Srsly Risky Biz: North Korean IT workers head to Europe - Risky Bulletin

Summary5 min read

Podcast Summary: Risky Bulletin – "Srsly Risky Biz: North Korean IT Workers Head to Europe"

Episode Details:

Title: Srsly Risky Biz: North Korean IT Workers Head to Europe
Host: Patrick Gray
Guest: Tom Uren, Policy and Intelligence Editor at Risky Biz
Release Date: April 3, 2025

Introduction

In this episode of Risky Bulletin, host Patrick Gray engages in a deep dive discussion with Tom Uren about the evolving landscape of North Korean cyber operations, the implications of exposed sensitive conversations (referred to as "signalgate"), and the ongoing cyber confrontations between Russia and Ukraine. The conversation offers critical insights into the strategies employed by malicious actors and the broader impact on international cybersecurity dynamics.

North Korean IT Workers Pivot to Europe

Overview of the Situation

Patrick Gray opens the discussion by addressing the apparent shift of North Korean IT workers from the United States to Europe. These operatives have been infiltrating American companies, siphoning wages back to the North Korean regime, and engaging in extortion or financial crimes, particularly targeting cryptocurrency exchanges.

"They take their wages, they send them back to the North Korean government. Sometimes they'll extort the business. Or, you know, if they happen to get a job at a cryptocurrency exchange, they'll rip off the exchange, that sort of thing."
— Tom Uren [00:54]

Evolving Tactics

Tom Uren elaborates on the sophisticated methods North Korean workers are adopting, including leveraging supply chain vulnerabilities and exhibiting extreme work patterns to maximize their infiltration potential.

"They often work in shifts... they'll work for four or five days, non-stop, like 24 hours a day."
— Tom Uren [03:35]

Uren highlights that these operatives may initially appear as top-performing employees due to their relentless work ethic, potentially masking their true intentions. This approach not only facilitates immediate financial gain through extortion but also opens avenues for broader cyber-espionage activities.

Implications and Future Outlook

Patrick Gray points out the strategic advantage law enforcement has gained in the U.S. by identifying and shutting down proxy operations, such as laptop farms that house multiple North Korean workers. This has likely contributed to the group's pivot to Europe.

"Once law enforcement has a template for pursuing these things... it wouldn't surprise me if the pivot to Europe is at least in part a response to that."
— Patrick Gray [06:12]

Uren concurs, noting that while North Korean cyber operations are facing increased scrutiny in the U.S., Europe presents new opportunities. However, he cautions that these tactics are likely to continue evolving, maintaining a cat-and-mouse dynamic with cybersecurity defenses.

"They are reacting to what's happening, but they're also learning how to maximize their opportunities."
— Tom Uren [04:20]

Signalgate and Exposure of Conversations to Foreign Adversaries

Overview of Signalgate

The conversation shifts to "signalgate," a term referencing the exposure of sensitive group conversations to foreign adversaries. Patrick Gray expresses concern over reports that critical national security discussions may have been compromised.

"These group conversations were almost certainly exposed to foreign adversaries. This is something I've heard from people around the sort of intelligence community as well."
— Patrick Gray [13:32]

Impact on US and European Relations

Tom Uren discusses the severity of these breaches, emphasizing that the leaked conversations contain top-tier strategic intelligence that could severely undermine diplomatic and military negotiations.

"Those conversations, even though they're not clearly labeled as classified, I think they actually are top tier strategic intelligence... could influence basically how those negotiations end up and have tremendous import over a long period of time."
— Tom Uren [15:15]

Intelligence Community Perspective

The guests agree that such exposures not only reveal sensitive information but also erode trust between allies. The leaked conversations may lead European counterparts to question the reliability and security of their shared intelligence with the United States.

"That is likely to make Europeans feel particularly bad about sharing some stuff with the United States."
— Patrick Gray [17:34]

Uren adds that the exposure of private strategic discussions could galvanize European nations to become more self-reliant in their intelligence and cybersecurity efforts.

"It damaged US interests by really galvanizing the EU."
— Tom Uren [17:34]

Cyber War Between Russia and Ukraine

Recent Cyber Attacks on Rail Systems

Patrick Gray and Tom Uren examine the tit-for-tat cyber attacks between Russia and Ukraine, focusing on incidents where the Ukrainian state railway system was targeted, disrupting services by taking down online ticketing platforms.

