Getting Smart Against Ransomware with Sherri Davidoff and Michael A. Kleinman – part 2

In part two of our Chattinn Cyber with with host Marc Schein, our guests, Sherri and Michael, continue talking about ransomware. They start with the question of whether or not you should actually pay the ransom. Sherri recommends making sure you have backups. Have a plan to resecure your data even if you have to engage with the hackers. From the legal side, Michael recommends contacting law enforcement—but not the local police. These days, the FBI works really hard to help. It also helps to have built a relationship with federal police ahead of time. Sherri suggests looking into community partnership programs that have sprung up recently.

Regarding police takedown, Sherri explains that some leading ransomware gangs have recently been taken down, including Emotet. Emotet was one of the leading technological threat distributors. With Emotet on your computer, all your information could be stolen within 15 minutes. And then they could simply nuke it all with the Ryuk ransomware. Members of that very gang have been arrested. Emotet will uninstall itself by April of this year.

A lot of repair software may actually be working as malware itself. It’s absolutely vital to have expert help at every step of the way.

Sherri finishes the episode by giving a few key things to watch out for to protect yourself from ransomware:

  1. Exposed remote login credentials.
  2. Email phishing.
  3. Software vulnerabilities.

She recommends using two-factor authentication and a VPN. Be sure to train users to think before they click. Michael urges to do your due diligence assuming there is risk. Get ahead of the proliferation of ransomware attacks.

Key Takeaways:

  • Ask for proof of life if you’re going to pay the ransom on your data.
  • Knowing who to contact is important.
  • An advisory can help to organize your response to hackers.
  • There are downsides to getting your ransomware payments insured.
  • You must treat any threat as a potential data breach.

Key Quotes:

  • “There’s nothing new here from a legal perspective.” – Michael (13:00)
  • “We actually have seen takedowns of ransomware-as-a-service gangs.” – Sherri (22:00)
  • “You have to assume that there may have been data stolen.” – Sherri (24:50)
  • “You cannot figure out what the breach is without the technology side.” – Michael (26:00)
  • “The second you start a letter-writing campaign, you have to be mindful of the fact that you’re creating a record for court.” – Michael (33:10)

Getting Smart Against Ransomware with Sherri Davidoff and Michael A. Kleinman – part 1

In this episode of Chattinn Cyber Marc Schein interviews guests; Sherri Davidoff, CEO of LMG Security and author of the recently released book, “Data Breaches.” And Michael A. Kleinman, Special Counsel, Fried Frank. Sherri started working in cyber security before that was even a term.  And Michael, on the other hand, comes from the legal world. A litigator, Michael started to see more and more clients needing counsel with regard to cyber and use privacy issues.

They begin their conversation digging into the issue of ransomware. Sherri explains what ransomware is and moves into how ransomware continues to evolve. She shares a story of a ransomware case that infiltrated a trucking company. This stranded the trucks and affected the retail industry at large.

They also discuss what kind of legal room the victims of a cyber attack actually have. It’s a complicated issue when business is disrupted—especially when they are contractually obligated to deliver. Sherri explains that businesses need to demand security reviews in their contracts, and the community as a whole needs to understand that transparency around security benefits everyone.

Michael talks briefly about notification laws and how they affect private data in contractual agreements. Sherri says that 75% of ransomware breaches take personal data. What you really need to do is figure out what they actually have before taking the next step of paying the ransomware.

Key Takeaways:

  • There is now ransomware as a service.
  • The hacker economy is demanding more and more specialized roles.
  • A cyber attack can actually cause a breach of contract.
  • 92% of breaches come from third parties.
  • There really aren’t standards for suppliers notifying when there’s a hack.
  • Think about which suppliers have important access to your data.

Key Quotes:

  • “The operational impact of a ransomware case, sometimes by design, often has this huge ripple effect—especially when who’s targeted is a key supplier.” – Sherri (6:00)
  • “Once you start getting into a ransomware case, you start to realize how dependent even little things are.” – Sherri (9:35)
  • “This issue of incidents arising out of third parties is not new.” – Michael (15:30)
  • “You need to understand what the contracts actually say.” – Michael (18:20)
  • “If your data is up there, YOU need to do an investigation.” – Sherri (20:36)
  • “Reduce your access, and you reduce your risk.” – Sherri (21:30)
  • “Today, ransomware is typically the tip of the iceberg. It’s the last thing you see after a long-range attack.” – Sherri (22:25)

How Individuals and Small Businesses Can Protect Themselves From Cyber Threats – with Kristin Judge.

