WEBVTT 1 00:00:00.300 --> 00:00:03.120 Anna Delaney: Hi, welcome to the ISMG Editors' Panel. I'm Anna 2 00:00:03.120 --> 00:00:06.450 Delaney and here we share this week's top cybersecurity news 3 00:00:06.480 --> 00:00:10.020 and analysis, very pleased this week to be joined by colleagues 4 00:00:10.050 --> 00:00:14.280 Suparna Goswami, associate editor at ISMG Asia; Rashmi 5 00:00:14.280 --> 00:00:18.240 Ramesh, senior sub editor for ISMG's global news desk; and 6 00:00:18.240 --> 00:00:21.120 Mathew Schwartz, executive editor of DataBreachToday and 7 00:00:21.120 --> 00:00:24.510 Europe. Matt, you are out numbered today. Good luck. 8 00:00:25.230 --> 00:00:27.060 Mathew Schwartz: Thank you. Yeah, I'll need all the help I 9 00:00:27.060 --> 00:00:27.480 can get. 10 00:00:29.280 --> 00:00:30.960 Anna Delaney: Matt, start us off. Where are you? 11 00:00:31.800 --> 00:00:35.100 Mathew Schwartz: So I live in Dundee, home of jute, journalism 12 00:00:35.100 --> 00:00:39.570 and jam, as exemplified by this lovely mural that's just been 13 00:00:39.570 --> 00:00:46.860 created by Diamages which is the norm to street art of woman who 14 00:00:46.860 --> 00:00:52.500 lives here in Dundee, and who does just this lovely art. So I 15 00:00:52.500 --> 00:00:55.020 think it's just a fitting mural that was commissioned by the 16 00:00:55.260 --> 00:00:58.920 city council to have on the walls of our city. 17 00:00:59.790 --> 00:01:02.550 Anna Delaney: Love that! Commissioned by the council to 18 00:01:02.940 --> 00:01:06.240 paint urban art. How times have changed! 19 00:01:07.020 --> 00:01:08.130 Mathew Schwartz: Absolutely. 20 00:01:09.390 --> 00:01:12.330 Anna Delaney: Suparna, another beautiful backdrop today. Talk 21 00:01:12.330 --> 00:01:13.740 to us. Tell us about it. 22 00:01:14.440 --> 00:01:18.400 Suparna Goswami: Yes, it's a combination of the Taj as well 23 00:01:18.400 --> 00:01:22.870 as the Gateway of India in Mumbai. So these are the 24 00:01:22.930 --> 00:01:27.730 landmarks buildings in Mumbai. So why Mumbai because we have a 25 00:01:27.730 --> 00:01:31.240 Mumbai Summit next week. And with so much work going on for 26 00:01:31.240 --> 00:01:34.240 the summit, mentally we are already there in the city. So 27 00:01:34.240 --> 00:01:35.230 that's why the background. 28 00:01:35.500 --> 00:01:38.410 Anna Delaney: Wonderful; A bit of a contrast from the city art. 29 00:01:39.640 --> 00:01:44.500 And arty panelists this week. Rashmi, more art and light. 30 00:01:45.670 --> 00:01:48.700 Rashmi Ramesh: Yeah, this is Bangalore during Diwali. So this 31 00:01:48.700 --> 00:01:51.280 is the commercial street where you can basically shop 32 00:01:51.280 --> 00:01:55.600 everything from high-end luxury fashion to handmade footwear, 33 00:01:55.630 --> 00:01:59.980 and utensils. So every year during the Diwali, Christmas, 34 00:01:59.980 --> 00:02:04.480 New Year period, this place is decorated with light and flower 35 00:02:04.480 --> 00:02:06.190 garlands. So it's really pretty. 36 00:02:06.750 --> 00:02:08.940 Anna Delaney: Yeah, it reminds me of our Carnaby Street in 37 00:02:08.940 --> 00:02:14.490 London but a lot more ambitious with the Hoover decorations. So 38 00:02:14.490 --> 00:02:18.330 I'm presenting some real art here. I'm in Phoenix, Arizona, 39 00:02:18.420 --> 00:02:21.810 among the mountains and the cacti. And I was there ISMG 40 00:02:21.810 --> 00:02:27.720 Southwest U.S. Summit a couple of weeks back. So yes, I joined 41 00:02:27.750 --> 00:02:31.260 some of my teammates and had a bit of downtime when we weren't 42 00:02:31.260 --> 00:02:35.490 working and explored some of the beautiful surroundings that 43 00:02:35.490 --> 00:02:38.580 started off this week. Why are so many ransomware wielding 44 00:02:38.580 --> 00:02:41.160 attackers collectively shooting themselves in the foot? 45 00:02:41.840 --> 00:02:43.640 Mathew Schwartz: Well, that's a great question, because we've 46 00:02:43.640 --> 00:02:47.150 been seeing some changes, as we always do in the ransomware 47 00:02:47.150 --> 00:02:52.070 ecosystem. And what some of the firms that help victims respond 48 00:02:52.070 --> 00:02:56.450 to these attacks have been saying is that fewer victims 49 00:02:56.480 --> 00:03:02.180 recently have been choosing to pay. Now, that's great news for 50 00:03:02.450 --> 00:03:05.060 any of us who aren't ransomware wielding attackers, because 51 00:03:05.060 --> 00:03:07.460 anything that makes it less interesting, less lucrative, I 52 00:03:07.460 --> 00:03:12.290 should say, is the main factor here. Hopefully, will lead fewer 53 00:03:12.290 --> 00:03:17.180 criminals to want to wield ransomware. Obviously, I'm being 54 00:03:17.180 --> 00:03:21.260 optimistic because criminals keep coming back to ransomware. 