The UNSECURITY Podcast – Episode 73 Show Notes – COVID-19 IR

Hope you and your loved ones are well! We can’t understate the importance of physical, mental, and spiritual health, especially in times like these.

If you missed last week’s show notes or episode 72 of the UNSECURITY Podcast, there’s some pretty good stuff there.

Episode 73 Topics

Topics for episode 73 of the UNSECURITY Podcast include:

  • Opening
  • Catching Up 
    • The first full week with a closed office.
    • Staying sane and healthy at home.
  • COVID-19 Affects on Information Security (some of them)
    • Introducing our special guest, FRSecure’s Director of Technical Solutions and Services
    • Incident Response During COVID-19
      • Current Events/Incidents
      • FRSecure’s IR Risk Registration (what is it and why would I consider it?)
    • COVID-19 Scams and Attacks
      • What have we seen?
      • What are we planning for?
    • Physical Security Considerations
  • The Daily inSANITY Check-in
  • FRSecure CISSP Mentor Program Update
  • Wrapping Up – Shout outs

You can find the full show notes near the bottom of this post. Before getting there, I need to get some thoughts out.

Thoughts

It’s been 13 days since FRSecure and SecurityStudio closed their offices. All of us are still around and working, but it’s crazy how much life has changed. Personally, I’m still struggling to make sense of things and I’m mulling over COVID-19 data almost obsessively. The COVID-19 scoreboards plastered everywhere don’t help. On one hand, I like being informed. On the other, I’m tired of tracking the number of infections and deaths.

As I write this, there are 140,164 infections in the United States and 2,476 deaths. What does this mean in the context of everything else? How do I make sense of these numbers? Here’s one attempt:

What does a “normal” 30 days look like in the U.S. for deaths/mortality? According to the CDC, there were nearly 3,000,000 deaths in the U.S. in 2018 (the latest data available). Using this data, here are the number of people who died within an average 30 day window:

  • 53,867 from heart disease (the top killer in the U.S. with 655,381 deaths)
  • 49,255 from cancer (#2 – 599,274 deaths)
  • 13,736 from accidents/unintentional injuries (#3 – 167,127 deaths)
  • 10,029 from Alzheimer’s Disease (#6 – 122,019 deaths)
  • 3,973 from suicide (#10 – 48,344 deaths)

Compare these numbers to where we’re at now with COVID-19. I’m NOT at all minimizing the impact of COVID-19. I’m trying to make sense. I know the number of infected people and deaths will rise significantly over the coming weeks/months, and sadly, we’re in for more terrible news. I’m trying to understand what the numbers mean in the context of other things that aren’t as foreign to me.

A single sick person and/or a single death is sad enough, let alone thousands.

OK. Got that off my chest. Lots and lots of great things going on at FRSecure and SecurityStudio. The best place to keep up with them right now is probably on social media:

Let’s get to the show notes now!


SHOW NOTES – Episode 73

Date: Monday, March 30th, 2020

Show Topics:

  • Opening
  • Catching Up 
    • The first full week with a closed office.
    • Staying sane and healthy at home.
  • COVID-19 Affects on Information Security (some of them)
    • Introducing our special guest, FRSecure’s Director of Technical Solutions and Services
    • Incident Response During COVID-19
      • Current Events/Incidents
      • FRSecure’s IR Risk Registration (what is it and why would I consider it?)
    • COVID-19 Scams and Attacks
      • What have we seen?
      • What are we planning for?
    • Physical Security Considerations
  • The Daily inSANITY Check-in
  • FRSecure CISSP Mentor Program Update
  • Wrapping Up – Shout outs
Opening

NOTE: The show notes were written by me (Evan), but Brad’s leading this episode.

[Brad] Hello listeners, this is another episode of the UNSECURITY Podcast. My name is Brad Nigh, this is episode 73, and the date is March 30th, 2020. Joining me is my co-host Evan Francen. Good morning Evan.

[Evan] Good morning Brad!

[Brad] Also joining us for the show is our special guest and FRSecure’s Director of Technical Solutions and Services, Oscar Minks. Good morning Oscar!

[Oscar] Says good morning or something with his cool southern accent.

[Brad] We’ve got lots to talk about! As is our custom, let’s get started by catching up quick.

Catching Up

Topics here include how we’re coping with COVID-19, the first full week with a closed office, and staying sane (and healthy) at home. Brad found a really good video online; Covid-19 Protecting Your Family, Dr. Dave Price

[Brad] Here’s a can of worms (maybe). Let’s talk about some of the effects that COVID-19 has on what we do. Some of the effects on information security, starting with incident response and physical security. We already mentioned that we’ve got our special guest Oscar Minks here. He’s got some good insights to share, and this should be a good discussion.

Discussion – COVID-19 Affects on Information Security (some of them)
  • Introducing our special guest (again), FRSecure’s Director of Technical Solutions and Services
  • Incident Response During COVID-19
    • Current Events/Incidents
    • FRSecure’s IR Risk Registration (what is it and why would I consider it?)
  • COVID-19 Scams and Attacks
    • What have we seen?
    • What are we planning for?
  • Physical Security Considerations

[Brad] Sadly, the frequency of scams and attacks only increases during times of distress. It’s important that we keep our eye on the ball and not compound our problems with an information security lapse.

OK, switching gears now. Some people are struggling right now. Struggling with making sense of things, struggling with employment, struggling with anxiety, or struggling with any number of things. We started this thing called the Daily inSANITY Check-in last week. Evan, tell the listeners about this thing.

Daily inSANITY Check-in Discussion

The purpose of the Daily inSANITY Check-in is to provide a safe place for people to discuss current events, information security things, challenges we’re facing, or whatever else comes to mind. The check-ins are short (30- to- 60-minute) daily meetings with discussion. People are always free to come and go as they please.

[Brad] The Daily inSANITY Check-in is just one place to get support out of many within our community. The point is to find help when you need it and to help people where you can. It’s cool to see so many people rally and help.

FRSecure CISSP Mentor Program Update

[Brad] Real quick, we made an announcement last week about the FRSecure CISSP Mentor Program. We’re happy to say that we are still going through with this year’s class! The only change is that we have cancelled the in-person portion of the program. As of last Monday, the 23rd, we have 1,007 registered students! That’s crazy! Oh, and I should mention, if you haven’t registered yet, registration is still open.

Wrapping Up

[Brad] No news this week because we had so many other things to talk about. Two last things to mention:

  • Our pal Ryan Cloutier, aka “Cola” just wrapped up the second episode of his K12 Cybersecurity Podcast. It’s a great podcast and you should give it a listen!
  • A shout out to one of our regular listeners, Olga Hoogendoorn – Startseva. Evan promised to give her a shout out because she’s pretty awesome!

Well, that’s it for this week. Plenty going on and lots to do.

