Future of Cyber Crime

In this episode of the Future of Cybercrime podcast, Zaira speaks with Irina Nesterovsky, Chief Research Officer of KELA. They explore the world of cyberthreats and the method to the madness that is cyber threat research and investigation.    Topics discussed include:  The “How” Behind the power of KELA's cyber threat intelligence The traits that make for a great intelligence analyst  A look into a prominent cyberattack and surfacing attribution Recommendations on how to leverage threat intelligence to improve your Security function   Resources:  Irina on LinkedIn: https://www.linkedin.com/in/irina-nesterovsky-95017442?originalSubdomain=il KELA Cyber Intelligence Center: https://www.kelacyber.com/resources/research/  KELA Cyber: https://www.kelacyber.com/ 

In this episode of the Future of Cybercrime podcast, Zaira speaks with Nirali Bhatia, Cyber Psychologist and CEO of Cyber BAAP. They explore the world of cyber psychology and how useful it is during threat investigations and ransomware negotiations.    Topics discussed include:  Nirali’s understanding of threat actor psychology How cyber psychology is applicable to ransomware negotiations  The effects of cybercrime on the general public  Recommendations on how to build cyber psychology education into enterprises and how to teach every day people   Resources:  Nirali on LinkedIn: https://in.linkedin.com/in/nirali-bhatia Nirali’s Twitter: https://twitter.com/bhatianirali?lang=en Nirali’s Website: https://niralibhatia.com/ KELA (Cyber Threat Intelligence): https://www.kelacyber.com/

In this episode of the Future of Cybercrime podcast, Zaira speaks with Chris Kirsch, CEO of runZero and seasoned social engineering practitioner. They explore the world of “hacking humans” from building target profiles to everyday hacks and exploiting trust.    Topics discussed include:  Chris’ perspective on what makes for a good social engineering exercise  A walk-thru of competition hacks and client exercises Key advice for all listeners on how to identify social engineering  Recommendations on how to build a social-engineering proof organization  Resources:  Chris on LinkedIn: https://www.linkedin.com/in/ckirsch/ Chris’s Twitter: https://twitter.com/chris_kirsch KELA (Cyber Threat Intelligence): https://www.kelacyber.com

In this episode of the Future of Cybercrime podcast, Zaira speaks with Raveed Laeb, VP of Product with KELA and seasoned Intelligence practitioner. They build a semantics framework around the cybercrime underground, then dig into its workings to surface the view from everyday KELA intelligence hunters.   Topics discussed include:  Raveed’s perspective on what defines the cybercrime underground and the activities that take place therein  How transfer learning from any intelligence discipline to cybersecurity is possible  How malicious actors act and conduct commerce in the cybercrime underground The “how” behind KELA’s “home-brewed” threat intelligence collection, curation, and refinement Top 3 “must haves” to build a successful “CTI” or continuous threat intelligence practice  Resources:  Raveed’s on LinkedIn: https://il.linkedin.com/in/raveed-laeb-2a2984ba Raveed’s Twitter: https://twitter.com/raveedl?lang=en KELA (Cyber Threat Intelligence): https://www.kelacyber.com

In this episode of the Future of Cybercrime podcast, Zaira speaks with Tyler Wrightson, CEO of Leet Cyber Security, Ethical Hacker, and author of “Advanced Persistent Threat Hacking: The Art and Science of Hacking Any Organization”. They discuss Tyler’s perspective on the hacker mindset, the state of security in most businesses today, and his perspective on how to improve the cybersecurity practice moving forward. Topics discussed include:  Tyler’s background in offensive security and how he plans penetration tests using the adversary's perspective   The process of bringing business context into adversarial modes of attack The difficulties modern security practitioners face in deterring cyber threats Where the modern security defender is missing the mark  The “risk perspective” from a hacker’s perspective vs. a security practitioner’s perspective Actionable advice for security practitioners, including the importance of understanding the adversary's mindset Resources:  Tyler on LinkedIn: https://www.linkedin.com/in/tyler-wrightson-87aaa15 Tyler on Twitter: https://twitter.com/tbwrightson?lang=en KELA (Cyber Threat Intelligence): https://www.kelacyber.com/  

