WEBVTT 1 00:00:00.300 --> 00:00:02.340 Anna Delaney: Hello, I'm Anna Delaney and welcome to the 2 00:00:02.340 --> 00:00:05.880 weekly edition of the ISMG Editors' Panel. Here we discuss 3 00:00:05.880 --> 00:00:09.690 and debate the top cybercrime trends, news stories, features 4 00:00:09.750 --> 00:00:13.740 and interviews published on our sites. Editorial stars joining 5 00:00:13.740 --> 00:00:16.530 me this week are Mathew Schwartz, executive editor of 6 00:00:16.560 --> 00:00:20.220 DataBreachToday and Europe; Tony Morbin, executive news editor 7 00:00:20.220 --> 00:00:24.090 for the EU; and editorial director, Cal Harrison. Welcome 8 00:00:24.090 --> 00:00:24.600 all of you. 9 00:00:26.550 --> 00:00:27.570 Mathew Schwartz: Anna, it's great to be here. 10 00:00:27.750 --> 00:00:28.740 Cal Harrison: Yes. Good to see you. 11 00:00:29.100 --> 00:00:33.210 Anna Delaney: So glad. So starting with Matt, I think 12 00:00:33.210 --> 00:00:34.800 you're in a beer garden, are you? 13 00:00:34.000 --> 00:00:37.960 Mathew Schwartz: I think you'd be guessing correctly. Yes, 14 00:00:37.960 --> 00:00:42.040 Anna, well done. This is the 71 Brewing beer garden. This was 15 00:00:42.070 --> 00:00:46.660 an oasis and rather warming because Scotland was more often 16 00:00:46.660 --> 00:00:50.050 cold through the pandemic. They used to have a lovely little 17 00:00:50.290 --> 00:00:53.620 living room-like atmosphere in the or adjacent to the brewery 18 00:00:53.620 --> 00:00:56.320 where you can go and sample their wares. And then after the 19 00:00:56.320 --> 00:00:59.560 pandemic began, they opened a beer garden. So we've been 20 00:00:59.560 --> 00:01:02.950 having lovely weather, and it's been great to get out and do 21 00:01:02.950 --> 00:01:04.450 tours and have a couple of beers. 22 00:01:05.560 --> 00:01:08.500 Anna Delaney: Very good. The good result of the pandemic. Not 23 00:01:08.500 --> 00:01:13.780 many, but yes, one of them. That's great. Tony, you're 24 00:01:13.780 --> 00:01:15.250 sitting on a pile of money there. 25 00:01:15.990 --> 00:01:19.380 Yes, as Matt said in the Dragon's Lair, there with the 26 00:01:20.010 --> 00:01:25.530 smoke in the mountain, Bitcoin, Ethereum, cryptocurrency - never 27 00:01:25.530 --> 00:01:27.900 out of the news. And this week's no different. So that's where 28 00:01:27.900 --> 00:01:30.360 I'll be going when we get into the discussion. 29 00:01:30.660 --> 00:01:35.190 We look forward to that. So Cal, do explain; it's a mysterious 30 00:01:35.190 --> 00:01:36.390 setting. Tell us more. 31 00:01:37.410 --> 00:01:41.850 Cal Harrison: Well, this is the Bell Tower at the Cathedral and 32 00:01:42.060 --> 00:01:46.590 Vilnius and Lithuania. I thought since we will be talking about 33 00:01:46.590 --> 00:01:50.850 the cyber war today, this would be a great setting. I have some 34 00:01:50.910 --> 00:01:55.710 dear friends and colleagues in Lithuania, and, you know, 35 00:01:55.710 --> 00:01:58.680 obviously, that they've got a front row seat to the war and 36 00:01:58.710 --> 00:02:03.480 you know, are very concerned with all that's going on. So I 37 00:02:03.480 --> 00:02:04.770 do this to honor them. 38 00:02:05.430 --> 00:02:07.710 Anna Delaney: And you mentioned the cathedral. Do you know when 39 00:02:07.710 --> 00:02:08.340 it was built? 40 00:02:10.460 --> 00:02:15.620 Cal Harrison: I suspect it was a very long time ago. I'm sorry, I 41 00:02:15.620 --> 00:02:18.740 didn't realize there would be a pop quiz here. Nobody told me. 42 00:02:22.100 --> 00:02:25.310 I'll do my research better next time. How about that? 43 00:02:26.490 --> 00:02:29.310 Anna Delaney: Now, this is a question for Matt, do you know 44 00:02:29.310 --> 00:02:30.030 where I am? 45 00:02:31.230 --> 00:02:34.740 Mathew Schwartz: Oh, you are in a very trendy bar that only the 46 00:02:34.740 --> 00:02:38.310 coolest people would know even how to get to the San Francisco 47 00:02:38.000 --> 00:02:40.610 Anna Delaney: Very good. You remember the name? 48 00:02:38.310 --> 00:02:38.760 Bay area. 49 00:02:42.000 --> 00:02:46.200 Anna Delaney: Quirky bar in San Francisco. This was to celebrate 50 00:02:42.110 --> 00:02:42.440 Mathew Schwartz: No. 51 00:02:46.290 --> 00:02:50.310 the end of RSA but we were in a bar called Zam Zam. I thought 52 00:02:50.310 --> 