55 00:03:21.290 --> 00:03:23.930 If they can get the formula, right, if they can get 56 00:03:23.960 --> 00:03:27.650 innovative, and figure out ways of getting victims to pay, it 57 00:03:27.650 --> 00:03:30.440 can be extremely lucrative to use ransomware. And 58 00:03:30.440 --> 00:03:33.830 unfortunately, they keep finding innovative new ways to do this. 59 00:03:33.980 --> 00:03:36.620 But where we are right now, is that a bit of an impasse, 60 00:03:36.650 --> 00:03:41.660 apparently. The ransom proceeds that a lot of groups have been 61 00:03:41.660 --> 00:03:45.140 seeing have been going down, or the proclivity to pay, I should 62 00:03:45.140 --> 00:03:48.860 say, has been going down the average ransom payments, maybe 63 00:03:48.860 --> 00:03:52.190 even going up a little bit, but fewer victims are paying. And 64 00:03:52.190 --> 00:03:55.760 one of the reasons that I'm hearing for this being the case 65 00:03:55.880 --> 00:04:00.650 is because a lot of groups are wielding really amateur tactics. 66 00:04:01.340 --> 00:04:07.130 So in the past, if you got hit by a ransomware wielding group 67 00:04:07.580 --> 00:04:10.820 and you paid them a ransom, you wanted to know that you were 68 00:04:10.820 --> 00:04:14.540 going to get something for that ransom payment, typically a 69 00:04:14.540 --> 00:04:18.260 working decrypter. That is, again, typically the reason the 70 00:04:18.260 --> 00:04:20.720 victim pays, they look at what it will take to get their 71 00:04:20.720 --> 00:04:23.600 systems back up and running. And they make a business decision 72 00:04:23.750 --> 00:04:28.220 that because of the lack of backups, perhaps or because of 73 00:04:28.220 --> 00:04:31.010 the length of time that it might take to restore backups. If they 74 00:04:31.010 --> 00:04:34.790 do have them, they're going to opt to pay. So there's another 75 00:04:34.820 --> 00:04:38.300 number of firms that work with victims and advise them they can 76 00:04:38.300 --> 00:04:44.240 say, Look, if you are trying to get back up and running, we 77 00:04:44.240 --> 00:04:47.360 think this is the group that has attacked you. And we can tell 78 00:04:47.360 --> 00:04:52.220 you that in 99% of cases, if you pay a ransom, you will very 79 00:04:52.220 --> 00:04:55.820 quickly get a working decrypter and based on what you need to 80 00:04:55.820 --> 00:04:59.150 get back up, based on the data that was crypto locked, we 81 00:04:59.150 --> 00:05:02.150 estimated it'll take you this many days, this many people to 82 00:05:02.150 --> 00:05:07.910 get restored. So there's some reliability. Apparently, however 83 00:05:07.910 --> 00:05:11.600 that reliability has been going out the window. More attacks are 84 00:05:11.600 --> 00:05:16.190 involved in crypto locking malware that shred data, meaning 85 00:05:16.580 --> 00:05:21.350 you can't get it back. More attacks are also happening in 86 00:05:21.350 --> 00:05:26.030 which victims aren't getting decryptors that work very well. 87 00:05:26.570 --> 00:05:30.590 So why is this the case? Why would groups having hit on this 88 00:05:30.590 --> 00:05:34.160 strategy of "okay you give us 10 Bitcoins, we'll give you a 89 00:05:34.160 --> 00:05:37.970 working decrypter," there's some guarantees there, right? What's 90 00:05:37.970 --> 00:05:40.910 gone wrong? And apparently one of the reasons why this is 91 00:05:40.910 --> 00:05:44.360 changed is because ransomware-as-a-service 92 00:05:44.390 --> 00:05:49.790 operations are no longer doing the heavy lifting. Previously, 93 00:05:49.790 --> 00:05:54.710 we had groups like GandCrab, or REvil, LockBit, which is still 94 00:05:54.710 --> 00:06:00.260 around; Conti, which is not around. And a lot of attackers 95 00:06:00.260 --> 00:06:02.270 would work with the groups because the groups would give 96 00:06:02.270 --> 00:06:05.900 them cryptolocking malware. And they worked as affiliates so 97 00:06:05.900 --> 00:06:10.100 they can access this malware as a service. In exchange, the 98 00:06:10.130 --> 00:06:13.010 operator who provided the malware would typically keep 20% 99 00:06:13.040 --> 00:06:16.910 or 30% of every ransom payment. But authorities have been 100 00:06:16.940 --> 00:06:19.160 spending a lot of time and effort to disrupt these 101 00:06:19.310 --> 00:06:22.190 ransomware-as-a-service operations. This has driven a 102 00:06:22.190 --> 00:06:26.300 lot of attackers