Discover more from The Cyber Why
The Cyber Why: What We Read This Week...
... and why you should too! (09/27/23)
This week’s articles are deeper and more intricate than previous weeks. I had some available time on my hands and chose to immerse myself in some pretty rich content, and now I’m bringing it all to you! This week’s TCW examines the brand new Sony Hack, the acquisition of Splunk by Cisco, a horrible Robocop attempt by the NYPD, modern AI leaders, and a crazy good article on cybersecurity contextual data. Finally, look at our Quick Hits section at the bottom of the newsletter for some quickly consumed lighter fare. Have a great week, and enjoy The Cyber Why!
Featured Sponsor - Next DLP
The Reveal Platform by Next DLP instantly identifies risk, including malicious insider behavior, so you can quickly implement policies to secure sensitive data. You'll balance blocking with point-of-risk user training, all while your business keeps humming. Born and built in the cloud, it's data loss prevention at the heart of a modern security ecosystem. nextdlp.com
Did you see me leave a FOO placeholder here? Let me know in the comments!
Sony Hacked AGAIN - Rinse and Repeat!
‘All Of Sony Systems’ Allegedly Hacked By New Ransomware Group [UPDATE] (Kotaku)
RANSOMED.VC GROUP CLAIMS HACK ON ‘ALL OF SONY SYSTEMS’ (Cybersecurity Connect)
Ransomware attacks seem to be taking place weekly these days. MGM, Caesars, and most recently, Sony have crumpled under pressure from financially motivated hackers. In the latest report, a new attack group operating for less than a month and going by “Ransomed.vc” claims to have completely compromised all of Sony’s systems. The data compromised from the attack is believed to include test bench details, java code files, and over 6,000 other files leaking significant amounts of sensitive data.
“We have successfully [compromised] all of [Sony’s] systems,” Ransomed.vc proclaimed. “We won’t ransom them! We will sell the data. Due to Sony not wanting to pay. DATA IS FOR SALE. WE ARE SELLING IT.”
Who knows the actual depth of this attack? I doubt it’ll be as impactful as the recent attacks that took down daily operations at some of the world's biggest casinos and hotels for nearly a week. Sony hasn’t had an excellent track record in the cyber security department having been a target of a massive breach in 2011 that compromised over 77 million account records and took Sony PlayStation’s online services offline.
Splunk + Cisco = A Cyber Data Aggregation Play
Splunk makes Cisco a cloud security player (Frankly Speaking)
Cisco Disrupts Observability & Cybersecurity Markets with Splunk Acquisition (Forbes)
Cisco’s Splunk Deal Highlights Growing Interest In The Intersection Of Cybersecurity And AI (Crunchbase)
In major cyber acquisition news, Cisco agreed to acquire Splunk last week for $28B in cash. This might be the single largest cybersecurity acquisition in history (not sure - but I THINK it is). Frank Wang, the author of Frankly Speaking, has an excellent write-up on why he thinks the move by Cisco makes a lot of sense and why it fits into a successful strategy to become relevant in the cloud security wars. Frank's justification is totally on point, and I agree with him completely - however - I think there’s just a little more to the puzzle. The long-term play in this market is to build a platform that collects all data about your environment, including event data (like Splunk contains), contextual configuration state data (like a CSPM would have), IAM and A&A data, developer data, operational code data, and more. We live in a world where modern technology stacks are 100% accessible via API, giving security tools vendors unprecedented access to “context” around security problems. The ability to query this context quickly and efficiently is where the winners in the cloud security war will be born. Splunk is the first step towards a broad, continuously updating contextual data set overlaid with modern AI-style query engines. The vision is clear; the open question is who will get there first - Wiz, Cisco, Palo Alto, Crowdstrike, SentinelOne, or someone else we haven’t thought of yet.
