Welcome to today's PTG podcast, where we talk about the latest breaking cyber news. And. I was just reading where it says that, it looks like Russia. Is laying the groundwork for cyber attacks on us infrastructure.
yup.
So I know yesterday we were talking, I was like, oh, I wonder if they're going to hit small companies but really, again, looking at colonial pipeline, they could hit just about anything
Well, and there was already I don't know if you saw this, but there was already. Some evidence of scans. Against, I think the top five energy companies in the United States.
No, I didn't see
that. Yep. They, the FBI reported that they literally have proof that they scan the systems for software vulnerabilities, which again is why we so strongly suggest using the right tool. Because even when vulnerabilities are found in software there's tools that can help to prevent, exploit even in the presence of vulnerability. Cause these, some of these software tools are very intelligent.
Yup.
It's really astonishing. Isn't it to think that there are, while we do know that right now, there's not a silver bullet, although we may be getting close to it. There's so many advancements happening in quantum computing last night, I was up just literally dropped to the floor.
Like some of these advancements are just groundbreaking, but while we don't have a silver bullet right now, It's really shocking to see that critical places as our power grids and it's things like that, that our nation relies so heavily upon not using the best tools available. That is really shocking, like the best tools available right now. We know what they are and they're not using them.
I feel like a lot of it is relationships versus common sense almost. So it's if they have existing relationships with vendors, even if it's not the right choice we've worked with some people too that were maybe a little behind the times. And it seems like a lot of things that are government related are be really behind And
slow to. And you started tracking all the red tape all that. And then you don't have the swift ability to act the mobility and the agility that's required to stay aligned with the cutting edge and keep yourself protected, you start to fall behind
I think it's similar to, I think it's similar to medical too, where a lot of those systems are they have big control systems and they're probably using outdated. Sadly, probably Microsoft's a windows operating systems that are outdated. Gosh, they're probably still using windows XP in certain situations. So, th you'd be surprised that the statistics of people still using ancient operating systems like that.
And I think the big picture here is that you just can't connect those things to the internet, give them free reign. When there are so many security holes there. And that's why like BJ was saying what the XDR, that's a nice layer. Not going to protect against everything, but at least it's A more effective solution at detecting exploitation of some of these weaknesses and visibility. And then, certain situations, you might not be able to patch a scatter system for example, but.
At least you have that sock. And first of all, you have the technology and then you have a sock, a 24 7 security operation center US-based background checks, cybersecurity engineers watching over everything, 24 7, at least you ha if you have that type of. in place. That's going to significantly reduce the odds of a breach. It's not going to protect against everything or all situations, but like I saw yesterday, there was Microsoft reported a huge OAuth breach and It's called OAuth.
Oh, Off. And basically, have you ever logged into a website and it says. Instead of creating an account log in with Google or Facebook or something like
yes, it does appeal to that these
days.
Yeah. So that's what OAuth. is. It's that middleware that allows you to skip the account creation process. by granting access to one of the things, your username password for one of the other platforms, and then authorizing it by API.
Okay.
So that was breached. And that was confirmed yesterday. So if you have this is a perfect example of something like XDR, this would be out of scope, right? So that's on a cloud hosted, probably a big provider like micro. You and I are not going to have access to their security, right? It's not
Oh, so explain that for a second though, please, Craig, because that's becoming very prevalent on the way. I've you see that with a lot of sites now where you can log in with Google or Facebook or apple even. And so what is it who is whose technology is that? And is it centralized? Like where, what is the vulnerability.
I think it's an open source middleware. layer that typically uses what's called API technology to, to link two systems together. And it basically more rapidly allows for user creation and onboarding. of you creating A unique username and password, you would reuse like your Facebook login or your Gmail login, for
But is that technology like owned by the same place and reused by all these different apps that use it? Or is it different? Although places it's used or.
No, I think it is centralized. I'd have to research it to know for sure, but I'm pretty sure that it's a centralized almost like a Microsoft that. out with it. It might be open source though. Again, I'd have to research it. I, all I know is that it's like a middleware kind of software that allows the user to bypass the unique credential credit creation on the site. By leveraging. I never used to like it, to be honest with you.
I've really not used that function before, because I always thought if they get breached, then. You know that's a problem. And then here we are, they got breached yesterday.