"On Sunday, March 20, Ukraine State Railway system was hit."
— Patrick Gray [19:04]

Efficacy and Limitations of Cyber Operations in the Conflict

The discussion highlights that while these cyber actions cause temporary disruptions and garner media attention, they fail to achieve significant tactical advantages on the battlefield.

"This is just another thing that reinforces that cyber hasn't really played much of a role here."
— Patrick Gray [20:42]

Uren argues that cyber operations must be integrated with broader military strategies to have a meaningful impact.

"If it was stop the trains while at the same time launching an invasion fleet... that would have a real effect."
— Tom Uren [21:34]

Conclusion

The episode provides a comprehensive analysis of the shifting tactics of North Korean cyber operatives, the implications of compromised sensitive communications, and the limited but persistent cyber engagements in the Russia-Ukraine conflict. Patrick Gray and Tom Uren emphasize the importance of adaptive cybersecurity measures and strategic integration of cyber operations to counteract these evolving threats effectively.

"For the real cyber war, we need to wait for Taiwan... we are going to seriously start to question the old cyber Pearl Harbor concept."
— Patrick Gray [21:34]

The discussion underscores that while progress is being made in certain areas, the cyber threat landscape remains dynamic and requires continuous vigilance and innovation in defense strategies.

Notable Quotes:

"They'll work for four or five days, non-stop, like 24 hours a day."
Tom Uren [03:35]
"Once law enforcement has a template for pursuing these things... it wouldn't surprise me if the pivot to Europe is at least in part a response to that."
Patrick Gray [06:12]
"Those conversations... could influence basically how those negotiations end up and have tremendous import over a long period of time."
Tom Uren [15:15]
"If it was stop the trains while at the same time launching an invasion fleet... that would have a real effect."
Tom Uren [21:34]

This episode of Risky Bulletin offers valuable insights into the current state of global cyber threats, emphasizing the need for robust and adaptive cybersecurity strategies to address the multifaceted challenges posed by state and non-state actors alike.

