Hacking Humans – "Yippee-ki-yay, cybercriminals! [OMITB]"

Podcast: Hacking Humans (Only Malware in the Building Segment)
Host: N2K Networks
Date: December 2, 2025
Main Guests: Selena (host & researcher), Dave, Keith

Episode Overview

This episode puts a spotlight on the evolving tactics of cybercriminals who target the real-world logistics and supply chain ecosystem. The hosts draw parallels between classic holiday heist films and the realities of cyber-enabled cargo theft, revealing how criminals use both old-school and high-tech methods to steal physical goods. The discussion is rich with insights into current techniques, research findings, and practical prevention tips, all served with the show’s signature wit and pop-culture references.

Key Discussion Points & Insights

1. Cybercrime Meets the Physical World

• Opening Skit:
  The crew stages a playful, Die-Hard-inspired skit depicting a cyberattack at a holiday office party, blending themes of unauthorized access, malware, and old-school movie heroics (00:20–03:13).

  • Highlights include jokes about “Hans malware” and crawling through vents to stop a cyberattack.

• Holiday Heist Parallel:
  The hosts use the motif of holiday supply chains (Santa as the supply line) to set up their exploration into real-world impacts of cybercrime—specifically, how digital attacks disrupt the movement of goods.

2. Research Spotlight: Cyber-Enabled Cargo Theft

• Selena details newly published research on cybercriminals targeting logistics, trucking, and supply chains using Remote Monitoring and Management (RMM) tools (05:10–09:18).

  • These are legitimate enterprise tools misused to:
    • Hijack carrier accounts on “load boards”
    • Post fake loads and share malicious links
    • Take over dispatch systems, delete bookings, and redirect cargo

• Key Quote:
  “This is kind of like a new take on an old threat going all the way back. You guys remember Butch Cassidy and the Sundance Kid?”
  — Selena, 06:28

• Discussion of how cybercriminals’ tactics resemble those of traditional organized crime but now include hijacking digital systems to facilitate theft, often partnering with real-world criminal networks.

3. How the Attacks Work – Step by Step

• Attack Scenarios:
  • Fake bids and malicious emails are leveraged to compromise logistics providers (09:18–13:14).
  • “Double brokering” and mule drivers may unwittingly move goods to criminal-controlled warehouses.
  • Criminals may recruit insiders, but sometimes the drivers are duped.
• Scale of Crime:
  • Cargo theft constitutes a $35 billion loss annually in the US (13:14).

4. Evolving Tactics and Motivations

• The Shift from Finance to Goods:

  • Cybercriminals are moving from attacking finance departments to targeting procurement, logistics, and operations—sectors with weaker cyber defenses (13:14–14:59).
  • Physical goods are easier to launder and resell, often through online marketplaces or via mules and reshippers.
  • Some schemes resemble older Russian cybercriminal tactics that leveraged stolen accounts to buy and resell goods.

• West African Links:

  • Observations suggest West African criminal groups may be adapting traditional scams (like BEC and RFQ fraud) to physical goods theft (19:20–21:17).
  • The groups have the infrastructure—technical operators, call centers, and logistics—to run such criminal enterprises.
  • Attribution is difficult but supported by shipping patterns and the similarity of TTPs.

5. Industry Impact and Real-World Cases

• Even perishable items like energy drinks and food are prized cargo, as profit margins are 100% on stolen goods (26:28).
• Most targeted commodities include food, beverages, electronics, and consumer items.
• Criminals manipulate communications so victims may unknowingly speak to the threat actors instead of legitimate dispatchers (24:22).
• Efforts are made to obscure tracks, making recovery and detection difficult.

Notable Quotes

• “Once you eat the dips, they're gone... you eat the evidence.”
  — Selena & Dave, 27:09
• “The Grinch was probably one of the very first diversion of cargo theft right at Christmas.”
  — Keith, 34:24

6. Law Enforcement and Investigation Challenges

• Jurisdiction often crosses state/national borders, requiring FBI (cyber and criminal investigative divisions) and international law enforcement cooperation (27:15).
• Historical context: Cargo theft is not new, but the fusion of cyber and traditional crime requires multi-agency collaboration, sometimes guided by decades-old playbooks.

