Risky Bulletin – "Srsly Risky Biz: The kids aren't alright"

Podcast: Risky Bulletin
Host: Amberly Jack
Guest: Tom Uren, Policy & Intelligence Editor
Date: September 25, 2025

Episode Overview

This episode focuses on the evolving landscape of youth cybercrime—contrasting a recent case involving a young "SIM swapper" with the earlier Mirai botnet teenagers, and examining how motivations, community dynamics, and pathways for redemption have changed drastically. The discussion also covers a new policy report from CSIS on rethinking U.S. cyber deterrence strategies, particularly toward nation-states like China.

Key Discussion Points and Insights

1. Youth Cybercrime: Then vs. Now (00:45–10:53)

A. The Changing Landscape: Minecraft as a Gateway

• Both recent and past cases (the Mirai botnet teens and Noah Urban) entered cybercrime through Minecraft-associated online communities.
• Earlier, technical skill was essential; now, social engineering skills suffice.

Notable Comparison:

• Mirai creators: Technically skilled teens who hacked for status, later entering legit cybersecurity jobs.
• Noah Urban: Focused on SIM swapping. Was "just good at talking to people. He was polite and he had a deep voice..." (Tom Uren, 02:53). He earned thousands at age 15, escalating from small payments to orchestrating major cryptocurrency thefts.

B. Financial Incentives and Escalation

• Urban’s trajectory: “He later told authorities he stole something like US$15 million in something like a year and a half.” (Tom Uren, 03:48)
• The barrier to entry is now much lower; more youth participate with social skills (rather than technical skills).
• The rise of cryptocurrencies means far more money is involved, incentivizing riskier behaviors.

C. Loss of Redemption Pathways for Young Offenders

• Earlier criminals with legit skills found pathways into security jobs after being caught. Now, “...if you’re a good talker...there’s millions of good talkers in the world. You don’t necessarily need one who’s been in prison for online crimes.” (Tom Uren, 05:21)
• No clear path for talented social engineers to “go straight.”

D. Increasing Violence and Toxicity in Online Communities

• Escalation from online-only pranks (like swatting) to real-world threats: “People want to basically steal it and...kidnap you, take you in a van...hold a gun to your head...” (Tom Uren, 07:08)
• Example: Urban was subjected to extortion with threats to his associates and violence against family, which hardened him further.

Anecdote:
Amberly recalls earning $5/hour at a video store. “Not the best money, but I never had to explain to my mum why bricks were being thrown through her window, so.” (Amberly Jack, 08:19)

2. Possible Interventions and Solutions (08:28–11:16)

A. Early Interventions and Platform Responsibility

• Need for “interventions earlier”, potentially by platforms like Discord, Minecraft, and Telegram. (Tom Uren, 08:46)
• Current law enforcement responses—arrests often come too late, when youth are already entrenched.

B. The Social Incentives

• Online communities reward escalating acts (technical prowess before, money/impact now).
• Rising ransomware makes crimes even more damaging.

C. Policy Perspective

• “If things are worse, you need to spend more time and effort trying to fix it. So it’s not a time to just assume that the status quo is good enough.” (Tom Uren, 10:53)
• Both hosts agree: recent arrests are necessary, but real solutions require more prevention and earlier action.

3. The U.S. Cyber War "Playbook": New Thinking in Deterrence (11:16–16:05)

A. CSIS Report: "A Playbook for Winning the Cyber War"

• The U.S. approach to deterrence has been “very, very narrow”—targeting only cyber actors (the ‘foot soldiers’), not the sponsoring nation-states. (Tom Uren, 13:09)
• “Those companies, like, they're expendable essentially...” (Tom Uren, 13:27)

B. Shifting the Focus: Deterrence by Punishment

• The report suggests retaliating directly against the interests of sponsoring states (e.g., China’s “five poisons”: democracy activists, Taiwanese independence advocates, Uyghurs, Tibetans, Falun Gong).

• Example: If China attacks U.S. power grids, the U.S. could respond by releasing embarrassing information about human rights abuses (e.g., Uyghur prison camps).

  • “If Beijing's penetrating US power grids, perhaps the US could release detailed information about Uyghur prison camps... that would be very embarrassing to the regime…” (Tom Uren, 14:11)

• This would create meaningful risk for the adversary, believed to be more effective at deterrence.

C. Is It Likely?

• “If there’s any president that would do it, it’s President Trump.” (Tom Uren, 15:29)
• Tom doubts it would happen imminently but says the possibility has increased.

Memorable Moment:
Amberly jokes about the report providing sample press release text:
“I love that they're like, here's some specific words you can use when you announce this.” (Amberly Jack, 14:52)

Notable Quotes

• Tom Uren (02:53): “Urban, he was basically just good at talking to people. He was polite and he had a deep voice. And so he was able to get into the sim swapping...community, and he was very, very good at it.”
• Tom Uren (03:48): “He later told authorities that he stole something like US$15 million in something like a year and a half.”
• Tom Uren (05:21): “…if you’re a good talker...there’s millions of good talkers in the world. You don’t necessarily need one who’s been in prison for online crimes.”
• Tom Uren (07:08): “...they'll hire people, kidnap you, take you in a van, put a, you know, put a hood over your head, hold a gun to your head and try and get the cryptocurrency out of you.”
• Amberly Jack (08:19): “Not the best money, but I never had to explain to my mum why bricks were being thrown through her window, so.”
• Tom Uren (10:53): “If things are worse, you need to spend more time and effort trying to fix it. So it's not a time to just assume that the status quo is good enough.”
• Tom Uren (14:11): “…perhaps the US could release detailed information about Uyghur prison camps, like satellite photos, that kind of thing that would be very embarrassing to the regime and give the…five poisons ammunition...”
• Tom Uren (15:29): “I think that if there's any president that would do it, it's President Trump. Right?...I think the chances are higher than ever that it might happen.”

Important Timestamps

• 00:45: Start of discussion on youth cybercrime, comparison between Mirai botnet developers and Noah Urban.
• 03:48: Details of Noah Urban’s SIM swapping activities and financial escalation.
• 05:21: Discussion about differences in redemption pathways for technical vs. social engineering cyber criminals.
• 07:08: Escalation to physical violence and extortion in online crime communities.
• 08:46: Exploration of possible interventions by platforms and authorities.
• 11:16: Introduction of the CSIS report on U.S. cyber deterrence strategy.
• 14:11: Suggestion of targeting state interests ("five poisons") as deterrence.
• 15:29: Likelihood of the U.S. adopting deterrence by punishment against nation-states.

Summary

This episode provides a sobering look at how youth involvement in cybercrime is evolving—emphasizing lower barriers to entry, far greater stakes (especially with the rise of cryptocurrency), and a notable loss of positive pathways out for offenders who once might have found redemption in legitimate cybersecurity work. The conversation transitions to U.S. cyber policy, introducing fresh ideas for effective deterrence by targeting nation-state sponsors’ core interests, notably through public exposure rather than simply sanctioning criminal actors. The tone is grave but laced with dry humor and healthy skepticism about true solutions, making the discussion both engaging and insightful for listeners.