Loading summary

Transcript52 lines

[00:05]
Patrick Gray
Hi, everyone, and welcome to Seriously Risky Business, the podcast we do here at Risky Biz, which covers cyber policy and intelligence. My name's Patrick Gray. We would like to thank the William and Flora Hewlett foundation for supporting this podcast and also Lawfare Media, who syndicate Seriously Risky Business in its written form over on the Lawfare blog. We also have a sponsor to thank this week, which is Croll Cyber. They do a lot of incident response type work. They also do a managed detection and response or offer a managed detection and response service. And yeah, you can find them at kroll.com with a K K-R-O-L-L.com cyber and of course, in this podcast, we speak with my colleague Tom Uren, who is our policy and intelligence editor. G'day, Tom.
[00:53]
Tom Uren
G'day, Patrick. How are you?
[00:55]
Patrick Gray
Good, good. And we are going to be talking through a couple of topics today. Both of them are things that we covered on the weekly show yesterday. But we're going to go a little bit into more detail. The first thing we're going to talk about is this apparent pivot by fake North Korean IT workers who've been, you know, applying for jobs with American companies. And, you know, they take their wages, they send them back to the North Korean government. Sometimes they'll extort the business. Or you, if they happen to get a job at a cryptocurrency exchange, they'll rip off the exchange, that sort of thing. There's a Google report that we touched on briefly yesterday that says that this scam is sort of pivoting to Europe. And Google sort of couched this as a possible good news story in that law enforcement efforts and just general public awareness of these scams are starting to make them less effective in the United States. You're a little more circumspect when it comes to how to interpret this news tomorrow.
[01:50]
Tom Uren
Yeah. So there seemed to be a couple of different things in there. And like a similar day, there was a also information from a firm called dtex, which is an insider risk management firm. And so when you put them together, it was really quite fascinating. So, yes, there is this pivot to Europe. That's good news. But there's also just an evolution in tactics. And one part of that was that often when they're fired, they'll try and extort the firm. And this, to me makes sense from, you know, the North Korean point of view. You get a job. Great. What are the opportunities in this job? Is it so, so well paying that I should just work there? Yes. Okay. We'll do that. Is, is, is there an opportunity to hack the firm and make a whole lot of cryptocurrency? Yes. Well, we should absolutely do that. But there's also the opportunity for supply chain possibilities. So perhaps the firm is in a position where we can use it to hack other firms. And it seems like they've started to do that as well. And so if you're in the, if you land at a sort of, a sort of opportunity desert, the right strategy then I think is to just do the bare minimum, wait till you get fired, and then try and extort the firm. And this is your maximizing revenue for that type of opportunity, the very limited opportunity. And then if it seems like there's supply chain opportunities, dtech says that quite often the North Korean workers will turn out to be the best workers in the firm because they actually work in shifts. And I like the mythical 10x developer because there are 10 people there.
[03:36]
Patrick Gray
Yeah, right.
[03:37]
Tom Uren
They'll work for four or five days, non stop, like 24 hours a day.
[03:41]
Patrick Gray
Yeah, that's right.
[03:42]
Tom Uren
And it doesn't explicitly say what their purpose is. I can only assume it's to develop other opportunities because I don't think there's any firm on the planet that pays you more for working extra hard. And so it's got to be just.
[04:00]
Patrick Gray
To sum up your, your take here, it seems to be that, okay, they're pivoting to Europe and things might be getting a little bit tougher for them in the United States, but they're not that tough yet. And it seems like what's happening here is they're just scaling up and using more dangerous tactics. So beware of calling this a good news story, which is what we did on the show yesterday.
[04:20]
Tom Uren
To me, it seems like they're reacting to what's happening, but they're also learning how to maximize their opportunities. And so there's opportunities in different directions, like it's just earning a wage, its extortion and its supply chain and hacking cryptocurrency. And so each of those opportunities, there's a different tactic for it. And the really interesting one is the let's work as hard as possible. And I guess it's to expand our opportunities to get more access, to prove that we're a good worker and then get somewhere that we want to go in that firm. That's, I assume, what's happening. The report doesn't actually make it clear what, what they're trying to do. I just thought it was fascinating that yes, at times we're Going to get a whole team working in this firm for some opportunity.
[05:09]
Patrick Gray
I mean, what's amazing about the North Koreans, and I was chatting with someone about this the other day. I don't actually remember who it was, but they pointed out that, you know, I mean, we love tracking the North Koreans, looking at what they do. They're very creative attackers. They're now operating at huge scale. And they made the point that, you know, one of the reasons we enjoy observing them so much is they're essentially an apt that does everything in the open, right? So it's almost like you're getting a window into, because all of this stuff that we're talking about, all of the intelligence services are using similar sorts of tactics and techniques and procedures, but they're just doing it sneakily. Right. You know, you might have someone from an intelligence organization that is working for a target or is working somewhere sensitive, but they're doing it in a very clandestine way, whereas these guys are just going there, do it noisy, don't care if you get caught. And, you know, I often think it would be. How much fun would it be to be running one of these teams, you know, where you've got no guardrails, no rules, you can just do whatever you want, smash and grab, you know, send people into for these jobs, break any law you want. It's amazing.
