• Garrett O'Hara

    Garrett O’Hara is the Principal Technical Consultant at Mimecast having joined in 2015 with the opening of the Sydney office, leading the growth and development of the local team. With over 20 years of experience across development, UI/UX, technology communication, training development and mentoring, Garrett now works to help organisations understand and manage their cyber resilience strategies. When not talking about the cyber security landscape, data assurance approaches and business continuity Garrett can be found running, surfing or enjoying the many bars and eateries of Sydney's Northern Beaches.


    Add comment
Garrett O'Hara

Expert opinions and insights on the biggest events making cybersecurity headlines this past fortnight.

In this episode we discuss 'Operation First Light 2022' which resulted in thousands of arrests and millions of dollars seized in a global takedown, we talk tax-time and the latest trends in this ongoing cyber challenge, discuss rules to mitigate 'SIM swap scamming', and review the latest breaches making headlines.


The Get Cyber Resilient Show Episode #102 Transcript

Daniel McDermott: Welcome to episode 102 of the Get Cyber Resilient Show. I'm Dan McDermott, and I'll be your host for today. This week is our behind the news episode, and I'm joined by our resident cybersecurity expert, Garrett O'Hara. Today, we'll be looking behind the news of Operation First Light 2022, where thousands of people have been arrested and millions of dollars seized, in a global take down.

Yes, it's that time of year again, where tax scams are rife. We'll review the latest trends in this ongoing cyber challenge. We'll also take a look into new rules being introduced to mitigate SIM swap scamming, and we'll end with a wrap of the latest breaches and vulnerabilities to make the headlines.

Gar, first of all, welcome back to Australia. Now lets begin by diving into Operation First Light 2022.

Garrett O'Hara: Yeah. This is, uh, l-, it seems like we're opening with a good news story, which I think is, uh, is always nice. And what a great name, Operation First Light. It's, it even sounds, um, you know, positive and inspirational. Um, look it, this is one of those, those kinda, uh, the reason I say it's a good news story, 'cause I think it points to how we're gonna get better at solving some of these kinda larger cybersecurity issues and, and what this is, is it's a kinda collaboration with 76 countries. Yeah, I didn't even know there were 76 countries. So even that, that alone is impressive.

Daniel McDermott: [laughs]

Garrett O'Hara: Um, all collaborating together, um, in part, it's part of basically an international clamp down. Um, sorta centralized through Interpol. Um, which is that kind of centralized kind of security agency for kind of international collaboration. Um, you'll hear it from Bond movies and those kinda things where, you know, the APB goes out to Interpol when it's an international, uh, crime, kind of thing.

Um, but this seems like it's had some really good s-, um, outcomes. I'm actually, on the Interpol, uh, site, I'm just looking at the, the results that they've put out. And, um, they raided 1770 locations worldwide. Um, they've identified 3000 suspects, um, 2000 operators, fraudsters, and money launderers have been arrested. 4000 bank accounts frozen, and, uh, around $50 million US dollars worth of illicit funds intercepted.

So, you know, the, the bullet point outcomes seem, like, certainly kind of impressive. And then it seems like obviously a very, very large scale operation. And they were going after, uh, quite a few sort of different areas. So, um, any kind of call centers that were suspected of things like, um, scamming, and scamming frauds. And, you know, we all know about those. The places that are around the world where people pick up the phone and basically just try and scam, um, the people on the other end of the line in some way.

Um, romance scams, um, BEC was obviously a big one and, s-, um, you know, fairly useful, hopefully cracked down on that. I think that's one of the biggest concerns for, um, for many organizations out there. You know, the, the stats have been produced, that it's a way bigger problem financially than ransomware, despite, despite being ransomware, ransomware being the, the one we talk about most often.

Um, but yeah, this, this seems like a really, really strong kind of, um, uh, global collaboration to, to really go after quite a very broad range of, um, attack types. But, you know, clearly has had some success rather than, uh, you know, a good story. They've, they've actually published the, the results, which I think is, um, yeah, points to, to how important this stuff is.

