CyberWire Daily - Advice on security, from Washington, DC and Washington State. The Predator Files have bad news on privacy. Notes on the hybrid war. And LoveGPT is not your soulmate.
Episode Date: October 6, 2023NSA and CISA release a list of the ten most common misconfigurations along with Identity and access management guidelines. The Predator Files. Cyber cooperation between Russia and North Korea. Hacktiv...ist auxiliaries hit Australia. Hacktivists and hacktivist auxiliaries scorn the application of international humanitarian law. The direction of Russian cyber operations. Dave Bittner speaks with Andrea Little Limbago from Interos to talk about geopolitics, cyber and the C-suite. Rick Howard talks with John Hultquist, Chief Analyst at Mandiant, at the mWISE 2023 Cybersecurity Conference about cyber threat intelligence. And, finally, adventures in catphishing: “LoveGPT.” For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/192 Selected reading. NSA and CISA Release Advisory on Top Ten Cybersecurity Misconfigurations (Cybersecurity and Infrastructure Security Agency CISA) CISA and NSA Release New Guidance on Identity and Access Management (Cybersecurity and Infrastructure Security Agency CISA) Microsoft Digital Defense Report 2023 (Microsoft) Predator Files | EIC (European Investigative Collaborations) Meet the ‘Predator Files,’ the latest investigative project looking into spyware (Washington Post) NORTH KOREA–RUSSIA SUMMIT : A NEW ALLIANCE IN CYBERSPACE? - CYFIRMA (CYFIRMA) Australia’s home affairs department hit by DDoS attack claimed by pro-Russia hackers (the Guardian) Pro-Russia hacktivist group targets Australian government agencies over support for Ukraine (Cyberdaily.au) Home Affairs, Administrative Appeals Tribunal websites hit by cyber attacks (SBS News) ‘War has no rules’: Hacktivists scorn Red Cross’ new guidelines (Record) Espionage fuels global cyberattacks (Microsoft On the Issues) LoveGPT: How “single ladies” looking for your data upped their game with ChatGPT (Avast Threat Labs) Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
You're listening to the Cyber Wire Network, powered by N2K.
Air Transat presents two friends traveling in Europe for the first time and feeling some pretty big emotions.
This coffee is so good. How do they make it so rich and tasty?
Those paintings we saw today weren't prints. They were the actual paintings.
I have never seen tomatoes like this.
How are they so red?
With flight deals starting at just $589,
it's time for you to see what Europe has to offer.
Don't worry.
You can handle it.
Visit airtransat.com for details.
Conditions apply.
AirTransat.
Travel moves us.
Hey, everybody.
Dave here.
Have you ever wondered where your personal information is lurking online?
Like many of you, I was concerned about my data being sold by data brokers.
So I decided to try Delete.me.
I have to say, Delete.me is a game changer.
Within days of signing up, they started removing my personal information from hundreds of data brokers.
I finally have peace of mind knowing my data privacy is protected.
Delete.me's team does all the work for you with detailed reports so you know exactly what's been done.
Take control of your data and keep your private life private by signing up for Delete.me.
Now at a special discount for our listeners.
private by signing up for Delete Me. Now at a special discount for our listeners,
today get 20% off your Delete Me plan when you go to joindeleteme.com slash n2k and use promo code n2k at checkout. The only way to get 20% off is to go to joindeleteme.com slash n2k and enter code
n2k at checkout. That's joindeleteme.com slash N2K, code N2K.
The NSA and CISA release a list of the 10 most common misconfigurations,
along with identity and access management guidelines.
Cyber cooperation between Russia and North Korea.
Hacktivist auxiliaries hit Australia.
Hacktivists and hacktivist auxiliaries score in the application of international humanitarian law.
The direction of Russian cyber operations.
Dave Bittner speaks with Andrea Little-Limbago from Interos
to discuss geopolitics, cyber, and the C-suite. Rick Howard talks with John Holtquist, chief analyst at
Mandiant, at the MY's 2023 Cybersecurity Conference about cyber threat intelligence.
And finally, adventures in catfishing.
I'm Trey Hester, filling in for Dave Bittner with your CyberWire Intel briefing for Friday, October 6, 2023. We begin with some advice for organizations on staying secure.
First, the U.S. Cybersecurity and Infrastructure Security Agency and the National Security Agency released a list of the 10 most common and troublesome misconfigurations as gleaned from NSA and CISA Red and Blue team assessments,
as well as through the activities of NSA and CISA Hunt and Incident Response teams.
The report points to default configurations of software and applications, improper separation of user administration privilege, and insufficient internal network monitoring as key areas of
concern, among other common security failures.
