Safe Mode Podcast

We are living through an epidemic of ransomware. Last year alone, the amount paid to ransomware operators exceeded $1 billion, and the entities getting hit and seeing their operations disrupted by ransomware included hospitals, schools and libraries. Ransomware is both a public-health and national-security crisis, yet efforts to address the problem are not making a dent. Allan Liska is a senior intelligence analyst at Recorded Future and a leading analyst of the ransomware phenomenon, and on this episode of Safe Mode he sits down with host Elias Groll to discuss why it’s long past time to ban ransomware payments. CyberScoop reporter Derek Johnson also joins the show to discuss the U.S. intelligence community’s observations of information operations targeting the 2024 election.

When studying cyberoperations, it’s easy to become enamored with state-backed hackers. Russian and Chinese operations have done much to shape our understanding of how power is exercised online, but it’s not clear that the intense attention dedicated to such operations is well-placed. Amid the current epidemic of ransomware, criminal hacking groups are arguably having as much if not a greater impact on the lives of ordinary people. On this week’s episode of Safe Mode, Selena Larson, a senior threat intelligence analyst at Proofpoint, sits down with host Elias Groll to make the case for why e-crime groups should be afforded just as much attention as state-backed hackers, reframing how we think about the cybersecurity landscape. CyberScoop reporter Derek Johnson also joins the show to discuss the fallout of a major Supreme Court ruling on the fight against disinformation.

The proliferation of artificial intelligence is exposing teens to a new online threat: AI-generated sexual imagery. Heather Barnhart is a fellow at the SANS Institute and a digital forensic expert, and on this episode of Safe Mode she sits down with host Elias Groll to discuss how teenagers and their families can protect themselves against the scourge of sextortion. CyberScoop reporter Derek Johnson also joins the show to discuss how election administrators are leaving their posts due to widespread harassment.

Following Russia’s full-scale invasion of Ukraine, the Ukrainian power grid has come under sustained attack by Russian forces, and keeping it up and running has been a significant challenge. One of the major issues Ukrainian energy officials have had to confront is the way in which Russian electronic warfare systems have disrupted GPS, which is a key tool in running electrical distribution systems. Taras Vasyliv, the head of the Dispatching Control Systems Department at the Ukrainian energy utility Ukrenergo, and Joe Marshall, a security researcher at Cisco, collaborated on an innovative solution to address the vulnerabilities of GPS systems in the Ukrainian grid. And on this episode of Safe Mode, they sit down with host Elias Groll to discuss the novel tool they developed to maintain the delivery of electricity even in the face of Russian jamming. CyberScoop reporter AJ Vicens also joins the show to discuss a wide-ranging operation targeting customers of the data storage company Snowflake. As many as 165 companies ‘potentially exposed’ in Snowflake-related attacks, Mandiant says | CyberScoop

To address AI risks, policymakers and technologists around the world have embraced the concept of AI red-teaming — the adversarial testing of AI models. But AI red-teaming is such a new concept that few people know how to conduct such tests. The discipline of AI red-teaming very much remains under development, but as AI systems are rolled out far and wide, this discipline is only going to become more important to make sure that AI tools work as intended. On this episode of Safe Mode, host Elias Groll sits down with Josh Harguess, the AI security chief at Cranium AI who is one of the few bona fide experts in the field, to dive deep on how to carry out AI red-teaming. CyberScoop reporter Derek Johnson also joins the show to discuss an Israeli information operation targeting audiences in the United States and Canada.

Joe Sullivan on his legal battle with the feds; the latest on Russian influence operations by Safe Mode Podcast

In recent weeks, a series of troubling operations targeting open source software libraries have been uncovered in which bad actors — likely tied to nation states — have attempted to use social engineering to be designated as maintainers of security critical libraries. Operations such as these have the potential to insert backdoors in widely used software libraries that provide the building blocks of modern computing. As the general manager of the Open Source Software Security Foundation, Omkhar Arasaratnam is on the frontlines of protecting the open source software ecosystem, and on this episode of Safe Mode, he sits down with host Elias Groll to discuss what’s needed to improve the security of some of the world’s most widely used software. DefenseScoop reporter Mikayla Easley also joins the show to discuss her reporting about how the Air Force is experimenting with putting AI behind the controls of American fighter jets.

