• Daniel McDermott

    Dan is a 20 year veteran of the ICT industry working for global and local vendors in bringing new and innovative technologies to market in the ANZ region. During his career, Dan has been passionate about bringing a local voice and insights to global technology challenges. As the Editor of GetCyberResilient.com Dan casts a keen eye across the hot topics, trends and pulse of local security practitioners to curate stories from near and far that are most impactful in addressing our evolving risks.

    Comments:0

    Add comment
Daniel McDermott

The latest cyber news and resilience insights - 24/8/21

Content

This week in cyber security news, the team explore the major outages on high-profile websites caused by content delivery networks, the strange missed calls being received by people across Australia and how to avoid the Flubot, how cybercrime gangs are attempting to recruit malicious insiders, and the latest ‘High Alert’ message sent by the ACSC regarding the vulnerability affecting BlackBerry’s QNX RTOS.

Content

The Get Cyber Resilient Show Episode #68 Transcript

Dan McDermott: Welcome to episode 68 of the Get Cyber Resilient show. I'm Dan McDermott, and I'll be your host for today. Hoping you are all staying well and safe and are doing okay. As many of us continue dealing with the rolling lock downs across Australia. and New Zealand. This week is our in the news episode. And I'm joined by a resident, cybersecurity experts, Bradley Singh and Garrett, O'Hara. And we'll be exploring how content delivery networks have caused some major outages for high profile websites, We'll also look into why we are getting a lot of strange missed calls lately and how to avoid the FluBot.

We'll dig into how cyber crime gangs are trying to actively recruit malicious insiders and we'll finish up by covering the latest high alert message sent by the ACSC regarding the vulnerability affecting Blackberry's QNX RTOs Brad Let's kick things off by taking a look at the recent outages, suffered by some of the largest websites in the world. And what's caused them.

Bradley Singh: Hmm, certainly Dan it's been quite a big few weeks in terms of disruption and I'm sure to your point, a lot of us are locked down across Australia, probably more than half the population at the moment.

And it's no wonder some of our most popular websites that we like to visit have, have also been down. Um, it's probably good to clarify what a CDN is everyone. So, content delivery network they're really starting to become, I guess, more popular over the past 10 years, but the idea is that effectively, instead of hosting a, a website at one point on a web server, you effectively mirror that, that content on different web servers around the world. So, if you are connecting from Australia, you connect to the local Asia-Pacific infrastructure, vice versa around the world. There's been a growing dependence on these providers for a lot of, I guess, large websites we access.

So, there was two outages, or I guess two large points of disruption. One was Fastly, and this was due to a software bug where apparently one customer changed the setting and it brought down their entire platform. or at least To this part of the world. And so websites such as Amazon, Reddit, PayPal, Twitch, Spotify Ticketmaster, Shopify some pretty kind of big names where you know, kind of kind of suffered disruption from it.

And then about two weeks later, [Akamai 00:02:12] which has been a, another CDN provider, which is very well known in the industry, they suffered a data loss. So, we're talking three of the big four banks we're talking Australia, post American airlines, et cetera. So, I'm not sure if the hackers watched the disruption caused by the software bug and then thought, hey, let's do a DDoSs against another provider.

Maybe they were paying attention. But yeah, just high levels of disruption, And I guess makes us wonder about the resilience and kind of, you know, do we still lay eggs in one basket?

Garrett O'Hara: Yeah, it's such a, it's an interesting comment. Isn't it? On how, how. The world works today. Um, and even that started CDNs, I would say some of the kind of larger hosted platforms for IAS uh, or platform as a service or any of those kinds of things.

Um, definitely serve as a potential single point of failure. I think there wasn't there an example of AWS many years ago, where it went down and. One of the affected organizations was a sort of WIFI, light bulbs. So, you had people sitting in the dark with no idea that the reason they couldn't turn the light switch on was that literally thousands of kilometers away, somebody had done the wrong thing in a data center.

Um, it's yeah, it's one of those things and isn't it interesting also, I mean, one of the kinds of use cases for CDNs is, is resilience, right? It's that idea of kind of multiple end points and local PO um, points of uh, presence for, you know, speed of delivery, but also resilience. And then yeah, to your point Brad, like when they go it's uh, it is a seismic uh, impact.