00:02:55.350 this would be a suitable setting for our final question today. So 53 00:02:55.860 --> 00:03:00.060 yes, there I am. Hope you're feeling thirsty. Well, onto a 54 00:03:00.060 --> 00:03:03.630 more serious issue. Matt, you conducted earlier this week or 55 00:03:03.630 --> 00:03:07.260 last week, an excellent insightful interview with the 56 00:03:07.260 --> 00:03:11.820 deputy head of Ukraine's cyber agency, Victor Zhora, who shared 57 00:03:11.820 --> 00:03:15.000 a wealth of information on lessons learned from the 58 00:03:15.030 --> 00:03:18.990 Russia-Ukraine hybrid war so far. So we'd love to hear more 59 00:03:19.110 --> 00:03:20.700 about the conversation. 60 00:03:21.410 --> 00:03:23.420 Mathew Schwartz: Yes, I recently had the good fortune to be 61 00:03:23.420 --> 00:03:26.210 speaking, as you say, with Victor Zhora. He is the deputy 62 00:03:26.210 --> 00:03:30.530 head of the SSSCIP, which is Ukraine's government cyber 63 00:03:30.530 --> 00:03:35.510 defense agency. And I was speaking with him about what 64 00:03:35.510 --> 00:03:39.290 he's been seeing. As we know, the war has been going for a 65 00:03:39.290 --> 00:03:42.950 while now since it began on February 24. Although, of 66 00:03:42.950 --> 00:03:48.290 course, Ukraine was seeing online attacks. In the run up to 67 00:03:48.290 --> 00:03:51.920 that, there was some wiper malware, in particular, which 68 00:03:52.670 --> 00:03:55.280 security experts think may have been inadvertently triggered in 69 00:03:55.280 --> 00:03:58.370 advance of the invasion. It targeted a bunch of government 70 00:03:58.670 --> 00:04:03.230 agencies. So we've been rounding up what has been happening. And 71 00:04:03.260 --> 00:04:06.440 recently, I spoke with a non-governmental organization 72 00:04:06.440 --> 00:04:11.270 called CyberPeace Institute in Geneva, which tracks cyber 73 00:04:11.270 --> 00:04:15.440 incidents and their impact on civilian populations. And it 74 00:04:15.440 --> 00:04:18.770 said there'd been a number of different groups involved. And 75 00:04:18.770 --> 00:04:23.750 it had counted or seen experts attribute, I should say, more 76 00:04:23.750 --> 00:04:29.540 than 300 attacks already so far in the conflict. And one of the 77 00:04:29.540 --> 00:04:31.970 points it made is that this is hitting a lot of different 78 00:04:31.970 --> 00:04:35.600 countries. We think of this as being a war between Russia and 79 00:04:35.600 --> 00:04:41.120 Ukraine. And it is, but there is a lot of fallout. So I ran that 80 00:04:41.120 --> 00:04:45.020 by Victor Zhora. I said, are you seeing 300 attacks? And he said, 81 00:04:45.050 --> 00:04:49.100 "Actually, no, we're seeing more in the order of 1,600 serious 82 00:04:49.220 --> 00:04:54.230 incidents as we go." And I asked him, what is the most 83 00:04:54.230 --> 00:04:58.250 challenging or what's the most alarming of these things that 84 00:04:58.250 --> 00:05:01.640 you have to deal with? And he highlighted, as I was 85 00:05:01.640 --> 00:05:04.640 mentioning, before: wiper malware. He said that's had a 86 00:05:04.640 --> 00:05:08.300 huge impact. It's not just disrupting systems, but it's 87 00:05:08.300 --> 00:05:11.900 also disrupting, for example, the flow of refugees over 88 00:05:11.900 --> 00:05:16.880 borders. So there's been a lot of chatter about cyber war not 89 00:05:16.880 --> 00:05:21.200 really having happened so much in the Russia-Ukraine conflict. 90 00:05:21.530 --> 00:05:24.440 But what we're seeing from CyberPeace Institute, and 91 00:05:24.470 --> 00:05:29.480 directly from Zhora, is this isn't the case at all. They are 92 00:05:29.480 --> 00:05:34.130 very quick to or careful, I should say, to note that cyber 93 00:05:34.130 --> 00:05:37.640 doesn't stand alone. Russia is launching kinetic attacks. 