Thank you for listening. We’re a couple of guys who really care about you. We’re hoping you all stay healthy and sane! We love hearing from you, so if you’ve got something to say, email us at unsecurity@protonmail.com. If you would rather do the whole social thing, we tweet like that. I’m @BradNigh, and this other guy is @evanfrancen. Also, don’t forget to check out @studiosecurity and @FRSecure. They post some good things! Let us know how we can help you!

That’s it. Talk to you all again next week!

The UNSECURITY Podcast – Episode 72 Show Notes – COVID-19

Hi everyone. We’re hoping and praying for everyone’s health and mental well-being right now. Take care of what really matters, yourself and your loved ones.

Episode 72 of the UNSECURITY Podcast will be dedicated to continued discussion about COVID-19 and what the pandemic means, in our daily lives and in our vocation as information security people. It’s the topic on everyone’s mind, so to not talk about it seems a little tone deaf.

Before we get to the show notes (below), I’d like to highlight a few things going on around here.

One Word

What one word would you use to describe your past week? If you’re a Twitterer, let us know by tweeting your word with the hashtag #UNSECURITYoneword. Be sure to include us (@evanfrancen and @bradnigh) in the conversation.

Not Adjusted Yet

Not sure about you, but I haven’t adjusted yet. I’m an introvert, so I was expecting to thrive in isolation. I was wrong (for now). I was surprised to learn how much personal interaction really means to me.

Everything seemed different this past week and I was definitely a little off my game. I had trouble focusing on tasks and struggled with processing events occurring all around me. Nothing made sense at times.

On Tuesday (3/17) we (FRSecure and SecurityStudio) closed the offices, and by the next day, almost everyone was online and functionally working from home. Since there was nobody at the office, I decided to work from there.

The empty office was quiet. Too quiet. The quiet forced me to realize how social we are in our office. Every (normal) day is like a family get together. A family get together where everybody actually likes each other.

In a quiet office there are no dumb office jokes. No laughter. No smiles. No fist bumps. A quiet office is just filled with empty. Our office was filled with empty and me. It was a eerie and it was lonely.

I’m assuming the adjustment will just take time. Between now and then, let’s all keep our head up and look for ways to help others. Helping others can be a great coping mechanism!

The Pledge

Also on Tuesday, I wrote a pledge and posted it on LinkedIn. This pledge is one that I plan to live by, especially now.

My pledge:

  • I will NOT panic.
  • I will NOT give in to fear.
  • I WILL think things through.
  • I WILL make prudent decisions based upon the best (non-biased) information available.
  • I WILL be the person I’ve always been and learn to be better.
  • I WILL help my fellow humans whenever and however I can, putting my family first.
  • I will NOT use this (or anything else) to take advantage of people, and
  • I will NEVER put someone in danger if I can help it.

coronavirus panic fear think prudence decisions learning helpingpeople

What Else

We did a lot this past week.

The Impact of COVID-19 on Information Security Webinar(s)

In the midst of the chaos, we decided to put together a last minute webinar for Wednesday (3/18) afternoon.  Our motivation for the webinar was to help people and bring calm to the storm. Despite last minute arrangements and everything else going on, we had ~250 people come to the first session. Participation and interaction was more than we expected! There were many unanswered questions after the first session, so we decided to do a second session on Friday (3/20).

The topics we discussed were:

  • Introductions.
  • Before we get started.
    • #1 – The current state of affairs.
    • #2 – My pledge.
    • #3 – FRSecure Open Letter.
    • #4 – Ideas we’re kicking around.
  • Topics:
    • What is the impact of COVID-19 on information security?
    • How to securely shift employees to remote work during social distancing.
    • Some of the current social engineering scams around COVID-19 and how to avoid them.
    • How to create or adjust your business’s disaster recovery plan.
  • Where to go if/when you need help.

I’ve posted a copy of the presentation online for everyone.

Virtual Happy Hours

Our team started doing virtual happy hours on Thursday. Every organization should do these! We all get into an online Zoom meeting and hangout for a while. We share. We laugh. We joke. We smile. We love. These are amazing experiences that are healthy and good for the soul.

I prefer to sit and listen most of the time. Just taking it in. The sounds of my team laughing, their smiles, their dumb jokes (like really dumb), and sharing our day together are beyond magical. The joy these guys bring to my day is the best way to end it!

The Daily inSANITY Check-in

Nobody has this thing figured out and nobody has it all together.

We want to help, so we’re starting the Daily inSANITY Check-in webinar series. The purpose of the Daily inSANITY Check-in is to provide a safe place for people to discuss current events, information security things, challenges we’re facing, or whatever else comes to mind. The check-ins are short (30- to- 60-minute) daily meetings with discussion. People are always free to come and go as they please.

This is new, and we’re just getting started. Don’t expect all the kinks to be worked out day one. Visit the registration page for the full description and to signup.

K12 Cybersecurity Podcast

Good news! Our buddy Ryan Cloutier just released the first episode of the K12 Cybersecurity Podcast. His first episode is awesome! It’s so much better than our first UNSECURITY Podcast. In this episode, Ryan’s special guest is Amy McLaughlin. Amy is the Information Services Director at Oregon State University and cybersecurity project director for the Consortium for School Networking (CoSN).

This was a timely and well done episode. I recommend you subscribe to Ryan’s K12 Cybersecurity Podcast and get ready for more great content!

Pretty sure I forgot something, but that’s all for now. Let’s do a podcast (or something)!


SHOW NOTES – Episode 72

Date: Monday, March 23rd, 2020

Show Topics:

  • Opening
    • The week that was.
    • The week that is to come.
  • COVID-19
    • Priorities, and where does information security fit?
      • Mental and Physical Health
      • Yourself and Your Loved Ones
      • Business – Survival
    • The Bass and The Barracuda
      • Don’t be a bass. Be a barracuda.

This slideshow requires JavaScript.

Opening

[Evan] Hello listeners, this is another episode of the UNSECURITY Podcast. My name is Evan Francen, this is episode 72, and the date is March 23rd, 2020. Joining me in studio is my buddy Brad Nigh. Good morning Brad!

[Brad] If it’s a good morning for Brad, we’ll know by how he responds.

[Evan] Last week was nuts. You and I hardly had a chance to connect with all that’s going on, so we’re a little out of sorts. This would normally be your week to lead the podcast, but since we didn’t really connect, I’m hosting again. Hope that’s OK.

[Brad] He’s one of the nicest guys you’ll ever meet. He’s probably OK with this.

[Evan] We’ve got a lot to talk about this week. Top of mind or course is COVID-19 and what the pandemic is doing to our daily lives. Sort of hard to talk about much else right now, right?

[Brad] He might agree.

[Evan] Last week was crazy. Let’s talk about the week that was and then talk a little about what’s coming this week.

Catching Up Discussion

Discussing last week’s events and what we’re expecting this week.

[Evan] Alright, there has never been anything in my lifetime that’s been as disruptive as the COVID-19 pandemic. I sort of feel like we’d be tone deaf if we didn’t keep up the conversation.

