A disgruntled data analyst decides that the best response to losing his contract is to steal the entire company payroll database and demand $2.5 million in Bitcoin – signing his extortion emails from a company called “Loot.”
Meanwhile, two people drive up to the entrance of the UK’s nuclear submarine base at Faslane and politely ask if they can have a look around. Tourists? Spies? Something in between?
Plus: Female Muslim punk rock group, and a little red book that might save your sanity in a post-truth world.
All this and more in episode 460 of the “Smashing Security” podcast with cybersecurity veteran Graham Cluley, and special guest Jenny Radcliffe.
Smashing Security #460:
Never knock on the door of a nuclear submarine base and ask for a selfie
Host:
Graham Cluley:
Guest:
Jenny Radcliffe:
Episode links:
- A Top Google Search Result for Claude Plugins Was Planted by Hackers – 404 Media.
- Iowa-based Intoxalock cyberattack disrupts calibration service for interlock users – DysruptionHub.
- China hacker group leaks $7M crypto theft operation targeting wallet supply chains – Crypto News.
- Federal Jury Convicts Charlotte Man For Cyber Extortion Scheme That Targeted International Technology Company – DOJ.
- Iranian and Romanian charged after allegedly trying to enter UK nuclear naval base – Sky News.
- LadyParts – Spotify.
- On Disinformation: How to Fight for Truth and Protect Democracy – Lee McIntyre.
- Smashing Security merchandise (t-shirts, mugs, stickers and stuff)
Sponsored by:
- ThreatLocker – Start your free trial and book a demo of ThreatLocker today to see how you can implement Zero Trust in your environment.
- Vanta – Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
- Meter – Network infrastructure for the enterprise. Get a free personalised demo.
Support the show:
You can help the podcast by telling your friends and colleagues about “Smashing Security”, and leaving us a review on Apple Podcasts or Podchaser.
Join Smashing Security PLUS for ad-free episodes and our early-release feed!
Follow us:
Follow the show on Bluesky, or join us on the Smashing Security subreddit, or visit our website for more episodes.
Thanks:
Theme tune: “Vinyl Memories” by Mikael Manvelyan.
Assorted sound effects: AudioBlocks.
Facts Only
A data analyst steals a company's payroll database and demands ransom in Bitcoin.
Two individuals attempt to gain access to the UK's nuclear submarine base at Faslane.
A female Muslim punk rock group named LadyParts is mentioned.
The book "On Disinformation: How to Fight for Truth and Protect Democracy" is referenced.
Executive Summary
Full Take
Pattern Analysis and Deeper Implications:
The news items discussed in this episode highlight several common themes in today's world: cyber extortion, physical security threats, the power of music to challenge societal norms, and the importance of understanding disinformation.
In the first story, a data analyst resorts to extreme measures by stealing sensitive information and demanding ransom in Bitcoin, demonstrating the increasing use of digital means for traditional crimes. This incident underscores the need for robust cybersecurity measures and the potential consequences when they are lacking.
The second story involves an attempt to gain unauthorized access to a nuclear submarine base, raising questions about physical security measures and the potential risks associated with such breaches.
The mention of LadyParts, a female Muslim punk rock group, serves as a reminder of music's ability to challenge traditional beliefs and norms, fostering inclusivity and diversity. This story offers a hopeful contrast to the more ominous cybersecurity-related topics discussed in the episode.
Finally, the book "On Disinformation: How to Fight for Truth and Protect Democracy" is mentioned, highlighting the ongoing struggle against disinformation and its impact on truth and democracy. This theme ties together many of the issues discussed in the podcast, emphasizing the importance of critical thinking, fact-checking, and informed citizenship in an increasingly complex world.
Patterns detected: ARC-0043 Motte-and-Bailey, ARC-0024 Ambiguity (the podcast discusses both cybersecurity threats and music, creating a dichotomy that may suggest they are equally important or worthy of attention)