Dan McDermott: And why do you think they might be, you know, these things being targeted? Is it, this, is it just to create that disruption? And you know, that, that sense, or is there something more that that is ha- happening behind the scenes? as well?

Garrett O'Hara: Yeah. I mean, it, it depends on who the attackers are, I think with a lot of these things and, and, you know, you know, to Brad's point, sometimes it's actually not attackers at all.

And in our industry, I think we often forget that, you know, we're, you know, the, the da of the CIA triad is actually just availability and sometimes it's. Uh, you know, a technician does the wrong thing. We've seen that here locally where, you know mobile providers, they've had technicians arrive in to one of the exchanges and fat finger something.

And next thing you know, like the Eastern seaboard is down and F-boss isn't working. And so yeah, I mean, I, I think it's, you know, back to the old school technical issues that are, I would say part of cyber resilience, maybe less so the security side of things, but yeah. Then in terms of motive, so as, as I suppose it just depends on who the attackers really.

are.

Bradley Singh: I, I think there's kind of two sides to it, right. So, I mean, in the first one software glitch, you know, great example of just kind of resilience in the platform and, and underpinning where exactly we should be, but in the roles of a data. I almost think it may be. Collateral damage to say the least like it could be one customer or a set of customers using these services targeted by a group of third actors out there.

Like we saw sustained attacks against Sony from certain groups on four channel for months and months and months that platform was down. So, it wouldn't surprise me if there's some type of coordination and, you know, maybe as a collateral damage, like all these other services are going down as well, because it's almost too hard to hit these companies at a lower level.

Like it might as well hit them higher up on the chain. where, Yeah, they can't really even defend themselves, but I think this has been a big wake up call for the industry. And I think if anything, it'll probably bring more providers, more options more plan B's. There's So anything I can think of that can come with this.

Garrett O'Hara: Oh, [inaudible 00:05:32]. I was just gonna say really interesting point there.

You know, That that's, that's such an important uh, thing to, to mention is that collateral uh, damage. I mean, so often in cyber security, and and you might not be the target, but you're the way to somebody else you just happen to [laughs] you happen to get in the way. So your systems get popped nailed mostly because you can help get access to, you know you're a stepping stone to some other organization.

Um, but I think, yeah, I think it's a really important perspective, you know, that idea of going after those larger. Platforms and providers, and it doesn't matter that it's going to affect tens or hundreds of other organizations. If you could have targeted minds and here I'm thinking state nation, maybe more than potentially, you know, kind of financially driven stuff, but will, will they really care?

Like if they really wanna go after any particular organization, for whatever reason, I mean, do they really care that it's, it's gonna, you know, affect tens or hundreds of other organizations? I mean, at some level they probably will, but maybe less than we'd like them to. [laughing]

Dan McDermott: Indeed. Well thanks for exploring that. and certainly teaching me something about CDNs and our reliance on them.

Lately, I've certainly been getting a lot of miscalls. Um, it's just been, my phone's been going off both on my mobile and even at home, like just the phone is constantly ringing from very strange numbers that are aren't necessarily living messages, but we've now learned that this is uh, happening pretty broadly.

There's a notion of a, a FluBot which is a, a malware that's going around as part of this Brad, What's happening here. Why are we getting all of these strange calls? All of a sudden,

Bradley Singh: um, definitely in terms of, I guess kinda since the pandemic uh, I think all of us stuck at home, I think a lot of us have suffered or, or kind of felt that barrage of fact text messages.

Um, thankfully it looks like we, we do have a name now uh, to your point. So appears to be a campaign by the name of FluBot. Um, interestingly enough, in kind of the prime examples of it, what it is, it's effectively a barrage of text messages linking to a website, which usually has a funny name. Like it'll be kind of some random link kind of generated thing, but kind of two English things together.

The idea is if you click on the link if they didn't fix you with basically a remote access to effectively. Now, it only, apparently at this stage effects Android users. So, a bit of a PSA out there. I guess, any Android listeners but it's still being sent to [inaudible 00:07:50] devices, like I use an iPhone and my last 10 text messages are from FluBot as a, as a personal example.

