Podcast: Play in new window | Download (Duration: 41:18 — 47.3MB)Subscribe: Android | Email | Google Podcasts | RSSIn this episode of The Security Ledger Podcast (#96): with primary elections taking place in states across the United States in the coming weeks, we talk to John Dickson about how state elections offices have become the front line in a pitched battle with state-sponsored hackers – with the fate of a 240 year democracy hanging in the balance. Also: we talk about the looming threat posed by so-called “deep fake” videos that use computer manipulation to make famous celebrities appear to say nearly anything.
In this industry perspective, Thomas Hofmann of Flashpoint says that sensational coverage of advanced persistent threat (APT) actors does little to help small and mid sized firms defend their IT environments from more common threats like cyber criminals. The key to getting cyber defense right is understanding the risks to your firm and prioritizing investments to protect critical IT assets.
Podcast: Play in new window | Download (Duration: 34:30 — 39.5MB)Subscribe: Android | Email | Google Podcasts | RSSIn this week’s Security Ledger Podcast (#88) we do a deep dive with researcher Vikram Thakur of the firm Symantec on “Dragonfly,” the Russian hacking group whose actions prompted the U.S. Department of Homeland Security and the FBI to issue a joint statement last week warning of intrusions into critical infrastructure in the US. Also: how do cyber criminals cash out all the loot they make from online scams? In our second segment we’ll talk to researcher Mike McGuire of the University of Surrey, who has been studying that question.
The Department of Homeland Security and the FBI on Thursday warned that the so-called “Dragonfly” hackers linked to the government of Russia are engaged in a “multi-stage intrusion campaign” against U.S. critical infrastructure, including the energy, nuclear, aviation and manufacturing sectors.
Iran’s Chafer hacking group is targeting aviation repair and maintenance firms in an apparent effort to obtain information needed to shore up the safety of that country’s fleet of domestic aircraft, according to research by the firm Symantec.