Risky Business #481 -- Inside the Anthem breach with someone who was there

Presented by

Patrick Gray
Patrick Gray

CEO and Publisher

Adam Boileau
Adam Boileau

Technology Editor

This is the last show for the year, Risky Business will return on January 10th 2018.

In this week’s feature Stephen Moore joins us. He was formerly the Staff Vice President of Cyber Security Analytics at Anthem, the healthcare company that was spectacularly owned by a Chinese APT crew in 2015.

Instead of us all just saying “lol they got owned, they’re idiots,” I thought it would be a good idea to actually talk to someone who was there. As you’ll hear, Anthem’s team knew they were being targeted by an APT crew, did its best to fend off the attackers, but sadly they lost anyway.

It’s sobering listening.

This week’s sponsor interview is also just great. We’ll check in with Casey Ellis of Bugcrowd. He’ll be along to talk about this whole Uber mess. A lot of the reporting around the so-called Uber data breach seemed to fixate a bit on the fact that the attacker was paid via the HackerOne bug bounty platform. The coverage has conflated extortion with bug bounty programs, much to Casey’s dismay. He’ll be along later to share his views on what the Uber snafu means, as well as to share his thoughts on DJI’s disastrous bug bounty program.

Adam Boileau, as usual, stops by to discuss the week’s security news, and also to wrap up the 2017 season.

Links to everything are below, and you can follow Patrick or Adam on Twitter if that’s your thing.

Risky Business #481 -- Inside the Anthem breach with someone who was there
0:00 / 0:00

Show notes

1.4 Billion Clear Text Credentials Discovered in a Single Database

APT 34 Is an Iran-Linked Hacking Group That Probes Critical Infrastructure | WIRED

This country's hacking efforts have become too big to ignore

Popular Destinations rerouted to Russia | BGPmon

Italian Prosecutor Makes Request to Close Hacking Team Investigation - Motherboard

Jailed Russian hacker: I hacked Democrats 'under the command' of Russian intelligence agents | Business Insider

Australia Seeks New Gag Laws That Could See Journalists And Whistleblowers Jailed for 20 Years

Mark Di Stefano 🤙🏻 on Twitter: "Twitter says it's removing 3.2 million accounts every single week. A staggering number."

Phishers Are Upping Their Game. So Should You. — Krebs on Security

It's easy to fake Extended Validation certificates, research shows - Cyberscoop

On the value of EV - Google Groups

Nope, this isn’t the HTTPS-validated Stripe website you think it is | Ars Technica

Hackers hit key ATM network in crime spree that clears $10 million | Ars Technica

Want to Launder Bitcoins? How Crooks Are Hacking iTunes and Getting Paid by Apple

Google Releases Tool To Help iPhone Hackers - Motherboard

Android Flaw Allows Attackers to Poison Signed Apps with Malicious Code | Threatpost | The first stop for security news

Tim Watts MP on Twitter: "Hey @riskybusiness - can the Australian political figure single tweet hacker be this week's skateboarding dog?"

Ambassador Joe Hockey's account 'likes' tweet calling Malcolm Turnbull a 'cranky prick'

Mike Arpaia on Twitter: "@dinodaizovi @riskybusiness Even if you're blocking and doing the analysis on the host, that takes cycles for you to make your decision. Nothing is"real time", it's all… https://t.co/qRMSpiY3KN"

Airlock Digital - News