Hacking Humans 12.13.18
Ep 28 | 12.13.18

A pesky problem that doesn't go away.


Chris Bailey: [00:00:00] Every year, we think next year we'll have solved the phishing problem, but it just seems to be a pesky problem that doesn't go away.

Dave Bittner: [00:00:08] Hello, everyone, and welcome to the CyberWire's "Hacking Humans" podcast, where each week we look behind the social engineering scams, phishing schemes and criminal exploits that are making headlines and taking a heavy toll on organizations around the world. I'm Dave Bittner from the CyberWire, and joining me is Joe Carrigan from the Johns Hopkins University Information Security Institute. Hello, Joe.

Joe Carrigan: [00:00:27] Hi, Dave.

Dave Bittner: [00:00:28] Later in the show, we've got my interview with Chris Bailey. He's from Entrust Datacard. We're going to talk about how to detect lookalike sites online and better protect ourselves from fraud. But before we do that, a quick word from our sponsors at KnowBe4.

Dave Bittner: [00:00:46] So what's a con game? It's fraud that works by getting the victim to misplace their confidence in the con artist. In the world of security, we call confidence tricks social engineering. And as our sponsors at KnowBe4 can tell you, hacking the human is how organizations get compromised. What are some of the ways organizations are victimized by social engineering? We'll find out later in the show.

Dave Bittner: [00:01:13] And we are back. Joe, before we get into our stories this week, we got a note from one of our regular listeners. This is Russell from Down Under.

Joe Carrigan: [00:01:21] OK.

Dave Bittner: [00:01:22] And before I say Down Under, I really want to say Down Under with an Australian accent.

Joe Carrigan: [00:01:27] Right.

Dave Bittner: [00:01:27] But Russell wrote in and said, if you read this on air, please don't try an Australian accent.

Joe Carrigan: [00:01:32] (Laughter). A specific request from Russell.

Dave Bittner: [00:01:34] Yes. He said, your attempt last week at Slab's accent was so bad, I nearly drove off the road laughing so hard.

Joe Carrigan: [00:01:40] (Laughter).

Dave Bittner: [00:01:41] So all right, Russell, thank you for listening. I will resist...

Joe Carrigan: [00:01:45] (Laughter). Resist the urge.

Dave Bittner: [00:01:46] ...The urge to do my terrible Australian accent. I wonder how good Russell would be at doing an American accent.

Joe Carrigan: [00:01:52] I'd like to hear anybody do an American accent.

Dave Bittner: [00:01:54] (Laughter). All right. Well, let's move on to our stories. Joe, you're up first. What do you have for us?

Joe Carrigan: [00:01:59] My story this week comes from security firm Agari. And you covered this story briefly on the CyberWire last week, but I wanted to get a little bit more into it. Agari has a report out, and I've kind of gone through it. It's a great report. I recommend everybody download it. They have identified a group called London Blue. All right? And this is a Nigerian gang that is focusing on business email compromise. And in this report, they go into the evolution of the gang and how they're structured and everything. They have found that they have extended their operations from not just Nigeria, but now they have two operatives in the U.K. - at least two operatives. And they've identified 17 collaborators of this group here in the United States and Western Europe and other countries. But they're primarily involved in moving funds. So these are money mules. When you build an organization like this whose job is to go out and scam people, and you start getting in money, one of the problems you have is, what do you do with that money?

Dave Bittner: [00:02:53] Right.

Joe Carrigan: [00:02:53] How do you launder it?

Dave Bittner: [00:02:55] Right.

Joe Carrigan: [00:02:55] Well, these guys have set themselves up. They actually work like an actual corporation. They have an HR organization for going out and recruiting people, like money mules and other scammers. They have a sales force that is actually the people that go out and try to do the scams. And they have a financial organization that does the money laundering once they've gotten the funds in from somebody. Their effectiveness depends on working with data brokers, commercial data brokers. Actual, real data brokers. And here's the main crux of the story, is that they have generated a list of more than 50,000 corporate officials to prepare for business email compromise operations. Among them, 71 percent of these people are CFOs. So they're...

Dave Bittner: [00:03:37] Chief financial officers.

Joe Carrigan: [00:03:38] Exactly. They are targeting chief financial officers, and they're going to try to get them to move money around into these fraudulent accounts.

Dave Bittner: [00:03:46] So this is basically a phone book full of the people who we want to target for these sorts of things.

