.com/in/kojooseiamoyawosei/

    Check out the rest of CyAN's media channels on https://cybersecurityadvisors.network/media - and visit us at https://cybersecurityadvisors.network

    Original video version of this conversation is at https://youtu.be/vG1zvwDpjpo

    Intro/outro music courtesy of Studio Kolomna via Pixabay: https://pixabay.com/users/studiokolomna-2073170/

  • Thanks Jillian Kwong, Research Scientist at Cybersecurity at MIT Sloan (CAMS), for joining us today as we discuss Jillian's work in cybersecurity third party risk management and more.

    Jillian has a PhD in Communication from the Annenberg School for Communication at the University of Southern California, where her dissertation looked at the human and managerial side of data privacy (e.g. GDPR, CCPA) implementation within mostly small and medium sized enterprises (SMEs). She's also a participant in the Cybersecurity Advisors Network (CyAN) mentorship pilot programme.

    Cybersecurity is a metrics-driven field; "soft" factors like management style, or how humans process information, are a major challenges for less mature, smaller enterprises. This is more and more the case as regulatory and good practices requirements drive firms to understand their supply chain risk. How can smaller organisations live up to these expectations?

    Even when a tremendous wealth of information and resources are available to help such firms, doing the right thing can be a daunting, difficult process.

    Jillian has significant experience in understanding the day-to-day challenges of small business and their management through interviews and case studies as a complementary approach to more objective, quantifiable cybersecurity.

    This has allowed her to document the interconnected, complex nature of cybersecurity activities in SMEs.

    Visit Jillian on LinkedIn at https://www.linkedin.com/in/jilliankwong

    Cybersecurity at MIT Sloan: https://cams.mit.edu

    The Cybersecurity Advisors Network lives at https://cybersecurityadvisors.network - Secure-in-Mind is also available as audio-only podcasts, find our channels via https://cybersecurityadvisors.network/media

    Original source video at https://youtu.be/KcSZ1l_Eoik

    Intro/outro music courtesy of Studio Kolomna via Pixabay: https://pixabay.com/users/studiokolomna-2073170/

  • In today's Secure-in-Mind episode, we talk about cyberwarfare with Hugo Tarrida.

    Hugo recently finished his master’s with a focus on cyber and hybrid warfare and the impact it has on security, at King's College London.

    Cyber and hybrid warfare are rapidly evolving domains of conflict that encompass a wide array of threats and tactics. These strategies involve cyberattacks aimed at disrupting critical infrastructure, which includes power grids, financial systems, and communication networks, posing significant risks to national security. To counter these threats, effective strategies have to be developed and improved to counter an ever-growing digitalised and interconnected word.

    We delve into the impact of public-private collaboration aimed at fortifying defences, sharing threat intelligence, and developing resilience to mitigate the impacts of cyber warfare. In this ever-changing landscape, understanding these concepts and fostering cooperation is paramount for safeguarding our digital future.'

    Visit Hugo on LinkedIn at https://www.linkedin.com/in/hugo-tarrida-ortega-32915a204

    King's College London: https://www.kcl.ac.uk/

    The Cybersecurity Advisors Network lives at https://cybersecurityadvisors.network - Secure-in-Mind is also available as audio-only podcasts, find our channels at https://cybersecurityadvisors.network/media

    Original video version available at https://youtu.be/oRHIzDjdfjM

    Intro/outro music courtesy of Studio Kolomna via Pixabay: https://pixabay.com/users/studiokolomna-2073170/

  • Remy Bertot joins us for the latest Secure-in-Mind episode. Based on his work with Passbolt, makers of a popular open source password manager, Remy shares his observations on current trends and future expecations of passwords, authentication tokens, and similar mechanisms.

    We talk about security in open source software, certifications and audits, telemetry and usage statistics, and how such OSS projects can optimize the community's knowledge.

    Maybe most importantly, Remy discusses privacy-restricting legislation such as the current UK Online Safety Bill - and how these are bad things for society. Remy is a contributor to Encryption Europe, an initiative designed to help support privacy, not least in the face of such governmental overreach.

    Check out Remy's LinkedIn profile at https://www.linkedin.com/in/remy-bertot-7913a0254/

    Passbolt is at https://www.passbolt.com/

    Visit Encryption Europe at https://encryptioneurope.eu/

    The Cybersecurity Advisors Network lives at https://cybersecurityadvisors.network - Secure-in-Mind is also available as audio-only podcasts, find us at https://cybersecurityadvisors.network/media

    Intro/outro music courtesy of Studio Kolomna via Pixabay: https://pixabay.com/users/studiokolomna-2073170/

  • Today's Secure-in-Mind episode features a discussion with (soon to be Dr.) Florian Hantke, a candidate in the pilot intake of the CyAN mentorship pilot programmed.