So something definitely to, to be uh, worried about. And aside from that to, to your point, Dan, you've also got these misses call scams, which, um in, in great prevalence as well. So I think side by side, it just, it's not giving people much of a reason to pick up their phone.

Garrett O'Hara: It's, It's probably worth uh, pointing out that it is, a 400 funds that are being sort of set up for side loading and which I suspect is a fairly small number of folks out there.

So before everybody kind of [laughing] freaks out, maybe that they've got FluBot you know, the, the thing to think about is if you've set side loading on, then, you know, potentially, you're, you're vulnerable to this, but if you haven't, then you're probably in a good position. Still always get to check quite, right? but yeah, maybe don't, don't freak out and uh, throw the phone in the toilet and go ahead and buy a new one.

Just, just yet, definitely worth uh, worth checking. Interesting point though is never ends the value of locking down an ecosystem. Um, and I know you know, iPhone is held up as the, the sort of gold standard for, you know, secure, safe goes on to the store. And I know Android tends to be seen as a little bit more of a, a wild west, even in the store.

You know, they, they certainly do check, but I think it sounds like Apple's more, more strict in terms of the apps they let into their store. So yeah, definitely worth pointing that out as well.

Dan McDermott: And [inaudible 00:09:13] the phone really I can get infected there, Brad. like, so you you're clicking on, on a link to what to check your voicemail.

Is that. what's happening?

Bradley Singh: Yeah, well, it's, it's a fake text message.

Dan McDermott: Mm-hmm [affirmative].

Bradley Singh: And it effectively comes in, it goes to a link. It says, Hey, click on this link." It's almost like basically going to a GitHub thing where it automatically installs, So I, I didn't know a guy that it actually needed side load permissions or anything. I thought it was more like you, you clicked on it.

And then it popped up asking for permissions, even hit accept, but I didn't realize that it needed. a, a high level of permission. Um, but to my knowledge, it's just a, a super common kind of vector, like the place to go, like a fishing link, if you will, which then downloads a remote tool. Um, but I would also suggest that this is something which.

is Kind of uncommon, like, sorry. It's something which is, is, is, is been common over the past few years. And I think we're just starting to see an increase of it. And to Garrett's point, it'll be interesting to see if Google will ever go to the point where they start restricting the, the, the Android store, or the play store to the point of apple, just because of the security risks involved with it.

And we think about this when we talk about things like KPIs and OpenAir with everything for, you know, different um, actors to use. but These things can also, [inaudible 00:10:28], they can be obviously used maliciously. And I bet you, there's probably hundreds of fake banking apps um, and impersonating Australia, Australian brands on the, on the Google play store right now.

And at least I know from an asset perspective, then, you know, I'm not gonna have the same risk.

Dan McDermott: And is there any way that our, our listeners might be able to check if they have been infected by this and uh, what can they do about it?

Bradley Singh: I think the recommendation is and there's a couple of things here in terms of what the trying to act.

So you can download, um quite a few different antivirus softwares for your phone. I think Telstra Micro for you for recommendations on their website. Um, outside of that allegedly Telstra and particularly Vodafone as well. They're trying to combat it at a high level. So they're looking at using machine learning and AI rules to effectively start looking at patterns to basically stop these spam, or scam messages.

But I guess it'll be to, to kind of what end and yeah, realistically, maybe something only machine learning and AI can solve again. And it comes back to that conversation of how do we deal with the scale of something when the barrage of it is just so seemingly constant.

Garrett O'Hara: Yeah. I like the idea of the, the pattern recognition and the machine learning approach.

Um, also I'm an Android user. and, and one of the things I like about the the phone that I have is that if I get an SMS or a phone, call the Google kicks in and kind of tells me, Hey, this is a suspected spammer. Um, so even though it's an or a phone call, I'll get a red banner Visual notification saying, Hey, look, you probably do or you don't answer this or uh, respond in any way to, to this SMS.

So you know, I think they're the providers, Google and apple are kind of approaching things in different ways, but I definitely agree with it being something that probably needs to happen further back, because there's absolutely no way, you know, individuals are going to know whether something is a a real SMS or not as the case may be.

