DOGEgeddon: The cyber crisis hiding in plain sight.

Dave Bittner

You're listening to the Cyberwire network, powered by N2K.

Dave Buettner

Hey everybody, Dave here. Have you ever wondered where your personal information is lurking online? Like many of you, I was concerned about my data being sold by data brokers, so I decided to try DeleteMe. I have to say, DeleteMe is a game changer. Within days of signing up, they started removing my personal information from hundreds of data brokers. I finally have peace of mind knowing my data privacy is protected. Deleteme's team does all the work for you with detailed reports so you know exactly what's been done. Take control of your data and keep your private life private by signing up for Deleteme now at a special discount for our listeners today, get 20% off your delete me plan when you go to JoinDeleteMe.com N2K and use promo code N2K at checkout. The only way to get 20% off is to go to JoinDeleteMe.comN2K and enter code N2K at checkout. That's JoinDeleteMe.com N2k code N2K is DOGE a cyber attack Against America the White House plans to nominate a new National Cyber Director. We got some patch Tuesday Updates Avanti discloses a critical stack based buffer overflow vulnerability. The GAO identifies cybersecurity gaps in the US Coast Guard's efforts to secure the maritime transportation system. Arizona woman pleads guilty to running a laptop farm for North Korea. A notorious swatter gets a prison sentence. Our guests are Gianna Witfer and Maria Velasquez, co hosts of the Breaking through in Cybersecurity Marketing podcast and plagued themed phishing tests. Take it Too far it's Wednesday, February 12, 2024. I'm Dave Buettner and this is your Cyberwire Intel Briefing. Thanks for joining us here today. It's great to have you with us. In an editorial for Foreign Policy, Bruce Schneier and Davi Ottenheimer make the case that Elon Musk's Doge team represents a serious cyberattack against America. The editorial highlights what may be the most alarming national security crisis in modern US History. Not due to foreign cyber attacks, but because of unchecked internal access granted under dubious authority. The newly created Department of Government Efficiency, led by individuals with unclear credentials, has infiltrated critical government systems, including the Treasury Department, opm, and even classified intelligence networks. These intrusions have exposed vast amounts of sensitive data and fundamentally weakened national cybersecurity defenses. What sets this apart from previous breaches is not just the scale, but the method. Unlike adversaries who spend years infiltrating systems in secrecy, DOGE personnel have been granted high level access in plain sight, stripping away essential security safeguards. Career officials responsible for protecting these systems have been sidelined and critical protections like auditing and incident response have been dismantled. The editorial argues that this is more than just reckless mismanagement. It's a systematic gutting of national security protocols. The Treasury's financial infrastructure, the identities of intelligence personnel and even AI trained on sensitive data are now potentially compromised. Worse, unauthorized modifications to core systems could leave lasting vulnerabilities, paving the way for future exploitation by foreign adversaries. A federal judge has intervened, but that alone won't undo the damage. The piece calls for immediate action, revoking unauthorized access, restoring security protocols and conducting rigorous audits. Without these steps, the editorial warns, the US Government risks long term structural damage to its most essential systems, damage that may already be irreversible. President Donald Trump plans to nominate Sean Keirncross as the next National Cyber Director, despite his lack of cybersecurity leadership experience. Cairncross, a longtime GOP insider, previously served as the CEO of the Millennium Challenge Corporation and held senior roles within the Republican National Committee. If confirmed, he would lead the White House's Office of the National Cyber Director, which was created in 2021 to oversee U.S. cyber strategy. The Biden administration's approach to ONCD was marked by leadership turnover and concerns about competing power centers. Observers worry the Trump administration may downsize the office even as the US faces growing cyber threats from China linked hacking campaigns. Cairn Cross would replace Harry Coker, who recently left for Maryland's Commerce Secretary role. Yesterday was Patch Tuesday. Microsoft has released security updates for