94 00:05:37.700 --> 00:05:40.520 Sometimes they're preceded, perhaps by minutes by 95 00:05:40.520 --> 00:05:45.290 cyberattacks to try to disrupt the target. There's all sorts of 96 00:05:45.290 --> 00:05:48.800 blended attacks. It was Zhora's phrase that I really caught on 97 00:05:48.800 --> 00:05:52.190 to. Not long after the war began, he called it the very 98 00:05:52.190 --> 00:05:55.610 first ever hybrid conflict in history. And I think that's so 99 00:05:55.610 --> 00:06:00.380 accurate about the kinetic and the cyber, but cyber is so often 100 00:06:00.410 --> 00:06:06.650 a component of one of the other things. So I asked Zhora, what 101 00:06:06.650 --> 00:06:10.700 kinds of attacks they were seeing? What sorts of resources 102 00:06:10.700 --> 00:06:14.150 were coming into play? Who's involved? Who is really having 103 00:06:14.180 --> 00:06:18.800 an impact? Is it just the big, bad Russian aggressor? Or are 104 00:06:18.800 --> 00:06:22.160 other groups having an impact as well? And here's what he told 105 00:06:22.160 --> 00:06:22.430 me: 106 00:06:23.080 --> 00:06:26.908 Victor Zhora: When we are talking about serious and 107 00:06:27.012 --> 00:06:32.289 well-planned operations that require a lot of human 108 00:06:32.393 --> 00:06:38.187 resources, and technically advanced tools, and financial 109 00:06:38.291 --> 00:06:45.017 resources, obviously, there will be organized and stealth mode in 110 00:06:45.120 --> 00:06:51.640 order to gain as much affect on our infrastructure as possible. 111 00:06:51.000 --> 00:06:53.867 Mathew Schwartz: So speaking with Zhora, he said, it's clear 112 00:06:53.933 --> 00:06:57.134 that there's multiple nation-state attack groups 113 00:06:57.200 --> 00:07:01.067 actively targeting Ukraine, but also having this spillover 114 00:07:01.134 --> 00:07:05.401 affecting other nations as well. So one of the big challenges is 115 00:07:05.468 --> 00:07:09.602 nation-state groups, but there's also a number of other threat 116 00:07:09.669 --> 00:07:13.936 actors at play here. And Cal, I just want to hand off, if I may. 117 00:07:14.002 --> 00:07:17.070 I know that you've been tracking this as well. 118 00:07:18.350 --> 00:07:24.350 Cal Harrison: Yes, absolutely, Matt. Unlike global oil prices, 119 00:07:24.500 --> 00:07:28.370 the number of threat actors in the conflict just keeps going 120 00:07:28.370 --> 00:07:34.820 up. According to the CyberPeace Institute, there are now 51 121 00:07:34.850 --> 00:07:41.720 different threat actor groups involved in the conflict and 13 122 00:07:41.720 --> 00:07:46.640 new ones, just in the past month. A lot of these are 123 00:07:47.150 --> 00:07:51.620 claiming to be hacktivist groups. I think when we look 124 00:07:51.620 --> 00:07:55.400 back on 2022, you know, it'll be the year of the hactivists 125 00:07:55.430 --> 00:07:59.870 because, you know, they're really rallying around either 126 00:08:00.140 --> 00:08:06.470 Ukraine or Russia, and, you know, really trying to make a 127 00:08:06.470 --> 00:08:10.760 difference. And, of course, you know, one of the 900 pound 128 00:08:10.760 --> 00:08:16.550 gorilla is Anonymous, which came in very early on in the war, and 129 00:08:16.820 --> 00:08:21.350 they've already hacked and leaked just an incredible number 130 00:08:21.350 --> 00:08:26.270 of documents from the Russian government, you know, Russian 131 00:08:26.270 --> 00:08:29.990 entities. And, you know, the experts are saying it's 132 00:08:29.990 --> 00:08:32.840 literally going to take years to come through all that. But you 133 00:08:32.840 --> 00:08:40.010 know, of course, we had the leak of the Conti information and 134 00:08:40.010 --> 00:08:43.340 ransomware code near the beginning of the war too. You 135 00:08:43.340 --> 00:08:49.670 know, that's unleashed something into the wild as a result of 136 00:08:49.670 --> 00:08:55.850 this. And it's pretty interesting. Actors like 137 00:08:55.880 --> 00:09:02.030 Anonymous, IT Army of Ukraine, these are all volunteers, you 138 00:09:02.030 --> 00:09:09.230 know, that just came up with the war and they're doing some stuff 139 00:09:09.230 --> 00:09:12.740 that I guess could be considered pranks, you know, like they've 140 00:09:12.740 --> 00:09:19.700 hacked into the Kremlin CCTV feeds. They've interrupted 141 00:09:20.420 --> 00:09:25.070 liquor distribution in Russia for three days, you know, with 142 00:09:25.070 --> 00:09:29.210 DDoS attacks. They've hacked electric vehicle charging 143 00:09:29.210 --> 00:09:36.980 stations with anti-Putin messages. So you can tell that 144 00:09:37.010 --> 00:09:41.270 they're having a good time, you know, it's quite a free parole. 