Wow. Wow. Yeah, Cause it's there's, I've been seeing it. I've been seeing an uptick in the presence of that API. I used to see it like once in a while. And now I see it on almost every platform I use almost every platform offers me to log in that way.
Did we just lose
credits? No, I think he was just on,
Yes.
on mute
I left everything open for you. So downstairs is all open. For the crawl space and whenever you're ready. to cross, the sciatic is right there. Great.
That's I've thought about that. I'm like, okay. Do you
and then You can change the media filters to
Facebook or whatever. And I'm like,
replace the filters.
how does this work? I've never actually looked into it.
So I use it all the time personally. Like I, cause I've been seeing it so much lately that, and it's so convenient, because gosh, that's. That account creation step is such a hassle and it's just so tiresome to do it over and over again. it's very convenient, but here we go with the convenience versus security thing, like who's, I wonder what we'll have to do some research and see who's technology.
Is it, and is it is it one piece of technology that's being used over and over again by lots of different platforms?
Yeah. Yeah. I, again, I'd have to research it to know for sure. I don't know if it's, if the breach was associated with just the OAuth layer itself or was it. O auth with Microsoft or OAuth with Google. I don't know if all of the systems were breached. I just have, I just know that. Prior to yesterday. I knew there were some vulnerabilities and risks there. But then I saw the news yesterday that there, there was a breach. So, let me see here. Pasted a couple of
That's I always hold my breath. When that question comes up, who done it
So it says Lapsis L a P S U S dollar sign. Lapses hacking group. Breached Microsoft and an authentication from Okta. So it looks like the authentication it's w the company is called Okta. So it looks like that's one single company. I don't, it must be centralized like one centralized company.
So also big news yesterday was the Greek public postal system was hit with ransomware their services were offline. So literally like people were not getting mail, I guess their postal service public postal service was offering.
Yeah, I saw that. Here's the, I'm going to share my screen here and I'll show you. I'm just going to make this a little bigger so you can probably see it. But this is right on okta.com. Can you see that?
Yes. Yes.
So this is right on okta.com website. This is their statement. They're looking to do a thorough investigation. About the hacker group. So it says that a small percentage of customers, approximately 2.5% have been impacted. And their data may have been viewed or acted upon. So they have a breach. It looks like their initial investigation says it's 2.5%, they'll have to do their forensics to figure out if it was really more than that or not. But.
And we know from, we know just from how breaches work, that what the initial picture looks like is not always the accurate
What's strange though, It's like they, then they go over here and say, Octa service has not been breached. And remains fully operational. So it's confusing. It's So was it preached or not? Cause it
Yeah.
here.
So it sounds like maybe some of they're saying that some of their, a small portion of customers got breached, but not they're saying not their technology somehow.
Yeah, I don't know what. I have to study this some more. I think what they're saying is Only 2.5% of their customers were affected. what's weird is they use the, they don't use the word breach there and then they say here, That it wasn't breached down here. So it's confusing. we'll have to just wait and see what the final. Report says. but other websites were saying that it was breached. So I don't know. It's kinda early to tell
Yeah it sounds like to me, what I'm taking away from this, and I could be wrong of course, but it sounds to me almost like they were breached, but they don't necessarily know the extent of the breach, because it says that they're looking into the claims that. the hacker group breach them. So to me, it sounds like. They don't. Yeah. they. don't know yet. They probably were.
So there, they can probably say this with honesty, but it's a little bit, it seems like it might be a little misleading and maybe I'm being a little bit cynical, But that's kinda what it sounds like to me.
what's strange is so if you pull up another website, like here, CNN. It says Octa concedes, hundreds of clients could be affected by breach. And then it says here on wall street journal, this was an hour ago. Okta says hundreds
Yeah.
customers may have been caught in a hack. Or in hack.
Yeah, it says they've got Octa has over 15,000 customers. So I'm guessing that's a lot of the platforms that we see that technology on.
But yeah.
Yeah, it seems very clear that there, there's trying, they're scrambling to clarify what's going on. So there's not really a clear answer
right now. And it sounds a little bit too okay. So if you think about it, they have hundreds of customers. How many. Credentials did all those hundreds of customers have. Cause it's it's almost like they're trying to minimize the impact of it, but it's, so if
one of those or whatever, like that
It could be millions.