In recent years, the persona known as LockbitSupp has emerged as a notorious figure in the cybercrime underground. The primary administrator of the LockBit ransomware, LockbitSupp has become fantastically wealthy operating the world’s most prolific ransomware. Last week, the FBI and a coalition of international law enforcement agencies unmasked LockbitSupp and indicted the man allegedly behind the persona — Dmitry Yuryevich Khoroshev — on charges related to his work running the highly popular ransomware service. FBI Deputy Assistant Director for Cyber Operations Brett Leatherman was one of the law enforcement officials involved in that operation, and he sits down with host Elias Groll to discuss the bureau’s work against LockBit and its broader efforts to combat cybercrime. CyberScoop reporter Tim Starks also joins the show to discuss Poland’s efforts to impose accountability for the abuse of spyware.

When Russia invaded Ukraine in February of 2022, it was immediately apparent that the conflict would in part be waged in cyberspace. As Russian tanks rolled into Ukraine, Russian forces also launched a cyberattack against satellite modems that impacted the Ukrainian military’s ability to communicate. Since then, Russian cyberattacks have been a regular feature of the conflict — but on the other side, Ukrainian hackers are also going after Russian targets and are frequently leaking stolen documents online. On today’s episode of Safe Mode, Stefan Soesanto, a senior researcher at the Center for Security Studies at ETH Zurich, sits down with host Elias Groll to discuss his research on how Ukrainian hacking groups are operating in the war. CyberScoop reporter Derek B. Johnson also joins the show to discuss a cyberattack on a Georgia county that prompted state officials to cut the county off from statewide election infrastructure.

At last August’s DEF CON computer security conference, more than 2,000 people tried their hands at breaking some of the world’s most advanced AI models. That event was the largest-ever public red-teaming event of large language models, and since then policymakers are continuing to look to red-teaming as a key tool in responsibly deploying AI systems. The data scientist Rumman Chowdhury was one of the organizers of the Generative AI Red Teaming Challenge at DEF CON, and on this episode of Safe Mode she sits down with host Elias Groll to discuss the lessons of that event. CyberScoop reporter AJ Vicens also joins the show to discuss a potentially severe supply chain attack involving the business analytics firm Sisense.

Amid the endless hype about AI — how it will either revolutionize the world or end it as we know it — Sayash Kapoor is a rare voice of reason. A PhD candidate at Princeton University and a researcher at the Center for Information Technology and Policy, he is also the author of the newsletter AI Snake Oil, an essential resource to understand AI, its risks, and what to do about them. On this episode of Safe Mode, he sits down with host Elias Groll to discuss his research around AI risk, how best to understand it and the interventions necessary to better study AI models. CyberScoop reporter Tim Starks and FedScoop reporter Rebecca Heilweil also join the show to describe how U.S. federal agencies have been affected by a breach of Microsoft carried out by a notorious Russian hacking group.

In order to deliver major improvement in the security of the digital systems we all rely on, the Biden administration has embarked on a major initiative known as secure by design. That initiative aims to build more secure hardware and software by prioritizing security in the design process and asks developers to rethink how they approach building products. So can it be done? On this episode of Safe Mode, the veteran cybersecurity executive Dave Aitel, who spent six years at the National Security Agency before founding the security firm Immunity, sits down with host Elias Groll to offer a hacker’s perspective on secure by design. CyberScoop reporter Christian Vasquez joins the show to discuss the Cybersecurity and Infrastructure Security Agency’s proposed new rules for when critical infrastructure entities will have to report cybersecurity incidents.