Inside Operation Disruption Week: Taking Down Southeast Asia's Scam Machine

A

So what was the process like with Operation Disruption Week? We'll take you inside on this episode of Safe Mode. Welcome to Safe Mode. I'm Greg Otto, editor in chief at cyberscoop. Every week we break down the most pressing security issues in technology, providing you the knowledge and the tools to stay ahead of the latest threats, while also taking you behind the scenes of the biggest stories in cybersecurity. An attack is coming. It's about keeping us safe. He's just a disgruntled hacker.

B

She's a super hacker.

C

Stay alert.

B

Stay safe.

A

Stay safe. This is Safe Mode. Welcome to this week's episode of Safe Mode. I am your host, Greg Otto. In our interview segment, we're going to be talking with Mike Sweeney from Silent Push. Silent Push was one of the cybersecurity companies that worked with the Department of Justice during Operation Disruption Week, which targeted Scams Inc. In South Asia. Mike gives us a breakdown of how this public private partnership always trips me up, how this all came together and how the future will look moving forward for these types of actions. But first, talking with Tim Starks, who wrote a story for us this week, and it's actually something that we've been writing about on Cyber Scoop over the course of the past couple months. Everything that's, I would say this is like the big topic that is non anthropic, non generative AI, though it does have parts of that as well. What doesn't at this point? Open source security and what we've been seeing in line with the attacks on open source maintainers and all of this software that powers everything that we use, it's in our iPhones, it's in our enterprise networks. And thanks to AI, some attackers have been going after all of these really important packages and profiles that go into our applications. And our. Matt Kapko wrote a story looking at Team PCP and that particular group. But Tim also wrote a story that looked at the bigger picture and what governments and the industry can do to really spend stop this as it sort of spirals out of control. And the answer is convoluted, I should say. It's, it's, it's not. Your story's not convoluted, of course. But, but the, but the issue, the issue is definitely a convoluted one.

B

Yeah, it's, it's a really tough nut to crack, I think. You know, there are things that in the world of what is the government going to do about cybersecurity? You can have answers that are a relatively short list of options right if you want to take water security, like with the Biden administration, they tried to regulate that. Do you regulate it? Do not regulate it. Pretty simple for the most part. There are other, obviously not that simple of an issue. But, but with open source, it's not that direct a target for you to even go to and say, this is what we are going to do to you. Or it. Or, or how do you even determine who do you, who do you do it to? Because one of the issues is that it's not like there's, there's a readily available list of water plants in America like there is for open source. There's nothing equivalent. We don't know who some of these people even are. They're volunteers who are running these things. So you start from that level of like a very diffuse, like, not easy to pin down who you even are going to go to to say we need you to do this. Then it gets into, you know, that obviously is one of the things that makes it really appealing to groups like tpcp. And Matt's story was great. I only touch on this subject a little bit of like, why, you know, why is this happening? And one is that it's, it's a fruitful target. It's just something where if you attack one maintainer, you're going to be able to maybe get into such a wider array of targets as a result of that. And then it goes into what, what can the government do? And there are some ideas. I think Europe maybe has one of the most interesting ones right now. But there's also the problem of a lot of things that were happening in the Biden administration that we're actually trying to start to tackle some of this much more because of log 4J from 2021. Huge deal at the time. Jenny Shirley said this might be the most severe, most serious vulnerability she's ever seen. But we averted some disaster on that for a variety of reasons, nonetheless. I mean, this is something that started to get some real momentum and attention in the Biden administration. And then Trump comes in and a bunch of this stuff kind of gets shelved. Doesn't seem to be happening. And then there's the idea of what, what companies ought to be doing and what their responsibilities are because they're making a lot of money off of the back of open source security. It's just a really difficult nut to crack for, for everybody, but especially government, I think.

A

Yeah. Going back to what you were saying with the water plant metaphor, it's a lot easier for CISA to pick up the phone and call American Water or Fairfax Water or Cal Water anywhere else and sort of talk through the problems and work toward a remedy. Finding somebody that goes by, you know, a handle on GitHub and probably has a email address that might be a burner account that they just use, or they lost access to it, or maybe the email provider doesn't work anymore. That is, like you said, a tougher nut to crack. And it is definitely something that should give people pause. And it has. And that's reflected in your story that, oh, these really are the pillars of so much of the software that we use. We gotta find an answer. Because it's just the status quo ain't working.

