Podcast Summary: Talkin' About [Infosec] News, Powered by Black Hills Information Security
Episode: Inside DragonForce
Release Date: May 15, 2025
Introduction
In the May 12, 2025 episode of Talkin' About [Infosec] News, the Black Hills Information Security team delves into several pressing topics within the cybersecurity landscape. From ransomware group breaches to the evolving demands of AI on power grids, the discussion is both comprehensive and insightful.
1. Lockbit Group Breach
The episode kicks off with a surprising development regarding the notorious ransomware group, Lockbit. On [05:13], Derek shares news about Lockbit's website being compromised:
Derek (05:14): "Someone posted the Lockbit website and it just said, 'Don’t do crime, crime is bad. Xoxo from Prague.'"
This breach revealed a SQL file containing internal chats, victim profiles, ransomware builds, and Bitcoin addresses. The team discusses the implications of such a leak, emphasizing the potential insights into ransomware negotiations.
Derek (07:20): "The chat replay is always fascinating, especially when companies negotiate for decryption of critical files."
However, the group remains skeptical about Lockbit's operational status post-breach.
Derek (07:52): "This doesn’t mean Lockbit's dead. They'll keep going and be fine."
2. Proposed Budget Cuts to Siza/CISA
The conversation shifts to the proposed $500 million budget cut to Siza (likely referring to CISA). Ryan expresses concern over the potential impacts:
Ryan (09:14): "If you're considering cutting Siza's budget, think about the vast responsibilities they handle in cybersecurity."
Bronwyn questions whether these cuts are influencing changes in how cyber alerts are disseminated.
Bronwyn (10:35): "They're changing how they're sharing cyber-related alerts and notifications. Is that because of the budget cuts?"
The team debates the effectiveness of moving from traditional websites to social media platforms for official alerts.
3. Dragon Force Ransomware Group
Derek introduces the topic of Dragon Force, a new ransomware affiliate group, highlighting their recent activities and potential affiliations.
Derek (18:14): "Dragon Force was deployed at companies like Marks and Spencers and Harrods. But ransomware can be rebranded easily, making attribution challenging."
The group speculates on Dragon Force's origins and connections to other ransomware entities like Scattered Spider.
Derek (20:14): "Ransomware groups are so disjointed, with members moving between different organizations."
4. PowerSchool Ransomware Incident
A significant portion of the discussion centers on PowerSchool, a SaaS provider for K-12 education sectors, which fell victim to a ransomware attack.
Derek (21:09): "PowerSchool was hit by ransomware, and while the company paid the ransom, the threat actors are now targeting individual schools for second payments."
The team debates the ethics and effectiveness of paying ransoms, especially when initial promises to delete compromised data were not honored.
Ryan (25:34): "This is a case where paying the ransom is definitely not advisable."
5. AI and Power Grid Demands
Ryan brings attention to the escalating power demands driven by AI advancements.
Ryan (26:37): "Executives from Microsoft, OpenAI, Core Weave, and AMD are pushing for more power to support AI development, anticipating a tripling of energy consumption by 2028."
The team discusses the feasibility and challenges of upgrading the US power grid to meet these demands.
Derek (32:15): "Updating the power grid is essential, but imagine typing 'enter' on a ChatGPT query and causing a grid outage!"
6. AI-Powered Surveillance Cameras
The episode explores the emergence of AI tools like "Track," a surveillance system that identifies and tracks individuals based on outward characteristics.
Derek (36:28): "The tool isn't facial recognition but tracks people using attributes like backpacks, gender, and clothing."
Gabrielle raises concerns about privacy and potential biases in such systems.
Gabrielle (39:37): "Casinos using these tools to monitor patrons raises significant privacy issues."
7. Password Theft Statistics
A Forbes article is dissected, revealing that 19 billion passwords have been compromised since 2024 through various info stealers, with only 1.1% being unique.
Derek (32:15): "Of the 19 billion passwords disclosed, only 1.1% are unique, indicating widespread password reuse."
This statistic underscores the persistent issue of weak password practices among users.
8. Botnet Takedown and Router Compromises
The team discusses a recent operation where a botnet was dismantled, leading to the indictment of three Russian nationals.
Derek (43:49): "They compromised a bunch of routers and sold access as a proxy botnet. Patch your routers to prevent being part of such malicious networks."
This segment emphasizes the importance of securing IoT devices to thwart botnet formations.
9. AI Standards and Reporting Flaws
Ryan highlights the push towards standardization in AI, akin to CVEs in cybersecurity.
Ryan (51:36): "There's a growing effort to develop standards for reporting AI flaws, which is crucial for responsible implementation."
The team agrees on the necessity of such frameworks to address the unique challenges posed by AI vulnerabilities.
10. Chicken News
In a lighter segment, the team briefly touches upon issues related to raising chickens and the associated rodent problems.
Derek (55:05): "If you're considering raising chickens, be prepared for rats since they love chicken feed."
Conclusion
The episode of Talkin' About [Infosec] News offers a thorough examination of current cybersecurity threats, budgetary challenges, and the burgeoning intersection of AI and infrastructure. The Black Hills Information Security team provides expert insights, peppered with engaging discussions and pertinent quotes, making complex topics accessible to a broad audience.
Notable Quotes:
- Derek (05:14): "Don't do crime, crime is bad. Xoxo from Prague."
- Ryan (09:14): "If you're considering cutting Siza's budget, think about the vast responsibilities they handle in cybersecurity."
- Derek (18:14): "Dragon Force was deployed at companies like Marks and Spencers and Harrods."
- Ryan (25:34): "This is a case where paying the ransom is definitely not advisable."
- Derek (32:15): "Of the 19 billion passwords disclosed, only 1.1% are unique."
- Ryan (51:36): "There's a growing effort to develop standards for reporting AI flaws."
This summary encapsulates the key discussions and insights from the episode, providing listeners with a comprehensive overview of the topics covered.
![Inside DragonForce 2025-05-12 - Talkin' Bout [Infosec] News cover](/_next/image?url=https%3A%2F%2Fassets.blubrry.com%2Fcoverart%2Forig%2F577207-646458.jpg&w=1200&q=75)