Attila: You do have a lot of tabs on it.
Matt: I do have a lot of tabs all the time, every day.
Narrator: You're listening to the Cyber Secured Podcast, helping you become safer in every way. Now your hosts, Matt and Attila.
Attila: Hi guys, Attila here. And we are going to talk about cybersecurity.
Matt: This is Matt. Welcome to our first episode.
Attila: We're going to edit that out because we don't want people listening in to think that we haven't done this before. We've actually done a lot, a lot, a lot of webinars and interviews. But we thought that if we actually did a podcast, people might listen a little bit more to what we have to say to keep them safe. That's our goal is to keep the community safe from all the new cybersecurity threats because they're always evolving and there's always something new to talk about. And if you can listen to this podcast while you're cleaning the house or doing dishes or mowing the lawn, whatever you like to do on a Saturday morning, then that's great for us. So yeah, awesome. But we try to keep these short because I don't know about you, but I have a pretty short attention span. Don't you have a pretty short attention span, Matt?
Matt: I do. From moment to moment, I'm usually jumping between a dozen different tabs of things in my windows.
Attila: You do have a lot of tabs.
Matt: I do have a lot of tabs all the time, every day.
Attila: Yeah. I think Matt and I are kind of opposite in this way. I'm kind of a weirdo. When I'm done working on something, I close my browser.
Matt: I do that once a month.
Attila: Yes. At most. Or at least, no. But yeah, we like to start with a story. And we like to talk about the kind of firsthand experiences we come across or things we hear in the news. And we did have a recent thing that happened, and we wanted to talk about it because there's some good learning lessons that we can have. And it also ties into our Riskara behavioral risk assessment. So when we created a wonderful assessment tool for businesses to look at their employees' habits and find out what is their level of awareness to cybersecurity issues, what are the behaviors that have arisen from those habits, and then what habits have formed from those behaviors. And then overall, what is the organization's level of resilience to security threats. Because it all really does come down to employee behavior. The best tech in the world we are discovering has holes. And yes, Matt is agreeing. You don't see him, but you can hear him. You can hear his neck creaking with agreement. It is just one of those tough things that as defenders, as network defenders, we have to deal with all the time. We think we have a network completely secured, and then the manufacturer will release a patch for a zero day. And we have to scramble to make sure to apply all those patches before the bad guys get in. Because I bet you money that as soon as that announcement is made, the bad guys are also taking advantage of that announcement because the exploit has been published.
Matt: On top of that, a lot of the things we see and hear about are situational issues that will happen with someone with a vulnerability that exists in the wild. It was a really simple thing. They Googled how to set up my Amazon Echo, clicked the first result, went to a site that offered help, downloaded something the support person asked them to download, and suddenly their bank account was being drained. Google allows anyone to put ads up, and malicious actors took advantage of that. Because they willingly let the support person into their computer, they were technically at fault.
Attila: Yeah, what's that called? Ad poisoning?
Matt: Yeah.
Attila: And that's not slowing down at all.
Matt: No, it's ramping up quite a bit. People aren't aware, and awareness is part of what we're trying to spread. It just keeps happening and growing.
Attila: And that's the whole point behind Riskara 360. You have to start with frontline employees all the way up to management. Where are you standing on these things? We developed these questions after a lot of pain and suffering. We like to ask where a question comes from and what the root cause is. One of the questions we ask is: I feel safe using my work computer to take care of personal things like social media, personal email, and shopping. If you answer yes to that, you probably shouldn't be doing that at work. And there's a story behind why.
Attila: It was a local company using a personal computer for payroll. Matt, what happened?
Matt: We got a call from their HR company. The payroll manager had increased her pay rate to something like $1,000 an hour. Three people were affected. It looked suspicious and pointed directly at her. But it turned out she was the one who reported it. We dug into the logs and saw the initial malicious access came from her home in Hawaii, and later one login came from Seattle.
Attila: To be clear, she's in Hawaii, not Seattle.
Matt: Exactly. We obtained the laptop, did forensics, and found malware stealing tokens and using her laptop as a proxy. The attacker likely forgot to turn on their VPN once, which is why Seattle showed up. She probably downloaded something while shopping or looking for help, and that was all it took.
Matt: The attackers realized she handled payroll and tested what they could do. They didn’t get away with the money because it was caught and reversed, mostly because she noticed it herself.
Attila: This is also why browser extensions and ad poisoning are such a big problem now. Some of these phishing sites have thousands of lookalike domains with decent reputations. Even sophisticated software struggles to catch that. That’s why behavior and awareness matter so much. Skepticism is key.
Matt: Working from home isn’t inherently bad, but you need guardrails. A lot of companies don’t think twice and just let users do whatever they want. If you allow that, there needs to be systems in place to protect the business.
Attila: So what's the happy ending?
Matt: No money was stolen. The payroll manager didn’t get a raise, but they caught it early and figured out how it happened.
Attila: We keep seeing this happen over and over, especially since COVID pushed everyone home.
Matt: Our tools are more sophisticated than ever, so attackers are going after the simplest route. People are the last unpatchable vulnerability.
Attila: Unpatchable. That’s a good way to put it.
Matt: We’re trying to do an audio patch.
Attila: Audio patch. Patch Saturday. Nobody wants this during the week.
Attila: We want to keep these podcasts short, share stories, and share information. We’ll be releasing these regularly and eventually putting them on YouTube. However you’re listening, keep tuning in and we’ll let you know when the next one drops.
Attila: If you have questions, reach out to us at cypac.com.
Matt: Thank you.
Attila: Thanks for listening.
Matt: Stay safe out there.
Attila: Stay safe.