That's a good point. Cause there are mentioning 15,000 customers, but these are not, they don't seem like consumer customers are platforms.
My
takeaway. Yeah, That have, who knows how many customers, so a lateral movement on a platform, on a system like that when you have 50,000. Platforms that have millions of customers, the lateral movements that we know are so common in, in breaches now. I'm no mathematician, but that sounds exponential to me.
Craig, can you make me a co-host real quick? I'm sorry. I think when I made you the host it. Yeah,
Microsoft confirmed that the lapses extortion focused hacking crew has gained limited access to it. Systems authentication services provider, Octa that nearly 2.5. Okay. So 2.5% of its customers have potentially been breached. And it sounds like Microsoft was one of them.
Yeah.
mom that they're there. They have that ha hacky crew has gained limited access to its systems.
That's huge.
That
could be huge.
Yeah.
That's so interesting because not all things just seem to go in tandem because when I was talking, when we first started today about the jaw dropping advancements in quantum computing lately, they sent around the weaker. Microsoft has partnered with ion Q, which is they're really leading things in the contract computing space with their trapped ion technology.
But so that's, what's going on Microsoft Azure, but also Microsoft has released a groundbreaking breakthrough that their team has made in regards to topological cubits. And that's really significant. And so it's interesting that now Microsoft is now. Their systems have at least partially been breached, like how interesting, how it goes in tandem.
Isn't it also interesting that these big providers like Microsoft and obviously they're the. They're in the cross hairs of the hackers. Cause there's the bigger payday, isn't it also interesting how people over to the these platforms for, cloud services, right? So a lot of customers, small, medium and large enterprise have moved to the cloud and moved their information and their data to the cloud. And then now there's all these breaches that are happening.
it'd be interesting to learn and understand if they're going to, there's going to be a push backwards, to bring things back in house for businesses, on premise, opposed to cloud. And, I always recommend that use encryption, even when using a cloud service, because at least if you encrypt your data in the cloud and hackers breach defenses of Microsoft, for example, then at least again, it's a layered approach, right? So at least they would hit a encrypted payload. it's just interesting that.
We're in this kind of dynamic where lots of companies for I don't know, past decade or so have moved to the cloud because it's oh, it's grass is greener in the cloud. It's, utility cost it's cheaper. I don't have to buy expensive servers anymore. And then now I think you're going to see. I've already saw some data on this, where companies are actually bringing the stuff back in house now, and they're not doing cloud anymore. So it's it was like this big experiment.
And here's this guys, this was buried in an article, like way down deep. I find so many interesting things buried, right? Craig taught us with the settings the other day, the interesting tidbits are always buried. So I found an article last night. That was, oh my gosh. I have to mention that to you guys. But listen to this, it's buried in this article. It says of particular concern. This. From CloudFlare is saying this of particular concern is that the breach has it.
Hadn't been reported for the last two months. So this is not new. This is only being talked about now it happened two months ago. So they've had two months of dwell time. Now this lap lapses and of particular concern to me reading this is that it says Microsoft described lots of us as a group following pure extortion and destruction model without deploying ransomware payloads. So this sounds more an attack. Seeking to destroy. They're not asking for ransoms, they're just trying to destroy.
So when that happens, then when we start being state actors and things of that nature, but listen to this, I read an article last night and the headlines were totally misleading. The article said something about the headlines of the article said that hackers and especially like foreign threat hackers are now focusing on like financial. And the financial system and the AIS and the financial system. But when you dig into the article and start reading it, there's actually a term for it.
Now it's called machine learning security, because I guess of these some of the AI machine learning, models that especially are used in the financial the financial sector, those models are very bold. 'cause they there's never been, this is a evolving field. And so the machine learning models are vulnerable to cyber attack. And so I guess some of the state actors are actively looking to exploit the machine learning models used in the financial sector.
And here's the tidbit that was hidden at the bottom. The real concern here is that they're worried that they can't. Exploit vulnerabilities in these financial machine learning models and cause them to believe certain things to be true and cause it to affect pricing on the stock markets. Wow.
So what's
They're talking about the algorithms that decide the pricing
models.