The Real Builders of Modern AI
The technology wars of the ‘20s are heating up. Amazon has decided to trump an already sizable investment from Google to ensure that Anthropic, one of the top AI contenders, exclusively builds on Amazon technology. This is an aggressive land grab by Amazon to ensure they get a significant piece of what many believe to be the next massive wave of technological advancement. Pouring $4B dollars into Anthropic, the makes of the Claude AI system, locks the young AI provider into using Amazon as the “primary cloud provider for all mission-critical workloads.” This may seem like OpenAI, Bard, Claude, and others are battling it out for supremacy in the AI stage; however, what’s really happening here is Microsoft, Google, and now Amazon stand to win the most over time if their horse catches fire. Don’t look at the horses running the race - pay attention to the person in the box seat who’s putting up all the money. They will be the biggest winners in the long term.
Robocop Dud - WHY BOTHER?!
In case you didn’t guess, this is the “LOL” article of the week. NYC Mayor Eric Adams held a press conference to announce a new pilot program for a robot that will patrol the NYC subway. However, the robot doesn’t actually do ANY policing and requires a police escort. This is a total and complete waste of time and money from the NYPD. We aren’t ready for Robocops for a reason! They would be better off using the time and effort to train the police force to do a better job.
A mobile camera to film issues in real-time. Essentially a mobile security camera.
Provide communications back to the police HQ. Essentially a mobile phone.
It weighs 400+ pounds, so it can’t be knocked over. (/shrug)
Operate alone. Requires a full-time police officer escort.
Max movement speed 3 mph. Speedy, it is NOT!
Can’t go onto the subway platforms.
Requires a police escort while operating.
Does not record audio.
Does not do facial recognition.
No artificial intelligence.
DEEP Dive Into Context Driven Cybersecurity
If you live under a rock and don’t actually read my writings, here is a blunt update. I believe that cybersecurity will be defined in the very near future by who can collect, correlate, deduplicate, and normalize the most significant amount of cybersecurity contextual data. If you are interested in some killer in-depth (and dense) analysis on the topic, read this article by Ross Haleliuk from Venture In Security. He’s a SUPER bright journalist and does a great job getting into deep technical subjects with fantastic research and interviews with top minds. My only issue with this particular piece is that I don’t think you have to do it all yourself. Maybe in the near term, you do, but over time, this all grows into a single stack from a single vendor that will give you the “one ring to rule them” approach to contextual data-driven cybersecurity. This image sums up my addition to his research (maybe add Palo Alto, Wiz, and Cisco to the mix as well.)
PS: Ross. Please give us lighter, easier-to-read versions of your work. Your research is amazing but there’s so much there that it’s tough to consume without blocking off half of a day!
Quick Hits and Hidden Gems
Researchers offer free threat briefings on Vegas casino hackers (ComputerWeekly) - Permiso.io offers free threat briefings on the group that took down MGM and Caesars.
Palo Alto Networks in advanced negotiations to acquire Dig Security in $300-$400 million deal (CTech) - Palo Alto must really “dig” what Dig Security is laying down! Dig and Talon acquisitions could total over $1B.
AI Agents- Next frontier to access the web (Vivek Goyal) - Slightly older but still an interesting read on AI agents as the next frontier.
Fraudsters Steal Over $1m in Three Weeks in ‘Pig Butchering’ Scam (Infosecurity) - More pig butchering stories to scare your parents to death!
The Pilgrims Raised 4 Rounds of Financing (Tomasz Tunguz) - A few little gems on business history. A short read with hidden gems of value!
A clash of incentives within VC (Erik de Stefanis) - A quick primer on VC, LP, GP, and Jr VC incentives. Good quick hit!
Tech layoffs are all but a thing of the past (TechCrunch) - According to research by TC we are finally seeing the flattening of the layoff spree of 2023.
If you’ve made it this far, you either found our musings at least semi-entertaining, OR you enjoyed the pain and kept going regardless. No matter how you made it to this point, you should know that we appreciate you. Please do us a solid and share The Cyber Why with your friends. We would love to reach a bigger audience, and referrals are how we do it. Help us out, and we’ll see you next week!