Joe Carrigan: [00:03:51] Exactly. They've done their research. They've worked with these commercial data brokers, and they've amassed this not necessarily open-source information - because they're using commercial source for this.

Dave Bittner: [00:04:00] I see.

Joe Carrigan: [00:04:00] But they've gone out and they've built, essentially, like you said, a phone book of 50,000 people, high-value targets.

Dave Bittner: [00:04:06] Now, what are they doing with it?

Joe Carrigan: [00:04:07] They're targeting people mainly in the United States. Over half of the potential 50,000 victims are U.S. people. And then other countries include Spain and Finland and U.K. and other places. But they're going to try to do money transfer scams with this stuff. So you may ask yourself, how did Agari find out about London Blue?

Dave Bittner: [00:04:26] OK.

Joe Carrigan: [00:04:27] Well, here's a quote from the report. I recommend you read it. (Reading) In a move that could be described as felony stupid, London Blue targeted Agari with one of its typical attacks. Oops.

Dave Bittner: [00:04:39] (Laughter).

Joe Carrigan: [00:04:39] So these guys sent an email to the CFO of Agari posing as the CEO. And the copies of the email are in the report. And the assistant replies from the assistant's email saying, our CFO is out. What do you need me to do? And starts - and collects all the information. And then Agari essentially scam-baits London Blue and then uses the information that they get from them to notify the financial institutions so they can shut down the fraudulent accounts (laughter).

Dave Bittner: [00:05:06] Wow. Wow.

Joe Carrigan: [00:05:07] So this is a great story of a social engineering attack working on a social engineering organization whose goals are nefarious. So good work.

Dave Bittner: [00:05:13] Yeah. Hats off to Agari. Right.

Joe Carrigan: [00:05:15] Right.

Dave Bittner: [00:05:17] Right. Yeah. All right. Well, we'll have a link to the story in the show notes. Sounds like a fun one.

Joe Carrigan: [00:05:21] It is.

Dave Bittner: [00:05:22] All right. Well, my story this week is about Cyber Monday. So a couple weeks ago, we had Cyber Monday. We had Black Friday, which, here in the United States, is the big shopping day right after Thanksgiving. And that's followed by Cyber Monday. And I don't know why Monday became the cybershopping day. It's not like you couldn't shop online on Thursday.

Joe Carrigan: [00:05:44] Well, that's because that's your first day back to work, Dave, and you can goof off at work by shopping. (Laughter).

Dave Bittner: [00:05:49] I see. Right. Of course. Of course. Of course. OK. Yeah. All right. Makes total sense to me.

Joe Carrigan: [00:05:54] Right.

Dave Bittner: [00:05:55] (Laughter) Thank you, Joe.

Dave Bittner: [00:05:58] So...

Joe Carrigan: [00:05:58] Not that I've ever done it.

Dave Bittner: [00:05:58] No, of course not. Of course not. So the folks over Zscaler wrote up a report about this. This is actually written by Deepen Desai, who is someone I've interviewed before. I think he's been on our Research Saturday a couple of times - a good guy. And they looked at the phishing attacks that they were getting and blocking over at Zscaler to figure out what are the days when people are targeted the most. Now, I don't know about you. I would have expected that Cyber Monday probably would have been the big day because that is the biggest shopping day...

Joe Carrigan: [00:06:28] For online shopping.

Dave Bittner: [00:06:29] ...For online shopping, right. Amazon put out statistics. I believe it was their biggest shopping day ever.

Joe Carrigan: [00:06:35] Right.

Dave Bittner: [00:06:36] Now what Zscaler discovered by tracking these phishing attempts was that it was actually the Wednesday before Thanksgiving - the day before Thanksgiving that was the busiest day when it comes to phishing attempts. Now, why do you suppose that is - any guesses?

Joe Carrigan: [00:06:54] Let me think about that for a minute. All right, Dave, you stumped me.


Dave Bittner: [00:06:59] Well...

Joe Carrigan: [00:06:59] I can't imagine why this is.

Dave Bittner: [00:07:00] Well, it's interesting. I mean, there were nearly twice as many phishing attempts...

Joe Carrigan: [00:07:03] Twice as many.

Dave Bittner: [00:07:03] ...On that Wednesday as there were actually on Cyber Monday. And the folks over at Zscaler say that these phishing people are smart, of course.

Joe Carrigan: [00:07:12] Right.