to look elsewhere. And some of them are 103 00:06:26.300 --> 00:06:30.560 buying malware off the shelf. And some of them are also using 104 00:06:30.650 --> 00:06:34.400 leaks. So a lot of ransomware has been leaking. Insiders who 105 00:06:34.400 --> 00:06:37.010 are unhappy with the rents or as a service operation has leaked 106 00:06:37.010 --> 00:06:41.090 code for numerous operations. And so a lot of these hackers 107 00:06:41.090 --> 00:06:46.160 are going "well, why give 20% or 30% to operators when I can just 108 00:06:46.160 --> 00:06:50.780 use their leak code myself?" Well, one of the results of that 109 00:06:50.810 --> 00:06:54.980 is a lot of these attackers don't have the technical skills 110 00:06:55.130 --> 00:06:58.190 that the big operations have. So the big operation is spent a lot 111 00:06:58.190 --> 00:07:00.350 of time and money to make sure that their crypto locking 112 00:07:00.350 --> 00:07:04.400 malware works quickly and effectively. And if you pay 113 00:07:04.490 --> 00:07:06.980 because you got crypto locked, you will get back a working 114 00:07:06.980 --> 00:07:09.830 decrypter because that's good for their reputation. But 115 00:07:09.830 --> 00:07:13.040 apparently what's been happening is again, amateur hour. A lot of 116 00:07:13.040 --> 00:07:15.350 these attackers are kind of going their own way, using 117 00:07:15.350 --> 00:07:19.070 freely available code and surprise, surprise, it's not 118 00:07:19.070 --> 00:07:22.100 working or they can't bring the technical support skills they 119 00:07:22.100 --> 00:07:28.340 need to bear to give the victims a reliable outcome. As a result, 120 00:07:28.370 --> 00:07:32.030 victims are paying less. As a result of that attackers are 121 00:07:32.030 --> 00:07:34.460 getting a bit desperate, we're seeing more attacks on health 122 00:07:34.460 --> 00:07:37.520 care, even by big groups that previously avoided health care. 123 00:07:38.030 --> 00:07:41.330 We're also seeing more real extortion attacks, where the 124 00:07:41.330 --> 00:07:44.900 same group attacks the victim more than once the victim pays a 125 00:07:44.900 --> 00:07:47.840 ransom. And then the attacker comes back and demands another 126 00:07:47.840 --> 00:07:52.190 ransom. Not just from small groups, small upstarts, but also 127 00:07:52.190 --> 00:07:56.210 from big groups. And experts say this is because fewer victims 128 00:07:56.210 --> 00:08:00.350 have been paying a ransom, leading to more desperation on 129 00:08:00.380 --> 00:08:04.280 the part of ransomware wielding attackers. So that's where 130 00:08:04.280 --> 00:08:07.160 things are today. I'm sure they're going to sort it out. 131 00:08:07.340 --> 00:08:11.300 It's just a question of how soon and how many victims get hit in 132 00:08:11.300 --> 00:08:14.840 the interim, and have all this pain of perhaps needing or 133 00:08:14.840 --> 00:08:18.620 wanting to pay for a decrypter. But knowing that they can't rely 134 00:08:18.620 --> 00:08:22.100 on it, even if they do get something that works a bit. 135 00:08:22.220 --> 00:08:28.010 Anna Delaney: How great an influence has Russia's war in 136 00:08:28.010 --> 00:08:30.920 Ukraine had on the change in these groups' tactics? 137 00:08:32.310 --> 00:08:34.020 Mathew Schwartz: Great question. I mean, we're still seeing 138 00:08:34.020 --> 00:08:39.090 predominantly Russian-language groups wielding ransomware. One 139 00:08:39.090 --> 00:08:44.490 of the big changes or occurrences I guess, this year 140 00:08:44.550 --> 00:08:49.320 has been Conti, at least in the brand's name going away. Conti 141 00:08:49.320 --> 00:08:52.110 publicly backed Russia's invasion of Ukraine, and 142 00:08:52.110 --> 00:08:56.790 threatened reprisals on anybody who worked to undermine the 143 00:08:56.790 --> 00:09:02.280 invasion. So by doing that they allied themselves with the 144 00:09:02.280 --> 00:09:07.260 Russian government. And experts say that very few victims of 145 00:09:07.260 --> 00:09:09.960 Conti were willing to pay a ransom anymore. So apparently, 146 00:09:09.960 --> 00:09:14.100 the proceeds just plummeted. So Conti spawn up some new brands, 147 00:09:14.760 --> 00:09:18.570 then announced that it was going to be retiring. So that has been 148 00:09:18.720 --> 00:09:21.750 a disruption, although unfortunately, in most cases, 149 00:09:21.750 --> 00:09:26.430 this is just a blip. Like I said, it's so lucrative that we 150 00:09:26.430 --> 00:09:29.460 tend to see well-organized attacks come back no matter 151 00:09:29.460 --> 00:09:31.590 what. They might have a different name. A lot of times 152 00:09:31.590 --> 00:09:34.860 they're the same people, though, with the same skills just in a 153 00:09:34.860 --> 00:09:37.980 new shiny new format or brand name. 154 00:09:37.000 --> 00:09:42.010 Anna Delaney: And just quickly, is this rip for ransomware as a 155 00:09:42.000 --> 00:09:44.592 Mathew Schwartz: It's a good question. Yeah. I mean, are they 156 00:09:42.010 --> 00:09:42.310 service groups? 