In this episode of CHATTINN CYBER, Marc Schein interviews Kristin Judge, a Leading Voice for Cybercrime Victims. Kristin educates small businesses, elected officials, and nontechnical individuals to use best practices to avoid cyber risks.

Small businesses and individuals are facing a huge risk with the rapid growth of cybercrime, people are losing their livelihood, homes, and mental health. Businesses, as well as communities, are suffering globally.

Kristin discusses the top 3 cyber risks that are impacting individuals and small businesses.

  • Romance Scams on the internet
  • Cyberbullying
  • Ransomware attacks

Kristin started Securing our Community, a program that will help tackle the risk of cybercrimes. In this program, her team will train children and college students to assist less tech-savvy people in their environment. She says, trainees will be able to help individuals, businesses, and communities. Such as adding a malware program to individual’s systems, changing their privacy settings, etc.

Recently, Cyberspace Solarium Commission took a great step to protect individuals and small businesses from cybercrimes. Cyberspace Solarium Commission shared a transition document with the Biden administration that talks about leading a national call center for individuals and small businesses. They also call-out the need for victim services grants. Due to all these efforts of the Cyberspace Solarium and congressional leadership, we are finally seeing that the cyber victims are being served and their voice is being heard.

Topics Discussed in the Podcast

  1. How Kristin Judge started her career in cybersecurity and was appointed to train government officials?
  2. How cyber attacks are impacting small businesses and individuals?
  3. What are the trends of cyber risks and what are the top 3 cyber risks?
  4. What individuals and small businesses can do to protect themselves from cyber risks?
  5. How Kristin’s ‘Securing our Community’ and ‘Cyber Secure My Business’ programs are helping individuals and businesses?
  6. What services are available  for small businesses and individuals?
  7. How an individual can report any cyber issue and can reinforce the security of his/her system?
  8. Where individuals can get constant updates of new information on cybersecurity and cyber risks?
  9. What Cybercrime Support Network (CSN) is doing for small businesses?
  10. What are the benefits of engaging cybersecurity companies with small businesses?
  11. What is the significance of cyber insurance in protecting small businesses?
  12. What’s the importance of securing home networks?
  13. What Cyberspace Solarium Commission recently did to protect individuals and small businesses from cybercrimes?

 

Using Artificial Intelligence to Solve Critical Problems in Healthcare – with Kilian Koepsell

In this episode of CHATTINN CYBER, Marc Schein interviews Kilian Koepsell, CTO and Co-Founder of Caption Health. As Caption Health CTO and Co-Founder Kilian Koepsell leads the company’s efforts to use the latest in artificial intelligence and deep learning to bring the diagnostic power of ultrasound to more healthcare providers, democratizing access to healthcare and improving patient outcomes.

Prior to co-founding Caption Health, he worked on developing computer vision algorithms matched to the human visual processing system at the Redwood Neuroscience Institute and UC Berkeley — research he brought to Caption Health’s ultrasound guidance software. He also co-founded White Matter Technologies and was a founding team member at IQ Engines, which was acquired by Yahoo! for its Flickr group. He holds a PhD in physics from the University of Hamburg, as well as two master’s degrees in mathematics and physics from the same university.

Kilian was born and grew up in a family of physicians, in Germany, where he developed a keen interest in health care. Along with health care, he was also fascinated with computers and Artificial Intelligence (AI) since his childhood. Although Kilian was passionate about AI and health care, he studied mathematics and physics. Soon he realized that these two courses were based on theoretical knowledge, however he wanted to study something that he could apply to create an impact on the lives of other people. Then he decided to switch his field and pursue his childhood passion. He came to the United States and studied Neuroscience and Artificial Intelligence at UC Berkeley.  After completing his research at UC Berkeley he started his career in the field of medical imaging.

Access to quality diagnostic imaging leads to more timely and accurate diagnoses and treatment for patients, but the skills needed to perform an ultrasound exam take years of specialized training to master. Caption Health is bridging this gap through a simple but powerful concept: what if we could use technology to emulate the expertise of highly trained medical experts and put that ability into the hands of every care provider?

Caption Health’s breakthrough technology, Caption AI, empowers healthcare providers with new capabilities to acquire and interpret ultrasound exams by emulating the expertise of a sonographer. The AI software provides real-time probe guidance, automatically captures diagnostic-quality images, and automatically calculates ejection fraction (the most widely used measurement to assess cardiac function). It is the world’s first and only FDA cleared AI-guided ultrasound system.