B

Yeah, it's not. I mean, going back to the point you were. You were making, you know, even if you find vulnerabilities, there's no. Nobody knows how to report it to the people. You know, it's not even just about a systematic question of, like, you know, how do we tackle the issue of regulating something that feels hard to regulate. It's also just a fundamental matter of some of the basic things that we do in cybersecurity. Everywhere else you find a vulnerability in a company, you. You find out where you send that off to. There's a process in place. There's nothing like that for this. So just the basics of this are so difficult.

A

And going back to something else that you said too, is this is what we are seeing. We are seeing the ramifications of scissor cuts play out, because as we saw in the Biden administration and in some sources that you talked to for the story, Jack Cable, Ava Black, to name a couple. I know there are others in the story that worked on open source security, like Saul saw this issue for what it was even before LLMs were, you know, just an everyday tool that people were using, especially in cybersecurity, that this could really present problems. And now that we're here and it seems like there are just crickets, whether it is on the CISA side or you also talk about an office that was aligned with the office of the National Cyber Director that seems to just not be around anymore.

B

It's just basically not. Not to be found. I mean, a number of the people that we're working on, it just aren't in the government anymore. You know, you talk about the status quo. I think Dan Lawrence from Chain Guard had the. Had a little bit of an optimistic take that, you know, this. Everybody's now aware of this crisis. Maybe everybody's starting to unite around it. I don't know if that's the case. I'm not saying he's wrong. I'm just, I can't, I can't say with certainty that I agree or don't agree with him. Sissa, I think, you know, to give Nick Anderson a little bit of credit, the acting director has said this is something that really concerns him. But if you look at what the answer is in the story about what they're actually doing about it, it's not terribly concrete. So, so you have all this erosion of the things that were happening under Biden, Biden administration, like basically everybody who was like a big splashy hire that they had. We're going to bring in some real experts on this. It's not happening. We do have a few things happening on the Hill that are kind of interesting, but those still even feel like more at the formative stages. Things like directing the Department of Defense to do, to come up with this plan to remediate open source risk, especially as it pertains to foreign adversaries that might be in the actual open source infrastructure. Because there's no. A lot of people are contributing to open source projects are completely anonymous. There have been cases where we've seen evidence of China and Russia tampering in that process. You've seen things like a directive for CISA to look into the kind of open source program offices that Amazon might have where they just have somebody to like deal with all open source issues you're dealing with as a company. Those, those things still feel like, like they're very much at the start. And that's. Even if they do happen, I mean they're not, none of, neither of those things are the force of law. In past administrations you would expect that there'd be some amount of this. Congress has put this in a funding bill, they put this in an authorization bill that's really important to us. So we're going to do what it says, even though they don't really have to have to. I don't know that we can count on as much with this administration that they're going to do something that is essentially an ask with an implied threat that we're giving you money. This is what we want back. So even the stuff that is moving feels small. It feels like it's a setback from where we were and whatever we're getting done. I think Europe, you know, the Cyber Resilience act seems to be pretty significant here. We might not get a sense for how, how much of an impact that will have in Europe or globally until it's fully implemented. And, and that's, you know, we're looking at, I think, the end of 2027. Right on. And then, you know, what enforcement mechanisms will be in place to say, hey, you're selling a product for commercial gain that has open source technology in it. You, the company now have to take these steps. I think we'll see what kind of teeth that has later that we don't know exactly yet.

A

So with that, one more point that you brought up that I think is worth talking about is the movement on Capitol Hill, especially with the Department of Fence looking at removing foreign adversaries is tough. And you say that in the story and you talk to some experts that are like, look, I get that logic, but just because there might be a maintainer that's based in China or somewhere else in the world that we're not particularly friendly with doesn't necessarily mean that they're malicious. Like, there are plenty of people out there that are just working on software for working on software's sake. And a lot of this stuff is foundational in that you don't know the purpose of or there's multipurpose. Like it all depends on the applications that are being built in the long run that are using these free open source tools to build whatever it is that they want. Like at that level, we're not talking about something that is built with malicious intent. So it just goes to show it's another angle of the story that shows this is a really, really thorny problem that is just being exacerbated by the AI boom. And a lot of people are really struggling to figure out what the next steps are.