In this episode of the Future of Cybercrime podcast, Zaira speaks with Brian Stack, Vice President of Engineering and Dark Web Intelligence at Experian Consumer Services. They discuss Brian’s experiences in the cybersecurity industry, protecting consumers, and the changing landscape of cybercrime. Topics discussed include:  Brian's background in computer engineering and experience as a white hat hacker Protecting consumers and educating them about cyberattacks, identity theft, and digital security The difficulty of navigating the digital world and staying safe, while leveraging the convenience provided by digital technology Experian's efforts to provide free content, simple navigation, and focus on prevention, prediction, and analytics The use of interviews with customers to gain insight into their needs and desires, and the importance of providing tools, services, and scores to give customers more control and power The evolution of the cybercrime underground and threat intelligence over time, including the growth of ransomware Biggest misconceptions Brian runs across as it pertains to the cybercrime underground Actionable advice for security practitioners, including the importance of understanding human psychology and the manipulation of human behavior in cyberattacks Resources:  Brian on LinkedIn: https://www.linkedin.com/in/brian-stack-777a39/ Brian on Twitter: https://twitter.com/brianmstack KELA (Cyber Threat Intelligence): https://www.kelacyber.com/  

In this episode of the Future of Cybercrime podcast, Zaira speaks with Eduard Kovacs, a contributing editor to SecurityWeek. They discuss Eduard’s decade-long background as a cybersecurity journalist, the evolving trends in cybercrime over the past decade, the collaborative relationship between journalists and cybersecurity researchers, and how information is obtained from underground forums.  Topics discussed:  Eduard’s approach to write with individual readers in mind, even if he is covering a technical topic Cyber threat actors are seen as humans, just like journalists and researchers. Why collaboration between journalists and cybersecurity researchers is critical. The role journalists play in bringing attention to critical vulnerabilities or breaches that companies may ignore. The importance of empathy when covering cyber threat actors and why simplicity is key in understanding their behavior. What Eduard is seeing in the space as cybersecurity researchers work more and more collaboratively to advance the industry. Exploring the accessibility of cybercrime forums for journalists and researchers How the threat hunting ecosystem has evolved to evade law enforcement.  Resources:  Eduard on SecurityWeek: https://www.securityweek.com/contributors/eduard-kovacs/ Eduard on Twitter: https://twitter.com/EduardKovacs Eduard on LinkedIn: https://www.linkedin.com/in/eduard-kovacs-7b796134/

In this episode, Zaira speaks to Mathew J. Schwartz, Executive Editor at Data Breach Today and an award-winning journalist. They discuss how Mathew was drawn to writing about cybersecurity for a career, how journalists can better seek out the truth to cyber crime situations and not let criminals control the narrative, and the evolution of business resiliency to breaches and attacks. Topics discussed: How Mathew combined his longtime fascination with hacking and computer crime with his love of writing into a career that tells the stories — and the truth — of the cybercrime world. The search for truth in cyber crime, why it’s necessary to look at multiple sources to confirm that truth, and why you should question what the crooks say about themselves because their "truth" is likely a self-promotional lie. How a journalist digs into cyber crime events by asking blue-sky questions to find out why certain targets are hit, and whether certain sectors are more vulnerable or whether attackers are simply being opportunistic. Why ransomware is an exciting and fascinating topic to cover, especially since both threats and business security are constantly evolving. How business resiliency to ransomware attacks has changed, and how more companies are putting security measures in place so as not to need to pay ransom. How cybercrime journalism will evolve in the coming years, and why it's necessary to use the correct language and terminologies to make cybercrime reporting more objective. Pieces of advice for future journalists, and why a journalist's job is to demystify the cybersecurity world. Resources Mention:  DataBreachToday.com @EuroInfoSec on Twitter and Mastodon