COVID-19 Discussion

Our topics this week include:

  • Priorities, and where does information security fit?
    • Mental and Physical Health
    • Protecting Yourself and Your Loved Ones
    • Business – Survival
  • The Bass and The Barracuda
  • Another plug for S2Me.
  • Next Week:
    • Maybe a guest; it’s been a while.
    • What happens on the other side?
    • Daily inSANITY Check-in Update
    • What we’re doing to help.

[Evan] The world has hardly seemed any crazier than it is today. Do all you can to maintain (or restore) your health. Good talk. Now let’s get to some non-COVID-19-related news.

News

[Evan] Alright, let’s talk about a non-coronavirus story (or two or three). Remember, attacks aren’t going to stop. In fact, they are increasing and are expected to continue to increase. Don’t ever put anything past or too low for the lowest among us.

Here’s two news stories to consider this week:

Closing

[Evan] There you have it. Episode 72. Thank you for listening. We’re wishing everything health and sanity! Remember, we love hearing from you. If you’ve got something to say, email us at unsecurity@protonmail.com. If you would rather do the whole social thing, we tweet like that. I’m @evanfrancen, and Brad’s @BradNigh. Check out @studiosecurity and @FRSecure frequently. They’re always posting good things!

Be safe. That’s it. Talk to you all again next week!

The UNSECURITY Podcast – Episode 71 Show Notes – Coronavirus

My good friends Brad and Ryan recorded episode 70 last week, and the topic was voting machine security. If you missed it, go check it out. Kudos to those guys, the show was great!

The Twilight Zone

Crazy. Life over the course of the last week was like an episode right out of Twilight Zone.

I was on vacation last week, taking a planned seven day cruise out of Long Beach, California. Cruises are a great vacation option for anyone who wants to disconnect from the world for a while. Connectivity on a boat is terrible, so why bother trying?

Never in my life has the world changed so much in a week.

When we flew out of Minneapolis on Friday (3/6) morning, the world seemed sort of normal. Sure, there was an increased awareness of the Coronavirus disease (COVID-19), but fear and panic appeared to be in check. Our collective awareness led to more people washing their hands, more people covering their mouths when they coughed or sneezed, and more use of various sanitizers. Occasionally, I’d run into someone wearing a surgical mask, but it wasn’t alarming or all that unusual.

The Cruise

We left the hotel for the cruise terminal on Saturday (3/7) around noon. As we got closer, we got our first glimpse of Carnival’s newest ship, the Panorama, and the excitement started to build. Seven days of sun and much needed rest. Something seemed off though. When we pulled up, we noticed there were hundreds of people just standing around with their bags. Nobody from the previous cruise was being allowed off the ship for some reason. Rumors were spreading and things were getting weird. After an hour or so, Carnival sent this message:

Thank you for your patience. Debarkation remains suspended pending medical test results for a guest who was on board last weeks cruise. Results are expected sometime after 6PM. Please do not proceed to the cruise terminal as the parking garage is full. We apologize for this delay and will provide an update in two hours.

Next, the news media started arriving in troves. Within minutes, news stories were already been published.

Carnival didn’t cancel our cruise, so we spent the night at the Long Beach Airport Hampton Inn, and went back to the cruise terminal on Sunday (3/8) morning. All the cruisers from the previous cruise had left, and we were permitted to board. Embarkation went off without a hitch, and before we knew it, we had arrived!

Our cruise was cut from seven days to six, and our originally planned visit to Mazatlan was cancelled. No matter, we were (and are) grateful for everything! Some people were mad, but what the hell?! One day in the sun is better than none! Even if they would have cancelled the cruise altogether, we would have been grateful.

This started the six days of limited (or no) connectivity for us. Almost like we were cut off from the world for a while.

Back on Land

On Saturday (3/14), we arrived back in Long Beach. The hot topic on the ship was all the chaos that the coronavirus (and media) had caused. We got connectivity again, and whoa! You’d think the world had lost its mind. Every news channel was dominated by the coronavirus. Seemed like bad news was everywhere and we’d stepped into an apocalyptic Twilight Zone episode.

What happened over the past six days?! Is the world ending? No, it’s not, despite what you might think from reading the news.

Store shelves are bare, there’s no toilet paper to be found, people are standing in long lines to buy everyday goods, people are physically assaulting each other over innocent items like sanitizing wipes, the NCAA cancelled the men’s and women’s national basketball tournaments, the NBA season is postponed (or cancelled), the NHL season is postponed (or cancelled), schools are closed, Disneyland and Disneyworld are closed, flights are cancelled between the United States and dozens of other countries, conferences and concerts are being cancelled, etc., etc.

Reality

Did thousands, or God-forbid, millions of people die while we were away on this six-day cruise? No, not really.

By the end of the day on Saturday (3/14), there were 3,043 confirmed infections in the United States and 60 deaths. Every single illness and every single death is significant, especially to loved ones, but are these numbers that should cause panic? There are some 329,000,000 people in the United States. Using rough math, the infection rate in the United States has grown to .000925% and the mortality rate for those who are infected (meaning those who were infected and died) is 1.9%. This means that one in every 108,000 people has become infected, and even if you were infected, you stand a 98.1% chance of surviving.

The math is good, but the inputs are extremely variable. These numbers are going to change, I know. If we don’t take action now, the numbers will be much worse than they should/could be, I know this too.

I’m not making any sort of case against taking proper precautions. Things like social distancing, cancelling group gatherings, and all of the (common sense, or should be common sense) sanitary measures like hand washing, mouth covering, etc., are prudent things to do. What’s wrong is the panic! People need to think and stop the panic.

We deal with panic on a much smaller and less significant scale every time we help a client through a troubling event or incident. In these cases, we always confront panic with facts. Panic is always bad. Panic makes things worse. Panic is NOT good for you. Panic makes you more susceptible to harm and opens you up to making poor decisions.

  • For those who are using this pandemic and panic to profit off other people – You suck and your actions are despicable.
  • For those who are using this pandemic and panic for political gain at the expense of others – You suck. Learn some decorum, stop dividing and start uniting. There’s a time for politics and responding to a pandemic is not one of those times.
  • For those who are not taking this seriously by taking proper and prudent precautions – You also suck and you’re putting others at unnecessary risk.

We are all in this together, and we all need to work together.

Seriously, don’t panic!

What does all this have to do with the UNSECURITY Podcast?

Lots! There are significant information security implications related to the coronavirus pandemic and the panic that has come from it. All of this is going to be our base for conversation in this episode.

On to the actual notes now…


SHOW NOTES – Episode 71

Date: Monday, March 2nd, 2020

Show Topics:

  • OpeningCatching up.
  • CoronavirusWhat’s happened?
    • What are we doing?
    • Information security implications
    • Business continuity, disaster recovery, and pandemic planning.
    • How does working from home affect information security?
    • What are the most important precautions?
    • If you haven’t planned well, it’s not too late.
    • How you can use S2Me and S2Team to make better choices.
  • News (non-coronavirus)
Opening

[Evan] Hello listeners, this is another episode of the UNSECURITY Podcast. My name is Evan Francen, this is episode 71, and the date is March 16th, 2020. Joining me in studio is my buddy Brad Nigh. Good morning Brad!