157 00:09:44.651 --> 00:09:48.127 dead finally? I doubt it. We still see some big groups that 158 00:09:48.186 --> 00:09:51.722 are tied to many attacks. So for example, LockBit is still a 159 00:09:51.780 --> 00:09:55.492 major player. And I think that we will see a resurgence in this 160 00:09:55.551 --> 00:09:59.322 business model. They'll have to reinvent themselves in some way, 161 00:09:59.381 --> 00:10:02.740 but they've proven expert at doing so. And if they're not 162 00:10:02.799 --> 00:10:06.098 getting proceeds, if individual attackers aren't getting 163 00:10:06.157 --> 00:10:09.398 proceeds by trying to do it on their own using a freely 164 00:10:09.457 --> 00:10:13.110 available code, there's going to be a real financial incentive 165 00:10:13.169 --> 00:10:16.468 for them to realign themselves with big players, even if 166 00:10:16.527 --> 00:10:20.004 there's more risk, because I think the revenue is the first 167 00:10:20.063 --> 00:10:23.303 consideration, and they're willing to take some risk if 168 00:10:23.362 --> 00:10:27.133 they can get that. They can get tens of millions of dollars, for 169 00:10:27.192 --> 00:10:30.492 example, in a year. They're going to go that route, even 170 00:10:30.551 --> 00:10:33.791 though they have more law enforcement exposure. So it's 171 00:10:33.850 --> 00:10:37.680 probably a temporary thing. I do think we'll probably see the big 172 00:10:37.739 --> 00:10:41.039 ransomware-as-a service operations comes to ring back at 173 00:10:41.098 --> 00:10:42.630 some point, unfortunately. 174 00:10:43.140 --> 00:10:46.830 Anna Delaney: Okay, more on that soon then. Thank you very much, 175 00:10:46.830 --> 00:10:50.460 Matt. So Suparna, let's talk about scams. You conducted a 176 00:10:50.460 --> 00:10:54.750 great recent interview with Ian Mitchell of Omega FinCrime on 177 00:10:54.750 --> 00:10:59.100 the rise of online scams and why and how defenses must change. 178 00:10:59.760 --> 00:11:01.860 Could you share some highlights from what you discussed? 179 00:11:03.130 --> 00:11:05.710 Suparna Goswami: Sure, Anna. Thank you. And before I proceed, 180 00:11:06.190 --> 00:11:09.550 let's first differentiate between scams and fraud. So 181 00:11:09.550 --> 00:11:13.960 scams fall into the category of fraud called authorized fraud in 182 00:11:13.960 --> 00:11:17.890 which victims are duped into performing the foreign 183 00:11:17.890 --> 00:11:21.070 transaction. So here they themselves are carrying out the 184 00:11:21.070 --> 00:11:23.470 transaction unlike in fraud where typically it is a 185 00:11:23.470 --> 00:11:27.280 fraudster who is carrying on the transaction. So this is a very 186 00:11:27.280 --> 00:11:30.310 important rule. So since it changes the way our fraud 187 00:11:30.310 --> 00:11:35.170 defenses need to act. Now currently this is definitely one 188 00:11:35.170 --> 00:11:38.140 of the biggest challenges financial institutions globally 189 00:11:38.140 --> 00:11:41.950 are dealing with, as fraudsters have evolved past our 190 00:11:41.950 --> 00:11:46.000 traditional defenses. Now the industry has seen a massive rise 191 00:11:46.030 --> 00:11:50.110 in variety of scams, right? From romance scams to pic butchering 192 00:11:50.140 --> 00:11:54.310 to rental scams, job scams, and this is what is making it 193 00:11:54.310 --> 00:11:57.700 difficult for fraud fighters since there is no one scenario 194 00:11:57.700 --> 00:12:00.280 that fraudsters are following where defenders can put their 195 00:12:00.280 --> 00:12:04.540 finger. There's variety of scams out there. So as I said scams in 196 00:12:04.540 --> 00:12:08.050 itself is a bucket of fraud since method of duping a victim 197 00:12:08.080 --> 00:12:11.170 is unending, there's so many variety of ways you can dupe a 198 00:12:11.170 --> 00:12:16.840 victim. However, the way the fraudsters carry out the scams 199 00:12:16.840 --> 00:12:19.420 remained typically the same. They will pretend to be either 200 00:12:19.420 --> 00:12:23.440 from the fraud department of a bank or from an employment firm 201 00:12:23.440 --> 00:12:26.440 or from the government. Now the question that arises is what