Safe Mode Podcast

In recent years, the persona known as LockbitSupp has emerged as a notorious figure in the cybercrime underground. The primary administrator of the LockBit ransomware, LockbitSupp has become fantastically wealthy operating the world’s most prolific ransomware. Last week, the FBI and a coalition of international law enforcement agencies unmasked LockbitSupp and indicted the man allegedly behind the persona — Dmitry Yuryevich Khoroshev — on charges related to his work running the highly popular ransomware service. FBI Deputy Assistant Director for Cyber Operations Brett Leatherman was one of the law enforcement officials involved in that operation, and he sits down with host Elias Groll to discuss the bureau’s work against LockBit and its broader efforts to combat cybercrime. CyberScoop reporter Tim Starks also joins the show to discuss Poland’s efforts to impose accountability for the abuse of spyware.

When Russia invaded Ukraine in February of 2022, it was immediately apparent that the conflict would in part be waged in cyberspace. As Russian tanks rolled into Ukraine, Russian forces also launched a cyberattack against satellite modems that impacted the Ukrainian military’s ability to communicate. Since then, Russian cyberattacks have been a regular feature of the conflict — but on the other side, Ukrainian hackers are also going after Russian targets and are frequently leaking stolen documents online. On today’s episode of Safe Mode, Stefan Soesanto, a senior researcher at the Center for Security Studies at ETH Zurich, sits down with host Elias Groll to discuss his research on how Ukrainian hacking groups are operating in the war. CyberScoop reporter Derek B. Johnson also joins the show to discuss a cyberattack on a Georgia county that prompted state officials to cut the county off from statewide election infrastructure.

At last August’s DEF CON computer security conference, more than 2,000 people tried their hands at breaking some of the world’s most advanced AI models. That event was the largest-ever public red-teaming event of large language models, and since then policymakers are continuing to look to red-teaming as a key tool in responsibly deploying AI systems. The data scientist Rumman Chowdhury was one of the organizers of the Generative AI Red Teaming Challenge at DEF CON, and on this episode of Safe Mode she sits down with host Elias Groll to discuss the lessons of that event. CyberScoop reporter AJ Vicens also joins the show to discuss a potentially severe supply chain attack involving the business analytics firm Sisense.

Amid the endless hype about AI — how it will either revolutionize the world or end it as we know it — Sayash Kapoor is a rare voice of reason. A PhD candidate at Princeton University and a researcher at the Center for Information Technology and Policy, he is also the author of the newsletter AI Snake Oil, an essential resource to understand AI, its risks, and what to do about them. On this episode of Safe Mode, he sits down with host Elias Groll to discuss his research around AI risk, how best to understand it and the interventions necessary to better study AI models. CyberScoop reporter Tim Starks and FedScoop reporter Rebecca Heilweil also join the show to describe how U.S. federal agencies have been affected by a breach of Microsoft carried out by a notorious Russian hacking group.

In order to deliver major improvement in the security of the digital systems we all rely on, the Biden administration has embarked on a major initiative known as secure by design. That initiative aims to build more secure hardware and software by prioritizing security in the design process and asks developers to rethink how they approach building products. So can it be done? On this episode of Safe Mode, the veteran cybersecurity executive Dave Aitel, who spent six years at the National Security Agency before founding the security firm Immunity, sits down with host Elias Groll to offer a hacker’s perspective on secure by design. CyberScoop reporter Christian Vasquez joins the show to discuss the Cybersecurity and Infrastructure Security Agency’s proposed new rules for when critical infrastructure entities will have to report cybersecurity incidents.

Journalist Byron Tau sits down with host Elias Groll to discuss his eye-opening book about commercially available data. CyberScoop reporter Derek B. Johnson joins the show to discuss recent indictments and sanctions targeting Chinese hackers accused of surveilling politicians and dissidents.

When ChatGPT debuted in the fall of 2022, it set the internet ablaze and opened many people’s eyes to the capabilities of a new generation of machine learning technology. It also caught the attention of some of the world’s most sophisticated hackers. For the companies developing leading edge AI models, preventing hackers from misusing them now represents a key challenge. Sherrod DeGrippo is the director of threat intelligence strategy at Microsoft, and on this episode of Safe Mode sits down with host Elias Groll to discuss how state-backed hackers are experimenting with AI tools. CyberScoop reporter Christian Vasquez also joins the show to discuss how industrial cybersecurity experts are responding to Chinese hacking operations targeting critical infrastructure.

Kiersten Todt has worked on just about every hot-button cybersecurity issue you can imagine. Currently the CEO of Liberty Group Ventures, her most recent role in government was as the chief of staff at the Cybersecurity and Infrastructure Security Agency. As a Senate staffer, she drafted key parts of the legislation that created the Department of Homeland Security, and during the Obama years, she was the executive director of the Commission on Enhancing National Cybersecurity. She sits down with host Elias Groll for a wide-ranging conversation about the cybersecurity policy landscape. CyberScoop reporter Derek B. Johnson also joins the show to discuss his reporting on how election officials are preparing for the ways AI might disrupt this fall’s elections.

Every day, AI models are being deployed in new places, and that is creating demand for a new industry: companies that secure AI systems. Whether it’s preventing models from being used to write malicious code or creating spearphishing emails or keeping safe the data that companies are using to train AI systems, large language models raise a host of new security challenges. David Haber is the CEO of Lakera, a start-up that builds tools to keep AI models secure, and he sits down with host Elias Groll to discuss this new industry and how companies are approaching the challenge of securing AI systems. CyberScoop reporter AJ Vicens joins the show to discuss a ransomware attack by the group known as ALPHV that has caused major disruptions to the U.S. health care systems.

In recent months, U.S. security officials have issued a series of dire warnings about the hacking threat to American critical infrastructure. According to a chorus of intelligence officials, Chinese hacking groups have infiltrated U.S. critical infrastructure entities like ports and power grids, prepositioning themselves in the event of a conflict. But Chinese hackers are just one part of the threat landscape facing critical infrastructure entities. Dragos CEO Robert M. Lee is on the frontline of protecting critical infrastructure entities and he sits down with host Elias Groll to discuss how Chinese operations are shifting. CyberScoop reporter AJ Vicens joins the show to discuss claims by LockBit that the ransomware group has returned following last week’s takedown operation.