B

Yeah, and it's, you know, I, at one point, I mean, I talked to one of the, a maintainer of the curl, Daniel Stenberg. I've talked to other people who work in open source who are actually in the ground doing that kind of like open source work. Not just the store, the not and I, not to mention it, but not the work outside of it to protect open source and policy thinkers and things like that. And I'm kind of like, why do you do this? This, this seems like a lot of sounds exhausting. It's exhausting. And you know, the other thing I asked was, you know, should we just, is there, is there some way to just not rely on open source technology? I realize that might sound like a simple question, but I was just trying to get a sense of like this is, this feels like such a problematic thing that we rely on is, is there A way to not do it. And the answer is no, really, we need this. And, and for open source to work, it has to really actually be open source, because, you know, this has allowed a lot of technological advances. When you can go, I need to have a part of my code that does this thing. You don't have to create it from scratch. You can just go get it. And so if you're not, if you're, if you're figuring out a way to close it off or how, how, who can actually do it, then it's not open source anymore. And I get the logic of, again, like you said, I get that logic of wanting to protect against this stuff, especially if we're talking about stuff that's in the US Government. So maybe there's a way you can look at that, a problem differently if it's for the US Government versus Open source generally.

A

Great, Tim, Fantastic story that really gets to all of the nuance that is in this area. So check it out. The story on cyberscoop, along with Matt Capco's story that dives into Team PCP and the threat groups that are going after this type of software. Thanks for joining us.

B

Thank you.

A

Now to our interview with Mike Sweeney from Silent Push, talking about Operation Disruption Week. The Trump administration has been really big on trying to crack down on fraud. And in South Asia, particularly Cambodia, there are a lot of scam centers where people are unfortunately human trafficked and forced into cyber scams. So the Department of Justice, along with some, some tech companies got together and during Disruption Week, disrupted, perfect name for it, disrupted a lot of these scam centers. Mike was front and center for this operation and takes us behind the scenes on what went on during the operation and why public private partnerships are so important for this type of work. Check it out. All right. And joining us on this week's episode of Safe Mode, we're going to be talking with Mike Sweeney, the director of preemptive Cyber defense for Silent Push. Silent Push was part of a public private partnership over the past couple weeks that took part in Operation Disruption Week, which look to take out the scam centers that we have been hearing about in Asia that are really at the heart of a lot of what we see in the cybercrime landscape over the past couple years. So, Mike, thanks for joining us.

C

Hey, thanks for having me. It's. It's great to be on and great to be able to talk about this.

A

So I, I kind of fumbled my way into talking about Operation Disruption Week there. Uh, talk to us a little bit about what exactly went on for those that aren't familiar for with what occurred?

C

Yeah, so the disruption week is a response to the scam centers that are out in the Southeast Asia region. Region where they're doing a lot of pig butchering and different type of romance and various scams online that are really just funneling a ton of money out of the U.S. and other regions to criminal syndicates. And so President Trump signed an executive order that really highlighted a need to attack this effort. And Judge Pirro and FBI stood up the scam center strike force, which pulled in a bunch of industry leaders to try to tackle this problem, which is just an international problem. And. Yeah, and so, you know, it's just been a great effort and it was really nice that at the end of the week we had some heavy impact.

A

So I know there were a lot of government entities involved with this. The DOJ was involved, FBI, Secret Service, hsi. But I'm wondering, what exactly did Silent Push bring to the table? What did your infrastructure and intelligence enable that the government couldn't do on its own?

C

Right. So what silent push does that's unique to us is that we have a good expertise on looking across the Internet as a whole. We're constantly scanning it and contextualizing all the different technical data. And from there we're great at detecting anomalies, and from those anomalies, drilling down to malicious sites, cyber behavior. And then from there we, we can either provide, we provide that intelligence to different entities for several courses of action. So some of those courses of action you would send out to a netdefender and they would create mitigations or blocks at a sim. And then some of those actions also you take to certain service providers or governments that follow on and conduct takedowns or sanctions or other. Other actions.

A

So talking about these scam centers these scam compounds are running, what amounts to is really like a full enterprise stack. You know, the bulletproof hosting, distributed ASNs, crypto laundering, and using legitimate infrastructure like Starlink and Meta as part of their scam chain. What's the hardest part of that infrastructure to disrupt?