are 202 00:12:26.440 --> 00:12:29.530 banks doing to stop scams or rather, why are scams increasing 203 00:12:29.530 --> 00:12:33.160 despite they investing so many tools out there? Nowadays 204 00:12:33.160 --> 00:12:35.740 typically, if you speak to any bankers, any security 205 00:12:35.740 --> 00:12:38.410 practitioner or fraud practitioner, there is a lot of 206 00:12:38.410 --> 00:12:42.700 investment by banks and rightly so, in tools to verify your 207 00:12:42.700 --> 00:12:47.170 identity of a person or to authenticate a person. Typically 208 00:12:47.170 --> 00:12:49.960 in an account takeover fraud or any fraud, for that matter, the 209 00:12:49.960 --> 00:12:53.830 fraudster say dupes a victim into giving their credentials, 210 00:12:54.040 --> 00:12:57.790 but the transaction is actually carried out by the fraudster. 211 00:12:58.660 --> 00:13:01.030 And it's the fraudster who is engaging with financial 212 00:13:01.030 --> 00:13:04.390 institutions. So here your identity and authentication 213 00:13:04.390 --> 00:13:07.330 tools will work fantastically. However, like I mentioned, in a 214 00:13:07.330 --> 00:13:10.420 scam, it is actually the person who is carrying out the 215 00:13:10.420 --> 00:13:14.320 transaction. So if I'm being duped, I'm being scammed, I'm 216 00:13:14.320 --> 00:13:17.500 the one who's actually carrying out the transaction. So aside 217 00:13:17.500 --> 00:13:20.350 from a few vendors who are still relatively new to the space, we 218 00:13:20.350 --> 00:13:23.830 don't have many solutions out there. Because here, your 219 00:13:23.830 --> 00:13:27.250 identity or authentication tools will not work, because I'm the 220 00:13:27.250 --> 00:13:30.220 one who is carrying out the transactions. So essentially, we 221 00:13:30.220 --> 00:13:33.520 need solution providers to think how they can retrofit their 222 00:13:33.520 --> 00:13:37.930 solutions for first-party scans of fraud. In the meantime, there 223 00:13:37.930 --> 00:13:41.560 are definitely some steps that banks can take, like I was 224 00:13:41.560 --> 00:13:45.100 speaking with Ken Palla, and he said that there could be smart 225 00:13:45.100 --> 00:13:48.040 education close to the transactions of when banks can 226 00:13:48.280 --> 00:13:53.710 introduce interactive education message for the first pay. So if 227 00:13:53.710 --> 00:13:59.770 I have added a new pay, and I'm paying a large amount to a new 228 00:13:59.770 --> 00:14:03.370 pay, there can be a you know, call from the bank, which says, 229 00:14:03.400 --> 00:14:05.590 "Is there a person who is directing you to make this 230 00:14:05.590 --> 00:14:09.400 payment? Are you sure this is not a fraudster?" Or they can be 231 00:14:09.400 --> 00:14:14.650 transaction notches? The purpose is to make a customer stop and 232 00:14:14.650 --> 00:14:18.730 think, you know, if I'm actually making the payment, it's 233 00:14:18.730 --> 00:14:21.070 actually to go to the right person. Messages like you could 234 00:14:21.070 --> 00:14:23.650 be at risk of being scammed, what is this payment for, these 235 00:14:23.650 --> 00:14:27.760 kinds of things help. And what I found most interesting is 236 00:14:28.210 --> 00:14:32.440 there's this whole thing of instant payment, right? Banks 237 00:14:32.440 --> 00:14:35.440 can actually delay the execution of payment for at least for the 238 00:14:35.440 --> 00:14:39.190 new payees. So if I am the first time payee and I'm paying a huge 239 00:14:39.190 --> 00:14:43.210 amount, banks can actually delay it by a few hours if there's a 240 00:14:43.210 --> 00:14:48.940 high value amount that has been made. And I'm sure that 241 00:14:48.970 --> 00:14:51.850 customers will not mind if you delay the payment by a few 242 00:14:51.850 --> 00:14:54.910 hours, so that they can just crosscheck with the customer, 243 00:14:54.910 --> 00:14:57.280 they can just ensure that it is not being sent. So these are 244 00:14:57.280 --> 00:15:01.030 some of the steps that banks can take from there till there is a 245 00:15:01.030 --> 00:15:04.420 tool out there, which will actually help in stopping the 246 00:15:04.420 --> 00:15:05.080 scams. 247 00:15:07.000 --> 00:15:08.650 Anna Delaney: So it's not just the tech that needs to be 248 00:15:08.650 --> 00:15:11.860 changed, the operational procedures and the way that 249 00:15:11.860 --> 00:15:13.450 banks interact with customers. 