Daniel McDermott: Yeah, quite amazing, the scale, wasn't it? To think of, you know, how many countries and locations involved, the coordination of that. And you'd expect that that might take years and years and years of intelligence, right? To build that up and, and look at it. Yet they're saying that this is really targeting the, these operations that have been active sort of between March and May this year. I mean, y-, that alone also shows the scale of this problem, right? And how much is out there. The fact that, you know, it's a couple of months worth of activity that they've monitored, in order to get to this point. To get to those 76 countries, 1700 locations and thousands of people. Right?

Um, it's, it's quite incredible, um, in terms of what's being achieved in that sort of time fr-, timescale as well.

Garrett O'Hara: It, it really is. And, um, you know, the operation is, apparently it's a yearly event. Um, so a little bit like the Lollapalooza for cyber crime enforcement, maybe. Um.

Daniel McDermott: [laugh]

Garrett O'Hara: But, you know, it's, it is a, an ongoing operation and what I suspect we're seeing here is the, the outcome of previous collaborations. I think this is gonna be important, going forward, it's not just, you know, one off ad hoc, um, operations. But actually, like, what's the operating model for, uh, various police forces and security forces, to work together and collaborate? And part Of what came out of this was the, the sharing, uh, with the member countries, um, of, of this sort of, the trends, um, what they call purple notices from Interpol.

Um, so covering things like how money is laundered through personal bank accounts. Um, and, and specifically victim bank accounts. Um, how they looked at, you know, the, the use of social media platforms for things that are serious as human trafficking, um, horrible things like sexual slavery, you, captivity in casinos and fishing boats, which I've heard a little bit about. But, you know, d-, wh-, you, this stuff is important because it's not just, you know, cyber crime.

It actually, it's a direct effect on people and, and their lives. Um, and to, to that level, you know, when you're looking at, excuse me, things like human trafficking, that's incredibly serious and there is a huge overlap, uh, between these kinda scams and the people who operate them and those kind of, you know, the things that we're probably More traditionally offended by and that feel much more visceral as human beings than some business lost, you know, c-, tens of thousands of dollars through a BEC.

Um, so I think it's one of these things where, uh, you know, you go after the, um, social engineering cyber crime stuff, but actually, you probably have an impact on a variety of other horrible things that, um, criminals are out there doing. Um, but all of that, that sharing of, of the trends in information with the member countries, I think that's gonna be critical going forwards.

Daniel McDermott: Yeah, indeed. And one of the things that we have spoken about previously is the notion of, like, even like ransomware as a service. And, you know, these operations setting up these, you know, in effect sort of call centers and, you know, cyber centers in order to actually allow others to be sort of almost, like, to be like the wholesalers and have others at the front line of doing that. I wonder if this will start to, you know, chip away at that as well, that, you know, that some of those operations won't be able to be, you know, as, as easy to deploy, um, because some of the back end infrastructure may have been taken away as well.

Garrett O'Hara: Yeah. There's, so there's definitely that. But I also think that you signal of, this is serious stuff and, you know, there'll be international collaboration to go after the people who are, you know, partaking in these types of crimes. I think that's super important as well. Because, you know, we've talked about it. We've talked about this with guests who have been on the podcast, about how difficult it is to kind of get satisfaction as a victim. Because, as soon as you go across state lines and certainly international lines, on a personal level, quite often it's very, very difficult to actually get satisfaction because your case almost starts from scratch.

And I think as you see the, um, you know, the collaboration internationally to take down operations, that's awesome, right? It's got the immediate impact of that, you know, infrastructure, or those operations vanishing from, you know, ransomware as a service or the call centers that are outsourced to provide customer support for how to do Bitcoin for, you know, ransomware operations, et cetera. I think that stuff then signals the, you know, in-, increases the cost in the, in the criminal's minds for, and, and the risk for actually partaking or, you know, undertaking in these kind of criminal, um, criminal operations.