Kilian talks about the significance of Caption AI for treating Covid-19 patients. He says that many Covid-19 patients are dying due to cardiac complications because the Covid-19 virus is attacking their hearts along with the lungs. As the Covid-19 virus is attacking the heart, it is very important to keep a regular check on the performance of the patient’s heart. But due to the isolation protocol, it becomes very difficult for the experts to do an ultrasound examination of the patient’s heart by personally visiting him/her. In this scenario, Caption AI provides an easy and quick solution by enabling any health care provider to easily get echo images and evaluate heart performance.

The company hopes to democratize healthcare by expanding clinicians’ ability to perform ultrasound at the point of care in order to improve patient outcomes and reduce costs. In 2020, they received three major FDA clearances, including an expedited clearance to support frontline healthcare workers in the fight against COVID-19; closed $53 million in Series B funding; announced their first commercial partnership with Northwestern Medicine; and received a $4.95M grant from the Bill & Melinda Gates Foundation to support the development of innovative AI technology for lung ultrasound.

Topics Discussed in the Podcast

  1. What brought Kilian to Artificial Intelligence and medical imaging?
  2. How Kilian’s AI-based medical imaging tool helps healthcare providers?
  3. What is the significance of AI-based medical imaging tool in treating Covid-19 patients?
  4. How Covid-19 impacted Kilian’s medical imaging business?
  5. What are the concerns of people regarding Artificial Intelligence?
  6. What are the benefits and risks of Artificial Intelligence?
  7. How Artificial Intelligence can change the overall health care industry?
  8. Why is it so important to decentralized health care?

 Contact detail of Kilian Koepsell

Website: https://captionhealth.com/

 

 

The Ever-Increasing Danger of Cyberattacks – With Sean Hoar of Lewis Brisbois

In this episode of CHATTINN CYBER, Marc Schein interviews Sean Hoar, of Lewis Brisbois and chair of the Data Privacy & Cybersecurity Practice. He has extensive experience managing responses to digital crises and effectively marshaling resources to contain and remediate information security incidents. He served as the lead cyber attorney for the U.S. Attorney’s Office in Oregon, and he worked closely with the Computer Crime & Intellectual Property Section in Washington D.C. He holds the Certified Information Systems Security Professional (CISSP), the Global Information Security Professional (GISP), and the Certified Information Privacy Professional/United States (CIPP/US.

Sean served in the US Attorney’s Office for many years where he handled career cases that exposed him to the digital world of electronic surveillance. He believes that cyber hackers have evolved fast and have become more sophisticated over the years, leveraging the systems and applications. Sean explains that as long as cybercriminals are able to monetize data; ransom and other exploits are going to continue, the most dangerous of which right now is extortion. Sean explains how he advises his clients to give information to the FBI who gather evidence across the country and attribute each case to malicious actors, they hold them accountable, and criminally charge them.

Sean explains why security starts with setting up foundational basics in an organization. He also describes the criteria they use to ensure advanced cybersecurity for their clients: they make sure the internal teams understand what they’re supposed to do, and the external teams stay in touch with their obligations. Companies need to put cyber procedures in place to avoid financial consequences in the long run if they are not proactive. “But for me, it’s a matter of helping them really visualize what it will look like, and until they understand that, it’s going to be hard to get them to take action.”

Companies that carry cyber insurance are well educated and have immediate attention and deployment of resources they need to go from one side to the other, which limits the expense and the impact of the attack. Companies without insurance, on the other hand, struggle on who they should call because they don’t have the education and systems in place to go from one side to the other. They contact the wrong people which results in more confusion and expenses.

What You Will Learn:

  • The danger of cyber ransom exploits and extortion in risking data privacy online.
  • Why cybercrimes are only going to increase in the future and become more dangerous
  • How Sean helps his clients visualize their cyber exposure procedure as a long-term financial investment.
  • The difference between companies that carry cyber insurance and those who don’t.
  • The tools that Sean created to deal with information security control assessments and response planning for the private sector.
  • The power of building a stable effective team with the right attitude.

Cybersecurity Across Sectors — Chattinn Cyber with Vince Stewart

In this episode of Chattinn Cyber, Marc Schein interviews retired Lieutenant General Vince Stewart. He is the Chief Innovation and Business Intelligence Officer at Ankura and Founder/CEO of Stewart Global Solutions. In previous roles, he has served as the Director of Intelligence at the USMC, Commanding General of the Marine Forces Cyberspace Command, Director of the Defense Intelligence Agency, and Deputy Commander of the US Cyber Command.