250 00:15:14.110 --> 00:15:15.280 Suparna Goswami: Yes, absolutely. Because your 251 00:15:15.280 --> 00:15:18.400 traditional way of educating that, you know, normal messages 252 00:15:18.400 --> 00:15:20.860 that you get every day that will not help. The messages need to 253 00:15:20.860 --> 00:15:24.940 be closer to the transaction time. That's what is needed. And 254 00:15:24.970 --> 00:15:28.420 U.K. is doing fantastic with all the steps that I spoke about. So 255 00:15:32.350 --> 00:16:46.660 this is something that the banks in U.S. can also follow. 256 00:15:43.800 --> 00:15:46.542 Suparna Goswami: Oh, yes. So economic downturn impacts we 257 00:15:46.611 --> 00:15:50.862 have seen during the COVID time, how there was huge employment 258 00:15:50.930 --> 00:15:54.770 scam that was happening, people were impersonating, from 259 00:15:54.838 --> 00:15:58.815 somebody from the government are some different employment 260 00:15:58.883 --> 00:16:03.340 agencies. So that is typically a fraud triangle that you describe 261 00:16:03.409 --> 00:16:07.728 in any fraud scenario, you know. The moment you see an economic 262 00:16:07.797 --> 00:16:12.185 downturn, because there would be job losses, because there would 263 00:16:12.253 --> 00:16:16.436 be an uncertain at the fraud. And also, an important point is 264 00:16:16.504 --> 00:16:20.618 banks or financial institutions, or any institution for that 265 00:16:20.687 --> 00:16:24.321 matter will cut down on their security or fraud tools 266 00:16:24.389 --> 00:16:28.846 investment. So this is typically a classic time when scamsters or 267 00:16:28.914 --> 00:16:33.302 fraudsters can actually up their ante. And especially for scams, 268 00:16:33.371 --> 00:16:37.622 there's definitely no tools out there. So if I'm someone who's 269 00:16:37.690 --> 00:16:41.461 looking for a job, and I get a call from somebody who's 270 00:16:41.530 --> 00:16:45.507 impersonating as some from employment firm, I'm definitely 271 00:16:45.575 --> 00:16:49.552 going to be, you know, whatever is being asked for, I will 272 00:16:46.900 --> 00:16:51.310 Anna Delaney: And did your interviewee share a prediction 273 00:16:49.621 --> 00:16:53.323 definitely go in for that. Because emotionally, I am a 274 00:16:51.760 --> 00:16:57.730 as to how the economic downturn would sort of impact scams and 275 00:16:53.392 --> 00:16:57.231 little vulnerable at that point in time. So this is what 276 00:16:57.300 --> 00:16:58.740 fraudsters play with. 277 00:16:57.760 --> 00:16:57.970 fraud? 278 00:16:58.000 --> 00:17:02.200 Anna Delaney: For sure. There'll be more of it. Thank you. 279 00:17:02.200 --> 00:17:04.690 Suparna. Well, this leads smoothly on to our next 280 00:17:04.720 --> 00:17:09.280 conversation, our next segment. Rashmi, this week, ISMG hosted 281 00:17:09.280 --> 00:17:12.850 its Crypto and Payments Summit. What was some of the key themes 282 00:17:12.850 --> 00:17:14.560 or trends that you identified? 283 00:17:14.550 --> 00:17:17.731 Rashmi Ramesh: Yeah. And just to sort of add to what Suparna was 284 00:17:17.796 --> 00:17:21.498 saying, it's terrible, right? How these scams happen in a 285 00:17:21.563 --> 00:17:25.654 traditional finance space. Take that and put it in crypto where 286 00:17:25.719 --> 00:17:29.161 there are things like decentralized finance. So there 287 00:17:29.225 --> 00:17:33.317 is no central authority that you can go and say like, you know, 288 00:17:33.381 --> 00:17:37.213 "hey, this scam happened, can you reverse my transactions?" 289 00:17:37.278 --> 00:17:40.849 Because no, you can't reverse transactions. So it takes 290 00:17:40.914 --> 00:17:44.551 something bad and makes it really, really terrifying. So 291 00:17:44.616 --> 00:17:48.577 the Payments and Crypto Summit comes at a really, really good 292 00:17:48.642 --> 00:17:52.213 time because we had speakers like Cody Carbone from the 293 00:17:52.278 --> 00:17:56.175 Chamber of Digital Commerce. We had folks from OFAC, we have 294 00:17:56.240 --> 00:17:59.811 folks from U.S. Faster Payments Council, we had our own 295 00:17:59.876 --> 00:18:03.707 contributors - former Treasury executive, Ari Rebord and we 296 00:18:03.772 --> 00:18:07.409 have the former PCI exec Troy Leach, all of these people 297 00:18:07.474 --> 00:18:11.630 talking about cryptocurrency and payments. So we spoke about the 298 00:18:11.695 --> 00:18:15.526 use cases of digital assets. We're constantly talking about 299 00:18:15.591 --> 00:18:19.552 how everything is wrong with the space rally. But as Ari once 300 00:18:19.617 --> 00:18:23.319 said, it is so important to acknowledge the opportunities 301 00:18:23.384 --> 00:18:27.345 also that the space provides, and look to secure these areas. 