I think it's, it's heartening, I think it's a good news story, and I look forward to seeing hopefully more of this stuff, and maybe bigger and better things to, um, you know, as we go forward. Um, but you know, just, that, that number of 76 countries taking part in an operation, like, that just gives me hope that, you know, we, we will see kinda the collaboration and, and better working together, um, between countries to, to just really just to fight with, you know, something as very difficult, because it is international and kind of falls across, um, international lines.

Daniel McDermott: Yeah. Indeed. Great collaboration. Like you say, a great, good news story to, uh, tick off, kick off the episode with. The next story is an all too familiar one. That of tax scams. But, what is the latest insight shared by the ATO on this?

Yeah, and I definitely think in that, as well, there's that, like, you know, uh, we can't look at it as a generational problem. Right? That, you know, ah, well, you know, it's, you know, look out for, you know, our older citizens. Uh, they're the most, gonna be the most vulnerable to this. They're the ones that will fall for, you know, the ATO scams or the Auspost ones or, you know, the ones that are, you know, probably more general and well-known, um, hitting, you know, the broad base of consumers.

Um, it shows that everybody is vulnerable. Right? Um, and so, um, that diligence and awareness obviously is, is critical to that. I think the story of your, your brother, how, like, the fake messages are appearing in the same sort of thread as legitimate ones, that's pretty scary, right? Because then it starts to, the lines are very blurred. And, and how even, uh, if you are diligent and you are looking out for that, how do you start to distinguish in that case as well?

Garrett O'Hara: Yeah. And that's, that is, I think the, the scary part of all of this, is that the, the set of tools that we provide to end users are becoming kinda more nuanced and more sophisticated. And by that, I mean the things they need to watch out for. You know, if you roll back 10 years, for the most part you could spot these things relatively straight forward. You know? The, the, the grammar was bad and, and they were clunky and they were not amazing.

But obviously the money that is being made from this stuff is so significant that it's worth the investment to, to really get these things locked in, baked in, and, and n-, spot on, like when he showed me on his phone the thread, I'm like, man I work, [laughs], I literally work in this industry.

Daniel McDermott: [laughs]

Garrett O'Hara: I'm paranoid about everything and, and that was just beautifully executed. The thing that sort of gave it away, the link wasn't crash hot. You could tell from the link in the SMS that it wasn't, eh, uh, the, the bank that was in question. But it was, um, y-, yeah, it was just, uh, the, the link was the thing that let it down. But it, like I say, in an SMS, you look at the thread, it's, that message is appearing in a trusted thread. If you're in a hurry, which, you know, he was probably working at the time, you know, clicked on the link. Uh, you know, absentmindedly, and, and then the damage is done.

Luckily he th-, you know, he, he realized quickly and he was able to get the account shut down. But I think my parents and, and other people that, that maybe wouldn't be the case. You know? The damage would be done, and it would be too late to, um, get the toothpaste back in the tube, unfortunately. I think that's my worry, and to your point, it's not generational. Um, there's over 55's that are f-, incredibly good at this stuff. And, and then there's people who are 17 who are terrible at this stuff.

Daniel McDermott: [laughs]

Garrett O'Hara: Um, you know, there's no, no way to kind of paint the demographic broad strokes that I think match the risk.

Daniel McDermott: No, indeed. And, and I guess it is just that, all, that reminder to be vigilant. Um, you know, I think, like, you know, it's probably, we still see the ones in terms of delivery services and those sort of things. Um, obviously, you know, hit a peak, you know, during the sort of lock downs and pandemic. But, uh, um, you know, they probably dropped off a little bit and tax scams are gonna be on the rise, right?