[Brad] If it’s a good morning for Brad, we’ll know by how he responds.

[Evan] It’s good to be back. What the heck happened while I was out?

Catching Up

[Evan] Did you happen to read my Twilight Zone reference about what it was like to be gone for a week, then to come back to what seemed like utter chaos?

[Brad] Of course he did. Brad’s good at preparation and stuff.

[Evan] Let’s talk about the elephant in the room, the coronavirus pandemic. Last week, the World Health Organization (WHO) declared that coronavirus is a pandemic. Nothing has been the same since. Let’s discuss some facts, our opinions, and give some advice to our listeners, based upon our own information security experience.

Coronavirus Discussion

IMPORTANT: Get your priorities straight; God, family, friends, work, etc., but don’t let your guard down. Attacks always increase in frequency during major events. Attackers know that many people are preoccupied mentally and physically, and they won’t/don’t hesitate to take advantage of the situation.

Be as vigilant with information security as you always have. In fact, be more vigilant than ever!

We’ll address all this (and probably more):

  • What’s happened?
  • What are we doing?
  • Information security implications
  • Business continuity, disaster recovery, and pandemic planning.
  • How does working from home affect information security?
  • What are the most important precautions?
  • If you haven’t planned well, it’s not too late.
  • How you can use S2Me and S2Team to make better choices.

[Evan] Thanks for sharing and thank you for the great discussion! To wrap this up, I’d like to highlight two online discussions that I had the other day about coronavirus on Twitter. The first started with a question posed by a Twitter user:

Twitter User: So how are you talking to your children about the pandemic?

A good question for sure. My answer:

Me; I’m telling them to wash their hands, cover their mouths when they cough or sneeze, and to be kind to others. Like I always have. I also tell them the world is a wonderful but dangerous place. They’ll be OK.

The other discussion also happened on Twitter. This Twitter user was calling for us (U.S. citizens) to vote everyone out of office because of the coronavirus (and probably their response). In this exchange, I responded with a question:

Did we have the same reaction with H1N1 that infected more than 59 million Americans and killed more than 12,000? It was only 10(ish) years ago.

Rather than engage in a discussion, this Twitter user blocked me. 🙁 I didn’t think my question was offensive. It certainly wasn’t meant to be. Maybe this Twitter user was more motivated by politics than any sort of constructive conversation. Sadly, politics get in the way of working together for solutions. Please don’t be like this Twitter user!

News

[Evan] Alright, let’s talk about a non-coronavirus story (or two). Remember, attacks aren’t going to stop because you’ve self-quarantined. Quite the opposite is true, sadly. Here’s two news stories to consider this week:

Closing

[Evan] There you have it. Episode 71. It’s good to be home. Let’s hope and pray for a good week with some sanity. Thank you to our listeners, we love hearing from you. If you’ve got something to say, email us at unsecurity@protonmail.com. If you would rather do the whole social thing, we tweet like that. I’m @evanfrancen, and Brad’s @BradNigh. Check out @studiosecurity and @FRSecure frequently. They’re always posting good things!

Both Brad and I are praying for health for you and your family. Please don’t panic, and make good decisions.

That’s it. Talk to you all again next week!

The UNSECURITY Podcast – Episode 69 Show Notes – Who does what?

After last week’s BSOD on Brad’s laptop…

We were 50+ minutes into last week’s podcast when Windows said no more. The operating system crash brought episode 68 to a dead halt before we had a chance to cover the last part of our Roles and Responsibilities series. So, instead of two parts, we’re doing three. This is how it all worked out:

I’m excited about this episode because it hits close to home. It should hit close to home with everyone!

RSA Conference

We’ll also talk about last week’s RSA Conference in this show. SecurityStudio sent seven people to the conference this year, and here are some highlights we will discuss:

  • The theme for the conference this year was “Human Element”.

  • Roughly 36,000 attendees this year.
  • San Francisco’s State of Emergency, mid-conference
  • The money grab was alive and well (literally).

This slideshow requires JavaScript.

  • SecurityStudio’s first appearance as a sponsor.

This slideshow requires JavaScript.

    • Gave away 1,000 free, signed copies of UNSECURITY.

This slideshow requires JavaScript.

    • We became known as counterculture (which was super cool).
    • The theme “Mission before $” was born and etched onto each book.
    • We made (at least) 961 new friends.

This slideshow requires JavaScript.

Overall, the RSA Conference was a great experience for everyone and a huge success for SecurityStudio.

On to this week’s show notes…


SHOW NOTES – Episode 69

Date: Monday, March 2nd, 2020

Show Topics:

Our topics this week:

  • Opening
    • What’s up?
    • One thing.
  • RSA Conference
  • Information Security Roles and Responsibilities (Part 3 of 3)
    • Last week, quick recap of roles and responsibilities (at work).
    • People are creatures of habit.
    • SIMPLIFY – What are things we can do?
    • At home:
      • Information security, privacy, and safety cannot be separated.
      • Parent
      • Spouse
      • Children
    • What should every “normal” person know about information security?
    • The importance of definition, formality, and communication.
  • News
Opening

[Evan] Hi again UNSECURITY podcast listeners! My name is Evan Francen and this is episode 69. The date is March 2nd, 2020. Joining me in studio is my co-host, Brad Nigh. Good morning Brad!

[Brad] Rumor has it, he’s been working hard on some IR work. Let’s see if he’s in the mood to talk this morning.

[Evan] It’s great to be back in the office and good to be here. We have a really good show for our listeners this week, but before we dive in, let’s catch up. Brad, tell me about your week.

Catching up

Some back and forth happens here.

[Evan] I’m behind on just about everything. Hoping for a good catch-up week!

RSA Conference

[Evan] So, there was this RSA Conference thingy last week. Let’s talk about it.

RSA Conference discussion. What we learned and what we wish we hadn’t.

[Evan] We’ll invite some of the interesting people from RSA to join us a future guests.

Information Security Roles and Responsibilities (Part 3 of 3) – Micro Level (at home)

[Evan] OK. So last week, we had a nice visit from the BSOD genie. Probably a good thing because we were going sort of long anyway. We originally planned two episode for Roles and Responsibilities, but instead we’ve got three now. No big deal. I’m looking forward to this talk with you Brad! What do you think about the series thus far?

[Brad] His opinions…

Last week, quick recap of roles and responsibilities (at work).

[Evan] We’ve talked about roles and responsibilities at a macro level and we’ve talked about roles and responsibilities within an organization. Now, let’s talk about roles and responsibilities at home. I know that you and I both are very conscious of information security at home.

Roles and Responsibilities at Home:

  • People are creatures of habit.
  • SIMPLIFY – What are things we can do?
  • Information security, privacy, and safety cannot be separated.
  • Roles
    • Parent
    • Spouse
    • Children
  • What should every “normal” person know about information security?
  • The importance of definition, formality, and communication.