C

I think the hardest part to disrupt is the fact that it's geographically distributed across multiple countries. And then when you have to reach out to those different law enforcements or those different providers, they all fall within different legal constructs. Right. And they all have different evidentiary requirements in order for you to really affect change and get them to move and take things down and sort of affect things. That's kind of always been a big issue. Right. The criminals and the scam centers, they have initiative, they sort of attack and they go out there and they only have to affect x percent of folks in order to get a large amount of money. And from the defender aspect of things, even at the international level and at the national level governments, we have to have evidence that goes to the court system and ultimately proves that what is being done is criminal. And that's just, that's just takes longer. We don't have the initiative usually. So that's the biggest challenge is of course detecting it fast enough, preemptively detecting it fast enough, and then be able to take that data and build your evidence case so that you can get out there and block them before they make too much money and before they are really effective. Expanding and, and essentially diversifying their infrastructure, creating that resiliency that they keep creating, that makes it hard.

A

So that preemptive part that you were talking about, when you're looking at these scams, whether it's pig butchering or crypto fraud or anything that these scam centers are proliferating, what are the early signals, the tradecraft fingerprints that tip you off that something is standing up?

C

So some of the early signals are like you mentioned, bulletproof hosting and other aspects are like bulletproof cdn. A lot of them are also the utilization of services that highlight their misalignment with government regulations. So you're talking about like defi, right? If you're talking about cryptocurrency or you're talking about res proxies, right? So where you. Yeah, so where you're going out there and you're trying to mimic yourself as, as a residential user versus just utilizing either your even vpning at some point can be pretty challenging. And so those type of technologies, you know, you just think of like regular crime scripting, those type of technolog are kind of what you go after. So if you just even pulled it from the virtual space to prior criminal behavior and you look at all that crime scripting, you can sort of create a profile of what the criminal will do. And then from there you just map it to the virtual space and you look for the providers that will provide those services that benefits the initiative and the criminality of the usage. So if that makes much sense.

A

So yeah, and with the criminality there, we know that organized crime syndicates are running these compounds, but the victims that we see have been mainly in western countries. So is there a meaningful law enforcement or diplomatic lever that actually changes the calculus for these operators? Or is what we have seen with Disruption week, really the ceiling. I mean, obviously the ultimate part is, you know, preventing this stuff from even happening. But like anything that we see in cybercrime, there is a little bit of like a whack a mole aspect to it. So I'm wondering, is the disruption really the best that we can do or is there anything else that can change the calculus for these scams?

C

There's a, so I think that that's a little bit of a, creating a binary value out of what's happening.

A

Okay.

C

A lot of what has happened has been changing exponentially from operation, operation over the years. So you'll see that they were arresting, you know, just basic workers at these sites and raiding whole sites and arresting everyone there. But that has evolved to targeting the crime bosses. It's, it's changed to targeting the folks that are setting up infrastructure as a service. It's, it's, it's targeting the organization itself, the, the key actors within our organization. And that should affect change versus hitting the lower level workers. Right. And then on top of that, we did add the financial disruption aspect of things. So we are not only just attacking the virtual space, but we're following those up with arrests. So those arrests again, are not equal across the space. Right. The rest, like I said, they're kind of going up into the organizational chain and we're trying to tackle the top tier of this problem. And so I think that on top of the fact that the more of these operations that we conduct, the more pressure we can put on the governments that are hosting these different scam centers like Cambodia and Myanmar. Right. And so Thailand has really been doing a great job at doing their best at enforcing their borders and cutting them off, the different scam centers off there. But because we keep finding this type of activity, we are pressuring the governments of which where these facilities are actually embedded. Right. And trying our best to sort of at least highlight that corruption and provide whatever political pressure we can there, I think that's like a multi prong attack. And each one of those attack mechanisms, there actually has been an evolution in them, just a slow sort of steady evolution. But each time that we conduct one of these operations, we are adjusting our fire and hopefully creating, hitting that final critical point that makes the whole system collapse.

A

Right. And, and you kind of mentioned the largess here with these scam compounds and some of the numbers from the DOJ. I think there were 1.4 million accounts seized. Starlink terminals by the thousands were taken offline. $3.8 million in crypto funds seized are the big numbers here really the driver and really show that this is not just really a snapshot. Like how do you square the wins with the reality that this is a big infrastructure takedown? Like, this isn't. I did say whack a mole earlier, but I mean, this is a whack a mole of a pretty large size. Like, even if they do try to rebuild like 1.4 million accounts, sure they can be spun up, but something that is in the thousands when it comes to Starlink terminals and close to $4 million in assets, like, this is a pretty big operation that does take time to get stood up again.