And I also think that there's gonna be more of these, and more business email compromise and more, you know, of these type of attacks of, uh, identity theft and, and looking for bank details and that sort of thing. Um, I think partly related to the fact that, with the, you know, the crash in, in Bitcoin. Um, and so, you know, the w-, the money that you can make out of, uh, ransomware may not be the same as what it was previously. Um, and so they'll look at, you know, at new, uh, not necessarily new, but I guess go back to old tactics as well and double down on some of those.

Um, and if they are effective, um, as we see they continue to be effective, right? Hence why every year they come back up and we talk about it again and we're saying there's still a problem and that. Um, and like you say, and the sophistication of them gets that little bit better each time that, you know, the ground that's made in terms of education and understanding, uh, is sort of countered by the sophistication and, and the, getting into those attacks and being able to be successful still.

So, um, it's sort of a, always, unfortunately, sort of counterbalanced out in terms of, uh, you know, them becoming less effective over time. But something that, I guess, you know, continue to raise the awareness of, continue to, uh, to be diligent, right? And, uh, and hopefully, uh, you know, this time next year, um, it may be a lesser story.

Garrett O'Hara: Somehow, somehow I don't think that's gonna happen, Dan.

Daniel McDermott: [laughs]

Hey, [inaudible 00:16:45] positive episode, Gar. Positive episode, remember?

Garrett O'Hara: There you go, yeah.

Daniel McDermott: [laughs]

Garrett O'Hara: Okay, yeah. [laughs]

Daniel McDermott: Um, our final deep dive story for this week is a look into the new rules being introduced to prevent SIM swap scams. Now, s-, try saying that three times quickly. Gar, what can you tell us? [laughs]

Garrett O'Hara: Like when you said it at the, uh, when you said it on the opening, I, I was, I was gonna mention it nearly straight away, that, uh, there's no way I'm gonna even try and, uh, say that. Um, SIM swap scam.

Daniel McDermott: Yeah.

Garrett O'Hara: Yeah. Got it once. I'll, I'll leave it there.

Daniel McDermott: [laughs]

Garrett O'Hara: Um, I think this is, you know, in the spirit of the episode, more good news. Um, it's been incredibly easy in the past to basically, you know, walk into a store quite often. And I've done this, not for nefarious reasons but because I needed to. Um, literally say, "Hey, um, you know, I've got a new phone. Can I get my SIM swapped?" Um, for like a new format, um, SIM.

Daniel McDermott: Mm-hmm [affirmative].

Garrett O'Hara: You know? When they went smaller and micro SIMs and all that stuff. Um, and there was one episode in, in North Sydney where I was in a real hurry. My, my phone had sort of crapped itself, essentially, and I needed to have a, a phone for work. Um, so I bought one and went into a provider who will remain nameless in North Sydney, and said, um, "You know, I just bought a new phone. Can I get a, you know, a micro SIM?" Or whatever the, the format change was.

Um, literally all that happened was I gave the mobile number, and they gave me a SIM. Um, I might have, d-, like, maybe, and, you know, address or something like, something very, very n-, you know, basic.

Daniel McDermott: Mm-hmm [affirmative].

Garrett O'Hara: Um, and I walked out. And, um, the issue there is, you, you know, you're not just taking a phone number. These days, you're actually taking, you know, really part of your identity. Um, and something that can be used for either, you know, creating a, a more fleshed out identity theft, uh, situation. Or in some cases, just using it for, um, access to other accounts. Um, I know there's a lot of services, um, you know, financial, telecommunications and, and those kind of services where if I do something on an account, including some of the, the government sites, um, part of what they will do is, uh, send an SMS as a, you know, one time code to verify that it is me.

So, the clear problem is, if it's so easy to do a SIM swap, then you're into SIM swap scams. Um, where essentially you're able to, you know, walk into a store, get the SIM and then very quickly, you know, get access to email accounts or third party accounts. And what you'll often find is that you can access one account and use that as a sort of hopping stone into other things, because, you know, let's say a banking account is linked to an email address that you've now got access to. So, when they send you a verification link or something, that's fine. You can log into the email, because you've, you know, you got access there or, um, you know, anything like that.

