The cost of peeking at U.S. traffic. - CyberWire Daily

Summary6 min read

Podcast Summary: CyberWire Daily – "The Cost of Peeking at U.S. Traffic"

Release Date: December 17, 2024
Host/Author: N2K Networks

Overview

In this episode of CyberWire Daily, hosted by Dave Bittner, listeners are presented with a comprehensive analysis of recent cybersecurity developments impacting both national security and private sectors. The episode delves into the U.S. government's retaliatory measures against Chinese cyber threats, significant cyberattacks affecting global organizations, updates from the Cybersecurity and Infrastructure Security Agency (CISA), and expert insights into future cybersecurity trends. Additionally, the episode features an intriguing discussion on how surveillance impacts human cognition.

Key News Highlights

1. U.S. Retaliation Against China for SALT Typhoon Cyber Attack

Dave Bittner begins by addressing the Biden Administration's initial steps to counteract Chinese cyber threats. In response to the SALT Typhoon cyberattack, which compromised U.S. telecommunications and surveillance infrastructures, the administration has banned China Telecom's remaining U.S. operations, citing significant national security risks.

Quote:
"The Biden Administration has taken its first step to retaliate against China for the SALT Typhoon cyber attack by banning China Telecom's remaining U.S. operations, citing national security risks."
(00:42)

Despite the Commerce Department's symbolic move, experts express skepticism about its effectiveness against China's advanced cyber operations. Incoming officials advocate for more offensive cyber strategies to impose greater costs on adversaries.

2. Draft National Cyber Incident Response Plan Released

The CISA has unveiled its draft National Cyber Incident Response Plan (NCIRP), updating the 2016 version to better address current and emerging cyber threats. The plan emphasizes collaboration between federal, state, local governments, and private sectors during significant cyber incidents.

Key Focus Areas:
- Asset Response: Technical assistance to mitigate vulnerabilities.
- Threat Response: Investigations and threat disruptions led by the DOJ and FBI.
- Intelligence Response: Shared threat intelligence managed by the Office of the Director of National Intelligence.
- Affected Entity Response: Ensuring operational continuity with limited federal intervention.
Quote:
"The NCIRP outlines a flexible framework for federal, state and local government coordination with private sector organizations during significant cyber incidents."
(Around 03:00)

Public feedback is solicited until January 15, 2025, allowing stakeholders to contribute to refining the plan.

3. Telecom Namibia Cyberattack

On December 11, Telecom Namibia experienced a severe cyberattack executed by the Ransom Group Hunters International, leading to the exfiltration of 626 gigabytes of sensitive data, including personal identification and banking details of over 400,000 customers.

Response:
The CEO, Stanley Shanapinda, assured efforts to contain the breach and enhance cybersecurity measures. National bodies like the Communications Regulatory Authority of Namibia and NAM CCERT are actively involved in mitigating the attack's repercussions.

4. Meta's $50 Million Settlement Over Cambridge Analytica Scandal

The Australian Information Commissioner has reached a $50 million settlement with Meta Platforms concerning privacy violations related to the Cambridge Analytica scandal.

Settlement Details:
The program offers two compensation tiers: a base payment for general privacy concerns and a higher tier for individuals demonstrating specific losses. An independent administrator will oversee the program, slated to commence in the second quarter of 2025.

5. CISA's 2024 Year in Review

CISA released its 2024 Year in Review, highlighting achievements in advancing cybersecurity, protecting critical infrastructure, and addressing emerging threats. Emphasis was placed on:

Election Security: Safeguarding the integrity of democratic processes.
Cyber Threat Mitigation: Proactive measures to counteract evolving threats.
Global Partnerships: Collaborations to enhance cybersecurity resilience.
Workforce Development: Building a robust cybersecurity talent pipeline.
Emergency Communications: Ensuring reliable communication channels during crises.
Quote:
"CISA underscores its commitment to collaboration, innovation and accountability, positioning itself as a leader in securing critical systems that underpin the nation's economy and daily life."
(Around 07:30)

6. LastPass Hackers Extract Additional $5.36 Million

Hackers associated with the 2022 LastPass breach have stolen an extra $5.36 million from 40 victims, pushing total cryptocurrency losses to $45 million. Utilizing compromised encrypted vault backups, attackers exploited private keys to access and transfer funds to exchanges.

Expert Advice:
Security experts recommend affected users to transfer their assets immediately to prevent further losses.