[06:13]
Tom Uren
Yeah, it's the working 24 7, like, that's a giveaway. That's definitely a tell.
[06:19]
Patrick Gray
Yeah.
[06:20]
Tom Uren
No real person, no real single person does that yet they're just like, well, let's do that. Because it's the quickest way to get to where we want. We think so. I mean, I guess the natural response is work regular business hours and still be more productive because you can harness the expertise of all different sorts of people.
[06:38]
Patrick Gray
I do think that, though, Tom, just steering it back to this thing about whether or not this is good news or not, I do think it is interesting that they are hitting headwinds in the United States, because I've long said that there is a weak point in this whole thing, which is all of these workers need some sort of proxy to do their job. So we've seen these laptop farms spring up in the United States where, yeah, there's a bunch of laptops in a basement somewhere with a decent Internet connection, and these North Korean workers, you know, get access to that laptop from somewhere else, you know, Malaysia or wherever they're located. And that allows them to appear like they're operating from within the contiguous United States. And those things stick out Like a sore thumb. So it's once law enforcement has a template for pursuing these things, you know, shutting, shutting down a laptop farm that is helping 200 of these workers. You know, like it's a law enforcement action that gets you great bang for buck. And all it takes is for one of these affected, you know, organizations who's hired one of these people to report it and then bang, you get the location of the farm. Takes one report to take down hundreds of workers. So I do feel like, you know, we actually, it's rare in cybercrime to have an effective template for tackling something. I feel like we've got one here. So it wouldn't surprise me if the pivot to Europe is at least in part a response to that.
[07:59]
Tom Uren
Yeah, that makes sense to me. So I think there is definitely good news there. They also, the Google report talks about how they've captured, I guess, facilitators in Europe or identified facilitators in Europe and law enforcement has done stuff about them. So it's not that they're so good that they can do this entirely on their own. It is very, very useful to have people on the ground helping them out.
[08:23]
Patrick Gray
Useful idiots who run laptop farms in their basements, basically.
[08:26]
Tom Uren
I think this was slightly different. I can't remember the details. I think it was maybe at a different point in the process.
[08:33]
Patrick Gray
Yeah, like a labor firm or whatever who's like, if you need IT admins, we've got them kind of thing.
[08:38]
Tom Uren
Yeah, something like that.
[08:39]
Patrick Gray
Yeah. I guess my point is like, I would expect that if they do a massive pivot to Europe and the Europeans also start applying that template. I just think this scam at scale kind of has a shelf life, you know what I mean?
[08:54]
Tom Uren
I think it has an equilibrium, so I don't think it'll go away, but I think it's the sort of cat and mouse game where it never disappears, but it never gets like. It seems pretty bad now from what I hear, like a large number of firms have these IT workers. So I would expect it gets better, but not, I wouldn't describe it as a shelf life per se.
[09:19]
Patrick Gray
Yeah, I understand what you mean. I mean that's where we hope we're going with ransomware, right? Which is that it just, it's not a huge problem anymore. But it's. But it still exists. It's like a, you know, the best you're going to do is to suppress it.
[09:29]
Tom Uren
Yeah, yep, yep.
[09:31]
Patrick Gray
Yeah. I actually know someone who hired a North Korean IT worker and unfortunately for them, they actually had really good procedures in place. They detected it very quickly. They had them out of there within a day or two. But the thing is they actually had good procedures to onboard people designed to detect it. And it was actually the third party they were using for identity verification who made the mistake, which is amazing. So even when you're trying to be careful, they can still slip through.
[09:59]
Tom Uren
Yeah, I think one reaction was that you really have to tighten. One personal reaction is that you really have to tighten your recruitment procedures and, and do a lot of verification, which sounds painful, but there are also lots of things you can do once you've onboarded someone and just kind of monitoring for anomalous behavior straight out of the bat. Like quite often they do things that are ridiculous straight away. One comment.
[10:29]
Patrick Gray
Well, that's how they got this guy, right, is they'd given him very limited access. They were a software company, extremely limited access to like non critical stuff like their website source code. And their website is not a part of their product, it's just like an advertising site. And I think this guy, like the first thing he did was to like tar up their website source code and like run away with it. It's like, wait, what are you doing? You're North Korean. So that's, you know, that was how they detected this person is they immediately just started smashing and grabbing from like the non critical area of the business and which is why they wound up getting nothing and then, you know, resulted in a report to the FBI. But yeah, it's just, yeah, it is just total smash and grab stuff a lot of the time.
[11:12]
Tom Uren