Prevention Strategies & Mitigation Advice

Technical Controls

• Restrict RMM installation: Use application allow-listing and MFA for remote connections (30:41).
• Monitor for unusual installs: Pay attention to new or unauthorized RMM deployments on company systems.

Operational Security

• Credential Management: Rotate and manage access credentials diligently.
• Callback Verification: Validate load postings and payment changes by independently contacting brokers or vendors using vetted contact information.
• Awareness Training: Frontline and logistics staff must be trained on new scam techniques, phishing indicators, and social engineering.

Tabletop Exercises

• Joint Drills: Encourage exercises between IT/cybersecurity and logistics teams to rehearse potential incidents and improve response (30:41).

Vigilance and Human Factor

• Acknowledge that speed and high volume in logistics can foster mistakes—take time to verify suspicious details, especially if something “feels off.”
  Key Quote:
  “If your spidey sense is tingling, then… figure out a different avenue to verify that.”
  — Selena, 32:52

Economic Consequences

• Losses filter down to consumer prices—cargo theft and supply chain disruptions have broad, real-world implications (35:09).

Closing Takeaway

• Stay mindful: The threat of cyber-enabled cargo theft is growing globally, impacting not just companies but consumers, due to losses and increased costs in the supply chain.
• “Don’t buy black market dips.”
  — Dave, 36:31

Memorable Moments & Quotes

| Timestamp | Speaker | Quote / Moment | |-----------|---------|----------------| | 00:59 | A | “Unauthorized access. Breaching employee login credentials...” (movie parody intro; blending cyber and pop culture) | | 06:28 | Selena | “This is kind of like a new take on an old threat going all the way back. You guys remember Butch Cassidy and the Sundance Kid?” | | 13:14 | Keith | “Generally they've gone after finance departments, but now they're pivoting to supply chain procurement, dispatch operations, really all sectors with weak security.” | | 19:20 | Keith | “It got me wondering whether this is an evolution now of those [West African] schemes because people are getting better at the BEC scams, detecting those, stopping those.” | | 24:22 | Selena | “You might be calling... thinking you're calling the dispatcher, calling the real person, but you're actually talking to a threat actor.” | | 26:28 | Keith | “But think about it, they are making 100% profit though.” (on cargoes like energy drinks) | | 32:52 | Selena | “If your spidey sense is tingling, then… you should... verify that.” | | 35:09 | Selena | “These losses mount up... the expense ends up getting pushed onto consumers.” | | 36:31 | Dave | “Don’t buy black market dips.” |

Timestamps for Key Segments

• Holiday Skit / Movie Parody: 00:20–03:13
• Intro & Supply Chain Framing: 03:25–05:10
• Exploration of Cargo Theft Research: 05:10–09:18
• Attack Walkthroughs & Tactics Discussion: 09:18–14:59
• International and Organized Crime Aspects (West African groups): 19:20–23:47
• Real-World Examples (Communication Takedowns, Goods Targeted): 24:22–27:15
• Law Enforcement Response & History: 27:15–30:41
• Mitigation Strategies: 30:41–34:48
• Closing Reflections & Consumer Impact: 35:09–End

Tone and Style

The hosts maintain an engaging, conversational tone, frequently interjecting humor, pop culture references (Die Hard, The Grinch), and real-world analogies. The episode balances entertaining banter with actionable security advice, making complex threats relatable and emphasizing the relevance of cybersecurity beyond the digital realm.

Summary for Non-Listeners:
This episode is essential for anyone interested in how cybercrime spills into the physical world, especially during the critical holiday logistics season. The team provides a detailed look at how cybercriminals hijack supply chains to steal real goods, the evolution of these schemes from traditional organized crime, and what companies and consumers alike can do to protect themselves. With expert insights, practical tips, and plenty of humor, it's a timely reminder that not every supply chain disruption is an accident—and even your favorite snacks could be at risk from a cyber-savvy Grinch.