So, I think this is good. What they're looking to do is bring in, um, multifactor authentication, for when it comes to any sort of, um, SIM related activities, is what they're calling it. I think this is a really, really good thing. Um, I think there's, there's lots that could be done in general when it comes to service provision in Australia, in every country. Um, in what they use to verify you. It still makes me cringe when I jump on the phone to do something with, with something that I consider, you know, a sensitive or important service, and the verification is ridiculous. It's, you know, what's your address?

Daniel McDermott: [laughs]

Garrett O'Hara: What's your birthdate? And, and sometimes that's all that is. You know? And you think, oh, man. Um, you know, that frightens me. So I think anything that we can do to introduce kinda true, uh, authentication, um, and certainly multifactor auth is going to be a good thing.

Um, so yeah, like, definitely part of the good news story. Um, and, you know, it's part of a change. I think it comes in fairly soon. Um, the, the rules come into effect, uh, like it's, uh, June 29th, apparently. So, um, yeah. I'll, it, it, it raises the, the question then, you know, do S-, D-, do SMS's become-

Daniel McDermott: [laughs]

Garrett O'Hara: You know, a good two factor auth method? Um, like I'd argue that we, we have better options available to us these days. So, I'd say still probably not. Um, you know? If there's other, other ways then I would say maybe there, there are better ways to do authentication.

Daniel McDermott: And I'm assuming they're not doing, uh, using SMS messages as the, uh, as the second factor.

Garrett O'Hara: [laughs]

God, you would, you would hope not.

Daniel McDermott: [laughs]

Garrett O'Hara: Although, it's just so interestingly, you know, there's, there's potential merit to that. Uh, because at least it proves that you have ownership of the original SIM, in some way. Um, although I have a friend who works in, uh, law enforcement. And, um, you know, SIMs apparently can be duplicated. So that's something that, you know, the higher level criminals are actually out there doing. They're not just doing the basic walk into a store and, you know, just sort of scam the, uh, the, the new SIM. But actually, you know, duplicating SIMs so that, you know, the number's kind of appearing in multiple places.

Um, but yeah. Like, to, to your point, um, I, I th-, uh, I think we've got better options out there these days for, um, two factor authentication. Um, and an issue on this relates back to what we covered in the last news episode about, um, you know, the kind of potential national verification database and the use of things like biometrics, you know, where is that a use case? You know, you, you have a, a telco that can do a pay per use of, um, you know, a national database. And, if you're going do to a SIM swap then, you know, that's fine. But you need to do a v-, like facial verification or iris or, I don't know, if you walk into a [inaudible 00:22:03] store are they going to have-

Daniel McDermott: [laughs]

Garrett O'Hara: Um, sorry, a telecommunications store, are they going to have a, uh, you know, an iris scanner in their, um, how we'll go about doing that. But, you know, it starts to get interesting. If we can, if we can lock down this stuff more and more, um. It almost comes back to what we were talking about with, you know, the Interpol story and this stuff in general. This constantly raises the cost of attack, and, you know, that's never going to be a bad thing.

Daniel McDermott: Yeah, it, it, always putting in those, those, more, you know, difficult steps is an important aspect, right? It makes it harder, right?

Garrett O'Hara: Yeah.

Daniel McDermott: So, uh, so n-, the, it makes the bad guys have to continue to work harder and harder, and hopefully that means it deters, you know, many of them because it gets too hard as well.

Garrett O'Hara: Yeah. Absolutely.

Daniel McDermott: Terrific. Well, finally, let's wrap up with a quick review of the latest breaches and vulnerabilities to make the headlines. Let's start with how our federal government is continuing to struggle with the effective implementation of the Essential Eight framework.