In this episode, Zaira speaks to Joseph Carson, Chief Security Scientist and Advisory CISO at Delinea. With nearly thirty years in the industry, Carson discusses how he's seen cybersecurity evolve, how ethical hacking is a skill and a mindset rather than a crime, and why security should focus not on protecting computers but protecting people and society.  Topics discussed: Joseph's nearly thirty-year background in security, from managing mainframes, learning COBOL, and programming with hole punches, to his security work today that has included architectural designs, cybersecurity awareness training, and ethical hacking. How creating better security starts by understanding the humans behind the machines, and how security isn't about protecting computers but about protecting society. How Joseph got started with hacking, and why hacking is a skill and a mindset that helps make people safe. How the cybersecurity industry can help its image by talking less about how scary the work can be and instead show how fun it can be. The value of learning from failures while ethically hacking, understanding that you may not find the answer the first time, and learning the fundamentals to help you understand how to pivot. The evolution of the state of cybercrime, from hacktivists curious about what they could do, to today's business of organized cybercrime — and why ransomware is the "perfect weapon" for immediate impact. The importance of closing skills gaps and hiring from diverse backgrounds to strengthen security teams, as well as the importance of providing psychological support to teams managing high-stress environments during and after attacks. Resources Mention:  LinkedIn: https://www.linkedin.com/in/josephcarson/ Twitter: @joe_carson KELA (Cybercrime Threat Intelligence): https://www.kelacyber.com/  

In this episode, Zaira Pirzada speaks to Alex Tilley, APAC Intelligence and Research head at Dell SecureWorks. A highly awarded cybercrime researcher, Tilley was at the forefront of research and countermeasures when phishing and malware first began to attack banking platforms and their customers. He moved on to become a senior cybercrime technical analyst with the Australian Federal Police, where he focused his analytical approach on the "who" and "why" of cybercrime fighting. Tilley became a recognized technical expert at the Supreme Court level in the prosecution of cybercrime and child-protection related offenses before moving back to the private sector, where he now serves in his current role. In this episode, Zaira and Alex discuss what security teams do right, where they can improve in their never-ending battle against threat actors, and his actionable tips for defenders.  Topics discussed: Alex summarizes his view about the current state of cybercrime today. He shares his thoughts on the evolution of cybercrime threat intelligence. Zaira and Alex explore things security teams can do to improve. They discuss some of the benefits of employee retention within the security team. The balance between former government intel specialists and private intelligence training opportunities.  Alex gives valuable suggestions for ways business leaders can incentivize security teams to be more effective. Resources Mention:  Secureworks.com Alex Tilley on LinkedIn

In this episode, Zaira Pirzada speaks to Harlan Carvey, Senior Incident Responder, R&D at Huntress. During the episode, they talk about how today's current incident response business model can be improved to promote better threat intelligence gathering and collaboration.  Topics discussed: Harlan explains that in twenty years of incident response work, every job has been unique. He shines light on the state of cybercrime from the responder and attacker perspectives. The importance of collaboration between incident responders and threat intelligence professionals.  How teams can improve their effectiveness by sharing intelligence gathered during incident response.  Why it's important for incident responders to recognize that even if the hardware and software are the same as a previous job, many other factors make each job unique. How he has seen defensive techniques and practices from years ago find application in modern incident response.  Harlan’s predictions on the future of the cybercrime underground, including how shortcomings we see in cybersecurity today are likely to continue until there is a financial incentive for end users to demand better. Resources Mention:  WindowsIR Kindle Edition Harlan Carvey on Twitter Harlan Carvey on LinkedIn

