The Cyber Crime Lab Podcast

Going through a cyberattack can feel like having a heart attack, and sometimes those calling in for help during one actually are having them. something that Coen Bakkers, Managing Principal Incident Response Consultant at Secureworks has experienced firsthand.Coen joins host Andy Anderson to describe what it takes to get a victim from their first call to a state of recovery, including:- Listening and building trust: hearing out someone in their early stages of panic and reassuring them.- Setting timelines: often Coen and his team are engaged for 2-3 weeks in solving a problem, and clients have to pace themselves so as not to drop from exhaustion.- Starting an investigation: where to look and what to rule out.Coen Bakkers - https://www.linkedin.com/in/coenbakkers/Secureworks - https://www.linkedin.com/company/secureworks/The Cyber Crime Lab Podcast is brought to you by DataStream Insurance.When the worst happens, you want the best financial, legal, and technical support to get you back up and running again. With Cyber Insurance from DataStream, we offer the most comprehensive insurance coverage on the market alongside critical post-incident customer support — all for the price of a cup or two of coffee each day. Make DataStream part of your business continuity plans today. Book a meeting with us at datastreaminsurance.com#cybercrime #cyberattacks #cyberinsurance

The trauma you feel from a cyberattack can stay with you for years afterward. This is something that Robert Cioffi, CTO and Co-Founder at Progressive Computing, Inc., knows personally.Robert joins host Andy Anderson to share his experience dealing with a major cyberattack on his own company.They discuss: - Why Robert never considered paying the ransom as a real option.- What a “zero-day exploit” is.- The profiles and tools of threat actors.Robert Cioffi - https://www.linkedin.com/in/rcioffi/Progressive Computing Inc. - https://www.linkedin.com/company/progressivecomputing/The Cyber Crime Lab Podcast is brought to you by DataStream Insurance.When the worst happens, you want the best financial, legal, and technical support to get you back up and running again. With Cyber Insurance from DataStream, we offer the most comprehensive insurance coverage on the market alongside critical post-incident customer support — all for the price of a cup or two of coffee each day. Make DataStream part of your business continuity plans today. Book a meeting with us at datastreaminsurance.com#cybercrime #cyberattacks #cyberinsurance

“Business email compromise” can often lead to much larger problems across the organisation because many people retain sensitive data in their emails. Someone who has seen this play out on multiple occasions is Violet Sullivan, VP of Client Engagement at Redpoint Cyber. Violet joins host Andy Anderson to talk about her observations. She draws on her experience teaching cybersecurity and privacy law as well as working as a practitioner for a forensics company. These include: - The fact that regulations alone can’t solve cybercrime — companies have to do their part in keeping abreast of a rapidly changing landscape.- Consider who your first call is when you are in trouble.- When trouble comes, the best response is to consider all options, don’t rule anything out.Violet Sullivan - https://www.linkedin.com/in/txcyberlawyer/Redpoint Cyber - https://www.linkedin.com/company/redpoint-cyber/The Cyber Crime Lab Podcast is brought to you by DataStream InsuranceWhen the worst happens, you want the best financial, legal, and technical support to get you back up and running again. With Cyber Insurance from DataStream, we offer the most comprehensive insurance coverage on the market alongside critical post-incident customer support — all for the price of a cup or two of coffee each day. Make DataStream part of your business continuity plans today. Book a meeting with us at datastreaminsurance.com#cybercrime #cyberattacks #cyberinsurance

Not many individuals have been involved with cybersecurity for decades, but Greg Young, Vice President Cybersecurity and CorpDev at Trend Micro, has been advising companies on security matters for over 30 years.Greg has his finger on the pulse of continuing developments in cybersecurity. He and host Andy Anderson discuss: - False positives and false negatives — what they are and how companies can guard against them.- Why the different software you are using for security should be able to communicate with each other.- Why advice like, “just patch software” or “do backups” isn’t always easily implemented.Greg Young - https://www.linkedin.com/in/greg-young-9125683/Trend Micro - https://www.linkedin.com/company/trend-micro/The Cyber Crime Lab Podcast is brought to you by DataStream Insurance.When the worst happens, you want the best financial, legal and technical support to get you back up and running again. With Cyber Insurance from DataStream, we offer the most comprehensive insurance coverage on the market alongside critical post-incident customer support — all for the price of a cup or two of coffee each day.Make DataStream part of your business continuity plans today. Book a meeting with us at datastreaminsurance.com#cybercrime #cyberattacks #cyberinsurance