7. Texas Tech University Ransomware Attack

Texas Tech University is notifying over 1.4 million individuals about a ransomware attack targeting its Health Sciences centers. The Interlock Ransomware Group exfiltrated 2.5 terabytes of personal and sensitive data, including medical records and financial information.

Mitigation Efforts:
The university is offering free credit monitoring to affected parties and has filed breach reports with the U.S. Department of Health and Human Services.

8. Emergence of Dark Gate RAT Attack Vector via Vishing

Research from Trend Micro reveals a new Dark Gate RAT attack vector leveraging vishing through Microsoft Teams calls. The multi-stage attack involves phishing emails leading to fake tech support calls, ultimately resulting in the installation of malicious software that grants attackers remote access.

Mitigation Recommendations:
- Employee Training: Educate staff on social engineering tactics.
- Verification: Confirm third-party support claims.
- Tool Whitelisting: Allow only approved remote tools.
- Multi-Factor Authentication (MFA): Enhance access security.
- Application Blocking: Prevent the installation of unvetted applications.
Quote:
"Participants under watchful eyes detected faces almost a second faster than their unobserved peers, suggesting an involuntary boost to our built-in threat detection systems."
(Around 24:39)

9. Legal Action Against Cybercriminal Vitaly Antonenko

The U.S. Department of Justice has sentenced Vitaly Antonenko, age 32, to 69 months in prison for hacking, credit card theft, and money laundering. Antonenko was apprehended at JFK Airport in 2019 carrying hundreds of thousands of stolen payment card numbers, which were sold on cybercrime marketplaces.

Expert Insight: Threat Vector with Nir Zuk of Palo Alto Networks

In the Threat Vector segment, hosted by David Moulton, Nir Zuk, Founder and CTO of Palo Alto Networks, shares his predictions for 2025 in the cybersecurity landscape.

1. Unified Data Security Platforms

Zuk envisions a shift towards unified data security platforms that integrate co-development, cloud monitoring, and System on Chips (SoCs) for AI-driven threat analysis. This consolidation aims to enhance visibility, streamline operations, and reduce detection and response times, thereby improving defenses against advanced threats.

Quote:
"It's very clear that it needs to happen... What we're observing is that there is a superset of that data that is of course shared across all of them."
(16:15)

2. AI-Driven Innovations from Massive Data Sets

Organizations possessing vast data sets will spearhead AI-driven innovations, leveraging extensive data volumes for continuous improvement. Collaborative partnerships between established firms and agile startups are expected to drive significant breakthroughs in cybersecurity technologies.

3. Quantum Attacks and Preparedness

While quantum attacks are not imminent, Zuk warns of harvest-now decrypt-later tactics by nation-states targeting sensitive data. He advises organizations to adopt quantum-resistant technologies and prepare with new cryptographic standards to safeguard systems as quantum computing capabilities advance.

Quote:
"Organizations should act now by adopting quantum resistant technologies and preparing with new cryptology standards to safeguard their systems as quantum capabilities evolve."
(16:46)

Zuk emphasizes the necessity of centralizing data to bolster cybersecurity measures, addressing common concerns such as vendor lock-in by drawing parallels to existing data-driven solutions like CRM and ERP systems.

Additional Insights: Impact of Surveillance on Human Cognition

Towards the episode's conclusion, a study from the University of Technology Sydney published in Neuroscience of Consciousness explores how surveillance influences human brain functions. The research indicates that being monitored by CCTV cameras enhances individuals' ability to detect faces, akin to an involuntary boost in threat detection mechanisms.

Key Findings:
- Participants under surveillance detected faces almost a second faster than those who were not.
- This heightened ability mirrors patterns observed in social anxiety and psychosis, raising concerns about the mental health implications of pervasive surveillance.
Quote:
"This hypersensitivity mimics patterns seen in social anxiety and psychosis, raising questions about the mental health impact of our surveillance-heavy society."
(Around 24:39)

Conclusion

This episode of CyberWire Daily provides a thorough examination of the multifaceted cybersecurity challenges facing the United States and global organizations. From governmental responses to sophisticated cyberattacks and forward-looking expert predictions, listeners gain valuable insights into the evolving threat landscape and strategies for enhanced cyber resilience. Additionally, the exploration of surveillance's psychological effects adds a unique dimension to the discourse on security and privacy in the digital age.

For more detailed information on today’s stories, visit daily briefing@thecyberwire.com. To stay updated, subscribe to CyberWire Daily and follow the latest episodes on your preferred podcast platform.