C

Right. So those numbers do have weight to them. For me, I guess I can talk personally. For me, the value of it is that, like I said, it's a, it's a very, you know, black and white scenario on what's going on here, the criminality of it. And I think the moral issue of it is super important. We can't underweigh it. That, you know, I can't. I like to be able to look at fellow citizen and say, we're doing something about it. We're not just letting these sinners sit here. We're not just letting crime take over because it's too big of a problem for us to understand in our specific scope and that we tried a couple of times and that we're willing to give up on this. I can't stress how much that it's important to get in the same room of everybody who has the same mentality to do good and to stop this type of behavior from happening and sort of unifiedly say, this is not right. This is. We're going to do our best and we're going to keep taking down everything we possibly can take down that's involved in this. And so that's where, you know, we have a huge international community involved. We have all the different governments involved. We have the numbers, the sum total of everything we froze. And those do have an impact and a value to them. But they're, they're, you know, they're. Like I said, everything is sort of evolving. And I think that if this is the beginning of that evolution, these are some big, big numbers, right? And it's just something to be excited about, looking forward when we talk about what real impact we can. The more people we get into the same room, the more that we empower each other to, to tackle this, this really, you know, nasty behavior that's going on in the world. And so, and then, you know, like, like Judge Perot Said she was talking about the individual cases of people and the impact that they had on their, their lives. And it's just something that we can show for it. You know, like, it's not. That person doesn't sit in their house and think, get another smishing attack, another phone call and things.

A

Right?

C

Yeah, like, who. Where are you? Right, like where are you government? Where. Where's my protection? And so I think that's really just the biggest value here is that FBI is out there doing this, the Royal Thai Police are out there doing this. They're sending the signal that you're not alone in your living room when you receive that attack, and that they're doing everything they can to solve this problem. And you know, they are, they are making impact. Those are big numbers. Again, the virtual space is huge out there. It's been going. They made a lot of money, so we have a lot of damage we need to continue doing to make it not profitable for them. We have to get ahead of the curve. We have to get, you know, preemptive on it as far ahead of the curve as we can. And we have to get all the governments in play, all the, you know, the ones that are both hosting this and the ones that are, you know, being proactive about it, that can do something externally, like China, when they're putting pressure on the. They did a lot of impact when they were putting pressure on those nations. And so, yeah, and it's just, it's just something that's going to come with time. And I think that we're at least these, these type of efforts really highlight, if not in this one action, the ultimate behavior that we need to conduct ourselves internationally and globally to be able to combat these massive crimes that, you know, frankly, are only going to get worse. The more AI integration is going to happen, the more automation comes into place and the, the, the easier that is to integrate into people's workflows. So. And again, it's just exponentially a bigger problem because attackers have initiative. So the more these technologies go into place and come out, the defenders are figuring out how to integrate it and have high confidence and fidelity in their defense signatures. But the attackers are just throwing it out there like crazy and being successful, and so they get a head start on us.

A

So you mentioned bringing governments to the table. And I know the White House's March executive order specifically calls for an operational cell to coordinate cyber disruption across, you know, the public, private partnership angle of it all. Do you think that what you saw with disruption really formalizes what the government was looking for there, or is there a gap between what the order envisions and how this actually works on the ground?

C

I think it was actually very productive. There's a ton of sharing across all the different organizations. I think we. We sat down across each other and we really looked at each other's data as best we could, you know, without, you know, overreaching.

A

Right.

C

And we. And scoped it specifically to this one action that we wanted to do. And I felt like there was no real blocker between us and, you know, say, Starlink or Meadow or whatever. Everybody came there with the right mentality, which was the, you know, the purpose, like, okay. And they focused on the purpose first, you know, mission first mentality. And I think that that could be in part because the Royal Thai Police and FBI did such a great job at giving the informational baselining and setting everybody up for the event and also pulling in the right people for the event and then. But really, while we were there, I feel like it was sort of a model example of how we should be conducting ourselves for these events, because it felt really empowering. You know, we were real with each other. It wasn't like people were falsely understanding the limit. Like, they understood the limitations of their data. Right. There was like. And they understood, you know, where there might be gaps in their telemetry and expertise in handling certain data points. And so I think that was just really nice that there was just such a level of openness while we conducted this event. So maybe it was just the magical. Right amount of people.

A

Yeah, that's interesting to hear.

C

Definitely was great.