While some medium and even large-scale firms continue to resist keeping up with the latest cybersecurity measures, more and more small firms and solopreneurs are taking cybersecurity seriously, says Wayne Hunter, Founder and CEO at AvTek Solutions, Inc.Wayne joins host Andy Anderson to discuss:- Why organizations need to “walk the talk” when it comes to cybersecurity.- Why cybersecurity isn’t ever a “set it and forget it” measure; companies have to keep pace with hackers who are also in “business” for profit.- Ways to overcome objections to cybersecurity measures in an organization.Wayne Hunter - https://www.linkedin.com/in/waynehunteravtek/AvTek Solutions, Inc. - https://www.linkedin.com/company/avtek-solutions/The Cyber Crime Lab Podcast is brought to you by DataStream Insurance.When the worst happens, you want the best financial, legal, and technical support to get you back up and running again. With Cyber Insurance from DataStream, we offer the most comprehensive insurance coverage on the market alongside critical post-incident customer support — all for the price of a cup or two of coffee each day. Make DataStream part of your business continuity plans today. Book a meeting with us at datastreaminsurance.com#cybercrime #cyberattacks #cyberinsurance

While having cyber insurance coverage is important, it’s important to have coverage counsel as well, says Scott Godes, Partner and Co-Chair, Insurance Recovery and Counseling Practice, and Co-Chair, Data Security and Privacy at Barnes & Thornburg LLP. Scott joins host Andy Anderson to walk through the details of a case he dealt with. They discuss: - Direct and indirect loss — covering both Scott’s opinions and those of the courts. - Why the language in an insurance contract is so important in deciding cases like these. - Tips on how to evaluate and buy insurance.- How coverage counsel can help you receive coverage when your insurance company refuses to pay.The Cyber Crime Lab Podcast is brought to you by DataStream Insurance.When the worst happens, you want the best financial, legal, and technical support to get you back up and running again. With Cyber Insurance from DataStream, we offer the most comprehensive insurance coverage on the market alongside critical post-incident customer support — all for the price of a cup or two of coffee each day. Make DataStream part of your business continuity plans today. Book a meeting with us at datastreaminsurance.com#cybercrime #cyberattacks #cyberinsurance

Great technical solutions to prevent cybercrime aren’t much help if the end user isn’t educated on the hows and whys of those solutions. That’s the message of Bruce Nelson, President at Vertilocity. Bruce joins host Andy Anderson to discuss:An additional method to help speed that process of end-user education: make the “secure way” also the “simplest way.”How threat actors use powerful emotional reactions to manipulate us.Why every organization needs to have a cyber risk assessment done and on file.The Cyber Crime Lab Podcast is brought to you by DataStream InsuranceWhen the worst happens, you want the best financial, legal, and technical support to get you back up and running again. With Cyber Insurance from DataStream, we offer the most comprehensive insurance coverage on the market alongside critical post-incident customer support — all for the price of a cup or two of coffee each day. Make DataStream part of your business continuity plans today. Book a meeting with us at datastreaminsurance.com#cybercrime #cyberattacks #cyberinsurance

Instead of saying, “It’s not going to happen to me,” business owners should take the advice of GroupSense CEO & Co-Founder Kurtis Minder and spend the time to prepare for what is the reality: small businesses will get hit by a ransomware attack.   Kurtis and host Andy Anderson discuss:   - Why it’s unreasonable to expect most small businesses to have a cyber expert on staff — and what to do instead.   - The government ransomware payment “protections” that sometimes put business owners between the choices of saving their business and breaking the law.   - How one ransomware victim got hit back-to-back, by googling for help instead of calling a professional.   The Cyber Crime Lab Podcast is brought to you by DataStream Insurance   When the worst happens, you want the best financial, legal, and technical support to get you back up and running again. With Cyber Insurance from DataStream, we offer the most comprehensive insurance coverage on the market alongside critical post-incident customer support — all for the price of a cup or two of coffee each day. Make DataStream part of your business continuity plans today. Book a meeting with us at datastreaminsurance.com