Loading summary

Transcript16 lines

[00:02]
Dave Bittner
You're listening to the Cyberwire Network. Powered by n2k.
[00:10]
Dutch Bros Ad Voice
This episode is brought to you by Dutch Bros. Big smiles, rocking tunes and epic drinks. Dutch Bros. Is all about you. Choose from a variety of customizable handcrafted beverages like our Rebel Energy drinks, coffees, teas and more. Download the Dutch Bros app for a free medium drink plus find your nearest shop, order ahead and start earning rewards Offer valid for new app users only. Free medium drink Reward upon registration. 14 day expiration terms apply. See Dutchbros.com.
[00:43]
Dave Bittner
Do you know the status of your compliance controls right now? Like right now, we know that real time visibility is critical for security, but when it comes to our GRC programs, we rely on point in time checks. But get this, more than 8,000 companies like Atlassian and Quora have continuous visibility into their controls with Vanta. Here's the gist. Vanta brings automation to evidence collection across 30 frameworks like SoC2 and ISO 27001. They also centralize key workflows like policies, access reviews and reporting, and helps you get security questionnaires done five times faster with AI. Now that's a new way to GRC. Get $1,000 off Vanta when you go to vanta.com cyber that's vanta.com cyber for $1,000 off the Biden Administration takes step to retaliate against China for the SALT typhoon cyber attack the Feds release a draft National Cyber Incident Response Plan Telecom Namibia suffers a cyber attack the Australian Information Commissioner has reached a $50 million settlement with Meta over the Cambridge Analytica scandal. CISA releases its 2024 Year in Review LastPass hackers nab an additional $5 million Texas Tech University notifies over 1.4 million individuals of a ransomware attack Researchers discover a new Dark Gate RAT attack vector using Vishing a fraudster gets 69 months in prison on our Threat Vector segment. David Moulton speaks with Nir Zook, Founder and CTO of Palo Alto Networks. With predictions for 2025 and surveillance tweaks our brains in unexpected ways. It's Tuesday, December 17th, 2024. I'm Dave Buettner and this Cyberwire Intel Briefing. Thanks for joining us here today. It is great to have you with us. The Biden Administration has taken its first step to retaliate against China for the SALT Typhoon cyber attack by banning China Telecom's remaining U.S. operations, citing national security risks. This follows a broader Chinese hack that infiltrated US Telecommunications networks, compromising sensitive data and exposing US Surveillance targets. While largely symbolic, the Commerce Department's move addresses China Telecom's ability to peer in on traffic, an issue left unresolved since the FCC revoked its phone licenses in 2021. However, officials admit the action may not deter China's advanced cyber operations, such as Volt Typhoon, which planted malicious code in critical infrastructure. Incoming Trump officials, including Mike Waltz, advocate for offensive cyber responses to impose higher costs on China and prevent further escalation. Meanwhile, China's penetration remains unresolved, with hackers gaining access to wiretap targets and potentially voice calls. The Biden administration created a task force to tackle the breach, meeting daily with telecom executives, but its delayed public response reflects concerns over embarrassment and exposing ongoing investigations. Biden reportedly addressed the issue with President Xi Jinping in November, though specifics remain unclear. The US Government has released a draft National Cyber Incident Response plan, updating the 2016 version to address evolving cyber threats, policies and capabilities. CISA is soliciting public feedback until January 15th of 2025. The NCIRP outlines a flexible framework for federal, state and local government coordination with private sector organizations during significant cyber incidents categorized as level 2 or higher in severity. It focuses on four key areas of asset response led by cisa, providing technical assistance to mitigate vulnerabilities and reduce cascading effects Threat response managed by the DOJ and FBI, focusing on investigations, evidence collection and threat disruption Intelligence response led by the Office of the Director of National Intelligence to build awareness and share threat intelligence and affected entity response, ensuring operational continuity with the federal government playing a limited role for private entities. CISA emphasizes the plan is not a step by step guide, but a flexible structure for collaboration. Additional planning documents and regular updates will be developed to address emerging needs. Telecom Namibia suffered a cyber attack on December 11th of this year, resulting in the leak of over 400,000 customer files. The Ransom Group Hunters International exfiltrated 626 gigabytes of data, including personal identification addresses and banking details, later leaking the information when ransom demands went unmet. Telecom Namibia's CEO Stanley Shanapinda assured the public of efforts to contain the breach and strengthen cybersecurity. The Communications Regulatory Authority of Namibia and NAM CCERT are assisting in mitigating the attack's impact. The Australian Information Commissioner has reached a $50 million settlement with Meta Platforms over privacy breaches related to the Cambridge Analytica scandal. The settlement follows court ordered