Information Assured

My friend and former colleague at Microsoft’s public sector practice, Bryan Hunt, provides a great overview of our present threat landscape and a series of reminders with which to start the year. Ransomware, criminal enterprise, and re-visitation of fundamental practices round out the show. How can you spend the money necessary to get in front of the breach or assault? What’s happening with the spike in bitcoin or other cryptocurrencies? What’s driving that? And what about the cost of the breach or a ransomware recovery? Do you pay? Do you prevent it? How do you balance the economics?Bryan Hunt on LinkedInHost: Matthew Hall, CISSP, CHFI, Security +Apply 1.5 CEUs to any security, IT, project management continuing education certification maintenance.Law Enforcement Round-Up Links: Information Assured Links to Articles, Sources, Tools, and ReferencesFBI Crime StatisticsFBI Releases 2019 Crime Statistics — FBISupport the show (https://www.patreon.com/utterlymental?fan_landing=true)

It’s that fun time of the year when we all have or will be voting. Families, counties, and the country stand divided and under the influence of foreign intelligence services and criminal enterprise. Our panel discusses many of these topics, including coverage on deep fakes, censorship issues, disinformation campaigns, and the real threat of foreign influence and election intervention. How can we verify what we think we know? How can we better discern what’s out in the environment? In the news summary, Matt reviews the Federal Election Assistance Commission, the Google News Initiative, and a potpourri of stories that show the impacts from disinformation regarding False Claims of Hacked Voter Information Likely Intended to Cast Doubt on Legitimacy of U.S. Elections to how Twitter and other platforms censor stories related to the election.Our panel discussion with Darren Mott, FBI Special Agent (Ret.) AKA “The Cybur Guy,” John Virden, Assistant Vice President for Security, Compliance, and Risk Management and CISO at Miami University, and Sam Horowitz, Chief Information Security Officer at UCSB, focuses on our impending election.Show Links: https://start.me/p/RMpwyD/information-assured-2020Support the show (https://www.patreon.com/utterlymental?fan_landing=true)

It's national insider threat awareness month -- yeah, I didn't know either, but now you do too! We take a brief survey of the Chinese perspectives on national security, including EC-8 surveillance sorties along the South China Sea, an assertion by the Chinese government that they do not interfere with US internal affairs, and the US response to alleged Chinese espionage emerging from the Houston Embassy. A couple of arrest reports for an ex-US Army Special forces officer and a Chinese national throwing a hard drive in a dumpster complement our coverage of North Korean bank heists and $250 million in cryptocurrency seizures.Our interview with Darren Mott, FBI Special Agent (Ret.) AKA "The Cybur Guy" focuses on Cyber Counterintelligence.Topics for Darren Mott, FBI Special Agent (Ret.), "The CyBUr Guy" CounterintelligenceThreat ActorsWho are the largest threat actors we face today?RussiaIranNorth KoreaCriminal EnterpriseFederal Government ResponseWhat is the CSOC? https://www.nationalcsoc.com/Assistance to Small ContractorsInvestigationsForeign EngagementFive Eyes CollaborationIntroductionsFBI Career of 21 years culminating in the Supervisory Special Agent/Private Sector Coordinator roleWhat is counterintelligenceSupport the show (https://www.patreon.com/utterlymental?fan_landing=true)

Chinese hackers face US justice; the US Secret Service forms a permanent Cyber Crime task force; the UK’s National Crime Agency’s Operation Venetic yields 746 arrests; Fresno county identity theft arrest and a flamboyant, FBI most wanted Russian hacker’s 5 million dollar bounty rounds out the law enforcement update. Our interview with John Virden follows the roundup.John Virden, Assistant Vice President for Security, Compliance, and Risk Management and CISO at Miami University, and I discuss the 2020 Verizon Data Breach Investigations Report 2020. Threat ActorsTop PatternsData compromisedIncident classification patterns and subsetsFrequencyActor motivesTop ControlsHost: Matthew Hall, CISSP, CHFI, Security +Apply .5 CEUs to any security, IT, project management continuing education certification maintenance.Show OutlineIntroLaw Enforcement Round-Up: https://start.me/p/RMpwyD/information-assured-2020Chinese Malicious Cyber Activity | CISATwo Chinese Hackers Charged in Global Computer Intrusion Campaign — FBISecret Service Announces the Creation of the Cyber Fraud Task ForceSecret Service Wanted Fugitive: Computer FraudLondon: Can you name them? Appeal for information following sexual assaults... - Metropolitan PoliceUK: NCA and police smash thousands of criminal conspiracies after infiltration of encrypted communicati...Assistant Manager at Fresno County Retail Store Arrested for $100,000 in Credit Card Fraud | USAO-E...Alleged Russian Hacker Behind $100 Million Evil Corp Indicted | WIREDMAKSIM VIKTOROVICH YAKUBETS — FBIU.S. orders China to shut Houston consulate as spying accusations mount - ReutersTags: Security,UCSB,Miami,Russian,Hacker, Evil,Evil Corp,Virus,Crime,Cybercrime,Fraud,BEC,CEU,CISSP,CSF,Framework,Cyber,Cybersecurity,Infosec,InformationAssurance,Virden,Ransomware,Ransom, China,FBI,Most WantedCategories: Security,UCSB,SECLAB,CSF,CISSP,CEU Support the show (https://www.patreon.com/utterlymental?fan_landing=true)