four new zero day vulnerabilities, including two actively exploited flaws. The February Patch Tuesday Update covers over 50 CVEs, including 22 remote code execution bugs and 19 privilege escalation vulnerabilities. Among the most concerning is one which allows attackers to delete critical system files and escalate privileges, potentially crippling servers. Another affects Windows networking and grants system level access, enabling attackers to manipulate security settings and execute malicious code. Intel issued 34 security advisories, including a critical privilege escalation flaw in server board BMC firmware. AMD addressed multiple high severity vulnerabilities in processors, graphics drivers and its system management mode, while Nvidia patched security flaws in its GPU software and container toolkit. Siemens and Schneider Electric also released updates for industrial control system vulnerabilities, with major cyber threats ongoing. All These updates emphasize the need for organizations to promptly patch critical systems to prevent exploitation. Avanti has disclosed a critical stack based buffer overflow vulnerability in its Connect secure product. Rated 9.9 on the CVSS scale, the flaw allows remote authenticated attackers to execute arbitrary code. Ivanti urges users to update immediately or implement interim measures like network segmentation and log monitoring. While no active exploitation is reported, past Ivanti vulnerabilities have been targeted by APT groups, emphasizing the need for prompt patching. The Government Accountability Office has identified cybersecurity gaps in the US Coast Guard's efforts to secure the maritime transportation system, and they've issued five recommendations. The Coast Guard must improve incident data accuracy, enhance cyber deficiency tracking, align its strategy with national goals, and address competency gaps in cybersecurity personnel. Gao's findings, based on reports, inspections and stakeholder interviews from 2019 through mid-2024, highlight threats from state sponsored actors like China, Iran, North Korea, and Russia, as well as cybercriminals. Past attacks have disrupted port operations and future incidents could have severe consequences. The Coast Guard assists MTS operators with cybersecurity guidance, inspections and technical support, but lacks a complete cybersecurity incident tracking system. GAO also found gaps in its cyber strategy and workforce competencies. The Department of Homeland Security concurred with gao's recommendations, emphasizing the need for urgent improvements to prevent cyber attacks on critical maritime infrastructure. Christina Marie Chapman, age 48, of Arizona, pleaded guilty to running a laptop farm that helped North Korean IT workers fraudulently gain employment at over 300 US companies from 2020 to 2023. She helped North Koreans steal identities of over 70Americans, making it appear they were US based while working remotely from China, Russia and other countries. The scheme generated over $17 million, most of which was sent to North Korea's government. Chapman laundered the funds by processing paychecks and transmitting false documents to U.S. agencies. The workers she assisted had ties to North Korea's weapons programs and attempted to gain employment at U.S. government agencies. Chapman faces seven to nine years in prison, with sentencing set for June 16. Her case is part of a broader FBI crackdown on North Korean IT fraud, which has led to extortion attempts and security breaches at US companies. Alan Fillion, aged 18, of Lancaster, California, was sentenced to 48 months in prison for making interstate threats, including over 375 swatting calls from 2022 through 24. His false threats targeted religious institutions, schools, government officials and individuals often claiming to have planted bombs or planned mass shootings. His actions led to armed law enforcement responses detentions and resource diversion. Fillion admitted to running a swatting for profit operation advertising his services online. He was arrested in January 2024 for a May 2023 threat to a Florida religious institution where he falsely claimed to possess weapons and planned a mass shooting. He also pleaded guilty to threats against a high school, a historically black college and a federal law enforcement officer. The FBI and U.S. secret Service investigated the case, with multiple law enfor agencies assisting. Coming up after the break, my conversation with Gianna Witfer and Maria Velasquez, co hosts of the Breaking through in Cyber Security Marketing podcast and plagued theme Phishing Tests Take it Too far. Stay with us.