To deal with today’s scams and frauds you have to change your default mindset. You have to adjust your expectations and set your default to skepticism, says Roger Grimes, Data-Driven Defense Evangelist at KnowBe4.   Roger and host Andy Anderson discuss: Why “just implement MFA” isn’t a solution.How some people have been defrauded by fraudulent new job offers.The four signs that indicate you’re probably being scammed.   The Cyber Crime Lab Podcast is brought to you by DataStream Insurance When the worst happens, you want the best financial, legal, and technical support to get you back up and running again. With Cyber Insurance from DataStream, we offer the most comprehensive insurance coverage on the market alongside critical post-incident customer support — all for the price of a cup or two of coffee each day. Make DataStream part of your business continuity plans today. Book a meeting with us at datastreaminsurance.com

When someone has three decades of experience in cybersecurity, they certainly should qualify to be a “cybersecurity evangelist.”   That’s what Michael O’Hara, Certified Information Systems Security Professional at KB Communications, calls himself, and that’s why we invited him onto the podcast.   Along with sharing two intriguing case studies, Michael also points out: why staff must be educated about how to verify emails so as not to get taken in by scamswhy multi-function authentication (MFA) must be considered a norm nowthe reputational damage caused to businesses who suffer breaches   Michael also shares security reasons for sharing your vacation photos on social media only after returning from vacation.   The Cyber Crime Lab Podcast is brought to you by DataStream Insurance When the worst happens, you want the best financial, legal, and technical support to get you back up and running again. With Cyber Insurance from DataStream, we offer the most comprehensive insurance coverage on the market alongside critical post-incident customer support — all for the price of a cup or two of coffee each day. Make DataStream part of your business continuity plans today. Book a meeting with us at datastreaminsurance.com

While cybercrime is relatively new, criminals tend to organize themselves in traditional ways.   Vincent D’Agostino, Head of Cyber Forensics and Incident Response at BlueVoyant, has had plenty of experience with traditional organized crime during his time at the FBI which has given him insights into his current work in cybercrime. That experience and those insights make him a perfect guest for The Cyber Crime Lab Podcast.   Vincent and host Andy Anderson discuss: that cybercrime crews, like businesses, have niches, and hence no business is entirely safe from attackthe hierarchy and “outsourcing” methods used by some of the top-level cybercrime organizationshow and why criminals are “early adopters” of the newest technology and software   You’ll also hear how geopolitics and US federal law factor into how ransomware is deployed and paid for (or sometimes not).   The Cyber Crime Lab Podcast is brought to you by DataStream Insurance When the worst happens, you want the best financial, legal, and technical support to get you back up and running again. With Cyber Insurance from DataStream, we offer the most comprehensive insurance coverage on the market alongside critical post-incident customer support — all for the price of a cup or two of coffee each day. Make DataStream part of your business continuity plans today. Book a meeting with us at datastreaminsurance.com

We read about ransomware cases in the news but it’s not often that we get to hear one of the “good guys” share their step-by-step process for solving a case.   Luckily one of the good guys, Devon Ackerman, Practice Lead & Head of #DFIR Services for North America at Kroll, is sharing details of two cases on this episode of The Cyber Crime Lab Podcast. Before moving to Kroll, Devon spent the better part of a decade at the FBI, where he worked on traditional and digital aspects of crime.   Devon goes into detail about two particular incidents; one about employee theft and the other about a hospital that was hit. We learn: why law firms often have to help build a narrative and find evidence before law enforcement takes overthe importance of traditional sleuthing techniques alongside ever-developing cyber best practiceswhy ransomware doesn’t just “happen” We hope you enjoy this “inside look” as much as we did! The Cyber Crime Lab Podcast is brought to you by DataStream Insurance When the worst happens, you want the best financial, legal, and technical support to get you back up and running again. With Cyber Insurance from DataStream, we offer the most comprehensive insurance coverage on the market alongside critical post-incident customer support — all for the price of a cup or two of coffee each day. Make DataStream part of your business continuity plans today. Book a meeting with us at datastreaminsurance.com

