Podcast Transcription


Christine Izuakor:

Welcome to The Veriato Insider, a biweekly podcast covering some of the latest trends and things to know in cybersecurity. This podcast is sponsored by Veriato, a next-generation employee monitoring, and insider threat detection software provider. To learn more about how Veriato can help protect your company, check out Veriato.com. I'm Dr. Christine Izuakor, your host for today's segment. And we're hitting the halfway mark this month, and it's already been an eventful year, to say the least.

Christine Izuakor:

So despite the unprecedented times that we're facing today, one thing that's remained constant is that a pandemic does not slow down cyber attackers by any means. If anything, some malicious individuals saw this as an opportunity to cash in. And so, today's topic is covering breaches in 2020 that we've seen so far, what we can learn, and what the future might hold. And we have a special guest with us today to cover this. Becky Selzer is joining us here in Chicago. I've known Becky for quite a few years, from my prior days in aviation cybersecurity, and so I'm really excited about this conversation.

Christine Izuakor:

Becky is an experienced cybersecurity expert who has worked across numerous cybersecurity functions from the public sector to the Fortune 100 private sector. She earned a master's degree in computer science with emphasis in cybersecurity from Johns Hopkins, and is CISSP certified. She also has years of experience focusing on threat intelligence, vulnerability detection, and so much more. So, welcome, Becky, and thanks for joining us.

Becky Selzer:

Thanks for having me.

Christine Izuakor:

It is my pleasure. So to start, could you tell us more about who you are and your background?

Becky Selzer:

Sure. Well, my name's Becky Selzer. I've worked in the cybersecurity field for about 15 years now. I started in the government area, in the US federal government space, and then moved over to United Airlines around 2014. In the last six years, I have had over six positions, doing all sorts of things from threat intelligence, incident response, vulnerability management, application security, ethical hacking, and most recently, aviation cybersecurity.

Christine Izuakor:

Awesome. Now we've seen everything from attackers targeting already strained hospitals with ransomware during this pandemic to just this morning, I was reading about a 21 year old Australian gold medalist who was hit with a cyber extortion attempt. And so, never a dull moment in the cybersecurity attack and, just, breach space. My question for you is, what's the most interesting cybersecurity trend or general, you know, industry briefs that you've seen so far this year? And what can we learn from it?

Becky Selzer:

Great question. There's definitely been a lot of taking advantage of the pandemic to definitely change their phishing tactics, so that they're taking advantage of people who are in the middle of a pandemic, trying to get information, and sending over phishing emails that are related to that. So I'm definitely seeing that happening in the news. But on the cyber trend side that I'm most excited about, is there has been a bigger focus on operational technology. So looking at the kind of technologies that are supporting things like hospitals, or in our case, aviation.

Christine Izuakor:

Yeah, super important. Now, threats stemming from insiders are still a top concern for many companies as well. And so another question is, what role do employees and insiders play in modern day security incidents? And how has this shifted over time, if at all?

Becky Selzer:

Employees are always a key part, you'll hear that forever in security awareness training. Um, but I think there’s a lot of importance around training the employees. But that's something that's really ... You know, it's everyone's job, but also we are the experts there. So how can we best support them to do their jobs and make their lives easier when it comes to being assets for us in the cybersecurity space? How can we get them to report certain things to us?

Becky Selzer:

And on the insider threat space, this is absolutely an interesting time for that, as more and more unemployment claims are being filed, those are people who are losing their jobs, getting upset with their former company, or may even be anxious about losing their jobs. Um, how do they react? How do they change? And how are we monitoring them to make sure that we're not losing large amounts of data or losing operational capability?

Christine Izuakor:

Yeah. I think that's really important. You know, training and awareness, and the people side of things, is, like, my favorite topic ever. And so (laughing) ...

Becky Selzer:

Great topic.

Christine Izuakor:

I totally agree. And I think just the events and the landscape that we're in right now is that there's so much movement, between people coming and going. But also, I think another area that's not talked about a lot is, I think there's going to be huge growth in using more gig workers, contractors, and outsourcing. And so, all of that is still, just expanding the insider challenge the companies already know, trying so hard to get a handle on.

Becky Selzer:

Yeah, that's huge. I mean definitely taking a look at the, the third party space. Who are the people who are working for you? How can you trust them? How can you set up an environment from a technical standpoint so that you can be sure that you're making all your data safe?

Christine Izuakor:

Yeah, absolutely. So where do you predict companies should focus in the second half of the year, knowing some of these trends? Um, especially when it comes to, you know, just detection, prevention, and anything else?

Becky Selzer:

I think a lot of it still comes back to the remote worker space. There's still a lot of risk that comes with that, and companies have to be prepared. They have to understand what they can and can't see, so that they know how to respond to certain things, uh, in their environment. And there's, uh, I don't think that's really going to be a change for the second half of the year (laughs), it's probably going to be a continuation of the first. But, uh, it's definitely going to be something important. And, and as we've seen how companies can evolve with how they work, I think it'll be interesting to see how cybersecurity's able to catch up.

Christine Izuakor:

Are there any specifics, or certain areas, when it comes to remote work that you think companies will need to hone in on?

