Defensive Security Podcast Episode 295

In this episode of the Defensive Security Podcast, hosts Jerry Bell and Andrew Kalat discuss various cybersecurity topics, including the alarming statistics surrounding ransomware attacks, the implications of paying ransoms, and the evolving nature of ransomware as a broader category of cyber threats. They also discuss the consolidation of security tools and the skepticism surrounding it, particularly in light of a recent report by Palo Alto and IBM. The conversation shifts to the risks associated with AI, highlighted by the DeepSeek incident, and concludes with a discussion on the importance of securing management interfaces and the ongoing challenges in the cybersecurity landscape.

Links:

• https://www.infosecurity-magazine.com/news/ransomware-victims-shut-operations/
• https://www.cybersecuritydive.com/news/consolidation-security-tools/738912/
• https://9to5mac.com/2025/01/31/security-bite-top-macos-threat-found-riding-the-deepseek-wave/
• https://www.securityweek.com/sonicwall-confirms-exploitation-of-new-sma-zero-day/
• https://www.theregister.com/2025/01/30/deepseek_database_left_open/

Takeaways

• 58% of ransomware victims had to shut down operations temporarily.
• Only 13% of victims who paid ransom got all their data back.
• The ransomware ecosystem relies on the belief that victims will recover their data.
• Organizations average 83 different security tools, leading to inefficiencies.
• Speed in deploying AI can compromise security practices.
• DeepSeek incident highlights risks of using unverified AI models.
• SonicWall’s zero-day vulnerability emphasizes the need for secure management practices.
• Security tool consolidation may not always lead to better outcomes.
• Phishing and RDP compromises are common entry points for ransomware.
• The evolving nature of ransomware requires a broader understanding of cyber threats.