Cyberside Chats: Cybersecurity Insights from the Experts

In this episode of Cyberside Chats, we dive into the surprising pardon of Ross Ulbricht, creator of the infamous Silk Road dark web marketplace. What does this decision mean for the future of cybercrime enforcement and your organization’s security? We’ll explore the potential policy shift, how it could embolden criminals, and actionable steps you can take to stay ahead of evolving threats. Don't miss these critical insights! 

Takeaways: 

• Anticipate Increased Cybercrime Activity. The pardon of Ross Ulbricht could embolden cybercriminals. Proactively strengthen your organization’s defenses by updating incident response plans and running tabletop exercises to prepare for more brazen attacks. 

• Monitor Policy Changes Closely. Stay informed about shifts in U.S. government enforcement against cybercrime. If the crackdown slows, adapt your risk assessments and adjust your security posture to counter an evolving threat landscape. 

• Collaborate and Share Intelligence. Join industry groups and forums to exchange insights on how others are preparing for and responding to cyber threats in the wake of policy and enforcement changes.  

• Reinforce Employee Training. With the possibility of emboldened cybercriminals, ensure staff are well-trained to recognize phishing and social engineering tactics, which are often the first step in an attack. 

• Enhance Threat Detection Capabilities. Invest in tools and services that monitor dark web activity and ransomware trends to stay ahead of potential threats, especially as new actors and groups emerge. 

In this episode of Cyberside Chats, we explore the FBI’s daring takedown of PlugX malware. By commandeering the malware’s command-and-control infrastructure, the FBI forced PlugX to uninstall itself from over 4,200 devices globally. This bold move echoes similar actions from 2021, such as the removal of malicious web shells from Exchange servers.

We unpack the legal, ethical, and operational implications of these law enforcement actions and provide actionable advice for IT and security leadership to prepare for similar events.

Key topics include:

• How the FBI executed the PlugX takedown and what it means for organizations.
• The risks and benefits of law enforcement hacking into private systems to mitigate threats.
• Preparing for potential third-party access to your network by “authorized” actors like law enforcement or tech vendors.

Takeaways:

• Be aware that “authorized” third parties, such as law enforcement or Microsoft, may access your computers if they’re part of a botnet.
• Monitor threat intelligence feeds so you’re informed when events like these occur.
• Proactively communicate with your ISP about their processes for responding to law enforcement notifications.
• Ensure your contact information is current with your ISP and DNS registrars to avoid communication gaps.
• Review and update your incident response (IR) and forensics plans to account for potential third-party access.
• Include scenarios involving third-party access in your tabletop exercises to improve preparedness.

Resources:

“FBI Hacked Thousands of Computers to Make Malware Uninstall Itself”

“The Microsoft Exchange Server Hack: A Timeline”

“Taking Down the Waledac Botnet (The Story of Operation b49)”

Have thoughts or questions about this episode? Contact us to discuss this and more with other cybersecurity professionals.

#cybersecurity #PlugX #PlugXhack #hack #hacker

In Episode 2 of CyberSide Chats, Sherri Davidoff and Matt Durrin dive into the launch of the U.S. Cyber Trust Mark, a new security initiative aimed at making Internet of Things (IoT) devices more secure for consumers. As the number of connected devices continues to rise, the U.S. Cyber Trust Mark promises to help users make informed decisions about the security of products like cameras, smart locks, and voice assistants.

Sherri and Matt will discuss the potential impacts of the Cyber Trust Mark and discuss the ongoing challenges of securing IoT devices. They also tackle the rising threat of QR code phishing, as more devices will carry QR codes for secure setup—raising new concerns for consumers.

Tune in to learn how this new mark can help protect your privacy and security in an increasingly connected world!

Don’t forget to like, subscribe, and share this episode to stay informed on the latest cybersecurity trends!

#USCyberTrustMark #cybersecurity #cyberaware

Join hosts Sherri Davidoff and Matt Durrin in this first engaging episode of CyberSide Chats, as they dive into the top cybersecurity priorities for 2025. This insightful discussion was recorded with a live Q & A, and it covers the pervasive influence of AI, the emerging threats of deepfakes, and the complexities of managing third-party risks in an increasingly digital world.

This episode not only prepares listeners for the potential challenges of 2025 but also equips them with the knowledge to enhance their cybersecurity measures effectively. Tune in to stay informed and ready for the future!