145 00:09:42.080 --> 00:09:47.240 But at the same time, we've seen pro-Russia groups such as 146 00:09:47.270 --> 00:09:54.320 Killnet and most recently a group called NoName057 that have 147 00:09:55.430 --> 00:10:00.530 popped up and you know, are claiming to be cyber patriots 148 00:10:00.560 --> 00:10:04.040 for Russia. That's actually what Putin is referring to them as 149 00:10:04.040 --> 00:10:07.490 and they are the ones that were really going after all these 150 00:10:07.490 --> 00:10:14.810 other countries. A lot of DDoS attacks, a lot of them related 151 00:10:14.810 --> 00:10:19.040 to decisions that countries are making, you know, regarding who 152 00:10:19.040 --> 00:10:24.410 they're siding with in the war, whether Putin, most recently, 153 00:10:24.440 --> 00:10:28.010 you know, the parliament's voted on whether to consider the 154 00:10:28.010 --> 00:10:33.920 activities in Ukraine terrorist activities. And, you know, right 155 00:10:33.920 --> 00:10:36.620 away, just within the past couple of weeks, both the 156 00:10:36.920 --> 00:10:42.320 parliament in Finland and the parliament in Latvia were shut 157 00:10:42.320 --> 00:10:48.290 down for several hours by DDoS attacks. So yes, Matt, the 158 00:10:48.290 --> 00:10:53.600 situation is getting more and more complex every day. And I 159 00:10:53.600 --> 00:10:58.370 should add that a lot of people are concerned that what's going 160 00:10:58.370 --> 00:11:02.390 to happen when the war is over? And all of these, you know, 161 00:11:02.660 --> 00:11:05.840 thousands of new hackers, you know, they're going to have to 162 00:11:05.840 --> 00:11:10.070 have something to do, right? So, we'll see. 163 00:11:10.610 --> 00:11:13.970 Mathew Schwartz: Rehabilitation is always the next step. I mean, 164 00:11:13.970 --> 00:11:16.370 and you mentioned, it is very complicated. One of the 165 00:11:16.370 --> 00:11:20.120 questions I had for Zhora was, are these activists targeting 166 00:11:20.150 --> 00:11:24.890 Ukraine a threat? And he said, not really. And I think the 167 00:11:24.890 --> 00:11:27.650 sense is that if there's a lot of resources coming at them, 168 00:11:28.280 --> 00:11:31.520 that's challenging. But a lot of experts I've spoken to have 169 00:11:31.520 --> 00:11:34.850 lauded the state of Ukraine's defenses. It's been working 170 00:11:34.880 --> 00:11:37.820 overtime for the last eight years in combination with NATO, 171 00:11:37.850 --> 00:11:42.800 the U.S., the EU. And I think it was a nice surprise, but no 172 00:11:42.800 --> 00:11:47.300 surprise that Zhora recently appeared at Black Hat in Las 173 00:11:47.300 --> 00:11:51.560 Vegas. He appeared with the head of CISA and other security 174 00:11:51.560 --> 00:11:55.010 experts to say thank you and also, please don't forget us. 175 00:11:55.100 --> 00:11:58.790 And there was a lot of goodwill there at Black Hat. So it was 176 00:11:58.790 --> 00:12:03.140 lovely to see him at one of the biggest cybersecurity events of 177 00:12:03.000 --> 00:12:08.610 Cal Harrison: Yeah, absolutely. Unfortunately, Michael Novinson 178 00:12:03.140 --> 00:12:03.650 the year. 179 00:12:08.910 --> 00:12:14.280 is on assignment this week, and couldn't be with us. But he was 180 00:12:14.280 --> 00:12:18.630 at Black Hat. And, you know, there was just a wealth of 181 00:12:18.660 --> 00:12:21.270 things for him to cover. You know, I think he interviewed 182 00:12:21.270 --> 00:12:27.720 dozens of people. And he covered Chris Krebs' keynote speech. And 183 00:12:28.080 --> 00:12:32.610 I thought it was worth noting here, you know. Krebs, I think, 184 00:12:32.610 --> 00:12:36.810 was the perfect choice, you know, with a national interest, 185 00:12:36.990 --> 00:12:43.860 so much in the spotlight, and, he is, I guess, sort of, had 186 00:12:44.220 --> 00:12:49.620 reached the state of martyrdom in the cybersecurity industry, 187 00:12:49.620 --> 00:12:52.740 you know, just by the fact that he sort of basically lost his 188 00:12:52.740 --> 00:12:56.490 job for doing his job during the presidential election. 189 00:12:57.840 --> 00:12:58.530 Anna Delaney: On Twitter. 190 00:13:01.230 --> 00:13:01.890 Cal Harrison: Of course. 