A

All I know is that a lot of times with public private partnership, there's a lot of friction points. And it's really interesting to hear that you think that this went really, really smoothly. I. I do not hear that a lot when it comes to public private partnerships.

C

Yeah. And this was my first event doing it as an industry individual and for us, as a, you know, for silent push, we. We produce intelligence and we have, you know, unique data. You know, we do data processing. We have a unique platform for that. And we didn't actually have a course of action. We weren't blocking, taking down sites. We weren't, you know, going to arrest somebody, you know, so our role was very specific in understanding, you know, large behaviors and essentially expanding the data set that existed there to encompass more of the Scam Center's virtual space and also mapping it to physical space as best we can. And so being that we had sort of this very niche role, it was awesome to understand the different, like, you know, Meta and Starlink and all the other folks that were there, Coinbase, it was just awesome that they've reached out to us, understood exactly what we do and what our data does, and could quickly understand how to integrate and work together. And obviously that FBI, as the data curator and orchestrator for the whole thing, a lot of they were there in the room to help us through all that, and also plenty of lawyers there to make sure we're not overstepping. But it went so smooth, I can't believe it. And I'm really excited about the next time we can participate in one of these things. We didn't feel any frustration while we were there.

A

So, speaking of the next time, if this model scales and we see more disruption weeks in the future, what does the success look like there? And what's the metric that tells you that it's actually working? Like, obviously, we want to bring these people to justice and we want to see money return to its rightful holders. And is that the right metric or is there something else to consider to make sure that things like this are a success in the future?

C

So I think I'm a little bit of a hard person to ask that question to because I have such a high standard for what we could do. But I do think that that is a great. I'm inclusive. I do think those are great metrics to understand the value of the actions that we're doing. I personally would love that we could stop this particular type of virtual crime preemptively and render it relatively ineffective and see it cycle out like we do with other attack types. I mean, I can't wait till ransomware cycles out. I can't wait till. And then, you know, DDoS will cycle in or whatever. But, you know, it's all stickler. But I can't wait for this to cycle out. And I can't wait that we have a system in place that proactively mitigates, or at least we have a system in place that when we create focus across industry and government, that we knock that down before it gets to the level of damage and impact that this current event has reached. This has gotten way out of hand since 2020. I think that it's. It's gotten to the point that it's integrated a bunch of other nasty criminal aspects to it, other than just online scamming. And you still have, like, lone WOL online scammers. But this has gotten to sort of that industrial scale of it. And I. You know, it's hard to believe that it went unchecked for so long. And so I can't. To me, success is that crime, the crime of these aspects, these, this type of virtual spot never gets this large. I can't say we're going to snuff everything out, but I would, I would love to have a standard where we never reach the trillions and billions of dollars of annual revenue through virtual criminal efforts. Especially since it's this systematic and really like the techniques, the technical aspects underlying under it, the infrastructure build out. There's a lot of commonalities across all of it. We have infrastructure as a service, malware as a service. These are all things that have industrialized themselves as well and are out there and they're just blatantly selling themselves. And I can't.

A

I.

C

You know, it's hard to believe that because of maybe the way our current industry is and the way our governance is right now that we have created too many silos or too much diversity in sort of how we go about tackling these problems, that someone has found out that if we outscale you fast enough, you actually don't have an answer for us. And so my standard of success is that we clearly state that there is no too big to fail criminal organization that will ever exist again and that we will catch you before you even get anywhere close to this size and scale. So that would be my level. But I do think that what we have provided is, is a great marker. I honestly, like I told you, it's a moral issue for me. Like, as soon as you block any of it, I'm happy. If you've got one lone wolfer off the street, I'm happy, you know, but like, if I was to think about the totality of capability across all of industry and our governments combined, and the fact that I've seen us pulled together on different global efforts, I cannot believe that we blinked on this and it got to the scale that it got.

A

Great, Mike. Appreciate you giving us behind the scenes look at the way this all went down. Thanks for joining the program.

C

Hey, thanks for having me.

A

Thanks for listening to Safe Mode, a weekly podcast on cyber security and digital privacy brought to you by cyberscoop. If you enjoyed this episode, please leave a rating and a review and share it with your friends, your co workers, your sizzos, your sizzle admins, your mom, your dad, anybody that wants to know more about cyber security. To find out more information or to contact me, please look for all of our social media handles or visit cyberscoop.com thanks for listening. Check us out next week.