Gianna Witfer

Foreign.

Dave Buettner

Cyber threats are evolving every second, and staying ahead is more than just a challenge, it's a necessity. That's why we're thrilled to partner with Threat Locker, the cybersecurity solution trusted by businesses worldwide. ThreatLocker is a full suite of solutions designed to give you total control stopping unauthorized applications, securing sensitive data, and ensuring your organization runs smoothly and securely. Visit threatlocker.com today to see how a default deny approach can keep your company safe and compliant. Do you know the status of your compliance controls right now? Like right now, we know that real time visibility is critical for security, but when it comes to our GRC programs, we rely on point in time checks. But get this, more than 8,000 companies like Atlassian and Quora have continuous visibility into their controls with Vanta. Here's the gist. Vanta brings automation to evidence collection across 30 frameworks like SoC2 and ISO 27001. They also centralize key workflows like policies, access reviews and reporting, and helps you get security questionnaires done five times faster with AI. Now that's a new way to GRC. Get $1,000 off Vanta when you go to vanta.com cyber that's vanta.com cyber for $1,000 off.

Gianna Witfer

Foreign.

Dave Buettner

Maria Velasquez are co hosts of the Breaking through in Cybersecurity Marketing podcast, which you can find right here on the N2K CyberWire network and wherever you get your favorite podcasts. I sat down with them to review what they've learned so far and what their plans are for the coming year. And it is my pleasure to welcome back to the show Gianna Witfer and Maria Velasquez. They are co hosts of the Breaking through in Cybersecurity Marketing podcast. Ladies, welcome back to the show we're.

Dave Bittner

So excited to be back on.

Gianna Witfer

Thank you so much.

Dave Buettner

Well, I am excited to have you back and we are only a few weeks into 2025 here and I wanted to check in with the two of you to talk about some of the plans you have for the year for the podcast and beyond. Maria, why don't I start with you? What do you have on your radar?

Gianna Witfer

Well, we have a theme this year that we settled on. Gianna and I met early this January to talk about the dreams, our vision, and of course to put it all into an actionable plan. And our theme this year is to scale and automate. So we're looking very closely our day to day work. How do we find efficiencies in working together? We're growing as a company, we have a few new team members this year, including myself, so we're trying to find some synergies and ways to work together efficiently and then finding ways to automate and AI was a big theme of it and how do we utilize AI in our day to day to help grow the business. And then of course, our members are always going to come first. So that was another big theme is how do we grow the community and make sure we're. Every day we wake up to give back to our members to help them become better cybersecurity marketers, but also in their career and personal lives if we can as well.

Dave Buettner

Jana, what are your goals?

Dave Bittner

I echo what Maria said because we came up with these goals together and I think that a big focus this year will be on rewarding our community members for being wonderful community members as well. We want, like Maria said, every day we wake up and we think about our members. It's actually our guiding north stars. How can we be the most relevant, helpful, friendly and welcoming community that really helps marketers in this very interesting, fast paced, technical industry of cyber security be successful? So this year we're thinking about what can we do to give back to our members? What new programs and offerings can we build that's based on their requests and what else can just what can we do to help the community be better?

Dave Buettner

You know, I had the good fortune of attending the conference that you all recently hosted in Philadelphia. And I have to say that when you talk about a community, that was one of the things that really struck me about the event was that there was really a strong sense of community among the people who were there.

Dave Bittner

Yeah, I think that makes our events different than a lot of others in this space. Whether it's a cybersecurity conference or a marketing conference or any other type of conference, when you come to cyber marketing Con or any, any other event that we hold or even in our digital community, we try to embody this vibe. It is that of community, it's that of welcoming, it's that of openness and that of friendliness and helping each other. There might be people from different companies coming to Cyber Marketing Con. They might compete, but at Cyber Marketing Con and in the cyber security marketing society, we're all marketers helping each other.

Dave Buettner

Go ahead.

Gianna Witfer

I was just going to add, I think the secret to that kind of really strong sense of community is the trust that we were able to earn from the community. Both Gianna and I started this. As marketers, we understand the challenges of marketing teams and what it's like a day in the life as a marketer that works in cybersecurity. And we hold that to heart. And we're really humbled that we have earned that trust and we're able to keep it. And so I think, and I say this jokingly sometimes, I think if we host the next Cyber Marketing Con on the moon, there's going to be a lot of people that'll follow us there.

Dave Buettner

Well, you know, we do have a space podcast, so maybe we could do a team up there. That'd be wonderful. Right? I'm really curious, when it comes to actually marketing the organization, do you feel an extra sense of pressure there that, you know, there's that whole thing about how the cobbler's kids have no shoes, but is there, is there an extra pressure that you have to be perfect with marketing your own organization, or does that sense of community kind of lift you up and carry you along that journey as well?