So I think yeah, the the providers, the telecoms providers, and then. the mobile providers would think working in conjunction um, and crowd sourcing. you know, I think having users report things as spam on their phones is important. Cause that's what the um, mobile providers use to, you know, essentially crowd source, their known bad list of spammers.

Dan McDermott: Okay. Interesting. Well, like you said, Brad, that for more information search FluBot on the Telstra website and they've got plenty of information there to uh, to help anybody out moving on to the next story, One that is, is quite disturbing. In many ways, we all know insecurity is a high risk that a, a malicious insider presents.

Um, they're very hard to, to stop that. Um, lot of things can go wrong when you've got somebody inside the four walls of your organization that is looking to do the wrong thing and have, might have access to to systems and be able to bring things down or create or wreak havoc. And with that news, cyber gang is actually been on the hunt to actually recruit these malicious insiders, to actually try to get them and pay them money in order to then for them to be able to install the LockBit 2.0 ransomware um, inside their own organizations.

Brad, what is going on here?

Bradley Singh: Yeah, this is kind of, I've been reading a few different like spy novels and watching the small spy movies recently. And it's kind of reminds me of that double agent kind of vibe, right? where they're trying to get asset and side. But I think the reality here is that the value dollar of successful ransomware attacks has significantly increased. And we're looking at industries targeted, which, you know, have healthcare workers, frontline workers workers in factories, as an example. You know, potentially not, not the most high paid workers. Um, maybe it's somebody in an Amazon warehouse as an example in the states for them to then potentially be offered a large sum of money to like the USB that licensed to a computer at work or a terminal for seemingly such a small exercise.

Yeah. It it could, could be a, be a big payday for that individual. I mean, obviously they'd probably get caught and the real risk there is actually probably on that user, but I think we're naive to think. that People won't start doing things like this, you know, especially if they are suffering economic hardship.

Garrett O'Hara: I, I think back on, you know, we had Jenny Radcliffe on the show a couple of months ago now, you know, and her her conversations and things she talks about in terms of physical access to the organizations, you know, the, the effort that somebody like her has to go to, to get in there, to plug to your phone Friday, USB drive into a server somewhere, or a machine.

Isn't this just like Occam's razor almost? This is just such an elegant approach from an attack perspective, [laughing] pay some money to somebody who can just walk through the doors and do without you having to even try like it's, it's phenomenally simple and I'm kind of amazed it doesn't happen more often. Um, especially if there's an element of deniability, I'm I'm sorta trying to think through how that goes.

with CCTV and, you know, the amount of tracking that would be involved like do you get to the point where if it was deniable and the money was good enough? and it's horrible to say, but I think, you know, too many people, that's uh, a pretty attractive prospect to make some nice. money. Especially if it's in the millions,

Bradley Singh: I, I mean, if you could do it anonymously and like, again, I think it would be naive to think that you you can't develop technology to a point where you can do this fairly repeatedly.

Like we've we've seen this already, like the whole the beauty of the ransomware industry, if you will, if you could say it like that is that it's managed to scale and, and bring in large uh, amounts of money repeatedly. Um, if you could do it in such a way, which, you know, guaranteed little to no risk to the, to the end user.

And even then it doesn't have to be the, the, the employee. It could be the employees, brother, sister, sibling, you know, parent, family member, like there's so many other different areas of risk. Um, And even from that aspect, like, you know, you can just, I still think it would be so easy to to dress up as a cleaner and walk into nearly any building.

Like, I, I, I think there's a huge problem with the premise of that insider and kind of physical security aspect and something we've probably not thought too much about since we've been you know, stuck at home.

Garrett O'Hara: And The other thing is, you know, you talk about the financial incentives. Um, and then there's the, you know, rubber hose cyber cyber attacks, which is you know, Hey, Mr.

Employee we need you to plug this in. And if you don't you know, here's, here's what happens to your, to you or your family like that threat of violence and, you know, suspect, I know it seems like the stuff that Jason Bourne movies or whatever, but in reality, like if the prize was big enough and you really wanted to.

Get into an organization, badly enough. Um, and you were given that, you know, so many of these folks are there criminal organizations. So like why wouldn't you use traditional blackmail approaches, you know, violence, or, you know, the photos of you doing the wrong thing with somebody in a motel or whatever.