As technology continues to advance and evolve, so does our society and, with it, the changing nature of how we combat cybercrime. A significantly increasing portion of law enforcement is now dedicated to upholding safety and security on the internet. This involves protecting victims from online crimes and ensuring that the laws are being followed across geographical boundaries and digital domains.  In this episode of the Future of Cybercrime podcast, Zaira Pirzada speaks with Dr. Philipp Amann, Head of Strategy at the European Cybercrime Centre (Europol). Philipp and Zaira talk about fighting cybercrime from a global perspective.  Topics discussed: Philipp describes the role of Europol concerning cybercrime within EU member states and many non-EU partners with whom it has operational agreements. Philipp and Zaira talk about The Cyber Blue Line, Europol Spotlight Report co-authored by Dr. Amann and Dr. Mary Aiken. Zaira asks Philipp to define the protection governance gap and discuss why cybersecurity is not enough to protect it.  Philipp elaborates on his view of the role law enforcement plays in cyberspace. Some of the challenges at the UN level regarding defining cybercrime within the relevant legal frameworks are discussed.  Philipp describes how the concept or domain of "safety tech" goes beyond the bits and bytes of cybersecurity by putting human behavior at the center of the design.  Philipp talks about why we need to address offender convergence in dark web settings and rampant cyber criminality facilitated by the premise of anonymity online. Resources Mentioned: Philipp Amann on LinkedIn: https://www.linkedin.com/in/philippamann/?locale=en_US The Cyber Blue Line, Europol Spotlight Report: https://www.europol.europa.eu/publications-events/publications/europol-spotlight-cyber-blue-line Europol: https://www.europol.europa.eu/  Philipp Amann on Twitter: @fipman Stop Child Abuse – Trace an Object: https://www.europol.europa.eu/stopchildabuse

In this episode of the Future of Cybercrime podcast, Zaira Pirzada speaks with Etay Maor, Senior Director of Security Strategy at Cato Networks. Etay provides fascinating insights into his work as a threat intelligence researcher during the show.  Topics discussed: Etay shares his thoughts about how economic conditions and world events affect cybercrime. Etay and Zaira examine how threat actors collaborate and share data to create what could be called cybercrime syndicates. They explore ways cyber defenders can and should broaden their input from various disciplines to create innovative approaches to cybersecurity.  Etay compares how his non-technical students at Boston College sometimes develop more creative approaches to potential attack scenarios than more classically minded technical students. Zaira probes to uncover Etay's thoughts about how businesses react to cyber incidents.  Etay describes how cyber breaches are no longer solely a technical issue. In equal measure, they are business issues requiring additional stakeholders to be involved in decision-making.  Etay talks about his belief that cyber breaches are always the result of multiple steps taken by attackers. They are never the result of a single point of failure. Resources Mentioned: Etay Maor on LinkedIn: https://www.linkedin.com/in/etaymaor/ Cato Networks Free Educational Resources: https://www.catonetworks.com/resources/

There are different types of cybercrime, and the threat actors range from sophisticated criminal organizations to lone hackers. Understanding an attacker's motivation and technical skill level can enhance your ability to respond to cyber incidents and conduct data breach investigations and analysis. In this episode of the Future of Cybercrime podcast, Zaira speaks with Senior Vice President for Digital Forensics and Incident Response Investigations at IR Inc., Matthew Swenson. During the show, Matt and Zaira provide a fascinating look at the different types of cybercrime and the evolution of threat actors.  Topics discussed: Matt shares how the Department of Homeland Security defines cybercrime and the difference between cyber-dependent and cyber-enabled investigations. Matt and Zaira examine the intersections between cyber-dependent and cyber-enabled crimes. They explore the role that social engineering plays in these two types of cybercrime.  Matt compares his previous work within the DHS bureaucracy to his current role as a leader within a fast-paced, dynamic incident response startup. Zaira probes to uncover the importance and shortcomings of private-public cooperation in fighting cybercrime.  Matt offers his views on the state of cybercrime today and how it has evolved throughout his career.  Matt talks about threat intelligence from both a law enforcement and private organization perspective. Resources Mentioned: Matthew Swenson on LinkedIn