[Evan] Great conversation. These things will all be covered in our book, and I’m really looking forward to finishing it with you. This book could help tons of people! Alright, as usual, let’s get to some news.

News

[Evan] Here’s what we’ve got for news this week:

Bonus, maybe a future episode; This breast cancer advocate says she discovered a Facebook flaw that put the health data of millions at riskhttps://www.cnn.com/2020/02/29/health/andrea-downing-facebook-data-breach-wellness-trnd/index.html

Closing

[Evan] There you have it. Episode 69. It’s good to be home this week.

[Evan] Thank you to our listeners, we love hearing from you. If you’ve got something to say, email us at unsecurity@protonmail.com. If you would rather do the whole social thing, we tweet sometimes. I’m @evanfrancen, and Brad’s @BradNigh. Check out @studiosecurity and @FRSecure frequently. They’re always posting good things! Is FRSecure out at SecureWorld North Carolina this week? Lots going on and lots of chatter!

That’s it. Talk to you all again next week!

The UNSECURITY Podcast – Episode 68 Show Notes – Who does what?

Trying to get back to posting show notes on Fridays. We’ll see…

The Week

It’s been another amazing week at SecurityStudio and FRSecure! I was in the office all week, so I got to see some of the magic first hand. You’d be amazed, truly.

OUR PEOPLE ARE INCREDIBLE! (yes, I shouted that).

Some of the things that come to mind right now:

  • Discussions and meetings with awesome people like Chris Roberts, Steve Hawkins, Mike Johnson, Augustine Doe, Jeremy Swenson, and Devin Harris this week. Each of them is awesome in their own way. Had lots of meetings this week, but these are the ones that stand out right now. Giving them all shout outs. They are wonderful people.
  • Brad’s kickin’ butt on some new service offerings, including a new CMMC readiness assessment. Checked out his executive summary report mock-up, and it’s sweet!
  • One of our analysts, “Ben” (he’s been on the podcast show before) has discovered some (16ish) significant potential/confirmed breaches of data in his research. Learning a ton about responsible disclosure. 😉
  • Lunch with John Harmon, FRSecure’s president on Thursday was incredible. We ate some sweet BBQ and talked strategy. This dude has some great ideas and I’m pumped about what he’s up to!
  • Ryan (“cola”) Cloutier is a machine. Opening doors, making a difference in education (K-12 & higher ed), and taking things global (UK, Australia, APAC, etc.). Letting this guy do his thing.
  • The marketing stuff and coordination for RSA next week is all set, thanks to the leadership of Andy Forsberg. This dude’s got in under control! There are seven SecurityStudio people heading out to RSA next week and we’ve all got brand new blue Nike’s and brand new blue branded T-shirts, not to mention 1,000 books to give away, and all the details. Excited to go have some fun with this group next week! (P.S. I think I got Andy hooked on Rockstar Energy drinks. I’m a bad influence, and I’m sorry.)

I could write something about every person here. The ALL pour their heart and soul into our mission of fixing this broken industry. They ALL understand that information security isn’t about information or security as much as it is about people. There are no words to describe the experience of working on this mission with this amazing group!

Breathe

OK, enough braggin’ for now, we got a podcast to do.

In last week’s show, Brad and I discussed the topic of information security roles and responsibilities at a macro level. We gave our opinions about the role of government, the role of business, the role of schools, etc. This week, we’re going to take the same topic and apply it at a micro level.

This is sure to be a great discussion!


SHOW NOTES – Episode 68

Date: Monday, February 24th, 2020

Show Topics:

Our topics this week:

  • Opening
    • What’s up?
    • One thing.
  • Information Security Roles and Responsibilities (Part 2 of 2)
    • Last week, quick recap of roles and responsibilities at a macro level.
    • The importance of definition, formality, and communication.
    • SIMPLIFY and operationalize.
    • At work:
      • Executive Management
      • CISO (or similar), two jobs.
      • IT
      • Legal
      • Everyone else.
    • At home:
      • Information security, privacy, and safety cannot be separated.
      • Parent
      • Spouse
      • Children
    • What are things we can do to simplify and operationalize?
    • What should every “normal” person know about information security?
  • News
Opening

[Brad] Good morning UNSECURITY podcast listeners! I’m Brad Nigh and this is episode 68. The date is February 24th, 2020. Joining me in studio is my co-host, Brad Nigh. Good morning Evan!

[Evan] Stuff and things…

[Brad] We have a great show planned today. Before we dive in, let’s catch up. Crazy week behind us and another crazy one ahead! What’s going on?

Catching up

Some back and forth happens here.

[Brad] Wow! Alright, let’s shift gears now a little. Last week, we talked about information security roles and responsibilities. Not the most exciting topic, but an absolutely critical one for sure! We’re approaching this topic from two different perspectives, from a macro level and a micro level. Last week was part one, the macro level. This week is part two, the micro level. You ready to get started?

[Evan] For sure.

Information Security Roles and Responsibilities (Part 1 of 2) – Micro Level

[Brad] You mentioned that we’re working on this book together. It’s a book focused on simplifying and operationalizing information security for underserved markets like state/local government, schools (K-12 and higher ed), small businesses, and individuals. Part of all this is understanding who does what, or at least who should be doing what. We started last week with our opinions about the importance of defining roles and responsibilities for governments, businesses, schools, etc. Now, let’s take it down to a more practical level.

We’ll share our opinions this week on the following:

  • How important is it to define, formalize, and communicate information security roles and responsibilities?
  • If we haven’t defined, formalized, or communicated information security roles and responsibilities, where should we start?
  • Why is it important to simplify information security, and how can I do it?
  • What does operationalizing information security look like and how can I accomplish this?
  • Roles and Responsibilities at Work:
    • Executive Management
    • CISO (or similar), two jobs.
    • IT
    • Legal
    • Everyone else.
  • Roles and Responsibilities at Home:
    • Information security, privacy, and safety cannot be separated.
    • Parent
    • Spouse
    • Children
  • What are things we can do to simplify and operationalize information security at home?
  • What should every “normal” person know about information security?

[Brad] Great conversation. We could have taken any one of these subtopics and devoted an entire show to it. I’m really looking forward to finishing this book with you. This book could help tons of people! Alright, as usual, let’s get to some news.

News

[Brad] Here’s what we’ve got for news this week:

Closing

[Brad] There you have it. Episode 68. Good talk today. Got any parting words?

[Evan] It’s a secret.

[Brad] Thank you to our listeners, we love hearing from you. If you’ve got something to say, email us at unsecurity@protonmail.com. If you would rather do the whole social thing, we tweet sometimes. I’m @BradNigh and Evan’s @evanfrancen. Be sure to watch social media for news from RSA! SecurityStudio will be tweeting and LinkedInning all week! Check out @studiosecurity frequently. FRSecure’s Twitter handle is @FRSecure, and they’re sure to have some good things too. Especially the week after next when FRSecure is out at SecureWorld North Carolina. Lots going on and lots of chatter!

That’s it. Talk to you all again next week!