AWS denial of service, on-going investigations $4.7million business email compromise scam, a student-led missing person cyber investigation initiative, NZ’s seizure of $90 million in assets of alleged Russian criminal enterprise, DDOS service for hire sentencing, and mapping out the deep fake landscape rounds out the law enforcement update. Our interview with Giovanni Vigna follows the roundup.Professor and security entrepreneur Giovanni Vigna (UCSB Sec Lab and Founder of Lastline TDI) and I discuss contemporary issues related to his research and experience regarding the current cybersecurity threat landscape: Nation-State ThreatsCriminal EnterpriseInsider ThreatPolitical ThreatOther ThreatsIoT threats, drones, privacy, surveillance, the society meets tech, deep fakes, corporate and personal Protections, and his background as a security entrepreneur round out the interview.Host: Matthew Hall, CISSP, CHFI, Security +Apply .5 CEUs to any security, IT, project management continuing education certification maintenance.Support the show (https://www.patreon.com/utterlymental?fan_landing=true)

Drones snooping on royals, FBI announces an insider threat conviction, more COVID 19 fraud prevention resources from both Google and the UK Government, cybercrime unit announced in Cumbria, and how Apple approached looting theft from its retail outlets, round out our law enforcement and technology section followed by a conversation with TBI’s Assistant Director for Technology and Innovation, Rich Littlehale. We talk through the International Association of Chiefs of Police Digital Evidence Taskforce on issues ranging from encryption, sensor data, personal data, policy considerations, and extra-territorial data custody. We start off with a discussion related to the importance of digital transformation in law enforcement.Rich and I discuss Rich’s career at the TBIThe latest IACP Technology and Cybercrime IssuesEncryptionSensor DataPersonal DataPolicy ConsiderationsExtra-Territorial Data CustodyHost: Matthew Hall, CISSP, CHFI, Security +Apply .5 CEUs to any security, IT, project management continuing education certification maintenance.Show OutlineIntroLaw Enforcement Round-Up: https://start.me/p/RMpwyD/information-assured-2020FBI: Man Arrested in Connection with an Attempt to Kidnap Law Enforcement — FBIIT manager sentenced for hacking into and sabotaging his former employer’s computer network | USAO-...Man sentenced to death in Singapore on Zoom call - ReutersGoogle Scam SpotterCoronavirus (COVID-19): fraud and cyber crime - GOV.UKApple Warns Looters With Stolen iPhones: You Are Being TrackedA year since the launch of cybercrime unit in Cumbria | The Westmorland GazetteHarry & Meghan Call Police After Drones Fly Over Their LA Home: Report | E! NewsGoogle deal with the Department of Defense Michigan Launches Cybercrime Hotline - Infosecurity MagazineSearch Discord Servers | DISBOARD: Discord Server ListConversation with Rich -- LinkedIn for more information at https://www.linkedin.com/in/rich-littlehale-57b4aa9/.Support the show (https://www.patreon.com/utterlymental?fan_landing=true)

COVID fraud warnings, the UK’s National Cyber Security Centre's suspicious email reporting service, Dubai’s police deal with COVID fraud, Microsoft tracks ransomware groups, a fake FBI special agent starts dating, porn blackmail, counter-drone tech, and the Metropolitan Police force’s virtual police academy highlight our law enforcement round-up followed by a conversation with retired FBI Supervisory Special Agent Scott Augenbaum the author of The Secret to Cybersecurity: A Simple Plan to Protect Your Family and Business from Cybercrime. As a generous nod to our listeners, Scott will send you a personal copy of his book if you are one of the first five to send him an email: Information Assured Podcast as the title (email available address on the show website).Scott and I discuss Scott’s career at the FBIThe story of his bookFraudPersonal ProtectionCorporate ProtectionsNation-States and our EconomyScott reveals his four truths of cybersecurity during our conversation, and he delivers with an energy and enthusiasm I think you’ll appreciate. I’ve had the pleasure of working with Scott for many years, and he was indirectly responsible for my training and professional experiences with ENCASE and FTK through a regional ICAC team in Tennessee.Law Enforcement Round-Up: ONLINE EXTORTION SCAMS INCREASING DURING THE COVID-19 CRISIS Law Enforcement Round-Up: Citizens flagged over 160,000 suspicious emails to NCSC in two weeks Law Enforcement Round-Up: Coronavirus: Hackers pose as Dubai Police to steal bank details Law Enforcement Round-Up: Ransomware groups continue to target healthcare, critical services; here's how to reduce risk Law Enforcement Round-Up: Monroe Woman Who Posed As An FBI Agent On Dating Websites Is Sentenced To Prison Law Enforcement Round-Up: Met welcomes 320 new recruitsLaw Enforcement Round-Up: How the Justice Department is Permitted to Use Counter-Drone Technology Conversation with retired FBI Supervisory Special Agent Scott Augenbaum the author of The Secret to Cybersecurity: A Simple Plan to Protect Your Family and Business from Cybercrime.Closing RemarksSupport the show (https://www.patreon.com/utterlymental?fan_landing=true)