302 00:18:27.410 --> 00:18:31.306 But there are vulnerabilities and there are massive ones and 303 00:18:31.371 --> 00:18:35.332 hackers exploit it. So there are dozens of hacks every single 304 00:18:35.397 --> 00:18:39.229 week. As of October, I think this year, about three billion 305 00:18:39.293 --> 00:18:43.255 have been stolen. And that's just this year, right? So how do 306 00:18:43.320 --> 00:18:47.216 organizations in the space and also federal agencies conduct 307 00:18:47.281 --> 00:18:51.502 blockchain crime investigations? So the experts who do this every 308 00:18:51.567 --> 00:18:55.073 single day shared their experiences. We had folks from 309 00:18:55.138 --> 00:18:59.035 the OFAC talk about sanctions. Who needs to comply? And what 310 00:18:59.100 --> 00:19:02.931 happens when we don't? This is such a hot topic because the 311 00:19:02.996 --> 00:19:06.827 U.S. has been imposing a slew of sanctions against multiple 312 00:19:06.892 --> 00:19:10.529 crypto exchanges, and also Tornado Cash, which is a very 313 00:19:10.594 --> 00:19:14.360 popular mixing service. And, of course, no conversation is 314 00:19:14.425 --> 00:19:18.386 complete without taking into account the current and upcoming 315 00:19:18.451 --> 00:19:22.477 legislation in the space. And there are plenty of those. So we 316 00:19:22.542 --> 00:19:26.633 had people who helped formulate these policies, who would think 317 00:19:26.698 --> 00:19:30.724 cybersecurity first share their thoughts on how these policies 318 00:19:30.789 --> 00:19:34.685 impact security. But it wasn't all about crypto. It was also 319 00:19:34.750 --> 00:19:38.452 the Payments Summit. So we had folks from Faster Payments 320 00:19:38.517 --> 00:19:42.673 Council and the Federal Reserve Bank of Boston and other experts 321 00:19:42.738 --> 00:19:46.699 to talk about how enterprises and law enforcement can outpace 322 00:19:46.764 --> 00:19:50.530 criminals. What challenges Faster Payments bring, what the 323 00:19:50.595 --> 00:19:54.427 ecosystem of fraudsters look like, what technologies can be 324 00:19:54.492 --> 00:19:57.738 used to mitigate this criminality. And we also had 325 00:19:57.803 --> 00:20:01.375 conversation about the so popular sell fraud and how to 326 00:20:01.440 --> 00:20:05.466 title the new challenge of P2P payment fraud. So what I really 327 00:20:05.531 --> 00:20:09.362 liked about it, though, it was is that it wasn't just about 328 00:20:09.427 --> 00:20:13.453 solutions. It brought up a lot of questions as well. Like what 329 00:20:13.518 --> 00:20:17.285 areas of the blockchain do regulators really need to focus 330 00:20:17.350 --> 00:20:21.246 on? What do people who brought policy in traditional finance 331 00:20:21.311 --> 00:20:24.688 space have to say about cryptocurrencies? What about 332 00:20:24.753 --> 00:20:28.454 cross border regulation for a currency that does not have 333 00:20:28.519 --> 00:20:32.091 borders? So how does this technology impact traditional 334 00:20:32.156 --> 00:20:35.402 financial institutions, especially banks, that are 335 00:20:35.467 --> 00:20:39.429 entering the space? So how do you address security challenges 336 00:20:39.494 --> 00:20:42.870 in a decentralized finance space, which is literally 337 00:20:42.935 --> 00:20:46.312 designed to not have a centralized authority, so the 338 00:20:46.377 --> 00:20:50.143 list is endless. But that's actually pretty great, because 339 00:20:50.208 --> 00:20:54.364 there are the best minds in the world that are being asked these 340 00:20:54.429 --> 00:20:58.326 questions. And those who have designed and implemented these 341 00:20:58.390 --> 00:21:02.417 as legislation discussing where we are and what we need to do. 342 00:21:02.482 --> 00:21:06.378 And there are also those that are currently in a position to 343 00:21:06.443 --> 00:21:09.820 actually push for these solutions and talk about the 344 00:21:09.884 --> 00:21:13.196 hurdles, having these conversations. And that's the 345 00:21:13.261 --> 00:21:15.080 point of the summit's right. 