In order to protect our data and systems, we need to develop new methods and tools for safeguarding them against attack. Academic researchers are at the forefront of developing new strategies for protecting our data and systems from cyberattacks. They are constantly exploring new ways to secure our networks, defend our systems, and prevent unauthorized access. In this episode of the Future of Cybercrime podcast, Zaira speaks with Cyber Intelligence Researcher at the National Consortium for the Study of Terrorism and Responses to Terrorism (START) at the University of Maryland, Rhyner Washburn. During the show, Rhyner and Zaira discuss cybersecurity research in academia and private companies.  Topics discussed: Rhyner talks about the various roles of a cybersecurity researcher and the day in the life of a cybersecurity researcher in academia. Rhyner and Zaira uncover some differences between academic research and investigations that you might find in a public or private sector organization.  They explore the benefits organizations could realize from having dedicated researchers not purely driven by the organization's mission.  Rhyner discusses his START work, including biosecurity, CBRN (Chemical, Biological, Radiological, and Nuclear) threats, and cybersecurity. Zaira focuses on the commercial nature of much of today's relevant cybersecurity threat intelligence and probes to discover Rhyner's views on the future of academic research in this area.  Rhyner discusses some ways that collaboration between academia and private companies can elevate the level of cybersecurity research.   Rhyner offers three pieces of actionable advice for security practitioners and researchers. Resources Mentioned: Rhyner Washburn on LinkedIn: https://www.linkedin.com/in/rtburn/ National Consortium for the Study of Terrorism and Responses to Terrorism (START): https://www.start.umd.edu/

When it comes to the cybercrime underground, threat intelligence is critical. By understanding the threats on the cybercrime underground, organizations can take steps to protect themselves from these dangers. In this episode, host Zaira Pirzada speaks with independent cyber intelligence researcher Saurabh Chaudhary. During the show, Saurabh and Zaira take a deep dive into the value of threat intelligence and how practitioners can use it to protect their organizations.  Topics discussed: Saurabh shares his experience and insights into cybercrime threat intelligence. Saurabh and Zaira examine the collaborative nature of cybercrime. They explore how monitoring the cybercrime underground can give organizations a heads-up about threat actors planning an attack or selling the spoils of a recent successful exploit.  Saurabh suggests ways to engage with threat actors on the cybercrime underground to prevent the further escalation of a breach. Saurabh explains why he believes that intelligence will always be about people regardless of spending billions of dollars on tools and technologies.  Zaira and Saurabh explore the differences between threat hunting and threat intelligence.

Cybersecurity journalists play an essential role in educating the public about the risks of cyberattacks and the importance of protecting their data. They also help keep businesses and individuals informed about the latest security threats and how to protect themselves. In this episode, host Zaira Pirzada speaks with Greg Otto, Editorial Director at Trail of Bits. During the show, Zaira and Greg explore the ins and outs of cybersecurity journalism and why it matters and shares some of the challenges.   Topics discussed: Greg shares what motivates him to cover and report on the field of cybersecurity. Greg and Zaira talk about the relationship between journalists and security researchers.  Greg gives some insights into the challenges of communicating a very specialized and technical topic, like cybersecurity, to non-technical users and readers. Zaira prompts Greg to share some of the important changes he has noticed over his years covering cybersecurity, from script kiddies to nation-state threat actors.  Greg shares why cybersecurity journalists need a somewhat technical understanding of systems and threats and a good grasp of the business side of the equation that drives protection funding. The discussion turns to how journalism and threat research are very similar in many ways.  Resources Mentioned:  Greg Otto on Twitter: https://twitter.com/gregotto  Trail of Bits on Twitter: https://twitter.com/trailofbits

The dark web is a murky place and is home to all sorts of nefarious activities. Threat intelligence is essential for keeping track of the latest threats and vulnerabilities on the dark web. In this episode, host Zaira Pirzada speaks with Scott Small, Director of Cyber Threat Intelligence at Tidal Cyber. During the episode, Scott shares insights from his research and analysis, including how organized threat actor groups are lowering the barrier for entry to performing malicious activity.  Topics discussed: Success stories from dark web threat intelligence. How threat actors leverage automation to stay ahead of the security community. How initial access brokers (IABs) sell access to follow-on threat actors.  How cybercrime is moving to a service-based economy. What dark web "shop talk" reveals about threat actor tactics, techniques, and procedures (TTPs). Why security professionals need to take dark web intel seriously to protect their organization. What security practitioners get wrong about dark web threat intelligence. Resources Mentioned:  Control Validation Compass Threat modeling aide & purple team content repository: https://controlcompass.github.io/  META OSINT: https://metaosint.github.io/  TropChaud: https://github.com/tropChaud KELA Cyber Threat Intelligence: https://www.kelacyber.com