Dave Bittner: [00:07:12] And like you said in your story, they're running these things like a business.

Joe Carrigan: [00:07:16] Yup.

Dave Bittner: [00:07:16] And what they've discovered is that on actual Cyber Monday, when folks are shopping, they are much more likely to just key in the name of the place they want to go shopping. So they know they want to go to Amazon.

Joe Carrigan: [00:07:29] I type in amazon.com.

Dave Bittner: [00:07:31] But on those days leading up to Cyber Monday, they're looking for a deal...

Joe Carrigan: [00:07:35] Right.

Dave Bittner: [00:07:35] ...Because that's when all the emails are coming from all the companies that say, hey, Cyber Monday is coming. Check out our deals. And so these phishing attempts take the form of those promotional emails...

Joe Carrigan: [00:07:49] I see.

Dave Bittner: [00:07:49] ...That say, you know, 20 percent off your Amazon. All you need to do is log on. And then they send you to a fake...

Joe Carrigan: [00:07:55] A fake login harvesting your credentials.

Dave Bittner: [00:07:58] Right, right. Exactly. So we'll have a link to this in the show notes. It's an interesting story and not at all what I would have thought - so some interesting information from our friends at Zscaler.

Joe Carrigan: [00:08:10] That is good information to have. You know, both these stories today are about companies that are essentially using themselves as honeypots, right? Not that they're being honey pots - I mean, they're just operating their normal businesses. But they're using the actual attacks that are coming into them to do good work.

Dave Bittner: [00:08:26] That's right. And Zscaler - of course, part of their business is helping people block these things.

Joe Carrigan: [00:08:30] Right.

Dave Bittner: [00:08:30] So they have a really good window into what's going on here.

Joe Carrigan: [00:08:34] Absolutely.

Dave Bittner: [00:08:35] All right, well, those are our stories. It's time to move on to our Catch of the Day.


Dave Bittner: [00:08:42] Joe, you've got the duties for our catch of the day this week. What do we have here?

Joe Carrigan: [00:08:46] All right, this one comes from Javier (ph). And he says, hey there, thanks for the great work on the podcast. Keep it up. I thought you might like this catch. I reeled it on my Google Hangouts. So someone is phishing him on Google Hangouts.

Dave Bittner: [00:08:57] All right.

Joe Carrigan: [00:08:58] And it reads like this. (Reading) Hi. I am a tender and caring woman who is looking for real true feelings and love. I, Selina Williams (ph) is my name - 33 years old, single, from USA, Texas, Dallas. Never been marrid (ph) - M-A-R-R-I-D - before - the letter B, the number four. I have no kids - seriously looking for stong (ph) relationship and family as well. I am looking for a reliable man with good manners, not hot-tempered, kind and attentive, the one to be happy with forever - that's a run-on sentence. The man for me is the person to respect, to care and to love. Relationship is trust. I want to be a good support for my future husband and make him the happiest person eve.

Dave Bittner: [00:09:55] I think they meant ever.

Joe Carrigan: [00:09:56] Probably, yes.

Dave Bittner: [00:09:57] Yeah.

Joe Carrigan: [00:09:57] Yeah. And then the next thing is an image of a very beautiful woman.

Dave Bittner: [00:10:01] Yes, I would say this...

Joe Carrigan: [00:10:02] Sitting on a couch.

Dave Bittner: [00:10:03] I'd say this woman is of above average attractiveness.

Joe Carrigan: [00:10:06] Yes.

Dave Bittner: [00:10:07] Yes, she has long flowing brunette hair. She's sort of leaning back on a couch. She's well-dressed, well-groomed.

Joe Carrigan: [00:10:14] I would say the celebrity she most resembles is Mila Kunis.

Dave Bittner: [00:10:16] OK, looking right at the camera.

Joe Carrigan: [00:10:18] Yep.

Dave Bittner: [00:10:18] Well, Joe, lucky for us, we have reverse image search from google. So I did look up this image to see who this woman is - turns out her name is Sunny Leone.

Joe Carrigan: [00:10:29] Not Selina Williams?

Dave Bittner: [00:10:30] She is not Selina Williams. She is Sunny Leone...

Joe Carrigan: [00:10:31] Aw, I'm heartbroken now.

Dave Bittner: [00:10:34] ...Who I just learned today is one of the stylish divas of Bollywood.

Joe Carrigan: [00:10:39] Oh, OK.