Becky Selzer:

That's a really great question. There's a lot of different places with that. I mean, you can look at it from an end point side, you can look at it from personal devices, trying to connect to the network. You can look at it from, what does your network look like now? What are your computers look like VPN'ed in? What does it look like when your third parties might be VPN'ed in? What are your B2B connections looking like in this remote environment? How are you looking at that whole space? And I think it's just, I love complex problems, and this space is definitely full of it, especially in the remote space right now for cybersecurity. So, it's always a lot of fun to think about, and a lot of fun to figure out how to protect.

Christine Izuakor:

Yeah, absolutely. And now, on to our final portion of the podcast, since our topic is all about 2020 breaches, we're bringing back cyber trending time. Here are a few quick, recent events to know. And all of these were reported within the last month by Infosec Magazine. Now, we've already said that, pandemic themed cyber-attacks have been a true plague right now, malicious hackers are trying to take full advantage of people looking for information and help. And so, COVID-themed attacks have been constant. Ransomware attacks against hospitals and critical entities have been up, of course, but in the latest wave of ransomware attacks, Android users were targeted.

Christine Izuakor:

So, known as CryCryptor, during this attack, Android users were lured into downloading a ransomware app disguised as an official COVID-19 tracing tool through two COVID-themed websites. Now note that this came shortly after the Canadian government actually announced that it was supporting the creation of a nationwide voluntary tracking app to alert on COVID hotspots. And so this is a key indicator that attackers are looking for the most relevant time, the most relevant information, that they can use to trick users.

Christine Izuakor:

So ransomware's still a thing, user awareness is still definitely important, as we discussed earlier. Next up, there has been a lot of talk about cryptocurrency security and those conversations, apparently, need to be taken more seriously. It's been reported that a single threat group has stolen roughly 200 million from cryptocurrency exchanges over a two-year period. So, the cyber-criminal organization CryptoCore was found by a security firm who revealed that this threat group has been active since about May 2018 and their main targets and victims have been the US as well as Japan.

Christine Izuakor:

Third, on the list, cyber-criminal Gareth Long was sentenced to 70 months in prison for running an elaborate scheme that claimed almost 400,000 victims throughout a six-month period a while back. His targets, America's elderly and senior population. So super unfortunate. He managed to get away with about $11 million in fraudulent, uh, deposits made by exploiting the trust of people in his third party payment processing company. So he used data from consumers that he had serviced in the past to create more than 700,000 fraudulent remote checks, exceeding 22 million.

Christine Izuakor:

So he submitted the requests for about 22 million, about half of them got denied by the victim's banks. And so he ended up getting away with that 11 million. This, well, getting away with, I mean, he's in jail now. So not so much (laughs). But this money was used for some period of time to fund this extravagant millionaire lifestyle for him, and it has now turned to a life behind bars.

Christine Izuakor:

And finally, last but not least, one malicious hacker has achieved millionaire status by selling corporate network access. Yes, you heard that right, this guy makes a living selling unauthorized access to business and corporate networks around the world. And so in just three years, he claims that he has compromised over 130 targets in 44 countries, including some Fortune 500 firms, and mentioned that about 9% of the victims were government-related. And so this is a scary reality of, especially false positive insider threats. Because he's essentially selling valid credentials to corporate networks.

Christine Izuakor:

And through this type of threat, it's, it's hard to detect. But it can still be picked up with advancing AI, user behavior analytic solutions, and things like that. But the flip side is, any employee could be considered an insider threat, right? And any employee can sell their credentials to an adversary. And so you have to, uh, have advanced solutions in place to pick up on those kinds of things. So definitely interesting times in the cybersecurity space, and especially with the breaches that we're seeing here in 2020.

Christine Izuakor:

Okay, so as we wrap up, are there any final thoughts that you want to share?

Becky Selzer:

Any final thoughts? It's just, it's hard out there. I mean, everyone's going through a lot emotionally with the pandemic, and I think that that alters kind of the attacker's state of mind as well. So how are your attackers changing? How are your threats changing in this landscape? And how do you stay ahead of it's just a, a constant thought, I think, on a lot of these, uh, a lot of other cybersecurity professional's minds, is how do we get through this? How do we, how do we make sure things are safe? And how do we keep, um, keep risk down in our environments?

Christine Izuakor:

Love it. Well hey, Becky, thanks so much for joining us today. That concludes the Veriato Insider podcast for this week. Again, this has been brought to you by Veriato, an award-winning cybersecurity company recently recognized with the Gold Award for Best Insider Threat Solution of 2020. Their solutions are anchored around four core pillars of cybersecurity protection, including employee monitoring and web filtering, workplace investigations, insider threat detection, and ransomware support. So to learn more about how Veriato can help protect your company, check out Veriato.com.

Christine Izuakor:

Thanks for tuning in, and a special thanks to Becky for joining us today.

Becky Selzer:

Thanks, Christine.

Christine Izuakor:

I'm Dr. Christine Izuakor, the CEO of Cyber Pop-Up, and it's been my pleasure to share these insights with you. Until next time, stay safe and secure, Insiders.

 


Listen To Podcast