Jack Rhysider

There's a concept called the pyramid of pain when defending a network, and it's basically the more painful you can make it for the attackers to get in, the less likely they'll actually do it. You never will become fully secure, but at least you can make them work for it.

There's a concept called the pyramid of pain when defending a network, and it's basically the more painful you can make it for the attackers to get in, the less likely they'll actually do it. You never will become fully secure, but at least you can make them work for it.

So after a massive coordinated effort to clean up the government agencies and a big bank and critical infrastructure, they were able to successfully clear everything off and keep it off. In fact, they seem to have stopped the Conti ransomware attack before it actually triggered ransomware on any systems. It was only staging the ransom, but never actually executed it.

So after a massive coordinated effort to clean up the government agencies and a big bank and critical infrastructure, they were able to successfully clear everything off and keep it off. In fact, they seem to have stopped the Conti ransomware attack before it actually triggered ransomware on any systems. It was only staging the ransom, but never actually executed it.

Omar also looked to see if any data got exfiltrated from the network, but it didn't. So it doesn't seem like Russia or Dark Caracal stole any information out of the government. Did they disrupt critical infrastructure?

Omar also looked to see if any data got exfiltrated from the network, but it didn't. So it doesn't seem like Russia or Dark Caracal stole any information out of the government. Did they disrupt critical infrastructure?

Yeah, to control a dam or a water pump or electrical transformer, it doesn't use like a typical Windows computer or something. It's a different system called OT, which is operational technology, which is opposed to IT, information technology. And OT takes a completely different skill set.

Yeah, to control a dam or a water pump or electrical transformer, it doesn't use like a typical Windows computer or something. It's a different system called OT, which is operational technology, which is opposed to IT, information technology. And OT takes a completely different skill set.

And it sounds like whoever got into these systems didn't quite have the skill set to control OT systems, which was good that they didn't get disrupted. What a whirlwind story this was, huh? To have a government completely cracked open like that, with no way to stop the attackers, in my opinion at least, but then to gain back control of it and lock them out.

And it sounds like whoever got into these systems didn't quite have the skill set to control OT systems, which was good that they didn't get disrupted. What a whirlwind story this was, huh? To have a government completely cracked open like that, with no way to stop the attackers, in my opinion at least, but then to gain back control of it and lock them out.

Omar likes sharing this story with others so that they can be aware that this kind of stuff goes on in the world. And in fact, as I'm looking things up here, it seems like Venezuela also got targeted with the same group or groups.

Omar likes sharing this story with others so that they can be aware that this kind of stuff goes on in the world. And in fact, as I'm looking things up here, it seems like Venezuela also got targeted with the same group or groups.

So in 2022, Latin American countries were hit hard with these huge coordinated attack campaigns that may have been unstoppable due to the sophistication and breadth of the attack. And I wonder if Haiti got hit, you know? The president of Haiti has been assassinated and the place has a barely functioning government and it's kind of been taken over by gangs.

So in 2022, Latin American countries were hit hard with these huge coordinated attack campaigns that may have been unstoppable due to the sophistication and breadth of the attack. And I wonder if Haiti got hit, you know? The president of Haiti has been assassinated and the place has a barely functioning government and it's kind of been taken over by gangs.

Would you expect their cybersecurity posture to be strong or lacking? I mean, if Russia infiltrated Haiti's networks, is there anyone there to even notice it and clean it up? And I just wonder about Haiti because they share the same island as the Dominican Republic. I don't know.

Would you expect their cybersecurity posture to be strong or lacking? I mean, if Russia infiltrated Haiti's networks, is there anyone there to even notice it and clean it up? And I just wonder about Haiti because they share the same island as the Dominican Republic. I don't know.

In some ways, I hate that our world is so vulnerable digitally still, that our most critical systems are still susceptible to attack. My knee-jerk reaction is to say something like, take your systems offline if you can't secure them properly. But that's the opposite of technological progress. So that kind of attitude or strategy just isn't going to fly today.

In some ways, I hate that our world is so vulnerable digitally still, that our most critical systems are still susceptible to attack. My knee-jerk reaction is to say something like, take your systems offline if you can't secure them properly. But that's the opposite of technological progress. So that kind of attitude or strategy just isn't going to fly today.

I just feel like when our systems get too complicated, they become insecure. And we certainly live in a very complicated network of computers now, don't we? But the thing is, even in my dreams, I still can't find a safe place to hide. A huge thank you to Omar Avales for coming on the show and sharing this story with us.

I just feel like when our systems get too complicated, they become insecure. And we certainly live in a very complicated network of computers now, don't we? But the thing is, even in my dreams, I still can't find a safe place to hide. A huge thank you to Omar Avales for coming on the show and sharing this story with us.