Dave Bittner: [00:10:39] She's a style icon who never fails to impress her fans. In fact, she is married. She has several kids...

Joe Carrigan: [00:10:45] OK.

Dave Bittner: [00:10:47] ...And, by all accounts, a very successful career. So she does not need your help.


Dave Bittner: [00:10:56] But you could certainly see how this could be alluring.

Joe Carrigan: [00:11:00] Yes.

Dave Bittner: [00:11:01] Pushing lots of buttons here - she's looking for everything, right? There's nothing she's not looking for.

Joe Carrigan: [00:11:05] That's right.

Dave Bittner: [00:11:06] She's looking for - there's something in here for everyone that she's looking for, so.

Joe Carrigan: [00:11:10] Well, he's not looking for hot-tempered guys, Dave.

Dave Bittner: [00:11:12] That's true. So that rules you and I out.

Joe Carrigan: [00:11:14] I'm out, right.


Dave Bittner: [00:11:15] Right, yeah. But she wants to be happy forever, so.

Joe Carrigan: [00:11:19] Yes - or she wants to make make her man happy for eve.

Dave Bittner: [00:11:22] There you go.

Joe Carrigan: [00:11:23] Right.

Dave Bittner: [00:11:23] It's funny we haven't had a straightforward kind of female-centered romance scam here. We've talked about some romance scams going after women. But I think this is the first one we've had where - certainly with a picture like this, right?

Joe Carrigan: [00:11:35] Yeah.

Dave Bittner: [00:11:36] It's interesting to me. I mean, they just copied and pasted a picture from this celebrity's photo gallery. And maybe they were counting on the fact that maybe folks in the U.S. aren't familiar with Bollywood actresses. It's not like it's Julia Roberts or something in this picture.

Joe Carrigan: [00:11:49] Right, right.

Dave Bittner: [00:11:50] So there you go. Pretty straightforward - but unfortunately, I could see how people could fall for it.

Joe Carrigan: [00:11:55] Yep.

Dave Bittner: [00:11:55] All right. Well, that is our Catch of the Day. Coming up next, we've got my interview with Chris Bailey. He's from Entrust Datacard. We're going to talk about detecting lookalike sites online and ways to better protect ourselves from fraud. But before we get to that, a quick word from our sponsors at KnowBe4.

Dave Bittner: [00:12:16] And now we return to our sponsor's question about forms of social engineering. KnowBe4 will tell you that where there's human contact, there can be con games. It's important to build the kind of security culture in which your employees are enabled to make smart security decisions. To do that, they need to recognize phishing emails, of course. But they also need to understand that they can be hooked by voice calls - this is known as vishing - or by SMS text, which people call smishing. See how your security culture stacks up against KnowBe4's free test. Get it at knowbe4.com/phishtest. That's knowbe4.com/phishtest.

Dave Bittner: [00:13:04] And we are back. Joe, I recently had the opportunity to speak with Chris Bailey. He's from Entrust Datacard. And we talked about detecting lookalike sites online as well as ways to protect ourselves from fraud. So here's my conversation with Chris Bailey.

Chris Bailey: [00:13:19] The first thing you might want to do is if it is your bank, you might want to just type in the website of your bank directly into your browser. Another thing you can do - most people don't know about this. But many of the banks that you go to today - Bank of America or JPMorgan Chase or a U.S. bank, PayPal - when you go to those websites, they'll have a special indicator in the browser. And it's called an extended validation indicator. It actually will show you either the name of the organization and the country it's associated with or it'll actually show you that information in green. And that, actually, is also a really good indicator for the average person to look and see if they're actually at their real bank.

Dave Bittner: [00:14:04] Now, can you give us some insight - what's going on under the hood here with this extended validation certificate? And how does it differ from, you know, the regular lock symbol that we see in our browsers?

Chris Bailey: [00:14:15] Going back into the '90s, the lock symbol first started to appear. We were trained to look for the lock symbol. If you see the lock symbol, it's safe. Over time, the lock symbol has not actually meant the same thing as it did back then. Back then, it was a good idea to look for the lock symbol. But today, the lock symbol really just means that the website is encrypted. When you see sites with the lock symbol, you know it's encrypted. But if you also see the identity information associated with them - let's say that the organization name is right there beside the lock symbol - then you know it's gone through a higher level of verification. And that verification involves the organization being vetted by a third party called a certification authority. And that process is pretty thorough. The CA or certification authority will actually go and try to figure out if the company is legit. You know, is the company in good standing? It also will try to prove that the person who's associating or who's trying to request that identity has the right to do so. It's a very different type of process than just getting an encrypted certificate, which is generally anonymous, nowadays. And, you know, most of the time, it's free.