346 00:21:16.080 --> 00:21:18.570 Anna Delaney: Absolutely thorough analysis of event, 347 00:21:18.600 --> 00:21:22.470 Rashmi, thank you, and you cover this space in great detail and 348 00:21:22.470 --> 00:21:26.940 depth. What's promising, from your perspective in this space 349 00:21:26.940 --> 00:21:30.480 in terms of regulation, or even technology? What progress has 350 00:21:30.480 --> 00:21:30.960 been made? 351 00:21:33.060 --> 00:21:37.230 Rashmi Ramesh: Well, actually, the one theme that I've seen is 352 00:21:37.230 --> 00:21:41.040 ... not theme but an observation, a sort of 353 00:21:41.070 --> 00:21:44.760 conclusion really, that blockchain is here to stay. So 354 00:21:44.760 --> 00:21:48.660 you hear so much about how crypto is a Ponzi scheme, how 355 00:21:48.690 --> 00:21:51.930 NFTs are a Ponzi scheme. Maybe they are, and maybe they're not. 356 00:21:52.200 --> 00:21:56.970 But blockchain tech on which all of this is built is sturdy, it's 357 00:21:56.970 --> 00:22:00.450 secure. So some use cases of it may not survive the test of 358 00:22:00.450 --> 00:22:03.990 time. Sure. But the technology isn't going anywhere. And the 359 00:22:03.990 --> 00:22:07.920 government has realized this, by doing recently published an 360 00:22:07.920 --> 00:22:10.950 executive order on digital assets. And there are multiple 361 00:22:10.950 --> 00:22:14.730 regulatory bills in the works. And the U.S. is also exploring 362 00:22:15.030 --> 00:22:18.150 central bank digital currencies. India has already started a 363 00:22:18.150 --> 00:22:22.080 trial on it. And the UK, in fact, is testing use case of an 364 00:22:22.080 --> 00:22:25.230 NFT in the supply chain for better execution for better 365 00:22:25.230 --> 00:22:31.320 security and traceability. So, honestly, the segment has a 366 00:22:31.320 --> 00:22:34.800 gazillion use cases for cybersecurity, too, and I'm sure 367 00:22:34.800 --> 00:22:37.530 we'll see you way more conversations happening around 368 00:22:37.530 --> 00:22:40.440 blockchain and the intersection but other technologies. 369 00:22:41.160 --> 00:22:44.250 Anna Delaney: Excellent! Rashmi, that was great. Final question - 370 00:22:44.280 --> 00:22:48.600 You have set up the world's most secure crypto exchange. What 371 00:22:48.600 --> 00:22:53.190 would you call it? Suparna, what are your thoughts? 372 00:22:53.730 --> 00:22:56.070 Suparna Goswami: Yes, I thought of Cryptoden because I thought 373 00:22:56.070 --> 00:22:58.590 the lion's den is a more secure place. So Cryptoden. 374 00:22:58.890 --> 00:23:02.940 Anna Delaney: Love it. Very good. Rashmi, go for it. 375 00:23:04.020 --> 00:23:06.300 Rashmi Ramesh: I've mentioned to you earlier but my dream company 376 00:23:06.300 --> 00:23:10.380 when called Kryptonite with a KN. But I've given up on that. 377 00:23:11.010 --> 00:23:13.740 Because I kind of don't want to risk the wrath of Superman, you 378 00:23:13.740 --> 00:23:18.180 know. So I decided to go straight forward this time. My 379 00:23:18.180 --> 00:23:23.790 company will be called Safecoins with a tagline yes, they exist. 380 00:23:26.090 --> 00:23:28.910 Anna Delaney: I believe you. Very good. And Matt? 381 00:23:29.320 --> 00:23:33.130 Mathew Schwartz: I have to take my hat off to Kryptonite. The 382 00:23:33.130 --> 00:23:37.810 pun there is just beyond fantastic. So nothing so good as 383 00:23:37.810 --> 00:23:43.300 our resident crypto expert here, but what I would do is I'd call 384 00:23:43.300 --> 00:23:48.010 it Fort Knox. Now it might sound a little bit like Mount Gox, 385 00:23:48.040 --> 00:23:52.780 which basically flamed out in spectacular fashion, not quite a 386 00:23:52.780 --> 00:23:55.870 decade ago. And apparently there is already some kind of a 387 00:23:55.870 --> 00:23:59.230 digital coin called FortKnox. But that's a digital coin, 388 00:23:59.230 --> 00:24:02.440 right? I think we're talking about Bitcoin exchanges here. So 389 00:24:02.530 --> 00:24:05.260 I would make sure it included all of the typical boilerplate 390 00:24:05.290 --> 00:24:10.360 about how it had military grade encryption with hack roof, and 391 00:24:10.360 --> 00:24:14.200 how you know, getting your money back was a silver bullet 392 00:24:14.200 --> 00:24:17.080 guarantee - just because we're used to those sorts of 393 00:24:17.080 --> 00:24:19.210 platitudes, especially from organizations that don't know 394 00:24:19.000 --> 00:24:24.220 Anna Delaney: Oh, these are all excellent titles. And well, I've 395 00:24:19.210 --> 00:24:19.870 what they're doing. 396 00:24:24.220 --> 00:24:27.850 got a working title of the labyrinth. I was just trying to 397 00:24:28.000 --> 00:24:31.870 conjure up something more complex for criminals to hack. 398 00:24:32.920 --> 00:24:34.780 Mathew Schwartz: Very good. Have a Minotaur coin. 399 00:24:34.870 --> 00:24:38.770 Anna Delaney: Yes. This has been excellent. Thank you for your 400 00:24:38.770 --> 00:24:41.830 creativity and fun at the end, and Matt, Rashmi and Suparna - 401 00:24:41.920 --> 00:24:47.620 always a pleasure. Thanks so much for watching. Until next 402 00:24:47.620 --> 00:24:47.980 time.