mediation stemming from civil penalty proceedings that began in 2020. The scheme will offer two tiers of compensation, a base payment for general concerns and a higher tier for individuals who prove specific loss or damage. An independent third party administrator will oversee the program, expected to begin in the second quarter of 2025. CISA has issued a warning about an actively exploited Windows kernel mode driver vulnerability that enables privilege escalation to system level. Initially disclosed by Microsoft in June 2024 with a CVSS score of 7.8, the flaw requires low privileges and no user interaction, making it highly exploitable. CISA has mandated remediation for Federal Agencies by January 6, 2025. Organizations are urged to apply Microsoft's June patch or use mitigations like system isolation, firewalls, endpoint detection tools and enforcing least privilege to reduce risk. Additionally, CISA released its 2024 year in review, highlighting key accomplishments in advancing cybersecurity, protecting critical infrastructure and addressing emerging threats. Throughout the year, CISA focused on building resilience through partnerships, innovation and proactive measures. Areas of specific interest include election security, cyber threat mitigation, global partnerships, workforce development and emergency communications. CISA underscored its commitment to collaboration, innovation and accountability, positioning itself as a leader in securing critical systems that underpin the nation's economy and daily life. The 2024 report reflects CISA's ongoing mission to safeguard the United States against evolving cyber and infrastructure threats. Hackers linked to the 2022 LastPass breach have stolen an additional $5.36 million from 40 victims, pushing total crypto losses to $45 million. The attackers accessed users encrypted vault backups exploiting private keys and seed phrases stored before 2023. Blockchain sleuth Zach XBT traced the stolen funds, swapped for ether and sent to exchanges. Security experts urge affected users to transfer assets immediately. The theft comes amid a spike in scams during the holiday season, dubbed hacker season, with warnings to avoid free WI fi, sharing, two FA codes and festive scams. Non crypto funds have also been targeted, with $250 million stolen in May. Cybersecurity advocates stress vigilance as hackers aim to exploit the seasonal uptick in online activity and spending. Texas Tech University is notifying over 1.4 million individuals of a ransomware attack that targeted its Health Sciences center and Health Sciences Center, El Paso. The attackers accessed the network from September 17th to 29th, exfiltrating personal and sensitive data including names, Social Security numbers, driver's license details, health insurance, medical records and financial account information. The Interlock Ransomware group claimed responsibility, alleging theft of 2.5 terabytes of data, including medical research and SQL databases. Texas Tech also reported prior threats. In July, the Meow Ransomware Group offered SQL databases and website vulnerabilities for sale. The university has filed breach reports with the U.S. department of Health and Human Services and is offering free credit monitoring to affected individuals. Researchers at Trend Micro discovered a new Dark Gate RAT attack vector using vishing via Microsoft Teams calls to gain remote access to a victim's device. Initially, the attacker attempted to install Microsoft Remote support, but when that failed, they manipulated the victim into downloading any desk. Once connected, the attacker loaded suspicious files including Dark Gate, which enabled remote control, executed commands and established a connection to a C2 server. The multi stage attack began with phishing emails followed by a fake teams call posing as external tech support. Darkgate, a sophisticated malware active since 2017, allows remote access, key logging, cryptocurrency mining and system data theft. To mitigate such attacks, organizations should train employees on social engineering tactics, verify third party support claims, whitelist approved remote tools, enable MFA and block unvetted applications. The U.S. justice Department sentenced Vitaly Antonenko, age 32 to 69 months in prison for hacking, credit card theft and money laundering. Arrested in 2019 at JFK airport returning from Ukraine, Antonenko was found with hundreds of thousands of stolen payment card numbers. He belonged to a cybercrime group that exploited SQL injection vulnerabilities to steal data from organizations like a hospitality business and a research institution. The stolen data was sold on cybercrime marketplaces and proceeds were laundered through cryptocurrency and cash transactions. Coming up after the break on our Threat Vector segment, David Moulton speaks with Nir Zuk, Founder and CTO of Palo Alto Networks, about predictions for 2025 and surveillance tweaks our brains in unexpected ways. Stay with us.
[13:35]
KnowBe4 Ad Voice