Um, but it wouldn't always have to be, you know, here's money, but you know, the, the opposite. side do uh, threat of violence or, or a blackmail.

Bradley Singh: And that's that real tag that hacking that we're talking about right. Where you're going after an individual, you're, you're doing like a doc's trying to figure out what they live.

Like yeah. So that's, that's, that's scary and that's horrible. Right. And a lot of that stuff I think unfortunately, does happen and and Probably doesn't it probably isn't a prosecuted or even, even an investigated up because it just kind of happens behind closed doors. And it also happens, I think, a lot in marginalized communities, which, which you know, a lot of people would have no privy to.

Dan McDermott: It's definitely a very scary thought, [inaudible 00:17:54] and this can be happening. And I guess from a security and protection point of view for organizations, I'm assuming though that with so much monitoring and, you know, network security and everything else that's available today. That often the person would be no one who's actually, you know, perpetrated that act and actually installed that ransomware.

Is that the case, or am I thinking that our surveillance is is maybe better than what it might be?

Bradley Singh: I think you're right there. I think people will catch up, but I think the problem also is that so many people are willing to live stream their illegal activities and on TikToK and different social media.

So like, I think. Yes, they're probably gonna get caught, but I don't think it actually really stops it from happening. If that makes sense. Like yeah, [inaudible 00:18:39].

Garrett O'Hara: well. I mean, my thoughts are that the number one control in server security is physical. That's that where everything starts. And if you've got an employee that's walking through the doors, you are so far ahead of the game in terms of being able to potentially compromise an organization.

Um, and you're right Dan, like there's, there's a bunch of things in most organizations that we'll be looking for. You know USB ports being used, what's being accessed like yes, 100% is the technical controls. But if you're at the point where you've got the money or the threat of violence to get an employee to kind of comply with the request to go do this stuff, then you're probably the kind of organization, in the background that's got the, the chops to build something that if you plug the USB drive and it's going to do whatever it needs to, and and the way you go.

So like physical security, you know, we, we love talking about technology and that's kind of, you know, it's interesting and it's cool and, and you know, lots of bells and whistles, but actually sometimes a huge fence and a gate and a boom, you know, boom gates on the way in and good turn installs. Like that's where it all starts.

And if if that falls down, because you're able to pay somebody or threaten them. Yeah. You're, you're so far ahead of yeah. Um, you know, try and do remote texts or, you know, drive-bys or click on links and all that stuff, which works. but Just got a comparatively lower success rate. I suspect.

Dan McDermott: I think the the financial you know, incentive there.

Um, you know, though, you've got to wonder whether these these criminal gangs and actually hold up their end of the bargain. Right. And so, and actually you make the payment to the person and, you know, give them their, their 10% cut or whatever it might be as there uh,, as their fee. It's it's, it's a very, you know, dangerous and slippery slope that uh, these people are on.

And, but it's a scary thought to think that, you know, People could be you know, walking into, into organizations and creating, reading this heavy based on the fact that, you know, somebody is actually, you know, offering that incentive. Um, or as you say, even worse, scar that, you know, they've got uh, a, a physical threat to them or their family that that's, that's just, a terrible way to think.

Garrett O'Hara: I, I know we're kind of wrapping this story up, but wasn't there one with Tesla like a year ago, am I dreaming wasn't there a Tesla employee that they tried to compromise for this kind of stuff. And luckily they went to the authorities, but they were getting, they were getting strong into I can't remember what it was. I don't know if it was DLP, master bringing up a story that I can only vaguely remember, but I'm pretty sure uh, there was uh, a case where Tesla, so, you know, as the listeners listen to this, it's worth Googling you know, Tesla and soda, but I'm, I'm pretty sure it might've been one of our state nation friends who were having to go.

Um, but a year. ago From memory. So like there is form for this stuff. It's not the first time

Dan McDermott: Cool. And the last story that we were going to cover today is that the latest high alert status from the ACSC which is around a vulnerability effecting Blackberry, QNX RTOS. Brad, can you tell us what this is?

Bradley Singh: Yes.

What is Blackberry QNX RTOs. Um, I think I had the same thought and I'm sure everybody here [inaudible 00:21:44] as well. Um, I want to be correct in terms of the versions for this one. So God, thank you for that correction in terms of the Android story earlier and FluBot, but it's only some side loaded devices. Um, but for the Blackberry one, it's, it's affecting operating systems between.