The report includes an extensive account on the
consequences of misconfiguration and also guidance on how to configure systems so as to avoid them.
And CISA and NSA have also released guidance on addressing challenges related to identity
and access management NextGov reports. The guidance focuses on technology gaps that limit
the adoption and secure employment of multi-factor authentication and single sign-on technologies within organizations.
Microsoft has published its InDefense report for 2023, finding that the following basic security hygiene practices, such as implementing multi-factor authentication, can prevent 99% of attacks.
The report notes, quote,
The report notes,
The researchers also found that human-operated ransomware attacks have increased by 200% since September 2022, and between 80 and 90% of these attacks originated from unmanaged devices. LockBit was the most common human-operated
ransomware strain in 2023. The report adds that ransomware operators are also increasingly
exploiting vulnerabilities and less common software, making it more difficult to predict and defend against their attacks. In full disclosure, we note that Microsoft is a
CyberWire partner. NSO Group's Pegasus Intercept tool has attracted the most public attention,
but one of its competitors in the spyware market, Predator, may have seen even wider and potentially
more disrupting distribution. The EIC reports that European companies had been funding and selling cyber surveillance tools
to dictators for more than a decade
with the passive complicity of many European governments.
The preliminary peak of surveillance excesses
was most recently reached by the Intellex Alliance,
an association of several European companies
through which Predator software
was supplied to authoritarian states.
Activists, journalists, and academics have been targeted, as have European and U.S. officials.
Cypherma looks at the most recent closeness between Moscow and Pyongyang
and sees the potential for cooperation in offensive cyber operations.
Such cooperation is easy and requires little coordination.
Russia and North Korea share a common set of animosities,
and both are already engaged against countries that are broadly hostile to the two regimes.
The new friendship between the two countries hasn't, however,
so far inhibited North Korea's attempts to collect against Russian targets.
Microsoft reports that despite the recent meeting between Putin and Kim Jong-un,
North Korea is still targeting Russia, especially for nuclear energy, defense,
and government policy intelligence
collection. Australia's Department of Home Affairs was subjected to roughly five hours of distributed
denial-of-service attacks, which most news reports characterize as a pro-Russian hacker group.
Cyberdaily.au attributes the action to NoName057. The hacktivist auxiliary explained its purpose as
retaliation for Australia's decision to send Slinger anti-drone technology to Ukraine.
A post in No Name's Telegram channel said,
An essay published by two
officials of the International Committee of the Red Cross, in which they outline the extension
of international humanitarian law to cyberspace, has been rejected contemptuously by hacktivists
on both sides of Russia's war against Ukraine, according to the record. Their reasoning,
whatever their commitment, is essentially the same. The rejection was especially sharp from
Ukrainian hacktivist groups and Belarusian dissidents. Microsoft has published an overview of the ways in which
espionage is shaping the current state of cyber threats, concentrating on the activities of China,
Russia, North Korea, and Iran. Of Russia, the report says, quote,
Russian intelligence agencies have refocused their cyber attacks on espionage activity
in support of their war against Ukraine, while continuing destructive cyberattacks in Ukraine and broader
espionage efforts. End quote. Insofar as classical espionage is concerned, the Russian services are
most interested in the UK, the US, and Poland, and looking for insight into the direction of policy
with respect to the war against Ukraine and, tellingly, the progress of war crimes investigations. Influence operations seem increasingly coordinated with operations on
the ground, and Russia is devoting a great deal of attention to the Ukrainian diaspora,
seeking to intimidate global Ukrainian communities and sow mistrust between war refugees and host
communities in a range of countries, especially Poland and the Baltic states. Once again,
in full disclosure, we note that Microsoft is a CyberWire partner.
And finally, Avast has discovered a romance scam that's using a tool the researchers are calling
LoveGPT, which provides vast functionality over several different dating platforms,
providing the capability to create fake accounts, interact with victims, bypass CAPTCHA,
anonymize the access using proxies, interact with victims, bypass CAPTCHA, anonymize the access
using proxies, browser anonymization tools, and more. The threat actor behind the campaign is
also using ChatGPT to craft more convincing messages. LoveGPT's developer appears to be
based in Vietnam and has been working on different versions of the tool for the last decade.
The developer added ChatGPT functionality to the tool earlier this year. The primary focus of this Thank you. up for Cyber Wire listeners, we'll be taking Monday off for the U.S. Federal Holiday of Indigenous Persons Day. And Dave Bittner will be back on the mic Tuesday. And if you're as
lucky as we are, please enjoy the long weekend. Coming up after the break, Dave Bittner speaks
with Andrea Little-Limbago from Interos to talk about geopolitics, cyber, and the C-suite.