And now a word from our sponsor. Know before it's all connected and we're not talking conspiracy theories when it comes to infosec tools, effective integrations can make or break your security stack. The same should be true for security awareness training. KnowBeFor, provider of the world's largest library of security awareness training, provides a way to integrate your existing security stack tools to help you strengthen your organization's security culture. KnowBeFor's security coach uses standard APIs to quickly and easily integrate with your existing security products from vendors like Microsoft, CrowdStrike and Cisco. 35 vendor integrations and Counting Security Coach analyzes your security Stack alerts to identify events related to any risky security behavior from your users. Use this information to set up real time coaching campaigns targeting risky users based on those events from your network, endpoint identity or web security vendors. Then coach your users. At the moment, the risky behavior occurs with contextual security tips delivered via Microsoft Teams, Slack or email. Learn more@knowbefor.com SecurityCoach that's knowbe4.com SecurityCoach and we thank knowbe4 for sponsoring our show. The IT world used to be simpler. You only had to secure and manage environments that you controlled. Then came new technologies and new ways to work. Now employees, apps and networks are everywhere.
[15:23]
Dave Bittner
This means poor visibility, security gaps and added risk.
[15:27]
KnowBe4 Ad Voice
That's why Cloudflare created the first ever connectivity cloud. Visit cloudflare.com to protect your business everywhere you do business.
[15:47]
Dave Bittner
Next up, we've got our bi weekly Threat Vector segment giving you a preview of this week's podcast episode. David Moulton speaks with Palo Alto Network's founder and CTO Nir Zuk about Palo Alto Network's predictions for 2025. Here's their conversation.
[16:04]
David Moulton
Here's a quick preview of this week's Threat Vector. Tune in to the full show on Thursday and don't forget to subscribe so you never miss a single episode. Let's get into it.
[16:16]
Nir Zuk
Personally, I think that quantum computing is one of Silicon Valley's biggest hoax. It's going to turn out to be a really, really expensive hoax where any physicists that is not working on quantum computing believes that it's not going to happen and only those that work on quantum computing and will benefit from quantum computing think it's going to happen.
[16:47]
David Moulton
Welcome to Threat Vector, the Palo Alto Networks podcast where we discuss pressing cybersecurity threats and resilience and uncover insights into the latest industry trends. David, I'm your host David Moulton, Director of thought leadership for unit 42. Today I'm speaking with Nir Zook, Founder and Chief Technology Officer at Palo Alto Networks. Nir's journey began at the age of 16 when he developed some of the earliest computer viruses on his Dragon 64 computer. His passion for technology and innovation is evident. After serving in the military, he worked at Checkpoint Netscreen Technologies and then in 2005 near founded Palo Alto Networks with a vision to revolutionize network security. Today we're going to talk about Palo Alto Network's 2025 predictions. These seven predictions cover a wide range of topics and you can read them all on our website. For today, NIR and I are focusing on three first, in 2025, organizations will shift toward unified data security platforms that integrate co development, cloud monitoring and SoCs for seamless AI driven threat analysis. The consolidation will enhance visibility, streamline operations and dramatically reduce detection and response times. Positioning organizations to better combat advanced threats. Second, establish organizations with massive data sets will lead AI driven innovations their data volume for continuous improvement. Partnerships between incumbents and agile newcomers will drive collaborative breakthroughs. Finally, we'll talk about quantum attacks. While they're not imminent, harvestnow decrypt later tactics by nation states will target sensitive data. Organizations should act now by adopting quantum resistant technologies and preparing with new cryptology standards to safeguard their systems as quantum capabilities evolve. Here's our conversation. Our first was a prediction about how the landscape will transform and the adoption of a unified data security platform that integrates co development, cloud environments and SoCs. So how do you think that the unified data platform will revolutionize Cyber Infrastructure in 2025?
[19:04]
Dave Bittner
Sure.
[19:05]
Nir Zuk
So it's very clear that it needs to happen. And the reason it needs to happen is because cybersecurity is becoming more and more data based. Meaning more and more cybersecurity functions need a lot of data in order to do what they do versus the past where we were just running signatures or some basic rules on whatever it was, traffic files and so on. And now that more and more cybersecurity functions need a lot of data. What we're observing is that there is a superset of that data that is of course shared across all of them. Meaning if you look at what the soc, the Security Operations center, needs in terms of data to perform its tasks of detecting and responding to attacks very quickly, that data contains pretty much everything that all the other cybersecurity functions need. When I say other functions, I mean things like IoT and OT, security detection based on DNS, cloud security, and quite a few other functions. And then the question is, are we going to see 10 different data lakes, each containing tons of data, or are we going to see one data lake containing all the data? And I just don't see a good reason for the former, not a single good reason and only good reasons why everything will be in the same data lake. It's of course cheaper. It is much more environmental friendly because you store once, you process once. So you need less resources and more importantly, it works better probably if you have all the data in one place. Our very smart engineers and data scientists will be able to use some extra data that's in the data lake to make IoT security better in ways that we didn't think about before. Okay, so bringing all the data in one place just makes a whole lot of sense. Running many different cybersecurity functions of that data lake makes a lot of sense. And that was our first prediction in 2025 we're going to see it start happening.