Yeah. So I would think that the smart strategy is you land from a North Korean point of view, you figure out what the opportunities are. Are they supply chain, are they cryptocurrency, hacking, are they just getting a wage or is there some extortion opportunity? So to me you would evolve your strategy to turn up, work for a couple of weeks, do some reconnaissance and then figure out which of those strategies you will employ. And you may know from the get go, like if the firm is cryptocurrency exchange that you've landed a job in. Well, there's your opportunity.
[11:46]
Patrick Gray
But there may be firms, I imagine a lot of the assignment of whose fingers on keyboard changes as well. Right. So they get someone into a place, oh, this connects to the cryptocurrency world. Put the A team on it, you know, because I can't imagine they're all A team, the people doing this stuff. Right. It was definitely B or C team operations at the, at the case that I'm familiar with.
[12:07]
Tom Uren
Yeah, yeah. So it seems like what they need is a better layer of middle management.
[12:11]
Patrick Gray
Yeah, that's it. Some helpful tips for the North Koreans. You heard it here from Seriously Risky Business first. Look, we're going to move on and talk about another topic now, which is signal gate. You know, again, you've kind of covered things. You know, we disagree a little bit on the North Korea stuff because you're like, well, this isn't, you know, this isn't the good news everyone thinks it is. We are swimming as one, though, when it comes to signalgate. Because what you've written here is really, this is very, very bad. And these group conversations were almost certainly exposed to foreign adversaries. This is something I've heard from people around the sort of intelligence community as well, which is like, you ask them, you know, do you think, like, China or Russia was on at least one of these devices? And they're like, their response is like, oh, yeah, you know, like almost undoubtedly. Which is, you know, it's like how cryptocurrency is sort of speed running, the need for regulation over the last decade. I feel like the Trump administration is sort of speed running the need to have decent communication, security. I mean, that seems to be your take here, but I mean, really, what you're pointing out, and you are a former intelligence community person yourself, and the whole thing reads your analysis in this week's Seriously Risky Business newsletter, which you can find at Risky Bizarre. You know, the tone of this piece is like, oh, my God, you know. Yeah, you're freaking out, Tom. You're freaking out.
[13:32]
Tom Uren
Yeah. So the piece of news that is very worrying and, but also not surprising, is that this was a regular way of doing business. So the Wall Street Journal reports that Waltz created and hosted multiple other sensitive national security conversations, including separate threads on how to broker peace between Russia and Ukraine, as well as military operations. So that's signal conversations with cabinet members. The one about peace between Russia and Ukraine to me is really interesting because if it's anything like the conversation they had about the Houthis, it might include information like, you know, what does Trump think? Where are we debating the limits of what we'll do? And if Russia and Putin got access to intelligence about the conversation, I think it would be, like, tremendously useful in negotiations. And so I think that those conversations, even though they're not clearly labeled as classified, I think they actually are top tier strategic intelligence. Like, that's the gold stuff, because the military stuff, if you don't do anything about it, like after the attack, it's pointless, it has no value whatsoever. But this is the sort of stuff that could influence basically how those negotiations end up and have tremendous import over a long period of time. So I think that those are really important and it seems like there are a lot of them. The other evidence I go through is I just sort of wrap up what we do know about the hacking of phones. And so there's.
[15:16]
Patrick Gray
Well, you point out it's not even just a capability that's limited to states. There's, you know, you can go to the private sector and buy spyware that will happily infect a, you know, fully up to date iOS device. Right. And you know, if you can get that from the private sector, it's pretty naive to think that like China and Russia don't have this capability. I mean we know that they do.
[15:35]
Tom Uren
Yeah. So like there's the example of thousands of phones being hacked allegedly by the nsa, but that's the scale. It's not like we have to do just one phone because we're really cautious about it. It's. We can do this at fairly large.
[15:50]
Patrick Gray
Scale and not worry that this technique's going to get burned. Yeah. So. So the top shelf stuff, you know, we have, we don't even get to see that.
[15:58]
Tom Uren
That's right. Yeah. And so the chances when you've got multiple group chats with multiple people that at least some of those people are not infected, I think is very, very slim. Yeah. And so you don't. It's nice to get the, you know, background information from intelligence people, but you can just look at the open source reporting and go, yeah, I think that's unlikely to. That all of those phones were not hacked.
[16:28]
Patrick Gray
Yeah, well, I mean, if at least one of them wasn't, you know, you'd really question how good MSS is at its job. Right. Like at least one of those devices would have to be off.
[16:39]
Tom Uren
Yes, that's right. Yeah. Yeah. And so the, like both the Chinese and the Russians, they're good hackers when they want to be.
[16:47]
Patrick Gray
