Share this page!

MIT Technology Review Profile picture
Twitter logo
17 Nov, 36 tweets, 19 min read
Holding cybercriminals accountable requires cooperation across country lines. That's because the current situation stretches internationally. In this next block of #CyberSecure sessions, we explore how.
As we dive into this topic, we have a special surprise for you. Stay tuned #CyberSecure.
🚨 Podcast Premiere 🚨: In this project with @propublica, we look at the money, people, and technology behind the explosion of ransomware that is delivering hundreds of millions of dollars to cybercriminals around the world. #CyberSecure
SUBSCRIBE to the #ExtortionEconomy on @ApplePodcasts or wherever you get your podcasts: podcasts.apple.com/us/podcast/wel…
At #CyberSecure, we're meeting the series host, @meghann, and getting an inside look at the story behind the stories. #ExtortionEconomy
"What this show does so well is it looks at the motivations behind [ransomware]," says @meghann.
"It’s honestly the weirdest thing I’ve worked on in a good way," says @StrongReporter. #CyberSecure #ExtortionEconomy
Thwarting the increase in cyberattacks has become an urgent priority—and a matter of national security— for governments across the world. Learn about the bold strategy the US is adopting and what results it is achieving with Elvis Chan of the @FBI SF division. #CyberSecure
In five years, will ransomware remain a daily problem in the US as it is today. #CyberSecure
We asked Chan this question. Here's his answer:

"I'm an optimist, a cup half full person. I think ransomware is here to stay. I hope the efforts we’re doing in the US, as well as with partners in Europe, Asia and Africa, it won’t be as damaging and pervasive." #CyberSecure
As the internet evolves, cyber-crime morphs, says Chan. "I’m hoping we’re going to catch up." #CyberSecure
There are fewer federal prosecutors than there are FBI agents. Together, they have to prioritize cybercrime takedowns to make the biggest impact, explains Chan.

That speaks to one of the problems with the proliferation of ransomware as a business and an economy. #CyberSecure
But the US and the FBI have become more aggressive in tackling this problem. #CyberSecure
"All 17 members of the US intelligence community are very focused on ransomware at the moment," says Chan. He also alluded to the national security issues ransomware poses. #CyberSecure
"Ransomware is definitely a geopolitical issue," says Chan, referring to US President Biden discussing it with Russia's Putin and China's Xi Jinping. "There are global rules and norms that you expect mature countries to follow. Sometimes they don’t follow it." #CyberSecure
Chan brought up the cyber-crime ecosystem in Russia. Hackers there might rotate between cyber-crime groups, Russian intelligence agencies, and the country's cyber technology companies.

It's similar in China, he says. #CyberSecure reuters.com/article/us-yah…
The United States focuses on the cyber activities of Russia, China, Iran, and North Korea. However, from a cyber-crime perspective, it's more rampant than that.

"All of these governments look the other way, as long as [these hackers] don't hack their people." #CyberSecure
He also brought up the Israeli company, NSO group, which @HowellONeill has written quite a bit about. #CyberSecure

technologyreview.com/2021/07/28/103…

technologyreview.com/2021/07/19/102…

technologyreview.com/2020/08/19/100…

technologyreview.com/2020/08/19/100…
If you're an organization worried about being the victim of a cyber crime, start a relationship with the FBI or other federal agencies before you experience a ransomware attack. #CyberSecure
That was fascinating. Thanks for joining us, Elvis Chan! Now onto supply chain security. #CyberSecure
In this no-holds-barred session, a former cybersecurity official with the US Homeland Security and current CSO of @Huawei discusses what needs to be done —at both the organizational and national level—to address the issue of global supply chain security. Welcome @andy_purdy!
.@HowellONeill is kicking off this session by adding a lot of context about Huawei. And there's a lot. Here's some of our reporting on it. #CyberSecure

technologyreview.com/2019/02/08/137…

technologyreview.com/2018/12/07/663…

technologyreview.com/2019/05/24/657…
"We are moving from an era where cybersecurity didn't matter to one where cybersecurity is going to matter more than we realize" - @andy_purdy #CyberSecure
Also, Zero Trust in cybersecurity also means don't trust anyone. Don't blindly trust @Huawei. Don't trust @Apple. Don't trust China. Trust instead through verification. #CyberSecure
.@andy_purdy and @HowellONeill are also discussing the Biden administration's latest proposals to beef up cyber space for the US and globally. #CyberSecure