[21:27]
David Moulton
Can you talk about some of the potential risks and benefits of centralizing cybersecurity into a single platform?
[21:36]
Nir Zuk
So I often hear about concerns from customers when we talk about those things, and the main concern that they have is vendor lock in. And my answer to that is, you know, sorry, that's the way the world is. Meaning you have one CRM solution in your organization. So if you picked salesforce.com, you're kind of locked in with salesforce.com and switching from salesforce.com to another vendor as your main repository for all the data is going to be very difficult. And the same is true for your ERP and other data driven solutions that you have. So there is going to be some vendor lock in. Of course, we need to look at vendors that have partners that use the same data lane for different functions, and we need to make sure that that vendor lock in can be mitigated. So that's probably the biggest risk that I'm hearing about from customers. From their perspective, I think that many other risks are not as relevant. For example, customers say, hey, if I put everything in one place, what if you get hacked? And my answer is, number one, it's much easier to guard one data lake than 10 data lakes. And number two, there's a smaller chance of one data lake getting hacked versus 10 data lakes. So if you spread your data with replication across 10 different data lakes, you are at a higher risk. There is the risk of what if I work with one vendor and that vendor misses an attack that another vendor would have found? The answer to that is usually it's not about the vendor, it's about the data. Meaning machine learning and other types of AI differ from each other not by how good your algorithms are, because these algorithms are all known. They differ a little bit by how good your data models are, but that's only 10% of the picture. 90% of the difference between different AI based solutions is the actual data and it's really the quantity of the data. So this idea that if I work with one vendor versus if I work with five, I might miss something is actually. It's actually the opposite is if you work with one vendor and you put all the data in one place and you work off five times the amount of data, you have a much better chance of detecting things versus separating into different data lakes.
[24:13]
David Moulton
Thanks for listening to this segment of the Threat Vector podcast. If you want to hear the whole conversation, you can find the show in your podcast player. Just search for Threat Vector by Palo Alto Networks each week I interview leaders from across our industry and from Palo Alto Networks to get their insights on cybersecurity, the threat landscape, and the constant changes we face. See you there.
[24:40]
Dave Bittner
Don't forget, you can catch new episodes of Threat Vector every Thursday on our website and on your favorite podcast app, you can find a link in our show Notes. And finally, a new study shows that being watched even by lifeless CCTV cameras turns us into hyper vigilant gaze detectors, as if we're all starring in our own episode of Big Brother. Conducted by researchers at the University of Technology Sydney and published in Neuroscience of Consciousness, the study found that surveillance tweaks our brains in unexpected ways. Participants under watchful eyes detected faces almost a second faster than their unobserved peers, suggesting an involuntary boost to our built in threat detection systems. Lead researcher Associate Professor Kylie Seymour explains, this heightened face spotting ability evolved for survival, but surveillance may crank it up without us realizing. While participants shrugged off concerns about being monitored, their brains had other plans. This hypersensitivity mimics patterns seen in social anxiety and psychosis, raising questions about the mental health impact of our surveillance heavy society. So the next time you catch yourself scanning for faces on a crowded street, blame Big Brother, not paranoia. And that's the Cyber Wire. For links to all of today's stories, check out our daily briefing@thecyberwire.com we'd love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like our show, please share a rating and review in your favorite podcast app. Please also fill out the survey in the show notes or send an email to cyberwire2k.com we're privileged that N2K Cyberwire is part of the daily routine of the most influential leaders and operators in the public and private sector, from the Fortune 500 to many of the world's preeminent intelligence and law enforcement agencies. This episode was produced by Liz Stokes. Our mixer is Trey Hester with original music and sound design by Elliot Peltzman. Our executive producer is Jennifer Ibin. Our executive editor is Brandon Park. Simone Patrick Trella is our president, Peter Kilpe is our publisher and I, Dave Bittner. Thanks for listening. We'll see you back here tomorrow.