The UNSECURITY Podcast – Episode 62 Show Notes – Iran and Stuff

Still in Cancun for another week (Evan). I know, poor me.

One thing is certain. It doesn’t matter what I’m doing or what you’re doing, the world doesn’t pause and wait for you. Attackers still attack and defenders still defend. Some of us are thriving and others of us are just struggling to survive.

So, the big worldwide news this past week was the U.S. spat with Iran. It was immediately politicized, as we would expect, but what does it mean to you, me, and the world of information security? Let’s talk about this.

A few of you took me up on my offer last week for a free copy of UNSECURITY. Your books are being sent soon.

If you haven’t read my first book, I invite you to. You can either purchase it, or if you’re with us on our mission to fix the brokenness in our industry, contact me (Twitter, LinkedIn, email, etc.) and tell me so. I’ll send you a free signed copy! P.S. I’m not publicizing this everywhere, so let’s see if your paying attention.

I’m supposed to be leading the show this week, but I’m still out of the office. Brad and Ryan should be in studio for this episode, and I’ll call in again.

These are my notes (Evan).


SHOW NOTES – Episode 62

Date: Monday, January 13th, 2020

Show Topics:

Our topics this week:

  • Opening – Catching up
  • U.S. and Iran
    • What does it mean for information security?
    • What does it mean for you and me?
    • Avoiding collateral damage
  •  News
    • Is Microsoft sharing Skype and Cortana audio with the Chinese?
    • Security tips for college students
    • Amazon Ring employees caught snooping
  • Contact Us – featuring people looking for jobs in information security
Opening

[Brad] Hey UNSECURITY Podcast listeners! This is episode 62 and the date is January 13th, 2020. I’m Brad Nigh, your host for today’s show. Joining me in studio is Ryan Cloutier and by phone is Evan Francen. Hi guys.

[Ryan & Evan] We’re welcoming fellas, so we’ll say “hi” or something here.

[Brad] Let’s catch up quick. How was your week and what’s going?

Catching Up Discussion

Who’s doing what?

  • Ryan’s first week at SecurityStudio.
    • What was it like?
    • Anything newsworthy or exciting?
  • Brad’s crazy week.
    • Most weeks are crazy. What was craziest?
    • What are you excited about?
  • Evan in Cancun.
    • Chillin’ or workin’?
    • How’s the book coming along?

[Brad] Cool. Good things last week and coming up this week.

Switching gears a bit. I want to discuss a topic that’s on many people’s minds; the conflict between the United States and Iran, and what effect it has on our daily information security/cybersecurity lives.

U.S., Iran, and Information Security Discussion

Very significant events have taken place over the past few weeks. Events that impact our world as we know it; politically, economically, and from an information security (or cybersecurity) perspective. Let’s stay out of the politics as much as we can and leave the economic discussion to the economics experts.

What I’d like to discuss is how these current events affect us with respect to information security. We should all be concerned about how these things affect our ability to protect ourselves, our families, our schools, our workplaces, and our local governments.

First a little background on the current events:

  • December 27th, 2019 – The K-1 Air Base in Iraq was attacked killing an American civilian contractor, injuring four U.S. service members and injuring two Iraqi security forces personnel. The U.S. blamed Iranian-backed militia for the attack.
  • December 29th, 2019 – The United States attacked five Hezbollah positions in Iraq and Syria resulting is an at least 25 killed militia members and another 55 wounded.
  • December 31st, 2019 – January 1st, 2020 – Hezbollah militiamen, their supporters and sympathizers attacked the U.S. embassy in the Green Zone of Baghdad. The United States blamed Iran and its non-state allies for orchestrating the attack. No deaths or serious injuries occurred during the attack and protesters never breached the main compound.
  • January 3rd, 2020 – A targeted U.S. drone strike killed the commander of the Islamic Revolutionary Guard Corps (IRGC) Quds Force, Qasem Soleimani. Soleimani was considered to be the second most powerful person in Iran.
  • January 8th, 2020 – The Iranian military launched numerous ballistic missiles at two airbases in Iraq. there were neither American nor Iraqi casualties. Hours after the initial Iranian missile attacks, a Boeing 737-800 (Ukrainian International Airlines Flight 752) crashed shortly after takeoff from Tehran Imam Khomeini International Airport, killing all 176 passengers on board. Iran initially claimed the cause of the crash was mechanical failure.
  • January 11th, 2020 – A video showing the moment Flight 752  was hit by an Iranian missile was published by The New York Times. The Iranian government was forced to admit that it “inadvertently” shot the plane out of the sky. A wave of anti-government protests have now emerged across Iran.

Phew! These are only the latest events in decades of conflict between the two nations.

So, back to the point of our discussion. I’d like us to share our opinions, and hear the opinions of our listeners this week. You know what they say about opinions, right?

  • What does it mean for information security?
  • What does it mean for you and me?
  • How can we avoid collateral damage?

Some sources of information to guide our discussion:

[Brad] Great discussion and plenty of healthy opinion. I think the same things hold true for us that have always held true:

  1. Focus on what you can do to protect your area of influence (your habits, at home, at work, etc.)
  2. Master the fundamentals. We can’t control what Iran or the United States does, but we can make it a little less likely that we’ll be a victim in all this.
News

Now for some (other) news. Here are three newsy things that caught our attention last week.

Closing

[Brad] OK, that’ll just about do it. Be careful out there.

One last thing before we close this show out. Are you or someone you know looking for a job in information security? If so, we’d love to hear from you and help out where we can. Email us at unsecurity@protonmail.com and we’ll chat.

If you’re the social type, socialize with us on Twitter, I’m @BradNigh, Ryan can be found at @CLOUTIERSEC, and Evan’s in his usual spot, @evanfrancen.

That’s it! Talk to you all again next week!

The UNSECURITY Podcast – Episode 41 Show Notes

Happy Friday! Time for show notes, and I’m actually early with the notes this time.

We’re humbled and grateful for the growth of the UNSECURITY Podcast audience. Every week breaks a new record, in terms of listeners and downloads. Thank you for spending time with us!

Great show planned this week, with some healthy controversy. I won’t put the controversial stuff in these notes, so you’ll have to listen to get the skinny.

Hope you had a great week! Here’s some quick highlights from us:

  • Our very own Team Ambush came back from Def Con after capturing 2nd place in the warl0ck gam3z capture the flag (CTF)! Helluva accomplishment for an awesome and incredibly skilled group! We’re VERY proud of them and their accomplishment. This is the 2nd year in a row that they’ve captured 2nd place at Def Con. We’ll be talking with the leader of FRSecure’s Technical Services Team, and member of Team Ambush on this show!
  • Speaking of Team Ambush, they were featured on KARE 11 news (one of the largest in Minneapolis/St. Paul) on Wednesday night during prime time. A link to the feature is here; https://www.kare11.com/article/news/minnesota-team-places-2nd-in-national-hacking-competition/89-77305e34-dadd-4b55-afcb-c8d1af6165f9
  • Minnetonka School District is one of the largest and arguably the best school district in Minnesota. I had the pleasure of presenting to their faculty and staff on Monday. The title of the talk was Security@Home Security@Work. In the talk, I featured SecurityStudio’s newest product, S2Me. S2Me is a personal information security assessment and it’s free. If you haven’t done so already, go get your S2Score now! We used the results of the assessments to drive conversation about information security. Great discussion! S2Me is a great conversation starter and we’re excited to go where it takes us.
  • I spent the rest of the week fundraising for SecurityStudio. We’re in the middle of seeking our seed round of funding, and it’s a helluva experience for me. I’ve never raised money before, so I’m learning as I go. If you know anybody who’s willing to share wisdom in this area, send them my way (efrancen@securitystudio.com).

