Cybersecurity Today — "Cybercrime and the Future: An In-Depth Discussion with Tammy Harper, Flare.io"
Episode Date: November 15, 2025
Host: Jim Love
Guest: Tammy Harper, Senior Threat Intelligence Researcher, Flare
Episode Overview
This episode features a deep-dive discussion between Jim Love and Tammy Harper exploring the present and future of cybercrime. Tammy unpacks the evolving dynamics of criminal undergrounds, the implications of decentralization, extortion as a service, affiliate recruitment, the integration of AI and quantum computing in threats, and the wider societal consequences of digital sovereignty. Listeners gain actionable insights and a framework for thinking about impending risks and changes in the cybersecurity landscape.
Key Discussion Areas
1. The Underground Economy: Roots and Future ([01:56]–[15:30])
- Historical Context: Tammy draws parallels between the Soviet "second economy" (blat — webs of favor/barter) and today’s online underground, emphasizing how trust and networks circumvent authority.
- Quote: "Whenever there is authority, there is a natural inclination to disobedience." — Thomas Chandler Haliburton ([02:45])
- Modern Black Markets: The move from physical to digital, and the persistence of networks of favors and alternative trust systems, now visible in platforms like Craigslist or Facebook Marketplace.
- Decentralization: Formerly centralized, Russian-language forums (Ramp, Exploit, XSS, etc.) are being disrupted by international law enforcement, leading to fragmentation ([09:07]).
- Notable Quote: "International law enforcement, always a collaboration... these big disruptions do happen, but they only really happen in Russia when you piss off someone locally." — Tammy, ([09:10])
- The Role of Escrow: Escrow is critical to building transactional trust in cybercrime, now shifting towards smart contracts and decentralized forms due to law enforcement interventions ([12:12]–[15:38]).
- Quote: "Without that structure, everything falls apart. And I think what I'm hearing you say is, there's new ways that structure is going to come about." — Jim, ([13:54])
2. Trust, Reputation & Identity in the Criminal Underground ([19:23]–[23:31])
- State-Backed Sanctuaries: Many actors exploit environments with poor extradition laws, or become ‘cybercrime tourists’, leveraging regimes that shelter or ignore their activities ([16:20]–[19:42]).
- Building Reputation: As old systems erode, criminals may use “blockchain passports”, unique identifiers, or public records of successful attacks. Questions emerge about how one can prove identity or trustworthiness in an anonymized and adversarial world ([19:42]–[23:31]).
- Quote: "How do you build this concept of reputation... when you are in a zero knowledge system?" — Tammy, ([22:20])
3. Evolution of Extortion: Extortion-as-a-Service (EaaS) ([23:31]–[31:20])
- Concept Introduction: Extortion as a service decouples the tool (ransomware, etc.) from the criminal brand, allowing anyone to leverage recognized group names for their own attacks ([23:31]–[26:34]).
- Quote: "If you have a successful brand that successfully extorted a lot of money, then you can basically say, 'Hey, use our name...' It has weight, it has notoriety and you can claim attacks under our name." — Tammy, ([24:10])
- Risks: Losing control and reputation; actions by third parties can tarnish the brand, invite sanctions or extra law enforcement attention ([26:08]).
- Technical Social Engineering: Recent campaigns (ex: Scattered Spider, ShinyHunters) combined technical API abuse with high-level social engineering, often leveraging leaked data for highly targeted attacks ([30:15]–[31:20]).
- Quote: "Most of this... happens because of either poor training or poor execution from people as simple places as help desk." — Jim, ([30:38])
4. Affiliate Models and Cybercrime Recruitment ([31:20]–[40:01])
- Shift in Affiliate Strategies: Ransomware groups now actively court skilled affiliates and showcase individual actors for recognition and recruitment—“bragging rights” have increased value ([31:20]–[36:09]).
- Socioeconomic Recruitment Risks: Economic downturns and mass layoffs in the tech sector (and among disconnected youth) create fertile ground for criminal recruitment ([37:16]–[38:14]).
- Quote: "You can buy a young guy without a job for 10, $20,000... that could ruin their entire life." — Jim, ([39:38])
5. Artificial Intelligence: Threat and Opportunity ([40:11]–[49:14])
- Quote: "The real danger is not that computers will begin to think like men, but that men will begin to think like computers." — Sidney J. Harris ([40:14])
- Dark Models: Malicious LLMs and “jailbreak” models are widely available—threat actors now use models trained on leaked data for spear-phishing and targeting ([40:14]–[43:58]).