191 00:13:03.900 --> 00:13:05.700 Mathew Schwartz: Chris Krebs, the former head of CISA. 192 00:13:05.000 --> 00:13:13.910 Cal Harrison: Yeah, and as you know from Michael's story, you 193 00:13:13.910 --> 00:13:19.310 could tell he had a somber message to the people who were 194 00:13:19.850 --> 00:13:25.940 gathered there that, one, the cybercriminals, the nation-state 195 00:13:25.940 --> 00:13:29.990 actors are winning, and it's going to be that way, for a 196 00:13:29.990 --> 00:13:35.960 while. Although he did say that, there's hope. But he also 197 00:13:35.960 --> 00:13:40.910 really, you know, almost like a school teacher kind of called 198 00:13:40.910 --> 00:13:45.680 out the different parts of the cybersecurity community, the 199 00:13:46.010 --> 00:13:51.350 software vendors for allowing vulnerabilities to get into 200 00:13:51.350 --> 00:13:53.720 software and, you know, being more concerned about getting 201 00:13:53.720 --> 00:14:00.170 stuff out and getting it right and secure. He, you know, also 202 00:14:00.200 --> 00:14:03.020 had some criticism of the government for being too 203 00:14:03.020 --> 00:14:07.970 complex. Which agency, you know, was taking the lead? Who do you 204 00:14:07.970 --> 00:14:13.790 really work with when you have a cyber incident? And also a 205 00:14:13.790 --> 00:14:19.280 little chastisement for the security vendors as well, you 206 00:14:19.280 --> 00:14:24.380 know. He said, it's time to stop looking at band-aid solutions, 207 00:14:24.560 --> 00:14:29.480 also to work together to come up with solutions that are really 208 00:14:29.480 --> 00:14:32.000 going to protect people long term. 209 00:14:33.920 --> 00:14:36.620 Mathew Schwartz: Cal, I feel like you're setting up our smog 210 00:14:37.070 --> 00:14:40.640 specialist over here. Complexity, hacks, failure to 211 00:14:40.640 --> 00:14:44.030 protect people. I just feel like there's a personification of 212 00:14:44.030 --> 00:14:47.270 that in the room, staring us in the face with all its gold hues. 213 00:14:47.960 --> 00:14:50.900 Tony Morbin: Certainly spill over into the criminal world. 214 00:14:51.290 --> 00:14:55.550 Anna Delaney: So Tony, on your gold Ethereum. Are we talking 215 00:14:55.550 --> 00:14:58.520 crypto? There's been lots of activity in the crypto space for 216 00:14:58.520 --> 00:15:02.900 sure and based on criminal and regulatory fronts. What do we 217 00:15:02.900 --> 00:15:03.410 need to know? 218 00:15:03.000 --> 00:15:06.930 Yeah, you're right. There's always lots going on in the 219 00:15:06.960 --> 00:15:11.790 crypto space. Now, I was going to use the analogy of a lot of 220 00:15:11.790 --> 00:15:15.180 people made a lot of money in the Wild Wild West. But a lot of 221 00:15:15.180 --> 00:15:18.540 people also got shot. And that's where we are now with the new 222 00:15:17.940 --> 00:16:30.480 Yeah, great overview and it was interesting today reading, I 223 00:15:18.540 --> 00:15:21.600 frontier of cryptocurrencies. There's a lack of universally 224 00:15:21.600 --> 00:15:25.350 agreed rules, advocates for absolute freedom tussling with 225 00:15:25.350 --> 00:15:29.160 those who want to enforce norms of responsible behavior. We've 226 00:15:29.160 --> 00:15:32.670 got volatile valuations with Bitcoin and Ethereum down more 227 00:15:32.670 --> 00:15:37.200 than 50% from their all-time highs in late 2021. There are 228 00:15:37.200 --> 00:15:40.200 new thefts and scams exploiting immature security 229 00:15:40.200 --> 00:15:43.110 infrastructure. There's increased crackdowns by law 230 00:15:43.110 --> 00:15:45.570 enforcement on the use of cryptocurrency for illegal 231 00:15:45.570 --> 00:15:51.240 purposes. This month, every one of the U.S. - more than 40 U.S. 232 00:15:51.240 --> 00:15:53.850 cryptocurrency exchanges are reported to be under 233 00:15:53.850 --> 00:15:56.880 investigation. South Korea announced today that it's going 234 00:15:56.880 --> 00:16:01.410 to ban 16 unregistered overseas crypto exchanges, the top 10 235 00:16:01.440 --> 00:16:05.370 exchanges in India are under investigation. Over the last 236 00:16:05.370 --> 00:16:07.620 couple of weeks, we've seen examples of how this crackdown 237 00:16:07.620 --> 00:16:10.530 can actually play out for alleged facilitators of illicit 238 00:16:10.530 --> 00:16:14.100 cryptocurrency use. In particular, as we've discussed 239 00:16:14.100 --> 00:16:17.730 on this program, the Tornado Cash Mix are now sanctioned by 240 00:16:17.730 --> 00:16:21.660 the U.S. government. Of course crypto is global and it's 241 00:16:21.810 --> 00:16:25.710 designed to enable anonymity. So