Gianna Witfer

Oh, boy. I mean, I think we put that pressure on ourselves. Both Gianna and I tend to be super ambitious humans. Lots of crazy ideas every day. We're always thinking of new business ideas. It's that kind of dynamic and culture that we've been able to build. So I think we put that pressure on ourselves. And also I think it's super exciting because a lot of times we had in our previous jobs, we had ideas to, you know, create new campaigns or new strategies. And at times we're not able to. So this is the time to try some crazy ideas that we've had for a while. And if we fail, then we fail. We learn and give back up. And I think the community is a forgiving one. We all come together with our. We call them cyber beers and cyber tears. So we celebrate our wins, but then also come together and able to cry and vent and give each other advice on how we can get back up and do better next time. So, yeah, I think the pressure is from us. We're our biggest critic, if anything.

Dave Buettner

Gianna, you concur?

Dave Bittner

I absolutely can concur there. And I will add, since we were in the seat of the marketer and we're marketing to essentially ourselves, I do think we're kind of good at it too. So I'll say that, I'll say, you know, we do a pretty good job.

Dave Buettner

But, you know, getting again, going back to the conference and witnessing all those folks together, there really was a sense of mentorship. You could tell. You could see, you know, looking at people sitting around a table that these are people who are, some of them are early on in their career and some of them are the more seasoned veterans and you could see those conversations that back and forth happening in real time. And so, you know, hats off to you for creating those opportunities.

Dave Bittner

Thank you. I mean, people are surprised by how many senior level and executive level folks are in the cybersecurity marketing society and attend our events and meetups and conferences. Um, so it's not just entry level folks. It's a mix across all levels of an organization and across every category as well. In marketing, there's product marketers, the CMO is there, there's social media marketers, there's content demand gen digital, just anyone you could think of, even tons of security people who have podcasts. So people are surprised. But that melting pot of different levels in different industries makes our community so interesting and makes it so dynamic. You have someone you could talk to who's at your level, who understands your problems, but there's someone maybe a few years behind you and you're able to reach down and help them climb that ladder or, or solve a problem because you've been there and it's like second nature to you, but it's not to them. And it feels so good to help someone in that way. And I think the members of our community, I don't know, you know, I, I think the vibe that we've put forth and the, the culture that we've created brings helpful people into the society and to our conferences. And that makes it exactly how you described Dave, where folks from all different levels are mixing.

Dave Buettner

The other thing that I think is really key is that it is a balance between critical mass of having enough people there that you feel as though there's something happening here. There's a communal energy, but also small enough that you can see that person across the room and say, hey, that's someone I want to talk to. And there's time to make that connection.

Dave Bittner

Yeah, there's definitely a very small community feel to our conference, even though we've grown to about 500 people at the last one. So still a small conference, but nothing of the likes of RSA conference or mega conferences, south by Southwest, these huge conferences. We still have that small feel because we are still essentially a small conference. What you were saying with, you can look across the room and see someone you know or feel like you could talk to them. That is because of the culture we've built. And it is because a lot of our attendees come from our community, so they know each other from our slack community or from our virtual meetups. They've seen each other. And a lot of the times, there's this, like, spark of realizing, hey, there's that person, that person I now consider a colleague or a friend who's across the room, and I feel like I could go there and talk to them. And it's also something we intentionally do. We do a lot of matchmaking. We do a lot of building interpersonal connections before the conference, during the conference, and after the conference. So we'll try to make people match up before they meet so they could meet professionally and talk about professional topics. You know, find someone who can help them in their career. And at the conference, we do speed networking. We try to our best to make it so that everybody at the show can meet everybody else at the show. And then even if the conference gets a little bigger, it still feels really small.

Gianna Witfer

Yeah, I would second that. One example at the conference is we had the buddy program, so we had stickers on everybody's badge, and everybody had to find the matching sticker. And that was such a cool activity. And we loved seeing how people were so excited to find theirs. And we had also a WhatsApp group that had everyone in it, and that's where people were making plans for dinner and networking and meetings. We try to find the things that we wish we could see in other conferences, and we implement them at ours, and we try them and see what the feedback is from the attendees. And it's been positive one so far?