Overview Fraud warnings, rapid DNA tests for arrestees, electronic facial identification, London cold case, serial child porn conviction, Russian hacking e-commerce platform takedown, and Chinese espionage highlight our law enforcement round-up followed by a conversation on the NIST Cybersecurity Framework with Salvador Ortega.Salvador and I walk through the NIST Cybersecurity Framework’s significant functions and categories and discuss our operational perspectives emerging under each function, category, and sub-category. “The Framework is voluntary guidance, based on existing standards, guidelines, and practices for organizations to better manage and reduce cybersecurity risk. In addition to helping organizations manage and reduce risks, it was designed to foster risk and cybersecurity management communications amongst both internal and external organizational stakeholders.”Salvador Ortega, CISSP, Director of Cybersecurity at Vanderbilt University Medical Center, joins me to discuss the Framework in the context of his 13 years at VUMC. I’ve had the pleasure of working with Sal for many years, and he’s demonstrated a fact-based approach to analyzing security risks and vulnerabilities. It’s a pleasure to have this experienced practitioner for our discussion.Host: Matthew Hall, CISSP, CHFI, Security +Apply .5 CEUs to any security, IT, project management continuing education certification maintenance.OutlineIntroLaw Enforcement Round-Up: California Attorney General March 26th Consumer Alert for Charity Fraud Law Enforcement Round-Up: US Secret Service March 20th, 2020, COVID Virus Phishing Advisory Law Enforcement Round-Up: Florida Department of Law Enforcement February 26th, 2020 FDLE, LCSO unveils nation’s first automated rapid DNA collection What is EFIT? Law Enforcement Round-Up: London Metropolitan Police April 2nd, 2020, Electronic Facial Identification Technique for 2005 Rape CaseLaw Enforcement Round-Up: London Metropolitan Police March 5th,2020, Man convicted of making indecent images of children for the second timeLaw Enforcement Round-Up: FBI March 24th, 2020, FBI Takes Down a Russian-based Hacker Platform; Arrests Suspected Russian Site AdministratorLaw Enforcement Round-Up: US Department of Justice, February 27th, 2020, Chinese National Sentenced for Stealing Trade Secrets Worth $1 BillionWhat is the National Institute of Standards and Technology (NIST)?What is the NIST Cybersecurity Framework (CSF)? NIST CSF Discussion with Vanderbilt University’s Salvador OrtegaClosing RemarksSupport the show (https://www.patreon.com/utterlymental?fan_landing=true)

How do you run your business when everything around you falls apart? The idea of business continuity usually sits on the back burner until the event happens, and this event is here. This episode covers a few February cyber-crimes and then turns to address the Coronavirus outbreak and how Lisa and I work from our central coast of California home during the crisis. The positive news is that we will get through this event. It will change the way we conduct business and manage our workplace thanks to technologies that facilitate remote work, instruction, business, and security.Host: Matthew Hall, CISSP, CHFI, Security +Apply .5 CEUs to any security, IT, project management continuing education certification maintenance.OutlineIntroGoogle Trends, Bernie Sanders, and the Corona VirusLaw Enforcement Round-Up: Microsoft Engineer Convicted, February 2020Law Enforcement Round-Up: Medical Worker Pleads Guilty to Identity Theft, January 2020Law Enforcement Round-Up: Five online fraudsters sent to prison for £10m fraudWhat is the Corona Virus and Where are We NowBusiness Continuity in the face of a natural disaster or infectious diseaseLisa and Matt Discuss Real Life Covid Remote WorkAt home Security CheckClosing RemarksSupport the show (https://www.patreon.com/utterlymental?fan_landing=true)

The monthly fraud, hacking, threat, technology, and management development recap framed through the lens of 30 years of experience in law enforcement, medicine, oil and gas, high tech, investment banking, and higher education.The FBI received 467,361 cybercrime complaints in 2019 including a detailed account of a case in Dallas Federal Court where the alleged perpetrators targeted corporations and lonely ladies.“... more than $3.5 billion in losses to individual and business victims. The most frequently reported complaints were phishing and similar ploys, non-payment/non-delivery scams, and extortion. The most financially costly complaints involved business email compromise, romance or confidence fraud, and spoofing, or mimicking the account of a person or vendor known to the victim to gather personal or financial information.”The wrap up concludes with a summary of a 2019 ransomware report and actual attack impacts on cities like Baltimore and New Orleans. It concludes with what you can do by way of prevention and incident response recommendations.Host: Matthew Hall, CISSP, CHFI, Security +Support the show (https://www.patreon.com/utterlymental?fan_landing=true)