it's not clear how effective 242 00:16:25.710 --> 00:16:28.560 these actions will be on a global scale, or you know, how 243 00:16:28.560 --> 00:16:31.620 widely they can be applied. And even with the regulations that 244 00:16:31.620 --> 00:16:34.110 we currently have, non-compliance is a massive 245 00:16:34.110 --> 00:16:38.490 issue. Then again, within the U.S., the situation is 246 00:16:35.550 --> 00:19:37.830 think it was in The Washington Post , an article talking about 247 00:16:38.490 --> 00:16:42.450 complicated. By jurisdiction spats between the Commodity 248 00:16:42.450 --> 00:16:45.720 Futures Trading Commission, the Securities and Exchange 249 00:16:45.720 --> 00:16:49.500 Commission on what exactly cryptocurrency is: a virtual 250 00:16:49.500 --> 00:16:53.310 currency or a commodity? It just emphasizes how difficult it's 251 00:16:53.310 --> 00:16:57.840 going to be to get enforced international agreements. But 252 00:16:57.840 --> 00:17:01.020 however each regulatory or enforcement action plays out, 253 00:17:01.320 --> 00:17:03.870 for all its failings, we can expect to see more law 254 00:17:03.870 --> 00:17:07.650 enforcement activity based on more regulation. It's not just 255 00:17:07.650 --> 00:17:09.780 aimed at making cryptocurrencies less appealing to 256 00:17:09.780 --> 00:17:12.900 cybercriminals, although obviously, cryptocurrencies' 257 00:17:13.050 --> 00:17:16.380 seizures, enforcing Know Your Customer, anti-money laundering, 258 00:17:17.100 --> 00:17:21.120 insider trading regulations are geared that way. But it's not 259 00:17:21.150 --> 00:17:26.430 about preventing the use of crypto, it's also about making 260 00:17:26.430 --> 00:17:29.970 cryptocurrency safer for investors and providing investor 261 00:17:29.970 --> 00:17:33.120 protections. And you can see how much that's needed. 262 00:17:33.150 --> 00:17:38.070 Cryptocurrency transaction volumes are around 15.8 trillion 263 00:17:38.070 --> 00:17:42.630 in 2022 so far, and in areas where there are no acting 264 00:17:42.660 --> 00:17:45.210 government bodies, it's increased the potential for 265 00:17:45.210 --> 00:17:48.900 theft and scams. In addition to action by the various 266 00:17:48.900 --> 00:17:51.570 authorities, the investors themselves taking action, we've 267 00:17:51.570 --> 00:17:54.660 got class action complaint filed against Coinbase, where the 268 00:17:54.660 --> 00:17:57.540 plaintiffs are alleging that the company didn't put in place the 269 00:17:57.540 --> 00:18:01.170 necessary measures to safeguard the investor funds. And in fact, 270 00:18:01.170 --> 00:18:03.240 we've actually had cybercriminals reported to have 271 00:18:03.240 --> 00:18:06.900 stolen 14 billion in cryptocurrency by May this year, 272 00:18:07.410 --> 00:18:10.530 according to a report by Chainalysis. Now much of this 273 00:18:10.530 --> 00:18:13.080 was a result of various rug pulls where the crypto 274 00:18:13.080 --> 00:18:16.020 developers attract early investors to a project and then 275 00:18:16.020 --> 00:18:18.540 quickly abandon it. There's been increasing attacks on 276 00:18:18.540 --> 00:18:21.990 decentralized financer DeFi. We've seen poorly secured 277 00:18:21.990 --> 00:18:24.960 bridges being exploited. And just this week, there are 278 00:18:25.020 --> 00:18:29.310 reports of new scams or crypto ATMs being hacked using zero 279 00:18:29.310 --> 00:18:33.540 vulnerability in the software, powering the Bitcoin ATM servers 280 00:18:33.540 --> 00:18:38.220 went undetected for nearly two years. And there are 13,300 of 281 00:18:38.220 --> 00:18:41.610 these ATMs almost every country in the world. So it could have 282 00:18:41.610 --> 00:18:44.730 been far worse. In fact, there was only about $16,000 stolen on 283 00:18:44.730 --> 00:18:48.840 this particular occasion. It's also reported that 10% of 284 00:18:48.840 --> 00:18:52.230 Ethereum transaction fees, well-known as gas fees, are 285 00:18:52.230 --> 00:18:55.950 actually linked to scams. So you'd think that criminals would 286 00:18:55.950 --> 00:18:59.850 be especially wary, but they can also be scammed. In a recent 287 00:18:59.850 --> 00:19:03.660 example, tweeted about by Marcus Hutchins, the person pretends to 288 00:19:03.660 --> 00:19:07.230 be a clueless crypto user asking for help withdrawing