Dave Bittner: [00:15:36] Now, from the browser provider's point of view, this is a difficult thing to spoof or impossible. In other words, that company's name would not be displayed there had they not gone through this process.

Chris Bailey: [00:15:49] That's correct. It's a difficult thing to spoof. It, actually, has a very good track record of not being associated with the type of fraudulent activity - phishing - that we're talking about. You really - the primary reason is because we actually have to identify, you know, the participants in the process ordering these higher level of identification, the person who is trying to get it doesn't want to be identified if they actually are, indeed, trying to do something fraudulent because they just create a forensic trail for themselves.

Dave Bittner: [00:16:20] I see. For example, I'm looking at one right now from Twitter. And it says Twitter Inc. And then in brackets, it says U.S. What's the significance of the location indicator there?

Chris Bailey: [00:16:32] The location indicator means that the company, Twitter, is located in the U.S. And if you were to see that that organization was in RU, for example, that would mean it's in Russia. That might not be the place that you want to have your browser pointed to. So that is just an indicator that this is the organization Twitter that's located in the United States.

Dave Bittner: [00:16:57] So in terms of, you know, consumers protecting themselves, not every organization is using this. What's sort of a best practice to make the best use of this additional security?

Chris Bailey: [00:17:08] The most commonly phished sites generally - not all of them. But it's increasing all the time. But they generally will have these types of certificates, identifiers in the sites. And so you can go to, let's say, Apple or you can go to one of your banks where these will give you an increased level of assurance that you're actually at the right place. And because banks are so frequently attacked because they're a rich target for these types of fraudulent activities, the vast majority of banks actually have - at least the large ones have these types of certificates. And it's increasing. It's been a trend. In North America at least is the majority of them.

Dave Bittner: [00:17:53] Now, I'm looking at our own website here, the CyberWire, and I'm proud to say that we take part in this (laughter). But I'm curious, you know, for small organizations who want to add this to give their customers that extra sense of assurance and security, what's the process for going through this?

Chris Bailey: [00:18:11] Sure. Well, they'll need to work with their - either their web poster or go to a certification authority directly. And the certification authority will go about trying to make sure that the organization that is associated that they're - they're claiming they're associated with, is indeed legitimate. So in order for us to do that as a certification authority, we literally will go to a secretary of state and try to find the records that are associated with that. And we go through a few other processes as, you know, calling the person through those connected lines. And we can do other mechanisms.

Chris Bailey: [00:18:55] We also want to make sure that they have access to that domain, that they're not actually trying to get something for - you know, for your example, you know, of CyberWire, we want to make sure that that is indeed something they have legitimate access to and can control. And after we do that, we issue the certificate with the information of the organization that we've just gone through a verification process. And then that's placed on the website. And everything after that is automatic. It just shows the identity in the browser.

Dave Bittner: [00:19:27] So that information that's being displayed is actually generated from the validation organization, not the folks posting the website.

Chris Bailey: [00:19:35] It's actually cryptographically bound to something called a digital certificate. And that digital certificate is placed on the server. And then the CA, the certification authority, really has only a few services offers after the fact. They actually will maintain that the certificate is still in good standing via revocation services, which are not commonly used, but we have to have that just in case it's needed. But the web poster is the one that actually will ultimately bind that certificate to that website, and the browser does all the work after that.

Dave Bittner: [00:20:11] So what do you think, Joe? That's a really interesting look under the hood of that particular bit of technology there.

Joe Carrigan: [00:20:17] Yeah. I think it's a great introduction to the feature of extended validation certificates.

Dave Bittner: [00:20:21] Yeah.

Joe Carrigan: [00:20:22] First, I want to tell you that I can teach a novice how to create a fake webpage in an afternoon.

Dave Bittner: [00:20:28] OK.

Joe Carrigan: [00:20:28] It's remarkably easy. It is essentially a copy and paste and then you correct any errors that you have - very simple to do it. Because HTML, the language that the web is laid out in, is just text that is copied down from the server when I request a webpage, I can easily view that HTML and just copy it...

