Srsly Risky Biz: Hacking for Godot

Oct 23, 2025

Tom Uren, a cybersecurity analyst and policy editor, joins Amberleigh Jack to explore enhancing U.S. offensive cyber capabilities through private sector involvement. They discuss the fragmented ransomware ecosystem, illustrating how operators like Devman transition from affiliates to platform leaders. Tom proposes empowering vetted firms to target low-risk scammers, emphasizing the need for legal clarity for private disruptions. The duo also navigates the ethical dimensions of targeting and the rapid proliferation of small ransomware players.

Ask episode

AI Snips

Chapters

Transcript

Episode notes

INSIGHT

Define Clear Goals Before Expanding Offense

The Dartmouth report assumes policymakers want more private-sector offensive cyber activity but doesn't clarify the end goals.
Tom Uren warns we must define what success looks like before scaling private offensive operations.

INSIGHT

Hack-First Many-Customer Model

China uses a

ADVICE

Authorize Pilots Against Low-Risk Actors

Pilot authorizations for vetted private firms to target low-risk offenders like crypto scammers and ransomware affiliates.
Tom Uren sees distributed private-sector responses as suitable for at-scale, low-priority malicious actors.

Get the Snipd Podcast app to discover more snips from this episode

Get the app

Srsly Risky Biz: Hacking for Godot

Define Clear Goals Before Expanding Offense

Hack-First Many-Customer Model

Authorize Pilots Against Low-Risk Actors

Show notes