Garrett O'Hara: Yeah. I mean, that, that's pretty much the size of it. And we've, we've had a few of these stories I think, over the years. And, seems like a yearly thing that, um, you know, the, the s-, the Essential Eight or the, um, the Top Four. You know, this kinda, the, the, the two kinda approaches to sort of, um, I suppose it, the basics, when it comes to cybersecurity controls.

Um, this is part of a, an interim financial controls audit. Um, and it looked at the entities out there, um, and reviewed the, uh, 20, 2021 Policy 10 self assessment of select agencies. Um, but it doesn't look like good news, basically. So, a bunch of the, the entities, sort of didn't meet, I suppose, uh, a good standard. Um, like there is some-

Daniel McDermott: [inaudible 00:23:37], the report says only, only two of the 19 agencies actually made the grade. So it's a, that's pretty damning that, uh, that so, such a few, um, have actually got to, you know, what would be considered, um, a required standard.

Garrett O'Hara: Yeah. It is. It's, uh, it is [inaudible 00:23:54]. Um, and s-

Daniel McDermott: [laughs]

Garrett O'Hara: You know, there, there's some shaping of this into positive commentary where there's, you know, an improvement of, uh, maturity and stuff like that. But, yeah, when you get to the point where, um, you know, two of 19, um, are hitting that, that sort of points, um, it's not good. And, and the id-, the, the sort of scary reality is there's a move to make the essentially mandatory, I think it's of July 2022, so whenever, next month.

Um, so, yeah. It wo-, it would certainly raise questions, you know, if we're, we're seeing two of the 19, um, not meet the kind of, the, where they were expected to be already, and then we're actually making the Essential Eight the baseline. Um, you know, there's more work to do there. So, um, I don't know what the solution is. Um, you know, we, we talk about this, it feels like every quarter or so. You know, a story like this comes up where, you know, the, the government is sort of, had a bad result on, for one of its own audits. [laughs]

And, um, you know, just it seems to come back to spend money. Um, spend money, it seems to be the solution.

Daniel McDermott: Yeah. Well, like you say, there's already sort of, you know, mandates coming. Um, and then also, as we spoke about last time, the change in sort of federal government and, and what, you know, Labour might bring. It will be interesting to see, um, whether we start to see, you know, improvement along the way as we go.

Garrett O'Hara: Yeah. We'll, we hope so.

Daniel McDermott: Indeed. And the next story is how the Australian Border Force have conducted over 40000 electronic device searches, from 2017 to 2021. Uh, isn't that, would that be a good thing that they're, uh, searching all these devices at the border, Gar?

Garrett O'Hara: Well, you, I mean, it, it depends, is, is probably what I would say. Um, the, the, I suppose the, the reality of the situation is that when you pass through borders, um, the Border Force can basically search your device. You're not under any obligation, um, to provide, um, your passcode. So, that's probably an important to note is that if you've got a password protected device, um, there is no legal requirement for you to provide that to, um, the Border Force.

The reason they're, they sort of, n-, say they're searching these devices, apparently it's quite often in terms of, uh, or it's related to questions over visas. Um, you know, visas to stay in, in Australia. Um, and then things like terrorism activity, et cetera. Um, so you know, the, those, you know, on the surface of it, feel like legitimate reasons to search devices.

Um, I was actually talking to, uh, somebody who is a journalist, recently. And, and we were discussing the use of things like biometrics. Um, to protect your device, um, you know, and the conversation was around AI and, and biometrics in general. Um, and I actually mentioned this idea that as you're passing through a border, if you're using, you know, a fingerprint to unlock your phone, you can't pretend you don't remember your fingerprint. It's, you know, it's part of you. So, you know, it's something to think about when it comes to biometrics as well, is that, um, it removes any version of deniability or, you know, I've forgotten my pin code.

You know? When the mugger gets you at the, um, the ATM, you can say, "Look, I've, uh, I'm freaking out. I can't remember my passcode." Or you can put the wrong one in and they don't know it, 'cause it's locked in your brain. Um, if you're using facial recognition, or we get to that point, like, it removes that ability to say "I can't remember." Or, "Yeah, I don't wanna provide that to you."