whitehouse.gov/briefing-room/…

cnn.com/2021/11/10/pol…
"We need to find new ways, better ways, more transparent ways to tell what’s going on” to address global supply chain security, says Purdy. #CyberSecure
"the ability to trace back where all the software has come from—and trace it forward" #CyberSecure
"Then, when there’s a vulnerability found, the customer, the operator, and the supplier can determine where the place is in the supply chain that’s affected by this," says Purdy. #CyberSecure
Here's what it takes to find and prosecute hackers worldwide, with @lucasmaurits of @Intel471Inc. #CyberSecure
Handcuffs have not been put on the vast majority of cybercriminals. #CyberSecure
"The internet is basically in the medieval stages," says @lucasmaurits. "If you look at all these institutions, all these laws, and all these concepts, they’re all based on jurisdiction." The internet, conversely, doesn't have geography and doesn't have borders. #CyberSecure
Will the desire to better prosecute cyber crime lead to the balkanization of the internet, asks @HowellONeill as a follow up. It's one we've asked before. #CyberSecure technologyreview.com/2020/12/17/101…
For the cyber underground, think about it like a business, says Lucas. There are three main roles: the access brokers, the affiliates, and the ransomware as a service operators. #CyberSecure
Collectively, their goals are simple: to make money. Their moral compasses are just off, says Lucas. But @HowellONeill notes a common theme is also where these operations exist, in countries without much economic opportunity. #CyberSecure
Lucas and @HowellONeill are also talking about a bungled raid in Ukraine. Patrick actually was able to get the inside story. It's a hell of a read, if we do say so ourselves. #CyberSecure technologyreview.com/2021/07/08/102…
That's it for this block of sessions. We'll see you in the next block at #CyberSecure.

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with MIT Technology Review

MIT Technology Review Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @techreview

MIT Technology Review Profile picture
18 Nov
Introducing The #ExtortionEconomy, a 5-part podcast series with @ProPublica that looks at the money, people, and technology behind the explosion of ransomware that is delivering hundreds of millions of dollars to cybercriminals around the world.
@propublica This is a podcast about ransomware... but it's not really about ransomware.
@propublica It's not about securing your password, and it's not about enabling two-factor authentication. It's not your IT manager telling you how to avoid a phishing attack.
Read 9 tweets
MIT Technology Review Profile picture
17 Nov
Cyberattacks are becoming a “when, not if” reality. In the final block of sessions at #CyberSecure, we'll be providing you with strategies to help your organization fix security vulnerabilities and take the critical first steps after a breach happens.
First up is Alex Jones of @cobalt_io. He's discussing how your organization can reinforce its security strategy to better identify and address security vulnerabilities. #CyberSecure
He's discussing five themes:

-It's not a zero sum game
-It's not a technology problem (it's a people problem)
-The solution requires people and process innovation (the tech is there already)
-It's complicated, but not impossible
-We're all in this together

#CyberSecure
Read 15 tweets
MIT Technology Review Profile picture
17 Nov
Cybercriminals exploit the lack of international cybercrime mandates and the existence of unregulated financial systems that enable anonymous transfer of funds. In this special programming break at #CyberSecure, @MarietjeSchaake explores the changes necessary to stem the tide.
We're seeing an interrelationship between misinformation campaigns and traditional cyberattacks. #CyberSecure
"When it comes to ransomware, the accountability needs to be closed ... That makes it too easy for maligned attackers to gain ground" - @MarietjeSchaake
at #CyberSecure
Read 5 tweets
MIT Technology Review Profile picture
17 Nov
Machine learning-based cybersecurity is only as good as the detection models it’s based on. This #CyberSecure session with Ignacio Arnaldo of @corelight_inc looks at requirements and best practices.
In the previous block of sessions, we touched on how, in 2018, @Darktrace showed that unsupervised-learning models can spot hackers who have already broken in. technologyreview.com/2018/11/16/139…
We also threw cold water on AI for cybersecurity, reporting on how hackers could foil these security algorithms by targeting the data they train on and the warning flags they look for. #CyberSecure technologyreview.com/2018/08/11/141…
Read 7 tweets
MIT Technology Review Profile picture
17 Nov
In this next block of sessions at #CyberSecure, we’re learning about the latest cybersecurity technologies, including how artificial intelligence is being used to unearth vulnerabilities.
There are benefits and drawbacks to using artificial intelligence for cybersecurity. There are also a whole host of other emerging technologies that can defend against disinformation and computational propaganda. Providing an overview at #CyberSecure is @LUMKatrusya.
We’ve written a bit about how AI is being used to detect hackers.
Read 24 tweets
MIT Technology Review Profile picture
17 Nov
We’re back for the second and final day of #CyberSecure. If this is the first time you’re hearing of this cybersecurity conference, there’s still time to attend:
To follow and join the conversation, keep an eye on the #CyberSecure and #TechReviewEvents hashtags.
If you’re an attendee watching the conference from your computer, we want to hear from you. Share your thoughts and questions by also using the #CyberSecure and #TechReviewEvents hashtags.
Read 22 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Thank you for your support!

Follow Us on Twitter!

Like this author's thread?

Get emails when @techreview has new unrolls!

Check out other threads from @techreview!

Read all threads by @techreview

:(