Yeah. One point you made to me, and it's not actually covered in your piece, but it was a point you made to me when we were just chatting this morning, is that there has been probably more harm from this leak than people realize and it's less about the specifics of a military operation and more about, you know, Vance and Hegseth calling the Europeans pathetic and all of this sort of stuff. Now they've been very critical in public. So it's Just interesting when privately they're saying the same stuff and like even more deranged is the word maybe. And that this is, this is unlikely to make Europeans feel particularly good about sharing some stuff with the United States. So, so in that, in, in that way, you know, you know, you, you would argue that they, that the leak has actually harmed US Interests in a tangible way.
[17:35]
Tom Uren
Yeah. So that particular conversation, the Houthi one, I think that damaged US interests by really galvanizing the eu. So it wasn't a binary black or white thing. They'd had a lot of public discussion from Vance in particular. But also Hegseth, that sort of raised the warning level. But when you get an insight into their private thinking where ah, they're not just putting on a show to get us to do stuff, this is actually what they think we are really basically on our own. I think that is very clarifying to get the, basically the private conversation. Like what would be in the old days you call signals intelligence? Well, I guess in this case it is signal intelligence. But that's an example of how those kinds of strategic conversations can be really, really important for how nations respond. And I think if there's a whole lot of other conversations about other different topics of interest, that is just tremendously valuable for the Russians or the Chinese or whoever has access to them.
[18:39]
Patrick Gray
I mean, at this point you'd wonder if some of the Europeans might have a crack as well. You know, if there's that sort of intelligence lying around on those devices. You know, it's not. And this would have been sort of, not really something that would have happened last year, I would think. But you would have to think, you know, if you're the French or the Germans, maybe getting on some of those devices might be actually justified.
[19:04]
Tom Uren
I think it takes some time for people to change their long held beliefs. And so that is something that everyone would go, yeah, I see your point.
[19:14]
Patrick Gray
But that's maybe a bridge too far just yet. Yeah, no, I know what you mean, but it's crazy that we're moving in that direction, I guess. So look, one more thing that I just wanted to cover off quickly with you. We didn't cover this in the, in the show. I mean we covered one of them. There's been a tit for tat in Russia, Ukraine, you know, quote unquote cyber war. We saw some Ukrainians target, you know, the state owned rail company in Russia and take down their online ticketing, which didn't really, you know, there were just long queues for people to buy tickets and it looks like, you know, now it's happened in the other way as well. What is it? So on Sunday, March 20, Ukraine State Railway system was hit. Oh, so it was the Ukrainians who got hit first. And now the Ukrainians have hit back, the Russians. I mean, the. The point you make in this brief write up that you've written is that, like, is this the cyber war we were hoping for? You know, like, this ain't going to move the needle on the battlefield. Just ties into that theme that we've been talking about for three years now, which is that we haven't seen, you know, cyber actions really move the needle. We've certainly seen some interesting use of cyber. Like we did see when Russians would capture a new area. They would send people into, like, data centers and whatever, into privileged positions in telco networks or data centers and do a bit of damage that way. But it didn't appear to really move the needle in the war. This is a, you know, even less impactful example of cyber action. So I guess, yeah, it's just another thing that reinforces that view that the cybers haven't really played much of a role here.
[20:43]
Tom Uren
Yeah. Yeah. So Grak and I have talked quite a lot about this on the other podcast between two nerds, and you really need to combine those types of actions with something else. So from a state perspective, it means that you've got to integrate your cyber operations into some other thing that takes advantage of it. And so when you're in this stage of the war and it's just disrupt this, disrupt that without any further, without using it as leverage to achieve something bigger, it's like, well, okay, that's really annoying for people who are waiting for their train tickets, but it's not. It doesn't move the needle at all. And so I thought this was just like a really nice vignette of how you can do stuff and it amounts to nothing except maybe a few news articles.
[21:34]
Patrick Gray
Yeah, I think for the real cyber war, we need to wait for Taiwan, Right?
[21:40]
Tom Uren
Yeah.
[21:43]
Patrick Gray
And see. And see what that looks like if that happens. And I hope it doesn't. But if it doesn't happen at that point, with all of the prep work the Chinese have done, you know, then we're going to seriously start to question the old cyber Pearl harbor concept.
[21:56]
Tom Uren
I mean, I think that my way of thinking is that it would be something that tries to just like disrupt the enemy. So in a way it would be like this, except that instead of stopping the trains full stop, it would be stop the trains while at the same time launching an invasion fleet. And so together you can see that. Yeah. Having trains not working so that it's hard to get people to the right place, get your military forces to the right place. That actually is an enabler. I don't think. I'm not sure that if it was a lot of trains. Yeah.
[22:31]
Patrick Gray
If it actually works. Right. And you know, I just don't know. I just don't. And I hope I never find out. That'd be fine as well.
[22:39]
Tom Uren
I'm with you on that one.
[22:40]
Patrick Gray
Yeah. All right. Well, let's wrap it up there. Tom Uren, thank you so much for joining me for this discussion of your always excellent newsletter. Seriously Risky Business. And yeah, we'll do it all again next week. Week.
[22:51]
Tom Uren
Thanks, Patrick.