Daniel McDermott: Mm-hmm [affirmative].

Garrett O'Hara: Um, so I think there's gonna be implications there that maybe we need to think about as well. Um, but yeah, the, the 40000 devices, well it's, it's over five years. Um, it's as people are passing through the, the body, uh, sorry, the borders. And, um, yeah. As I say, like, there's no legal obligation for folks to provide a password or a passcode. Um, or kind of any assistance, um, is the quote here in the article, to access an el-, electronic device at the border.

Um, and the Australian Border Force apparently don't have to advise travelers that, of that. [laughs] Um, so there, there may be situations where there's a little bit of sort of so-, very light social engineering happening. Um, at our borders where, you know, people will do what I think many of us would do, which is, oh my God there's somebody in uniform. Um, I need to provide, um, access to these days something that's generally gonna be a very personal device. I'm assuming most people have, uh, personal photos. You know, whether that's, you know, beautiful landscapes or stuff that may be more personal. Um, depending on the, the people.

Um, you know, that, that, that, it's that stuff to think about. And, and maybe there's a consideration here. Because that, uh, I believe they can actually copy devices. Um, so one of the things to think about more from a corporate perspective is, you know, if people are traveling internationally, is it safe for them to bring a device that may be cloned at a border? And that cloned device may contain, you know, sensitive corporate IP that, you know, could be accessed. I mean, most people have an encrypted phone these days, but, um, you know, I wouldn't put it past any, um, yeah, especially s-, you know, nation state level, um, to have ways around that. And potentially, you know, access what you think is unencrypted, sorry, is encrypted data, and then get to a plain text version of that.

Um, I know there are companies that will, um, either strongly recommend or sometimes mandate that their, you know, execs or, or folks when they're traveling into particular countries, do not bring their regular device. They get issued a, you know, a, air quotes, safe travel device for those particular countries. Um, because the expectation is that, you know, they, they could be cloned or they could be expected to, uh, provide access to those devices.

So, yeah, I don't know. It, it seems like an interesting one to me, certainly. S-, uh, quite high numbers. Um, it feels like, but over five years, m-, you know, maybe when you break it down it's not, um, it's not that bad.

Daniel McDermott: Yes. I've heard of that one as well, of the one time device rather than the one time password, right?

Garrett O'Hara: Yeah.

Daniel McDermott: For, uh, for traveling to certain countries.

Garrett O'Hara: Yep. Yeah, and, absolutely, it makes sense. Um, yeah, the expectation that, yeah, if something goes wrong, um, yeah, you, you don't want the device where you've got all of your financial applications and, you know, email and all this stuff that gets stored in [inaudible 00:29:58] on a device, you certainly don't want that, um, that accessible.

Daniel McDermott: Indeed. And our last story today is how cyber resilience and beavers collided in Canada. What has happened here, Gar?

Garrett O'Hara: Um, I just, I really like this story just 'cause it's one of those quirky, um.

Daniel McDermott: [laughs]

Garrett O'Hara: It's sort of a throw, a throwaway. Uh, this really does feel like the good news episode. I mean, totally accidental but, um, [laughs], this, like to end on a story with a little beaver.

Daniel McDermott: [laughs]

Garrett O'Hara: Causing an internet, internet outage in Canada, I think is just lovely. Um, it, it's, I mean there's a serious side to this which is, you know, the world is an imperfect place and, you know, things, things fall apart. That's, they all tend to, you know, um, entropy rather than order. Um, and this is an example of that, where basically a, a beaver in, um, in British Columbia in Canada, um, gnawed through a tree which subse-, uh, subsequently fell down and, um, sort of knocked out, I think it was a fiber cable and then removed access for about, I think it was eight hours or so. Um, on the seventh of June.