- Emerging Attacks: Automated agentic AIs can now scrape public data, set up sophisticated social engineering traps, and replicate human interactions (voice deepfakes, etc.). AI-powered ransomware (even if not yet perfect) is on the horizon ([47:07]).
- Quote: "Once we have models writing models, it's going to be game over." — Tammy, ([44:21])
- Risks: The difficulty of keeping guardrails; the “danger zone” has arrived where tools outpace security ([47:04]).
6. Quantum Computing: Myth, Hype, and Real-World Risk ([49:14]–[57:57])
- Quote: "If you think you understand quantum mechanics, you don't understand quantum mechanics." — Richard Feynman ([49:14])
- Arms Race: States stockpile encrypted data now, aiming to decrypt when quantum capabilities mature ("harvest now, decrypt later") ([50:40]).
- Social Engineering Leverage: Even as true quantum decryption is years off, attackers will exploit public uncertainty to scam victims, much like early sextortion scams ([52:52]–[54:53]).
- Encryption Response: The impending need for quantum-resistant encryption is clear; re-encryption of legacy data is set to become a critical debate ([55:13]).
- Quote: "The thing that could crack every single type of encryption is time." — Tammy, ([56:53])
7. Digital Sovereignty, Fragmentation & the Future of the Internet ([58:20]–[65:46])
- Quote: "He who controls the past controls the future. He who controls the present controls the past." — George Orwell ([58:20])
- Multiple Internets: Rapidly diverging regulatory and cultural zones (US, China, Europe) are fracturing the idea of a universal Internet. This both complicates global threats and opens new avenues for regionalized attacks ([58:20]–[63:07]).
- Quote: "The dream of the universal Internet is dead." — Jim, ([63:07])
- Implications for Cybercrime: Threat actors will leverage regional differences, using localized attacks and exploiting weak links in global regulatory frameworks ([63:07]–[65:40]).
Notable Quotes & Moments
- On trust in cybercrime:
"Everything boils down to trust."
— Tammy Harper ([23:31]) - On affiliate recruitment:
"If you don't have affiliates conducting the attacks on your behalf, it's hard to justify that 20%."
— Tammy Harper ([31:20]) - On deepfakes and real-time attacks:
"The tools for being able to do a deep fake, real time, a real conversation... are all at a level of sophistication... attacks are already happening."
— Jim Love ([48:31]) - On the future of encryption:
"The thing that could crack every single type of encryption is time."
— Tammy Harper ([56:53]) - On Internet fragmentation:
"More choice and more openness is always a good idea... But this doesn't just impact, it also impacts the way that models and artificial intelligence is created."
— Tammy Harper ([60:44]) - On the end of the open Internet:
"The dream of the universal Internet is dead. We no longer have that idea that we would have a global network of communication that is open and free to everyone and where there was a source of truth."
— Jim Love ([63:07])
Important Timestamps
| Segment | Time | |-------------------------------------------|-----------| | Welcome & Guest Introduction | 00:01–01:56 | | Underground Economy & Decentralization | 01:56–15:30 | | Trust, Reputation & Escrow Challenges | 15:30–23:31 | | Extortion-as-a-Service | 23:31–31:20 | | Affiliates & Recruitment | 31:20–40:01 | | Artificial Intelligence Threats | 40:11–49:14 | | Quantum Computing & Encryption | 49:14–57:57 | | Digital Sovereignty & Fragmentation | 58:20–65:46 | | Summary & Reflections | 65:46–End |
Closing Reflection
This episode offers a comprehensive forecast for cybercrime’s evolution: the ongoing breakdown of older systems of trust and hierarchy will yield to new—often decentralized, AI-powered—criminal ecosystems. Law enforcement, businesses, and ordinary citizens must adapt quickly, stay informed about both technical and social dynamics, and push for stronger, more transparent, and more sovereign approaches to security.
"We're entering not just a new world in terms of AI, but a new world in terms of cybercrime, both enabled by technology and the fact that it is being broken down in ways that... it will rebuild."
— Jim Love ([66:27])
For further reading:
- NIST Quantum-Resistant Algorithm Papers
- Documentary: Cyberbunker (referenced by Tammy)
Feedback or thoughts?
Reach out via the Contact Us tab at technewsday.ca or technewsday.com
Summary formatted and prepared for readers seeking an in-depth yet accessible guide to this episode’s key ideas, discussion, and actionable insights.