Born in Jamaica, Vince was determined to live the American dream. In 1971, he and his sister joined their mother in the US with nothing but hope and a vision — no titles, no special privileges, only the basics. He learned to play American football and started at Western Illinois University with a scholarship, eventually being recruited into the US Army ROTC program. He was determined to serve and give back to the country that gave him all these opportunities. 38 years later, Vince retired with many medals and distinctions, all of which he modestly credits to the individuals who served beside him.

Vince speaks deeply to his transition from public to private sector and how despite many years of experience, many challenges still emerged. While in the public sector he was executing the budgets, the private sector forced him to maneuver making the budget and consider the margins in order to facilitate it. The heavy reliance on litigation in the private sector was also a learning point for Vince.

Vince strongly advocates for “collective defense” – a collaboration between organizations and government agencies for sharing intelligence and solutions to win the fight against the very real threats in cyberspace.

Around 60% of large companies ($100 million +) never recover from a data breach. Vince explains the misconception that large companies are the only ones at risk – some criminals want $20 million, but some want just $5000! The mere fact that we all have data that we want to protect is a point of great interest to nation-states and criminals. As a company, around 70% of breaches are as a result of insider activity.

Vince talks about the evolution of phishing and how susceptible many people are to those types of schemes. About 5% of people are curious enough to open an email with the subject line “don’t open this email.” What about the other 95%? Smarter criminals are developing socially engineered phishing, in the form of ads tailored to a person’s interests – you see the ad and you click on the link.

To learn more about Vince’s incredible career, from landing in America with nothing but the basics, to climbing the ladder and becoming the Deputy Commander of the United States Cyber Command, listen to this episode of Chattinn Cyber with Marc Schein.

 

Using Data to Quantify Future Cyber Risk- With Eduard Alpin

In this episode of CHATTINN CYBER, Marc Schein interviews Eduard Alpin, the Lead Cyber Actuary for the Specialty Actuarial Products division of Verisk ISO. He leads the development of loss costs and risk segmentation models for ISO’s new and existing cyber insurance programs. He also oversees the Cyber Data Exchange, which aggregates industrywide cyber insurance data and provides summarized results back to participating companies. Born in the Ukraine, he has had an interesting journey, coming to US at an early age,  today he is one of the leading names in Cyber Insurance.

Eduard defines an actuary as someone that quantifies risk. Applying the knowledge of Math and Statistics, He builds the pricing models that help companies determine how much to charge for different policies. He explains how they look at the historical events and trends’ frequency and severity to determine future pricing.

Eduard discusses his thoughts on the next 10 years in cyber risks.  It is a unique process and collecting data is associated with it. It has a broad scope and we need to collect data from hundreds of companies across the world to analyze and figure out the policies. It is sophisticate and complex to manage data and risk but he’s confident that it’ll evolve rapidly in next 10 years.

There were forecasts made In 2019, but no one could have accurately predicted where we would be in 2020. So it is important to update the data frequently. With all the is happening, many people working from home, ransomware is on the rise, cybersecurity risks like security breaches are still happening and data is exposed.​ We need to have better data to quantify risk and minimize the breaches. Next year is looking interesting and we’re excited about the cyber insurance market.

What You Will Learn:

●  What is Actuarial Science & How it works?

●  What is the future of cyber security risks & how we can plan better?

●  How companies quantify the risks & figure our pricing policies?

●  How to deal with cyber security breaches & cyber insurance market?

LinkedIn: https://www.linkedin.com/in/eduard-alpin/

 

How Auto Threats Target Small Car Suppliers to Get to Big Suppliers- with Faye Francy

In this episode of CHATTINN CYBER, Marc Schein interviews Faye Francy, Executive Director of Automotive Information Sharing and Analysis Center (Auto-ISAC). She serves the global automotive industry through the analysis and sharing of trusted, timely cyber threat information about existing or potential cyber-related threats and vulnerabilities for on-road vehicle electronics and associated networks. Faye is actively engaged with private-sector partners and government agencies to facilitate information sharing and strengthen the industry’s capability to detect, prevent, respond, and mitigate disruptions related to the connected vehicle and supporting infrastructure. Their responsibilities include developing and executing a 2020 Vision that outlines strategic and operational priorities for the automotive industry. Auto-ISAC works closely with Chief Information Officers (CIOs), Chief Information Systems Officers (CISOs), Product Development leadership, and other executives across the automotive industry responsible for securing vehicles and connected infrastructure.

Faye started her career as a forensic chemist with the Maryland police where she became very interested in arson and aeronautics, specializing in the aviation industry. Her experience their propelled her into the automotive industry interested in her after she retired in 2016.