money, and 289 00:19:07.230 --> 00:19:09.510 then they send you their private key, which obviously you would 290 00:19:09.510 --> 00:19:13.470 never do. The wallet has more than $1,000 in it, but it has no 291 00:19:13.470 --> 00:19:17.250 gas fee in there. So if somebody deposits the gas fee that's 292 00:19:17.250 --> 00:19:20.370 needed to steal the money, the fee then gets forwarded to the 293 00:19:20.370 --> 00:19:23.400 scammer. So it's nice to see them getting a taste of their 294 00:19:23.400 --> 00:19:26.760 own medicine. And there was once a saying that there's no law 295 00:19:26.760 --> 00:19:30.900 west of Dodge. And initially there was no law in crypto, but 296 00:19:30.900 --> 00:19:34.200 the sheriffs and the cavalry are arriving. And while that won't 297 00:19:34.200 --> 00:19:37.050 please everybody, they're not always going to be successful. 298 00:19:37.350 --> 00:19:39.390 But in the long run, we should all be safer. 299 00:19:38.190 --> 00:19:52.440 the resistance from industry leaders referring to the Tornado 300 00:19:52.440 --> 00:19:57.030 Cash sanctions and crypto industry leaders say they're not 301 00:19:57.030 --> 00:20:00.600 sure where they need to stay on the right side of the law. What 302 00:20:00.600 --> 00:20:03.840 do they need to do? So there's obviously still some confusion 303 00:20:03.840 --> 00:20:08.400 there. And with time things will be sorted out. But yes, we're in 304 00:20:08.400 --> 00:20:09.600 the Wild Wild West at the moment. 305 00:20:10.590 --> 00:20:14.100 In fact, another of Matt's articles where he's pointing out 306 00:20:14.100 --> 00:20:18.480 that, you know, there are crypto exchanges who have complied with 307 00:20:18.720 --> 00:20:22.290 regulations for Know Your Customer and anti-money 308 00:20:22.290 --> 00:20:26.070 laundering, and have been able to then continue their 309 00:20:26.070 --> 00:20:29.400 activities. So it's not a closing down of cryptocurrency 310 00:20:29.400 --> 00:20:31.890 exchanges. It's a bringing them into line. 311 00:20:32.970 --> 00:20:34.890 Mathew Schwartz: Yeah, I think it goes against the libertarian 312 00:20:34.890 --> 00:20:38.220 leanings of a lot of cryptocurrency enthusiasts that 313 00:20:38.220 --> 00:20:40.950 they think that something associated with their identity 314 00:20:40.950 --> 00:20:44.550 might become accessible to the U.S. government. Of course, the 315 00:20:44.550 --> 00:20:48.420 U.S. government's going, "look, you want North Korea-funded 316 00:20:48.450 --> 00:20:51.810 nuclear weapons of mass destruction program, or you want 317 00:20:51.810 --> 00:20:54.960 to help us out here?" So there's a couple of the theory of it. 318 00:20:55.200 --> 00:20:58.020 And there's the practice, which is the degree to which is being 319 00:20:58.020 --> 00:21:02.730 used by criminals, and really bad people to launder lots of 320 00:21:02.730 --> 00:21:07.350 money and direct it into bad things. So I think as Tony was 321 00:21:07.350 --> 00:21:10.320 saying, it's all continuing to unfold, sometimes with 322 00:21:10.500 --> 00:21:11.820 unexpected results. 323 00:21:11.000 --> 00:21:15.500 Anna Delaney: You all understand why we're here the bar? I'm 324 00:21:15.530 --> 00:21:19.190 tasking you with creating a cybersecurity cocktail. What 325 00:21:19.190 --> 00:21:22.610 would you call it? And how would you make it? Give us a good 326 00:21:22.610 --> 00:21:27.650 kick. Who's going to start. Cal, have you got something like 327 00:21:27.650 --> 00:21:27.890 that? 328 00:21:28.670 --> 00:21:33.230 Cal Harrison: Yes, I was thinking of a new drink called a 329 00:21:33.500 --> 00:21:39.080 Long Island Iced Threat Actor. And similar to the Long Island 330 00:21:39.080 --> 00:21:43.340 Iced Tea, if you're familiar with it, it's a pretty, fairly 331 00:21:43.340 --> 00:21:48.410 strong drink. It has the four white liquors in it plus a 332 00:21:48.410 --> 00:21:52.550 little triple sec, and Coca-Cola, and then a squeeze of 333 00:21:52.550 --> 00:22:00.950 lemon on top. So, to knock out the cybercriminals, I would say 334 00:22:00.950 --> 00:22:04.430 that an organization needs to start with the basics of 335 00:22:05.360 --> 00:22:13.760 infrastructure, network, cloud security, maybe splash of IoT 336 00:22:14.390 --> 00:22:20.840 security, while you're in there. Definitely, a little identity 337 00:22:20.840 --> 00:22:28.940 management. And you know, just a good helping of zero trust, and 338 00:22:29.030 --> 00:22:32.630 a squeeze of cyber awareness on top because we know that only a 339 00:22:32.630 --> 00:22:35.990 few employees are actually going to pay attention to the cyber 340 00:22:35.990 --> 00:22:36.800 awareness training. 