Visit https://reddit.com/r/insiderthreat for show notes and discussion! This is a podcast where we explore the issues today with the insider threat, or human factor, of our organizations. We also talk about ways to tackle those issues through training, culture, and technology in order to help information security and business professionals reduce risks in their environments.
Welcome back! This is episode 22 of The Insider Threat podcast, for the week of October 16th, 2017.
I mentioned last week that I'm trying to make some improvements to the show, so I changed the formatting up a bit and I'm making it a little less structured. We'll see how it goes. I'm also going to be asking more questions on Twitter and the subreddit that align with the main topic each week, so keep a look out for those. You'd be doing me a real solid if you respond and who knows, I might ask you to come onto the podcast and chat about your opinions and stories.
Infosec Question of the Week
It's time for your Infosec Question of the Week, where Google is king and the prize is nonexistent!
The question last week was "In 1983, a blockbuster movie introduced the public to hacking and even brought on some mass paranoia about hackers and their seeming possibility to bring the world to a screeching halt with the ability to launch nuclear weapons. What was the name of this movie?"
I actually had a few people say it was Hackers and a few others that said Takedown, but the answer was Wargames. I worked somewhere one time where the administrator for a big critical system that had been there for decades looked exactly like the sysadmin who maintained WOPR (War Operation Plan Response), which was the central computer that tried to destroy the world in this film.
This reminds me - Going back a week or two, one of you surprised me by sending a set of cards for the Japanese game that we mentioned in the infosec question of the week. Not entirely sure how he got my address, but I'm looking forward to giving it a go at our next game night.
And now I forgot to mention the winners for this week.
Congratulations to Stephan from Oregon, Tom from Adrian, Michigan, and Michael from Toronto for getting the correct answer.
Here's your question for this week: "In 1952, the first compiler came into existence. What famous person created it and what other very noteworthy technological advancement did they take part in?"
Send your response to InfosecAnswer@gmail.com. Be sure to include your first name, location, and the hashtag "Navy".
Discussion Topic for the Week
This week’s discussion topic is marketing and how it impacts insider threat
- 4 Pillars of Insider Threat - Technology, Training, Policy, Culture
- Do a Google News search for "insider threat" articles from the past year
- Survey telling you that insider threat is bad, explination of the problem and how to solve it, then a product or type of product that fixes everything for you
- Why? - Hard to sell policies, training, and culture
- There are great companies out there selling great products
- What happens when executives see these "silver bullet" products?
- How does that impact the changes that the CISO or other security professionals try to make?
- Do any of you have stories of how marketing has actually had a negative impact on your efforts to improve security? Let me know by using one of the contact methods I'll give at the end of the show.
Our first news article this week comes from Steve Ragen at CSO Online
- So a Malaysian bank robber, who's name hasn't been released, managed to steal about 142 thousand dollars from a bank.
- How did he do this? Gun? Hacked the banking system? Another SWIFT incident? - Social engineering
- Looks like something ouf of Oceans movies
- Posed as fire extinguisher maintenance technician
- Must have had a great disguise, right? - Shorts, t-shirt, flip flops, and a backpack
- Manager on duty refused him when he couldn't provide ID
- Suspect just stuck around and waited for manager to go to lunch to pretend to inspect fire extinguishers
- Waited for a cashier to access the safe and used a magnet on the door's lock to keep it from closing
- Snuck into safe, filled his backpack with cash, and walked away
- 20 minutes, sheet of paper, and a decent story.
- Social engineering at its finest
- How easily could he have accessed a computer and wired even more or stole banking information?
- Our hero and villain isn't the robber, but the manager
- Should have had security escort him out before going to find some fish head curry
The next news article is from Eric Walsh at the New York Times.
- Should have mentioned first
- Israelli intelligence agency hacked into Kaspersky
- Found hacking tools from the NSA
- Shortly afterward, tools were in posession of Russian government
- Classified NSA documents were also somehow stolen by Russian government, which were on a personal computer running Kaspersky antivirus
- A few months ago Kaspersky products were banned from US government systems
- Eugene Kaspersky, the company's co-founder and chief executive, has repeatedly denied charges his company conducts espionage on behalf of the Russian government.
- We can conclude that somehow Russia was using Kaspersky tools to spy and steal information
- The question is - was Kaspersky aware or not?
Voicemail or review
Thought of the Week Segment
Our thought of the week comes from X. He/She said, "X"
Thank you for listening to episode 22 of The Insider Threat podcast. Please remember to subscribe and review in your favorite podcast app, and also share with everyone you know! Those reviews are key to building this out and improving for later episodes, so please feel free to leave suggestions.
You can contact me on twitter @stevehigdon or send an email to firstname.lastname@example.org. Join our Reddit community and discussions at the subreddit named insiderthreat. The subreddit is also where you'll also find the show notes for this and any other episode, as well as links to the topics we've covered. If you go to our website, you can also find a link to the Patreon page and you can subscribe to the newsletter to get up-to-date information on current episodes and news for the show. Call and leave a voicemail at (443) 292-2287 to have a conversation, get a comment added to the show, or even ask a question.
Thanks again and I'll see you folks next time!