I think kind of sheds more light on is the need for code review of the, the coding layer of the machine learning in this case. There needs to be annual or quarterly code review. The language that's chosen like Python, for example, is popular at AI and ML. But the point is that. you're not vetting and testing the code, how do you know what's really in there? It's what I've said for a long time. Like when you buy products off the shelf, you don't know if there's hidden back doors and
And there are techniques that they use, like those heavy DVOs techniques and like where they use okay. We know, that they became very good at like social media profiles, like mass amounts of fake profiles. That's the concern with the financial machine learning models that they can produce these high level.
Inaccurate profiles and information and they can cause the actual machine learning algorithms models to make decisions contrary to what the financial system wants them to make based on their coding. But they're making these decisions based on the high level of inaccurate information they're being fed by the hacking teams. And so literally we're talking about.
A possible upheaval of a financial system, because if the stock markets were to be affected by these machine learning models, what is the ramifications of that? Wow. We're talking about groundbreaking potential here. This is a possible upheaval of a whole system possibly. If that, that is huge.
That's definitely crazy to think about for sure.
With. Based on a large amount of information data that these machine learning models were fed. You could have a complete.
Could you imagine if some hackers changed the price to like Microsoft or Google stock to a dollar, even if it was just for an hour and then if people bought it that price, now they have supporting evidence that they paid a dollar for it or whatever. So like, do you fix that?
Yeah. How can you, yeah, right? Especially if the algorithm, it wasn't, it didn't go down. It just made a decision. Because it makes its decision based off the data.
the glitch that I took a screenshot of? I think it was like six months ago where it was a glitch in the crypto system. I think it was on Coinbase or, And it said that I was like a, truly an error or something. I was
yesterday, my baby, it started playing this game on his fire tablet. He's two years old. He's going to be three. this is the one that calls himself.com dragon. He was playing this game called subway surfer. And you guys probably heard of it. I'm not a gamer, but it's a very popular game and you have to buy tokens like with actual cash, you buy tokens. Some glitch happened in his tablet and he has 10 trillion tokens. I, my daughter, who's 12 gamer. She's beside herself.
She's Oh, my God. And she won't give his tablet back. Cause she like, she's bought everything. Get some goods has awarded my baby 10 trillion tokens on this game. And she's a big gainer and she's that's impossible. Like I've never seen that before. But yeah, he's got every, everything you can possibly have in this game now.
Oh, my
And that's crazy. Something just happened. I don't know
what happened, but something, oh, you better check and make sure that he didn't accidentally find a way to buy all
Yeah, you're going to get the
That person, my bank account, it would have been denied. No, this was But now I'm just hoping the same blitz happens to my crypto wallet. Sorry. Yeah,
pretty please. Or maybe the AI will get into the stock market. Everything will go down and we'll be all be trillionaires.
Yeah. It's the same queue. Cause I posted an article to you guys in the chat this morning about some analysts, some big crypto analysts are predicting that. Th that crypto Bitcoin and altcoins is going to go parabolic in April. And it's wow. When you really look at all this, like they're worried about the financial models being manipulated, and then you have a possible crypto bull run come in. Cause we've been expecting it for, we've been in a holding pattern.
Everybody thought it was coming like last summer and definitely by the winter, it didn't come. Maybe there was, who knows what was going on behind the scenes. But it seems like now there's a lot of chatter about it. And then you have the inflation, you have all this stuff, like even Tesla raised their prices on their satellite internet recently space X, because of inflation and we've seen evidence of this happening with cash.
And then now you have talked with the bull run with crypto and you have risk of financial models, making decisions based off whatever data they're being fed by bad actors. is wow, are we on the verge of a perfect storm
here?
maybe
Yeah. And the, oh my gosh. If I can find it quick enough, I'll read to you what Microsoft didn't post this very publicly, but they sure did put it on their research blog about this advancement, right? Okay. Here it is about their topological cubits. This is a major breakthrough and they say on their books.
From Microsoft and we believe ultimately it will power a fully scalable quantum machine in the future, which will in turn, enable us to realize the full promise of quantum to solve the most complex and pressing challenges. Our society faces. This is major
Yeah. That's awesome.