    Florian is conducting advanced research on vulnerability management and information security trends as part of the secure web applications group at CISPA Helmholtz, a major German academic research network. He is an accomplished penetration tester, capture-the-flag contestant, and ethical hacker.

    Among the topics we visit today are an overview of his current project on using "web archeology" - using web archives to evaluate past cybersecurity trends, Florian's views on the effectiveness of information security topics in German academia and how what it entails, and his recent experience in finding and reporting a number of embarrassing web vulnerabilities.

    We talk about generational differences in spotting fraud and security issues, getting into cybersecurity as an area of interest and career choice, and more.


    Florian's LinkedIn: https://www.linkedin.com/in/florian-hantke-59ba0522b/
    Website: https://fhantke.de/
    Twitter: https://twitter.com/fh4ntke

    CISPA Helmholtz Center for Information Security - https://cispa.de/

    "You Call This Archaeology? Evaluating Web Archives for
    Reproducible Web Security Measurements" - https://swag.cispa.saarland/papers/hantke2023archaeology.pdf

    Florian's blog post describing his experiences reporting web vulnerabilities in wedding photo sharing sites: https://fh4ntke.medium.com/till-breach-do-us-part-the-uninvited-guest-at-your-wedding-2aed35755456

    Check out the rest of CyAN's media channels on https://cybersecurityadvisors.network/media - and visit us at https://cybersecurityadvisors.network

    Original YouTube video: https://youtu.be/zwMSUbDeYfU

    Intro/outro music courtesy of Studio Kolomna via Pixabay: https://pixabay.com/users/studiokolomna-2073170/

  • The cybersecurity employment market is in a unique situation - teams are often underfunded and overtaxed, while layoffs at big tech and other security-reliant critical firms have left insecurity in the industry - as regulatory requirements and evolving threats require ever more attention to the topic.

    Meanwhile, academic institutions are continuously challenged to improve their approaches to developing the next generation of talent. Cyber- and information security are broad topics, and benefit from a wide range of knowledge, experiences, and areas of study - not just hard core hands-on tech skills.

    This raises questions about how aspiring cybersecurity experts should direct their studies, and how academic leaders and institutions can support them in this journey.

    Today we welcome Dr. Gergely "Greg" Dzsinich, CyAN board member and professor at Emlyon business school in Lyon, France, and Florian Muntner, a masters degree candidate embarking on a cybersecurity career later this year who is supporting a privacy project led by Prof. Dzsinich.

    Join us as we talk about a wide range of considerations when aiming for a cybersecurity career via various academic disciplines, as well as the unique project approach of the Emlyon team to create continuity among successive "generations" of students aiming for careers in the cybersecurity field.

    You can find Dr. Dzsinich on LinkedIn here - https://www.linkedin.com/in/gdzsinich/
    ...and Florian Muntner here: https://www.linkedin.com/in/florian-muntner/

    This episode of Secure-in-Mind is also available in video form at https://youtu.be/yQWF1DNubbU

    Check out the rest of CyAN's media channels on https://cybersecurityadvisors.network/media - and visit us at https://cybersecurityadvisors.network

    Intro/outro music courtesy of Studio Kolomna via Pixabay: https://pixabay.com/users/studiokolomna-2073170/

  • Many of us have fallen victims to scams. Most of us know someone else who has. Fraud did not start with the Internet, but it has unfortunately become an integral part of the online experience.

    Jorij Abraham is Managing Director of the Global Anti-Scam Alliance (GASA), a non-profit organization based in Amsterdam and a partner to CyAN.

    In today's Secure-in-Mind episode, we talk about GASA's mission fighting scams of all sorts. What is a scam? What types of scams are most common around the world, who are the victims, and who are the major perpetrators?

    Jorij shares his experience in helping to fight abuse, whether it involves fake work visa promises, business email compromise, as well as subscription, romance, crypto, and many other scams that defraud innocent victims of their money. How are we working with law enforcement? What are tech companies doing to fight scams? And, as always, we ask Jorij his views on what the future will bring.

    CyAN strongly endorses GASA's mission; visit them at https://gasa.org, as well as their https://scamadviser.com service where you can check whether something is a known scam.