As ransomware and other cyberattacks become less frequently something that people only hear about on the news, and more often something that has touched them personally, the importance of being prepared for such attacks should be a big priority.   Someone who has been part of a team that has handled over 100 ransomware attacks is Stu Panensky, Partner at FisherBroyles LLP. He helps counsel firms through cybersecurity or data privacy events and that’s why he’s a perfect guest for the latest episode of The Cyber Crime Lab Podcast.   Host Andy Anderson starts the conversation by asking Stu about a “Christmas miracle” ransomware situation in which a threat actor had attacked a K-12 school district a few days before the Christmas vacation.   Andy and Stu go on to discuss: the importance of putting in a little extra effort in communicating with threat actors (you often see better results as a consequence)why an incident response plan is at the core of most successful outcomes in cybercrime scenarios (preparation means less scrambling when a given scenario materializes)the many stakeholders (and their complex relationships) that can be affected by a cyberattack Stu champions outsourcing parts of this process to trusted vendors, and advocates a “trust but verify” method with vendors, ensuring you know what’s in your agreement and what their obligations are in case of an attack. The Cyber Crime Lab Podcast is brought to you by DataStream Insurance When the worst happens, you want the best financial, legal, and technical support to get you back up and running again. With Cyber Insurance from DataStream, we offer the most comprehensive insurance coverage on the market alongside critical post-incident customer support — all for the price of a cup or two of coffee each day. Make DataStream part of your business continuity plans today. Book a meeting with us at datastreaminsurance.com

It might be easy to characterize cyber criminals as random threat actors, but plenty of them work within sophisticated organizations that function like legitimate businesses. Someone who has observed their behaviors up close is Mark Lance, Senior Director of Cyber Defense at GuidePoint Security. On this episode of The Cyber Crime Lab Podcast, host Andy Anderson asks Mark to share some of his observations and experiences to give insight into the mindset of these threat actors. Andy and Mark discuss: the different types of threat actors and their differing motivationshow criminal organizations have their own IT support and HR departmentswhy no organization, no matter how small or niche, is immune from attack You’ll also hear Mark deconstruct some incidents he’s responded to, including the breach of a celebrity’s email account, which almost led to a theft of $2.5M. The Cyber Crime Lab Podcast is brought to you by DataStream Insurance When the worst happens, you want the best financial, legal, and technical support to get you back up and running again. With Cyber Insurance from DataStream, we offer the most comprehensive insurance coverage on the market alongside critical post-incident customer support — all for the price of a cup or two of coffee each day. Make DataStream part of your business continuity plans today. Book a meeting with us at datastreaminsurance.com

While it would be nice to have a single solution to a ransomware crisis, often what is needed are several different tools applied in different ways.   Our guest for today’s episode of The Cyber Crime Lab Podcast, Luke Emrich, Director of Incident Response at Tetra Defense, is someone familiar with those tools. He joins host Andy Anderson to give an overview of a particular ransomware attack he dealt with and the different tools he brought to bear on the situation.   Luke also shares: how backup protocols can help trace a threat actor’s movements and provide a starting point to restore client systems;ways organizations can prepare for attacks;how ransomware has changed, even in the past few years.   The Cyber Crime Lab Podcast is brought to you by DataStream Insurance. When the worst happens, you want the best financial, legal, and technical support to get you back up and running again. With Cyber Insurance from DataStream, we offer the most comprehensive insurance coverage on the market alongside critical post-incident customer support — all for the price of a cup or two of coffee each day. Make DataStream part of your business continuity plans today. Book a meeting with us at datastreaminsurance.com