Um, funny story, you know, clearly the beaver-

Daniel McDermott: [laughs]

Garrett O'Hara: Yeah, I doubt it was working for any nation state. You never know, maybe, maybe they've got, gotten to the point where they've got, they've trained the beavers. Um, who knows. But, um, yeah, I think it's just, it's wonderful because some innocent little animal who's going around doing, doing what it does, which is probably building a dam, um, you know, it knocked out-

Daniel McDermott: [laughs]

Garrett O'Hara: It knocked out a, a fiber, uh, cable. Which apparently has happened quite a few times in, in Canada. It's not like the first time a beaver has caused, uh, problems. Um, but I, I like these stories 'cause they're the ones that point to how, how digitally interconnected we are but how we rely on things that are sometimes completely out of our control, despite best efforts.

You know? When you're b-, when you're b-, when you're building out your risk assessment, um, and all the scenarios, uh, y-, like maybe, but I very much doubt, you know, beaver, uh, you know, beavers are l-, you know, listed on most organization's list of, you know, risks to, um, their digital infrastructure. But, you know, maybe we n-, we need to start thinking that way. I don't know if it's, um, what the animal would be in Australia. Um.

Daniel McDermott: [laughs]

I can't think of what the equivalent would be, that would be bringing down a, uh, maybe possums.

Garrett O'Hara: There you go. There you go. [laughs]

Daniel McDermott: [laughs]

Garrett O'Hara: I think you need to get possums introduced into our risk assessments, uh, yeah, and some planning.

Daniel McDermott: Well, uh, indeed, as you said, uh, a, a quirky story to end with, and, um, and overall hopefully a good news episode. So, thank you Gar, I appreciate your insights, as always. Who do you have for us as our special guest next week?

Garrett O'Hara: Next week we have, um, a person called Emily Edgely who, uh, she works in the kinda public speaking and story telling space. Um, so, I, I think this is actually a really good one. I s-, I saw a post from our friend Jay here this morning on the importance of story telling. Um, on LinkedIn. And, and I think that's absolutely true. A big part of our, um, role, as cybersecurity leader-, leadership, is quite often getting buy in, um, getting, you know, sort of funding for programs at work et cetera.

So they g-, you know, it tends to be that, in communication with, with boards and with employees, with staff. Um, we mix up the providing of an information with influence, and influence generally comes from good story telling. Um, Emily is an expert in that, so, um, yeah, we're gonna have her on and just have a conversation around that. So, you know, story telling probably being the core focus on the conversation. But, um, you know, like I'm guessing we will as always go on bunny trails.

Daniel McDermott: And, yeah. And, uh, I think also like relevance for the audience. Um, I think she spent about 10 years in cyber at, at, uh, one of the big banks as well. So, uh, you know, knows the inside of, uh, of what it takes to be a cybersecurity professional. Um, and then, you know, overlays that with, like you say, that ability to get, tell that narrative well and get buy in from others. So, uh, it's such an important topic, as part of our sort of collaboration and how we work and, and be able to communicate, um, the effectiveness of cyber throughout our organizations. So, uh, really looking forward to that.

So until next week, if you would like to continue exploring key topics in cybersecurity, please jump onto getcyberresilient.com, and check out some of the latest articles, including why privilege access management matters more than ever, or how upskilling can help beat the great talent storage. And of course, remote working is not going away. So how do you ensure cyber resilience in this new era?

Thanks for listening, and until next time, stay safe.

Principal Technical Consultant

Garrett O’Hara is the Principal Technical Consultant at Mimecast having joined in 2015 with the opening of the Sydney office, leading the growth and development of the local team. With over 20 years of experience across development, UI/UX, technology communication, training development and mentoring, Garrett now works to help organisations understand and manage their cyber resilience strategies. When not talking about the cyber security landscape, data assurance approaches and business continuity Garrett can be found running, surfing or enjoying the many bars and eateries of Sydney's Northern Beaches.

User Name
Garrett O'Hara