Things are good. On to show notes, eh?


SHOW NOTES – Episode 41

Date: Monday, August 19th, 2019

Today’s Topics:

Our topics this week:

  • What is S2Me?
  • More Incident Response(s)
  • Def Con with Oscar
  • Industry News

[Evan] – Hi everybody, and welcome to another episode of the UNSECURITY Podcast! This is episode 41, and I’m Evan Francen, your host. If this isn’t your first time listening, you already knew that. Joining me today is my show buddy, Brad Nigh. Care to say “hi” Brad?

[Brad] Brad almost always says “hi” but we’ll see if he read the show notes. Maybe he’ll come up with something unique.

[Evan] We’re excited for today’s show because we have a first time special guest joining us. None other than the infamous Oscar Minks, joining us from his home base in Kentucky. Oscar, wanna say “hi”?

[Oscar] Hi, or something similar.

[Evan] Oscar, you’re the Director of Technical Services at FRSecure, right? Tell our listeners what that job is.

[Oscar] Tells us what he does here.

[Evan] Thank you Oscar, it’s an honor to have you here.

Brief discussion with Oscar

[Evan] OK. Have you guys heard of the S2Me yet?

[Brad][Oscar] Tell the truth.

[Evan] Have you guys got your S2Score yet? Care to share?

Discussion about S2Me and the theories behind it. Maybe a little chat about Minnetonka School District too

[Evan] More incidents this week. If this keeps up, we might have to dedicate an entire podcast to incident response! Sheesh. I’ll tell you about mine, then you tell me about yours Brad.

Incident response discussion

[Evan] We like responding to incidents because we love helping people. We hate responding to incidents because it means someone is (maybe) in trouble. We’ll see if we make it a week without another one.

[Evan] Two weeks ago, we had “Ben” on the show to talk about going to Def Con among other things. Now Def Con is over, and we can talk a little about our team’s experience. Oscar, you were there. Let’s chat.

Def Con discussion

[Evan] Thank you for sharing Oscar. More to come I’m sure. Let’s wrap this up with some news. We’ll cover as much as we’ve got time for. Three stories to start.

News

Here’s our news for this week:

Closing

[Evan] – Again, that’s how it is. Thank you Oscar for joining us. Thank you Brad for being a great partner. Special thank you to our listeners, and especially those of you who give us input and feedback. You can reach the us on the show by email at  unsecurity@protonmail.com.

If you’d like to be a guest on the show or if you want to nominate someone to be a guest, send us that information too.

As always, you can find me and/or Brad on Twitter. I’m @evanfrancen and Brad’s at @BradNigh. Oscar, do you twit?

Talk to you all again next week!

Robocalls Are Dumb, You’re Not

Your cell phone buzzes, you look down and see “No Caller ID”, “Unknown” or maybe a weird number you don’t recognize. Do you answer, or do you just let the call go to voicemail?

Some people, myself included, will let these calls go to voicemail. It’s not a bad idea to ignore calls from numbers you don’t recognize.

Some people answer, they listen, and they follow the caller’s instructions, even if the caller is nothing more than a machine.

So, let’s say you’re one of the people who answers. The machine with a human voice tells you some urgent and potentially bad news. The machine tells you if you don’t want things to get worse, you’d better “press one” or call the phone number provided. Your mind starts to race, and you begin this internal dialog with yourself:

Oh crap!

Wait. Maybe this is a scam.

But what if it’s not? What if I really am in trouble?

It couldn’t hurt to press one, could it?

Ah hell, I can’t chance it. I don’t need any trouble. I should take care of this right now.

I’ve got to find out what’s going on.

After pressing one, a man, a real one this time, gets on the phone and tells you it was smart for you to take this seriously. The conversation goes something like this:

Man: This is John, from the Department of Social Security Administration. May I ask who’s on the line?

You: This is Jane Doe, and I got this call that something is wrong or something about criminal charges.

Man: Yes, thank God you took this matter seriously ma’am.

You: So, what happened?

Man: It looks like your identity is being used to commit felonious acts. These acts are tied to you, and you will be charged with a crime if you don’t act.

You: What do I need to do?

Man: We need to file your paperwork right away to stop the charges. We can mail the paperwork in, but I fear that the courts won’t get it in time. Our other option is to file your paperwork over the phone. This is the best way to make sure this matter gets squared away fast, before you get hauled into court.

You: OK, what do you need?

Man: We need to verify your identity.

You agree, so he proceeds to ask you questions about you. He asks for your name, your address, your age, where you work, and of course, your Social Security number. You give him everything he asks for, and the call ends with some mysterious, but official sounding close.

You’ve been scammed. Sometimes the crooks are targeting your identity (like this example), and sometimes they’re targeting your money directly. Sometime both.

Robocalls are dumb, but they must be working, at least some of the time. There are real victims, or the scammers wouldn’t waste their time. In 2018, there were more than 26 billion robocalls placed to phones in the United States, a 46% year-over-year increased volume. (Hiya Robocall Radar 2018 Report)

This got me thinking, why? The reasons are simple, because it’s cheap for the scammers and it works. People must be falling for these dumb scams. Attackers wouldn’t go through the trouble if these scams weren’t effective, right?

People take the bait, either through ignorance or through a moment of weakness.

Just this week, the FCC adopted new rules to combat robocalls. You might think, “great, let’s shut these sumbiches down!“. Hold your enthusiasm just a minute. Do you really expect the Feds to protect you? Actions by the FCC might help curb the problem, but at the end of the day, this falls on you. Only you can prevent yourself from being scammed.

It’s baffling to think that someone would fall for a robocall scam, but rather than sitting here shaking my head, let’s go through some examples and try to help someone.

Call Number One – Social Security Number Suspension

Here’s the text of the call:

We found some suspicious activity, so if you want to know about this case just press one thank you. This call is from the Department of Social Security Administration. The reason you have received this phone call from our department is to inform you that we just suspend your Social Security number because we found some suspicious activity, so if you want to know about this case just press one thank you.

The message continues and repeats.

Here’s the audio:

Here’s the skinny.

  1. You will NEVER receive a call from the “Department of Social Security Administration”. Besides, the actual name of the agency is just “Social Security Administration” not the “Department of Social Security Administration”.
  2. The Social Security Administration DOES NOT monitor your number for “suspicious activity”.
  3. The Social Security Administration DOES NOT suspend your Social Security number.