    Consider also register for GASA's annual summit in Lisbon, Portugal, on Oct 18-19 2023 - https://www.gasa.org/event-details/4th-global-anti-scam-summit-2023

    You can find Jorij on LinkedIn at https://www.linkedin.com/in/jorijabraham/

    The Cybersecurity Advisors Network lives at https://cybersecurityadvisors.network -

    This episode is available as a video at https://youtu.be/XidPnG6SmaY

    All our various media channels are here: https://cybersecurityadvisors.network/media

    Intro/outro music courtesy of Studio Kolomna via Pixabay: https://pixabay.com/users/studiokolomna-2073170/

  • Let's face it: your company will be breached. This is just a reality in today's business world. The first step is to accept this, and to understand why it happens. The next step is to take steps to minimize the damage from a security incident when it inevitably occurs.

    In today's episode of the Secure-in-Mind series of conversations about security topics, CyAN explores the topic of surviving a cyber incident - from both a human and an organizational level.

    How do you prepare for something you've never experienced before? What can you do to mitigate the damage when it happens? Will your business survive? And who do you turn to when things go wrong?

    Geoff Leeming is founder and consultant with Pragma, a Singapore-based cybersecurity firm providing preventative and response services to businesses around the world. You can find him on LinkedIn here: https://www.linkedin.com/in/geoffleeming

    Visit Pragma at https://pragma.ltd/

    Check out the video version of this chat at https://youtu.be/9tCLFkuqJ1E - and don't forget to watch the rest of CyAN's great videos at https://youtube.com/@cybersecadvisors

    CyAN is at https://cybersecurityadvisors.network

    Intro/outro music courtesy of Studio Kolomna via Pixabay: https://pixabay.com/users/studiokolomna-2073170/

  • In today's episode of the Secure-in-Mind series, I'm joined by Anthony Hess, CEO of co-founder of cyber crisis management and response firm Asceris.

    Anthony has a wealth of experience working with insurance firms, especially in the field of cybersecurity and cyber risk insurance, and combines a strong technologist's background with a wealth of knowledge around insurance logic, policy types, underwriting methodologies, and more.

    Cyber risk insurance has been a growing topic over the past decade, and in our conversation today, we seek to address several misconceptions about this type of service, while giving you a basic understanding of what you need to know when considering such a service.

    For example, we talk about

    - what types of policies are there?
    - what's all the hubbub around Lloyds of London's much-discussed "cyber acts of war" exception?
    - what's the relationship between insurance and regulatory risk management requirements?
    - what types of services to insurance firms offer to their customers?

    ...and many more.

    Visit him on LinkedIn at https://www.linkedin.com/in/anthonyhess/

    You can find Asceris at https://www.asceris.com/

    Don't forget to check out the Cybersecurity Advisors Network at https://cybersecurityadvisors.network and on LinkedIn at https://www.linkedin.com/company/cybersecurityadvisors/

    Our YouTube channel is at https://youtube.com/@cybersecadvisors

    Intro/outro music courtesy of Studio Kolomna via Pixabay: https://pixabay.com/users/studiokolomna-2073170/

  • In the latest episode of the Good Faith Cybersecurity Researches' Coalition dialogues, we speak with Mischa Hansel, head of the research focus on international cybersecurity at the IFSH - the University of Hamburg institute for peace research and security.

    In our conversation, we cover topics such as
    - stockpiling and weaponizing of cyber vulnerabilities by state actors
    - vulnerability reporting requirements to national authorities
    - handling of cyber vulnerabilities by authoritarian governments
    - the impact of free discourse around vulnerabilities on liberal democracy
    - vulnerability-as-a-service providers
    - the role of academia and free research in the uncovering of cyber vulnerabilities

    A few links Mischa provided that are relevant to this conversation, and to IFSH's work:

    - International Cybersecurity Made in Hamburg: https://international-cybersecurity.com/
    - A paper published in Just Security around strengthening cybersecurity researchers https://www.justsecurity.org/81293/empowering-security-researchers-will-improve-global-cybersecurity/
    - the IFSH newsletter (Jan's Cyber Hotchpotch) " offering an entertaining weekly summary of what is going on in cybersecurity" - subscribe via https://ifsh.us6.list-manage.com/subscribe?u=2fda1cac544809b12bab70663&id=d8ad8ab2a0
    - A paper on the peace and security implications of cybercrime: https://ifsh.de/file/publication/Research_Report/012/Research_Report_012_EN_web.pdf

    IFSH is at https://ifsh.de/

    You can find Mischa Hansel on LinkedIn at https://www.linkedin.com/in/mischa-hansel-7207ba1a2

    Visit us at https://gfcrc.org - and check out the Cybersecurity Advisors Network at https://cybersecurityadvisors.network

    Also check out the GFCRC video series at https://youtube.com/@gfcyber

    Intro/outro music courtesy of Studio Kolomna via Pixabay: https://pixabay.com/users/studiokolomna-2073170/