Risky Bulletin Srsly Risky Biz: The cyberespionage gig economy
Oct 2, 2025
Tom Uren, a policy and intelligence editor known for his insights on cyberespionage, joins Amberleigh Jack to explore intriguing recruitment tactics used by foreign intelligence. They discuss Russia's strategy of enlisting locals through Telegram for espionage roles, highlighting the risks involved. Tom reveals how mapping Wi-Fi networks aids cyber operations and contrasts the cautious approaches of Western agencies with bolder strategies. They also address governance lapses observed in a DOGE report, showcasing how weak oversight can lead to vulnerabilities.
AI Snips
Chapters
Transcript
Episode notes
Telegram Recruitment And On‑Site Ops
- Russia recruited locals via Telegram to do low-level physical ops like graffiti and surveillance around targets.
- Dutch police caught a 2018 GRU team with a car full of Wi-Fi gear outside the OPCW, showing on-site tradecraft risks.
Local Proxies Expand Cyber Reach
- Recruiting locals reduces risk and cost for foreign services while enabling on‑site tasks that remote cyber teams cannot do.
- Teenagers mapping Wi‑Fi provide reconnaissance to help attackers hop networks toward high‑value targets.
The New York SIM Farm Bust
- US Secret Service dismantled a New York sim farm with ~100,000 SIMs and 300 SIM boxes.
- The size fits a rent‑out spam/cover‑comm service rather than a telecom‑scale attack, implying multi‑actor use.