DO NOT PRESS ONE.

Call Number Two – Legal Consequences

Here’s the text of the call:

Social Security number the (unintelligible) received this message, you need to get back to us to avoid legal consequences. To connect call immediately, press one.

The message ends.

Here’s the audio:

Here’s the skinny on this one.

I don’t even know what the hell the message says really. All I know is that I don’t like legal consequences. Guessing you don’t either. The fact is, you are not facing any legal consequences, and even if you were you’d be served in writing and probably in person. Nobody calls you to tell you that you’re going to suffer legal consequences on a voicemail, at least nobody who’s legitimate.

DO NOT PRESS ONE.

Call Number Three – Legal Proceedings

Here’s the text of the call:

legal enforcement action filed on your Social Security number for criminal activities. So, when you get this message, kindly (unintelligible) as soon as possible on our number that is 210-361-9633 before we begin with the legal proceedings. Thank you.

Here’s the audio:

The skinny.

A “legal enforcement action filed on your Social Security number for criminal activities”?! This is so preposterous, I’m having trouble thinking of something to write in response. You will NOT receive a recorded call telling you of impending legal proceedings because of criminal activities using your Social Security number. If there were such a crazy thing, you’d be notified in person and in writing.

DO NOT CALL THEM BACK. (Side note: I did. Got a busy signal, so I’m guessing they already got taken down by the carrier/law enforcement).

Call Number Four – Chinese

The text of this call is all in Chinese, and I don’t speak Chinese. So, I did some translation work*. Here’s what I think it says:

这里是中国领事馆文件通知您有一封重要文件尚未领取中有任何疑问请按铃 查询

in English:

Here is the Chinese Consulate Document to inform you that there is an important document that has not been received. Please feel free to ring your query.

Here’s the audio:

The skinny.

I don’t speak or understand Chinese, so there was no real chance of this one working on me. This is an automated caller though, and there are an estimated 2.9 million people in the United States who do speak Chinese and as many as 1.2 billion people worldwide who also speak Chinese.

One joy of the robocall for scammers is they can reach thousands of phones automatically. It’s no skin off their back if they reach someone who doesn’t understand. Eventually, they will.

Not sure how effective this sort of call is with the Chinese speaking community, but like I said earlier, they wouldn’t do it if it didn’t work (at all).

(Another side note: Now that I think a little more, maybe this last one wasn’t a scam. My wife is travelling to China next month. WAIT. See, here’s rationalization. Irrational rationalization. No, it’s a scam and I will ignore it.)

TIPS

The first tip is the most important one, so I’m going to shout it. Ready?

  1. NEVER, EVER GIVE OUT ANY SENSITIVE INFORMATION THROUGH ANY COMMUNICATION CHANNEL WHERE YOU DIDN’T INITIATE THE COMMUNICATION.

You get that? I’m going to shout it again. This time I want you to really think about it.

  1. NEVER, EVER GIVE OUT ANY SENSITIVE INFORMATION THROUGH ANY COMMUNICATION CHANNEL WHERE YOU DIDN’T INITIATE THE COMMUNICATION.

Communication channels include phone calls, emails, popups, text messages, and even in-person. If you initiate the phone call, not at the prompting of someone else giving you the phone number to call, you are most of the way there in protecting yourself from scams.

2. Ignore phone calls that originate from phone numbers you don’t recognize. Ignore them, and get on with your day. If it’s important, they’ll leave a message.

3. Be skeptical. You don’t need to be paranoid, but be skeptical.

4. Slow down. Don’t react without giving your mind time to think and process what’s going on. Taking 10 minutes to think things through will not put you in danger, but just the opposite.

5. Ask someone you trust. If you’re not sure whether a phone call or message is legit, ask someone. They’re not tied to the events emotionally in the same way you are. Don’t be embarrassed to ask questions.

There you have it. You can probably come up with some additional tips along the way, but these are the basics. Master the basics people.

 

 

OSINT (and Human Trafficking) Resources and Suggestions

I’m writing this article for two reasons. To give props to our community and to summarize the quality responses that I got to a recent tweet.

Props

First off, I’d like to give HUGE props to our information security community. Last week I posted the following on Twitter.

I use Twitter like many people do, I’ll respond to interesting topics and post thoughts about things. I’ll get an occasional “Like” here or there for something, and maybe even a “Retweet” once in a while. My expectations are fairly low when it comes to Twitter.

Then, boom! At least boom for me. This tweet gets 442 Likes, 63 Retweets, and a boatload of good responses. THANK YOU INFORMATION SECURITY COMMUNITY! My faith in us is intact.

OSINT (and human trafficking) Suggestions

Here’s the discussion, in no particular order really because I suck or Twitter sucks. Either way, I had too much trouble figuring out how get conversations out in a nice format. Like stubbing my toe on a coffee table over and over again.

This slideshow requires JavaScript.

As you can see there are some great responses and resources.

Resources Cited

Here are some of the resources that were collected/referenced. They are completely unorganized, and I’m sure I missed a few. Keep coming back, I’ll organize more and add to this list. If you have more suggestions, comment on the post.

IntelTechniques.com (Web)

@IntelTechniques

@HumanHacker (Chris Hadnagy)

TraffickCam

Hetherington Group

Bellingcat (Web)

@Bellingcat

@kpadvocacy (Kate Price)

OSINTCurio.us

@OsintCurious (OSINTCurious)

Trace Labs (Web)

@TraceLabs

Layer 8 Conference (Web)

@Layer8Conf

@Ginsberg5150 (Frank Castle)

@ReconVillage

@InnocentOrg

Paterva (Maltego)

@hunchly (OSINT Framework)

@osintbrowser

Timothy De Block (Blog)

Open Source Intelligence 101 (April Wright’s talk at 2018 Wild West Hackin’ Fest)

@aprilwright (April C. Wright)

Polaris Project

National Center for Missing and Exploited Children

Certified Human Trafficking Investigator (CHTI)

@C_3PJoe (Joe Gray)

@Dolph_Lundgren (Yes, that Dolph Lundgren)

Dolph Lundgren’s Tech Talk

@HydeNS33K (Jek Hyde)

OSINT.team (Forum; ask questions)

@technisette

@dutch_osintguy

@InfoSecSherpa

@osintpodcast

@BadassBowden (Katelyn Bowden)

The Badass Army

@Sector035

@jms_dot_py (Justin Seitz)

Dehashed.com

pipl

Hunter.io

So, there you go. I was really impressed with this response, and I’m excited to watch my best friend find her way in all of this.

Tons of great advice, but think the best came from @SecurityTrails:

”She shouldn’t overwhelm herself with resources and trying to learn everything at once. Even learning how to navigate a Linux shell is a great starting point so that she can master more complex commandline tools. Welcome to the infosec family!”

Come back later too. I’ll be re-organizing and adding to this post later.

Again, THANK YOU!