Dave Bittner: [00:20:46] Yeah, you know, your browser says you can view the code.

Joe Carrigan: [00:20:47] Right. I have to be able to see the code in order to see the webpage, so therefore I can copy the code - no problem.

Dave Bittner: [00:20:52] Right, right.

Joe Carrigan: [00:20:53] And I can create a dummy website that looks exactly like a legitimate website in an afternoon.

Dave Bittner: [00:20:57] Yep.

Joe Carrigan: [00:20:58] Or I could teach someone to do it in an afternoon. I can do it in an hour.

Dave Bittner: [00:21:01] (Laughter).

Joe Carrigan: [00:21:01] Couple things that Chris talked about here - No. 1, type the address in yourself.

Dave Bittner: [00:21:05] Right, always a good idea.

Joe Carrigan: [00:21:06] Always a great idea. Never don't recommend that. He said that the CyberWire - you guys talked about the CyberWire having one.

Dave Bittner: [00:21:11] Yep. We do. I wasn't directly involved with that, but I do remember conversations about it. And I believe we did have to jump through some hoops. It was not insignificant the proof that you have to provide of who you are and how long you've been in business and so on and so forth. Obviously, for us, in the - you know, we figured in the business that we're in, it'd be good for us to have the most security we could have...

Joe Carrigan: [00:21:34] Correct, yeah, I would agree.

Dave Bittner: [00:21:35] ...So it was worth the effort for us.

Joe Carrigan: [00:21:37] Yep, yep. It's great that it takes so much. I like what he said, that it creates a forensic trail...

Dave Bittner: [00:21:41] Yeah.

Joe Carrigan: [00:21:42] ...And fraudulent people are not interested in doing that.

Dave Bittner: [00:21:44] Yeah.

Joe Carrigan: [00:21:45] He named - Bank of America has one, and that's great. We did a look around for local banks here in Maryland. Only one, Sandy Spring Bank, has a validation certificate.

Dave Bittner: [00:21:55] Yeah, it was interesting to me that we were poking around. I guess I thought more would have it then it seems do.

Joe Carrigan: [00:22:01] Yeah. There are even some national banks that don't have this. And they should all get on it right now.

Dave Bittner: [00:22:05] Yeah, it's surprising.

Joe Carrigan: [00:22:05] I'm not going to name names here, but at some point in time, I will.

Dave Bittner: [00:22:11] (Laughter) All right.

Joe Carrigan: [00:22:13] So you're on notice, banks.

Dave Bittner: [00:22:15] There you go. There you go.

Joe Carrigan: [00:22:17] One of the important features of these certificates, he talked about this briefly, is that they're revocable. And what happens during this process is your browser says, I got the certificate that's been signed by the certificate authority. And I ask the certificate authority is this still a good certificate, and the certificate authority says yes or no. And usually it's yes. But the certificate authority needs to be able to say, no, that's no longer a valid certificate.

Dave Bittner: [00:22:41] Right. So that keeps me from selling my certificate to bad guys or...

Joe Carrigan: [00:22:44] Right. Or having it compromised. You know, let's say your certificate is compromised and someone steals the keys to it, you need to be able to tell people, OK, that certificate's been stolen. Nobody consider that valid anymore.

Dave Bittner: [00:22:55] Yeah.

Joe Carrigan: [00:22:55] That's the purpose of that.

Dave Bittner: [00:22:56] All right. Well, thanks again to Chris Bailey for joining us. And that is our show this week. We want to thank you all for listening.

Dave Bittner: [00:23:03] And, of course, thanks to our sponsors at KnowBe4. They're the social engineering experts and the pioneers of new-school security awareness training. Be sure to take advantage of their free phishing test, which you can order up at knowbe4.com/phishtest. Think of KnowBe4 for your security training.

Dave Bittner: [00:23:20] Thanks to the Johns Hopkins University Information Security Institute for their participation. You can learn more about them at isi.jhu.edu. The "Hacking Humans" podcast is proudly produced in Maryland at the startup studios of DataTribe, where they're co-building the next generation of cybersecurity teams and technology. Our coordinating producer is Jennifer Eiben. Our editor is John Petrik, technical editor is Chris Russell, executive editor is Peter Kilpe. I'm Dave Bittner.

Joe Carrigan: [00:23:46] And I'm Joe Carrigan.

Dave Bittner: [00:23:47] Thanks for listening.