Yeah, it's very interesting, but it sounds like they might need the help of their quantum machine to deal with their possible that happened with the AP, because I guess there's no time like the present for the machine to rise up and help.
And Craig, I told BJ when we talked a little bit this morning and I told her. That if Bitcoin or crypto did take off and I do become a millionaire, I'll stay working for you.
Oh, thanks.
I was like, if we can do podcasts every day, we can keep doing this every day. And my boyfriend can just go build a boat somewhere. I was like, life would be great.
That's right. Yup.
Great. You guys, because last year, Craig I spent a lot of time researching altcoins and I, to this day firmly believe that some of the decisions that were made were very smart. And even though they haven't been fruitful yet, I don't think that changes the fact that they were very smart decisions because of. Power and research and digging deep into things yields good results.
There was an article popped up this morning and it says that basically, and maybe this has something to do with people talking about crypto going parabolic next month, but there was this quiet article saying that internet computers. Point is possibly the layer to web three because it takes the reliance off of web two tech away because this internet, computer blockchain, it ties all the web three blockchains together and makes them interoperable. And and that's the internet computer.
And and we know that there's the CYA coin that, has the decentralized storage and it's actually running the most transactions of any blockchain per day. And. I find that internet technology on it. And when you factor that with internet computer, that all the blockchains together, you can see yesterday, we were talking about the current tech. If you were to picture it as one, entity was a patched, a monster walking around on crutches.
But then you look at what I just described there and you see something different. Like more like a quantum machine, possibly. So maybe it's all, at the same hour. We have a possible crypto bull run because we have that final layer with the internet company.
I guess we'll have to see.
which is currently down 98%, just so everyone knows just FYI, we don't give financial advice, but it is down 98%
might be an
opportunity to buy. Yeah, I sure. I sure am looking into it.
All right guys. We should probably.
right before we go, Craig I just want to ask, so what is it, do you have any advice that we can give our listeners as to what to do to protect against this OAuth now?
Yeah. What I would do is I would log in to any websites that you're using. And change it, you can change it so that you can change your password and, maybe create an account or set up a different email. That's secondary and just just, that's one way to mitigate the risk. So it's not affecting you. it could be, there's so much more investigation that has to happen to see, but it could be too late, meaning it could be that your data was already, you could be one of the 2.5%,
have to be one of the 2.5% cause Microsoft was, and
Yeah.
to Microsoft. That's where the numbers get tricky. Because Microsoft was part of the 2.5%, but everyone's part of Microsoft.
Yeah.
I guess too, though if that is the case, if their data is already stolen, that sucks, but maybe it's a good time to go. And like you said, update passwords.
Yeah. Yup.
addresses, things like that, because if they steal your credentials, then you're you reusing the same password and login information. They can get into whatever they
So this is.
time to look at the right tools. XDR cause like you pointed out Craig, it's not a, it doesn't have a protection for something like this, but what it does have is the ability to change its code. Every. And be coded to look for certain things. so once we know what this breach is doing, that algorithm will be coded to look for those things. So that's, again, the XDR is the right way to go for this kind of.
Yeah. But even putting that aside that I, this is why I don't usually use something like That because let's give you an example. Let's say I go to a website and I don't create an account, But. I click on, Maybe I use Gmail and I click on okay. Use Gmail instead of, and skip the account creation process because it's faster and easier. The reason why I've never done it is I don't want if they have a breach, now they have my Gmail username and password.
So I have multi-factor set up on all my properties. So even if they got the username password, they're going to get stopped by that layer. But it's still though, like you're trusting. It goes about how much do you trust each of the vendors that, you're doing business with, or if you're not even doing business and you just use their service, you still have to give them a certain amount of trust. And quite frankly, with the world that we live in now and the threat.
I think we should move to more of a zero trust or a trustless, methodology where create an account on your own. Go through the extra hoops and layers, use a unique username and password. Apple has recently took it a step further. they even create what's called burner emails. so, you can actually never disclose your email address and create fake emails that are associated with yours.
Okay. You can, as a consumer, be more stingy about the information that you give out and that'll better protect you too.
Thank you for
that.
yeah. Let's wrap up here for today. And then we can continue on tomorrow.
Sounds good. Do you guys have a great day?
Thanks you too. All right, bye.