Risky Business #726 -- Okta owned while Cisco takes a massive L
Oct 24, 2023
auto_awesome
Cybersecurity experts Dmitri Alperovitch, Rob Joyce, and Morgan Adamski discuss the Okta breach, Cisco exploits, http/2 protocol flaw, Ragnar Locker takedown, and NSA CCC insights in this informative podcast episode.
An Okta breach occurred, exposing security vulnerabilities in major companies.
The NSA CCC collaborated effectively with Viasat to tackle cyber threats.
Lessons from the conflict in Ukraine highlight the importance of advanced cyber technologies in modern warfare.
Deep dives
Concerns about PRC Cyber Attacks on Critical Infrastructure
The podcast discusses the increasing pivot of Chinese threat actors, specifically government-backed actors from the PRC, towards living off the land techniques in cyber attacks. This shift raises alarms due to the scale, scope, and sophistication of these operations, with a focus on disrupting or degrading US critical infrastructure beyond traditional espionage activities. Concerns are particularly heightened regarding potential attacks on pipelines and oil infrastructure.
Operational Success in Response to Viasat Hack
The podcast highlights an operational success story involving NSA's Cyber Collaboration Center and Viasat. Following a call from Viasat about an attack, NSA worked with the company, analyzed technical artifacts, attributed the attack, and provided tailored mitigation guidance to combat similar threats. The collaboration showcased effective information sharing and rapid response capabilities in addressing cyber incidents
Impact of Ukraine Conflict on Cyber Domain
The discussion delves into the lessons learned from the conflict in Ukraine, emphasizing the significance of SACCOM (satellite communications) and FPV (first-person view) drones as critical technologies. Insights were drawn from Ukrainian responses to Russian tactics, highlighting the evolving cyber landscape and the importance of adapting to emerging threats and tactics observed in modern conflicts.
Cybersecurity Advisory on Living Off the Land Activity
Discussing the cyber security advisory on living off the land activity, the podcast emphasizes the importance of understanding adversaries' trade craft beyond traditional indicators like file hashes and IPs. It highlights the complexity and effort required to counter adversaries using techniques like living off the land, which involve deep behavioral analysis and counter detection strategies.
AI Security Center and Protecting AI Ecosystem
The podcast delves into the establishment of the AI Security Center within the Cybersecurity Collaboration Center, focusing on safeguarding AI companies, networks, and intellectual property. It underscores the significance of securing the entire AI lifecycle, from data collection to deployment, to uphold the integrity of AI outputs. The discussion emphasizes the role of AI security in preserving America's competitive advantage and addresses the importance of defending against adversaries attempting to steal advanced AI models.
On this week’s show Patrick Gray talks through the news with Dmitri
Alperovitch, NSA Cybersecurity director Rob Joyce and NSA CCC director
Morgan Adamski. They discuss:
The Okta breach
40-50k feral Ciscos
Why the http/2 protocol flaw is a real headache
The Ragnar Locker takedown
What the NSA CCC has been thinking about
This week’s show is brought to you by Socket. Socket’s founder Feross
Aboukhadijeh joins us this week to talk about their actually-not-crazy
use of large language models in their product.