While you might expect a vendor to always have your back (you are paying them, after all) that’s not something you should count on. In fact, it’s good business practice to expect that they might not have your back.   Two people who have learned this painful lesson are Patrick Kinsella and Armon Aghaie of 1Path. Patrick, Managing Director, and Armon, VP of Sales & Sales Engineering, join host Andy Anderson on The Cyber Crime Lab Podcast to share a story of a vendor who didn’t support them in their time of need, and how 1Path completely changed its business model as a result.    The episode begins with Patrick setting the scene: a Friday morning in which a very dispersed national workforce can’t log into their mobile devices to enable them to get paid nor allow the employer to bill clients. To make matters worse, the vendor refuses to assist in fixing the situation, claiming that it cannot be sure the end user, 1Path’s client, didn’t execute the action that led to the chaos in the first place.   Andy, Patrick, and Armon also discuss: - the process whereby the situation was eventually resolved - who the likely culprits were- how those culprits probably pulled it off   But, most importantly, you’ll hear how 1Path assessed how the situation had played out and committed to a more collaborative relationship with its customers to prevent situations like this from happening again in the future.  The Cyber Crime Lab Podcast is brought to you by DataStream Insurance When the worst happens, you want the best financial, legal, and technical support to get you back up and running again. With Cyber Insurance from DataStream, we offer the most comprehensive insurance coverage on the market alongside critical post-incident customer support — all for the price of a cup or two of coffee each day. Make DataStream part of your business continuity plans today. Book a meeting with us at datastreaminsurance.com

While there are lots of articles about cyberattacks, it’s often hard to track down stories of those who had to help customers get back up and online after one happens.   One of those business owners who had to do just that when the Kaseya cyberattack hit is Jay Tipton, CEO and Owner of Technology Specialists, and our guest for this episode of The Cyber Crime Lab Podcast. Jay and his team have 50 clients on retainer and they had to clean over 500 workstations and 80 servers to get their clients up and running again.    The discussion begins with the events of the day of the cyberattack: where Jay was, what the early warning signs were, and what had to be done first, which included Jay going into his Network Operation Center (NOC) and pulling plugs from the wall and turning everything off.   We also discuss:   How team members and clients pitched in to helpFBI guidance on which clients should get priority The personal and professional impact of such an attack   What makes this episode especially interesting is Jay’s willingness to be vulnerable and share a lot of the challenges he had to go through with his team and what he learned.    The Cyber Crime Lab Podcast is brought to you by DataStream Insurance   When the worst happens, you want the best financial, legal, and technical support to get you back up and running again. With Cyber Insurance from DataStream, we offer the most comprehensive insurance coverage on the market alongside critical post-incident customer support — all for the price of a cup or two of coffee each day. Make DataStream part of your business continuity plans today. Book a meeting with us at datastreaminsurance.com

We might think of foreign spy espionage as something that only happens to businesses in the military or defense sector, but it’s something that can happen to “regular” businesses that have nothing to do with military assets or foreign policy.   That’s a message that James Turgal, VP at Optiv Inc (and former Executive Assistant Director of the FBI) shares with us on the latest episode of the Cyber Crime Lab Podcast. James discusses a particular case in point to show that cyber crime can happen to anyone, anytime.   James also talks about: The “very long-range” approach of China to acquisition of trade secretsWhy data safety should be a company-wide policyWhat the priorities are for a victim of a ransomware attack You’ll also hear James draws on his 20 years of experience with the Bureau to share how the FBI can help businesses get back some or all of the ransoms that are paid.   The Cyber Crime Lab Podcast is brought to you by DataStream Insurance When the worst happens, you want the best financial, legal, and technical support to get you back up and running again. With Cyber Insurance from DataStream, we offer the most comprehensive insurance coverage on the market alongside critical post-incident customer support — all for the price of a cup or two of coffee each day. Make DataStream part of your business continuity plans today. Book a meeting with us at datastreaminsurance.com

While many people know that cyber attacks happen, they are often less familiar with “what happens next,” or the probabilities of such an attack happening to them or their organizations.   That’s why we started the Cyber Crime Lab Podcast, to shine a much-needed light on cyber crime through the stories of those people who’ve endured what is probably the worst day of their professional lives. We will also hear from the people and organizations who help victims recover from these attacks, and offer practical advice for those who don’t want to be the next chapter in this story.   Join Andy Anderson, CEO and Founder of Datastream Insurance, as he uses his decade-long experience in tech and insurance to break down these issues so you don’t need special qualifications to understand.   We look forward to educating and protecting you!