Uh, products manufactured between 1996 to 2012 and QNX for safely manufactured until 2018. So what is Blackberry QNX? It's one of the world's largest operating systems that you've never heard of, but effectively runs apparently within uh, 195. million Different vehicles out there kind of on the rows and all of the large car manufacturers use it.

Um, outside of that, it's very popular in terms of the medical imaging device. So it's kind of like the operating system, which runs on a lot of industrial control systems and stuff. I kind of, think this to if we remember everyone remembers like the AMD or like the Intel chip set kind of breaches and where it was at a very high level up in terms of the chain, this kind of feels like the same thing where it's this piece of OEM.

Um operating system, which is just everywhere out there. And apparently there's some cut high level vulnerabilities around it. And in terms of the remediation, like, I can't even begin to think how that begins because a lot of these systems are integrated and they're gonna be quite proprietary, too.

Right?

Garrett O'Hara: It's, it's, Isn't this, the thing with ICS and IOT in general like, I love that idea, the biggest operating system you've never heard of that. That's so true. Uh, because I think, you know, we think it's windows and it's it's Mac, and maybe you're Ubuntu, If you're one of those, one of those people. but I am one of those people.

So anyone who's listening to this, please tell them, don't take offense. But you know, the the point you made there Brad is there is literally hundreds of operating systems and they are sitting in critical systems. And This, is, this particular OS is in medical device is it's sitting there, they're in a thinking in the automotive industry and a few different places like that.

where, You know, if it goes wrong, it's not a small thing. Right. Um, you know, potentially somebody is driving down the road or somebody's having a medical procedure that relies on, on this operating system doing its thing. Um, and you know, this is one of hundreds, if not thousands of these hardly known bespoke, you know, burned onto a chip operating systems, you know, there maybe one trick ponies or more but if you spot the vulnerabilities, especially in ones, where dos is you know, sitting on an air prom or something like that.

It's not easy to update. Um, it's not like rolling out a patch, right? It's not a small thing to update ICS systems. So yeah, I find these ones particularly kind of scary when you. do discover them.

Bradley Singh: It's terrifying. Isn't it? And then just,

Garrett O'Hara: Hmm.

Bradley Singh: I'm just trying to read through deal that a little bit more from the MACSC, just to try and make sense of it.

And they're kind of saying that manufacturers or products that incorporate vulnerable versions should contact their direct reseller to Patchett manufacturer products who develop unique versions should contact Blackberry to patch it. So if you think about it, even within all these different industries, there's gonna be some versions of the software, some versions of it, and then years of technical debt and then I lean on version, which makes this fighter jet run in a certain parallel configure.

I don't know, but it just starts to get absolutely crazy. You almost need like a set of controls, which has, has to be connected to a network or the internet somehow around it to Then help prevent this type of stuff from ever leaving. And what we're talking about here is remote code execution, which basically means escalation of privileges, complete control of whatever that device was and the greater ability to, to be victim, to denial of service attack. So if we think about critical infrastructure uh, within a hospital, as an example, that could. have Life threatening impacts on, on patients. So I think it's a big wake up call. And and also I think something which everybody knew was gonna happen at some point and it's probably gonna continue to happen. Um, there's so many different versions out there and it seems like the, I think the running theme is it's it's vendors and its service providers who, who are now the targets because once you get access to them, you get access to all their customers.

Dan McDermott: So as a consumer of one of those uh, cars that is, is effected here. Um, do I need to do anything or can I trust that my manufacturer is going to get the patch and take care of it. for me?

Bradley Singh: Just what out for your, a liquid manufacturer um, kind of advice. I mean, if you're driving a Tesla or something, the best self-driving capabilities, I'd be a little bit more worried.

Apparently there's a story going around that Teslas are crashing into emergency vehicles. They're I'm not sure if that one's real or not, but yeah, I'd say, just watch out for the the kind of alerts from your car manufacturer. And if you need to go and get your patch on your Toyota or your Ford, or whatever it is, then go get your car patched.