341 00:22:36.800 --> 00:22:42.440 Anna Delaney: And a bit of ICE. Great acronym, as we all love. 342 00:22:43.820 --> 00:22:48.470 That was great, Cal, by the way. You gave me a great first drink. 343 00:22:49.220 --> 00:22:49.790 Tony? 344 00:22:50.210 --> 00:22:53.510 I've taken the challenge much more literally in terms of 345 00:22:53.510 --> 00:22:58.250 creating a drink here. And it's all for the sake of the name. I 346 00:22:58.250 --> 00:23:00.710 start off with champagne, a drink I really like and 347 00:23:00.710 --> 00:23:04.160 specifically Bollinger, you'll see why in a moment. Vodka is 348 00:23:04.160 --> 00:23:09.080 another favorite. And for this one, Stolichnaya. I'm not just 349 00:23:09.080 --> 00:23:11.780 choosing, the contents of the drinks are absolutely fabulous. 350 00:23:12.530 --> 00:23:15.350 Finally, I'd go for something different, a tablespoon full of 351 00:23:15.350 --> 00:23:20.300 an Italian liquor Fernet, actually. All mixed together 352 00:23:20.330 --> 00:23:23.930 without ice. And the whole purpose of mixing those together 353 00:23:23.930 --> 00:23:28.580 is that I can call it an FSB. The idea there is that you can 354 00:23:28.580 --> 00:23:31.670 really enjoy downing your adversary or indeed celebrate an 355 00:23:31.670 --> 00:23:36.470 ally if you're near the side. So that's my one. And I would 356 00:23:36.470 --> 00:23:38.090 actually like to mix those and try it. 357 00:23:39.650 --> 00:23:43.910 Yeah, for sure. This is all for trying in person. That was 358 00:23:43.910 --> 00:23:44.240 great. 359 00:23:44.420 --> 00:23:51.860 Mathew Schwartz: We got a real cybersecurity mixologist on 360 00:23:51.860 --> 00:23:57.350 staff here. So, Anna, if I may, my thinking I know it's already 361 00:23:57.350 --> 00:24:00.680 an established drink, but it was to go with a Silver Bullet. It's 362 00:24:00.680 --> 00:24:04.580 a smoky martini, basically. So it's a bit classy, right? But 363 00:24:04.580 --> 00:24:08.600 sophisticated. If you're not aware, it's two parts of gin to 364 00:24:08.630 --> 00:24:12.260 one part Scotch whiskey. And you have to really shake it 365 00:24:12.260 --> 00:24:15.110 vigorously and serve on ice, because the strong flavors will 366 00:24:15.140 --> 00:24:17.720 compete with each other a little bit. And you just serve it with 367 00:24:17.720 --> 00:24:21.680 a twist of lemon to get that sour note in there. Speaking of 368 00:24:21.680 --> 00:24:25.490 sour, if I had been concocting my own cocktail from scratch, it 369 00:24:25.490 --> 00:24:28.400 would have to be that little bit sour, maybe feature some 370 00:24:28.400 --> 00:24:33.500 bitters, because despite all the optimism in the industry, so 371 00:24:33.500 --> 00:24:39.530 often I think we keep seeing the same mistakes get made. But my 372 00:24:39.530 --> 00:24:42.140 thinking is if you drink enough Silver Bullets, of course, 373 00:24:42.140 --> 00:24:43.460 pretty soon you wouldn't notice the thing. 374 00:24:45.740 --> 00:24:48.050 Anna Delaney: This is great creativity all around. Well, I 375 00:24:48.050 --> 00:24:51.920 was going to say we have Dark 'N' Stormy - rum and ginger 376 00:24:51.920 --> 00:24:54.860 beer - maybe enhance it with a bit of frankincense and myrrh, 377 00:24:54.890 --> 00:25:00.680 and an umbrella. Or I was thinking Crypto Sour. Really 378 00:25:00.680 --> 00:25:05.750 into great fruit-based drinks. So tequila, soda water, lime, 379 00:25:05.960 --> 00:25:10.910 but add a bit of sweetness, maybe a coconut/vanilla. What do 380 00:25:10.910 --> 00:25:13.760 we think? Maybe let's try these out next time in person. 381 00:25:15.410 --> 00:25:17.210 Mathew Schwartz: Can only pay Ethereum for yours, I think. 382 00:25:17.360 --> 00:25:22.310 Anna Delaney: Yes. Well, thank you very much, Matt, Cal, Tony. 383 00:25:22.310 --> 00:25:25.820 This has been a pleasure. I am real thirsty. Thank you very 384 00:25:25.820 --> 00:25:26.120 much.