The ISAC model was developed in 1998 through a presidential directive for industries managing or operating critical infrastructure. Faye explains that it became a concern for the public sector after it was discovered that over 80% of the private sector operated critical infrastructure. This prompted both sectors to come together and create a sector-specific organization to share information about physical and cyber threats, vulnerabilities, and incidences.  There are 24 ISACs today that serve in that role. Faye explains the purpose of the auto ICAS in sharing tactical threat information, building resilience across the whole industry, and asking everyone including the consumer to take responsibility. One of their first steps was to proactively shape industry-wide best practices into a working level document to help domestically.

Faye explains that when it comes to car supply chain, the threat actors look for small suppliers that don’t have the capabilities of larger supplies and use that to get to the ‘big fish’. “The soft underbellies are important, and so is the supply chain in ensuring all of them have tools, techniques, and understanding of how to address issues.”

She talks about the efficiency and effectiveness of the automobile industry due to technological connectivity, which also brings cyber risks and requires vigilance about cyber hygiene and cybersecurity. She explains that the typical trends in auto cybercrimes have been focusing on the integration of highly automated systems even during COVID. She covers the topic of the top cyber threats during the COVID-19 pandemic.

Protecting Personal Information Online Amid World Digitization with James Mottola

In this episode of CHATTINN CYBER, Marc Schein interviews James Mottola, the Vice President of Data Privacy, Investigations, and Security for Porzio Compliance Services. He served 25 years in the United States Secret Service as former Special Agent in charge of the Newark Field Office of the United States Secret Service. Jim discusses how he leverages his experience to advise clients on matters of information security, data privacy, physical security, schools’ safety, internal corporate investigations, incident response management, and other compliance-related matters.

Over his 25-year career, Jim worked on many cases pertaining to financial fraud. In that time, fraud schemes have grown more sophisticated and entered into online spaces. Most businesses are underprepared and under matched to defend against these new tactics, making them easy targets. Jim explains how the greater presence of digital information has made it easier for criminals to commit identity theft.

The digital world continues to grow exponentially, particularly in light of the COIVD-19 pandemic. Jim unpacks how e-commerce giants are influencing user behavior. How we can control the digital world and live normally when it is evident that cybercrime disruptions will increase?

Jim advises people to take control of their information since technology is evolving:

“I think as a society we got to take a hold of our information and we have to, unfortunately, put more obligation on businesses on how they have our information, what they do with our information.”

Jim continues on why there’s a need for public and private co-operation to protect individual rights. “Together we need to figure out what are the threats we need to work on, focus on those, and then collaborate as best as possible.”

What You Will Learn:

  • How the digitization of information is aiding in the facilitation of identity theft cybercrimes.
  • The future of eCommerce in influencing consumer behavior and how it will create cyber disruptions.
  • How to install resilient measures to combat cybercrime
  • Why public and private sectors need to partner to protect individual’s rights.

 

Cybersecurity: How COVID-19 has Increased the Risk of Cyberattacks with guest, Joe Mann

In this episode of CHATTINN CYBER, Marc Schein interviews Joe Mann, Founder, and CEO of Arete. He is a recognized industry leader in information risk, with over 20+ years of experience serving corporations, government agencies, and nonprofit organizations. Joe has developed information-sharing initiatives across the Financial and Legal sectors to synchronously align the interests of organizations and C-Suite decision-makers to create “win/win” scenarios for complex risk issues.

Joe started Arete 5 years ago to create solutions that bring more impact in investigation matters, an area which was not being provided by big consulting companies. Cybercrime has become an active issue in the last 4-5 years targeting SMEs, the economic impact is alarming, which is why security companies are growing as fast as they can.

Joe explains the difference between organizations that have insurance against cybercrime and those who do not.  He also explains how they track cryptocurrency dealers to understand their behavior and know how to negotiate.

“There is one group that refines its people, processes, and technology every day and other groups that are in business just not in the cybersecurity business.”

Arete doesn’t want to negotiate with criminals and works closely with the FBI and the likes although joe admits the ransom problem is a huge issue and how they follow the set guidelines. Joe explains, “The important thing here is that enforcement, government, and industry work together to develop set of standards that really end in the best fit for these companies that’re being victimized not exacerbating the issue.”

On politics 2020, Joe terms the voting issue as just a way to pull people apart and make them less decisive and compares it to cyberattacks on US companies.

Relevant Links:

Website: https://areteir.com/

LinkedIn: https://www.linkedin.com/in/joe-mann-5654969b