Garrett O'Hara: It Starts to feel like the product recalls that sort of car manufacturers have had to do over the years, because of, you know, physical defects in I don't, airbags or, you know, the, th the thing that connects the steering wheel to the other thing, I don't know what [inaudible 00:26:39] cars, but you know, yeah, they, they get recalled all the time and it maybe it's it's starts to be that, you know, that you discover a, a problem that could be very significant and something like this, especially with the, I mean, I think you've just said it.

they, The internet connected cars, which you're seeing more and more of where they've got a SIM in the car when you buy it and then you don't have to go and sign up for, it's just, it's used as a way to deliver, you know, downloads updates to the, the operating system in the ECU and the cars. But, you know, just to get to that point where it is a Rico, you gotta go drive to your your particular brands and they, they stick a plug in and they do some stuff And away you go.

Bradley Singh: I think we'll see all the car companies before the testimonial, right. Where you did get that chip you know, in the SIM of your car, but you also then patching 10 grand a year, right? Like this is a recurring subscription to get updates and the self-driving, and then that kind of takes cares of the maintenance aspect as well.

So maybe that's the security aspect as well. Expect that's part of the constant patching and updates to the software to protect you against this layer. So maybe, unfortunately, we're all gonna get to the point where we're having to pay $10,000 a year to uh, get Back out on the road [laughing]

Garrett O'Hara: cars, as a service we've arrived, everybody [crosstalk 00:27:48] Yes. you don't, you don't get to own your car.

You just get to yeah, subscribe to your, your chosen brand. Wow.

Dan McDermott: I mean, you get a new one every six months then would that even be so bad? Brad? Like.

Bradley Singh: Well, so many implications. Right. But I will definitely be keeping uh, an eye out for for a software uh, upgrade. [laughs] And, And so you end it and if I get one most certainly we'll, we'll know why at this time, as well as to what's happening.

So hopefully uh, it can get taken care of. But it's, yeah, it's interesting that it's obviously, you know, on a large scale in order to Get the attention of the ACSC and be able to put out that alert to make the industry aware of of, of that vulnerability and what needs to be done to hopefully help protect everybody.

Dan McDermott: That draws to uh, close today's episode. Thanks for listening everybody. In terms of looking forward to next week we have uh, a great interview on on a real human interest story of how it can, how cyber crime can actually impact a person that individually and and what it means to them. Tell us more about next week's guest.

Garrett O'Hara: Yeah, we're joined by Laura Jeffrey who is a uh, look, has has being really kind to us. She actually provided some videos for the ulcer 00:29:04] tool, coded with Amy Holden a couple of months back where, you know, it, it sort of made it real. Uh, you know, we talk about this stuff all the time, right on this show in the industry and business, you might compromise.

Uh, specifically, but Laura, as she's gonna, first of all, a great a great story. And by that, I don't mean it's a good story. I mean, it's a horrible story, but it's well-told um, and for me it made very real, the human experience of what it's like to be on the, The receiving end or to be a victim of a fairly large business email.

Well, business email compromise slash fraud attack. So we go through that in, in some amount of detail. And, and what I loved about the episode is that Laura fills in a lot of the blanks that I. had About how it's like, how is it to navigate the legal system? And, you know, what's the human frustrations that come along with trying to you know, at a personal level, remediate this stuff, get your money back and seek justice.

Um, so it's gotta... Yeah, funny to say about a cyber security, or cyber resilience podcasts, but it's actually quite an emotional episode. It's a really, it's a human human story. It's it's, it's really. great.

Dan McDermott: Yeah. Well, we're really looking forward to uh, hearing that. and, And like you say, those are real world impact that uh, can happen to any of us.

So thanks for that. Thanks all for listening um, until next week. Stay safe.

Tags
Editor, Get Cyber Resilient

Dan is a 20 year veteran of the ICT industry working for global and local vendors in bringing new and innovative technologies to market in the ANZ region. During his career, Dan has been passionate about bringing a local voice and insights to global technology challenges. As the Editor of GetCyberResilient.com Dan casts a keen eye across the hot topics, trends and pulse of local security practitioners to curate stories from near and far that are most impactful in addressing our evolving risks.

Stay safe and secure with latest information and news on threats.
User Name
Daniel McDermott