Dave Buettner

Yeah, absolutely. Well, Gianna Whitfer and Maria Velasquez are co hosts of the Breaking through in Cybersecurity Marketing podcast. You can find that right here on the N2K podcast network and also wherever you get your favorite podcasts. Ladies, thank you so much for taking the time for us today.

Gianna Witfer

Thank you so much for having us.

Dave Bittner

Thank you, Dave.

Dave Buettner

That's Gianna Witfer and Maria Velasquez from the Breaking through in Cybersecurity Marketing podcast. Be sure to subscribe wherever you get your favorite podcasts. Foreign and now a message from our sponsor Zscaler, the leader in cloud security Enterprises have spent billions of dollars on firewalls and VPNs, yet breaches continue to rise by an 18% year over year increase in ransomware attacks and a $75 million record payout in 2024. These traditional security tools expand your attack surface with public facing IPs that are exploited by bad actors more easily than ever with AI tools. It's time to rethink your security Zscaler Zero Trust AI stops attackers by hiding your attack surface, making apps and IPs invisible, eliminating lateral movement connecting users only to specific apps, not the entire network continuously verifying every request based on identity and context, simplifying security management with AI powered automation and detecting threats using AI to analyze over 500 billion daily transactions. Hackers can't attack what they can't see. Protect your organization with Zscaler Zero Trust and AI. Learn more@Zscaler.com Security.

Maria Velasquez

This episode is brought to you by Shopify. Forget the frustration of picking commerce platforms when you switch your business to Shopify, the global commerce platform that supercharges your selling. Wherever you sell with Shopify, you'll harness the same intuitive features, trusted apps, and powerful analytics used by the world's leading brands. Sign up today for your $1 per month trial period at shopify.com tech. All lowercase. That's shopify.com tech and finally, it was.

Dave Buettner

A calm Sunday morning when Alicia Riley received an email about an Ebola outbreak at UC Santa Cruz. As a disease expert, she panicked until she clicked the link and realized she was the outbreak. It was just a phishing test from the university's IT department. Cue her rage. Phishing drills meant to educate employees have become more elaborate and infuriating, according to the Wall Street Journal. Some tests dangle lost puppies, open enrollment links, or even free Eagles tickets, which shockingly worked. One cybersecurity pro once made a NASA employee cry by promising a trip to see the final space shuttle launch. But do these tests actually work? Studies suggest not really. One found they made people more susceptible to fishing. And when tests go too far, like pretending Ebola is on campus, they undermine trust in real alerts. Some workplaces punish clickers harshly. One hospital revokes email access or even fires repeat offenders. There's an argument that having employees worry that their organization is actively trying to deceive them is, in the long run, corrosive. So Lessons Learned Cybersecurity is important, but so is not causing mass hysteria. These are challenging times and a lot of people are feeling anxious about a lot of things. So if your organization is using phishing tests as part of your security awareness training, please be mindful and dial it in. And that's the Cyber Wire. For links to all of today's stories, check out our daily briefing@thecyberwire.com we'd love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapid, rapidly changing world of cybersecurity. If you like our show, please share a rating and review in your favorite podcast app. Please also fill out the survey in the show notes or send an email to cyberwire2k.com N2K's senior producer is Alice Carruth. Our Cyberwire producer is Liz Stokes. We're mixed by Trey Hester with original music and sound design by Elliot Peltzman. Our Executive producer is Jennifer Ivan. Peter Kilpe is our publisher and I'm Dave Bittner. Thanks for listening. We'll see you back here tomorrow.

Maria Velasquez

Hey everyone, grab your favorite bug and put the kettle back on the stove because afternoon cyber tea is coming back this season, I am joined by an all star team of thought leaders and industry experts to dive into the critical trends that are shaping the future of cybersecurity. We will explore how these technologies are revolutionizing the way we work, the way we live, and the way we interact with the world around us. And as always, we will be bringing you thought provoking discussions and fresh perspectives on what is driving the future of cybersecurity and what leaders can do now to protect their teams. Tomorrow, new episodes will be coming to you in February every other Tuesday, so subscribe now wherever you get your favorite podcasts.