Rick Howard talks with John Holtquist, chief analyst at Mandiant, at the MY's 2023 Cybersecurity Conference about threat intelligence.
Stick around.
Do you know the status of your compliance controls right now?
Like, right now.
We know that real-time visibility is critical for security, but when it comes to our GRC programs, we rely on point-in-time checks.
But get this.
More than 8,000 companies like Atlassian and Quora have
continuous visibility into their controls with Vanta. Here's the gist. Vanta brings automation
to evidence collection across 30 frameworks, like SOC 2 and ISO 27001. They also centralize
key workflows like policies, access reviews, and reporting,
and helps you get security questionnaires done five times faster with AI.
Now that's a new way to GRC.
Get $1,000 off Vanta when you go to vanta.com slash cyber.
That's vanta.com slash cyber for $1,000 off.
And now, a message from Black Cloak.
Did you know the easiest way for cyber criminals to bypass your company's defenses is by targeting your executives and their families at home? Black Cloak's award-winning digital executive protection platform Thank you. third of new members discover they've already been breached. Protect your executives and their
families 24-7, 365 with Black Cloak. Learn more at blackcloak.io.
A couple of weeks ago, Mandiant, now part of Google Cloud, hosted the MY's Cyber Threat Intelligence Security Conference at the Washington, D.C. Convention Center.
I ran into an old friend of mine, John Holtquist.
These days, he's the chief analyst at Mandiant, but he's been doing cyber threat intelligence his entire career in both the government and the commercial sector.
both the government and the commercial sector. After he left government service, he transitioned to the commercial sector as the director of cyber espionage analysis at iSight Partners.
FireEye eventually bought iSight Partners, then Mandiant bought FireEye, and then finally,
Google bought Mandiant. And John has been on that entire journey. Let's just say that he knows where
all the skeletons are buried. And we had a wide-ranging
discussion about the current state of cyber threat intelligence, the late great Kevin Mitnick,
and the revelations this year from Chain Analysis, a commercial vendor, about how crypto money is not
as anonymous as we all thought it was. I started by asking John if there was a single theme to the
NY's conference this year. I've spent a lot of time with customers, and that's honestly, it's super enlightening,
because I have my thoughts on what I think matters, and then you go into the room,
and they're like, this is what actually matters to me.
And it's always great to sort of find where those two parts kind of connect.
I think, obviously, the situation with the casinos in Las Vegas is the talk of the town or whatever you want to call it right now.
Which is crazy, right?
I mean, okay, it's a big deal for them, but why is that more important than, I don't know, something else?
I mean, I think those actors are sort of challenging a lot of the ways that we do security, right?
And I will tell you that I spend a lot of time working with casinos of the years and
they are mature players right they are i know what they're doing they have been doing security
since day one at casinos right it's not an afterthought it never was and so you know it's
it's uh it's really interesting to see it you know an actor you know hated more than one of them and
you know we've been essentially trying to distill some of the lessons learned from that actor
is there something we can just point to here like you know we've been essentially trying to distill some of the lessons learned from that actor. Is there something we can just point to here?
Like, you know, we've been doing cybersecurity for 30 years.
Yeah.
They took advantage of something that we have not been paying attention to?
Well, you know, it's funny.
It's like everything old is new again, right?
There are things that I think we thought about a long time ago that maybe we didn't keep watching because adversaries change.
And we maybe not have kept our eye on the ball on certain things.
Just like, by the way, there was a talk about USB malware, right,
which was like the bane of my existence when I was in the government
with the agent BTZ situation.
So everything old is new again.
I think these are things that we've thought of before,
but they've sort of refreshed a lot of our memory on a lot of these problems,
and it's good because we're going to start attacking some of these problems.
So the biggest one is their ability to social engineer.
It's exceptional.
They're English speakers.
I keep talking about it's not just that they're English speakers.
They're native English speakers.
They're able to sort of develop a real familiarity with the people they talk to
and sort of emote in the language, right?
There are differences between how people in Western Europe discuss things, right?
And how they emote on the phone, right?
And these guys are locked in and able to really convince somebody to help them.
What that means is that a help desk will not only sort of, you know,
allow them to get through these gateways that we've set up,
but they'll almost pull them through because I think they like them.
You know, they want to help them.
So we've gone back to more social engineering as a skill set, right?
It's a huge skill set.
And I think that it exposes the vulnerability in just, you know, the way that we set up these help desks.
Probably how we incentivize them, right?
They're incentivized to be helpful.
That's how they're reviewed, I'm sure.
Yeah, that's right.
Telling somebody no may not actually be in their interest, you know, economically, you know, if you work on the floor.
And we've got to make sure that's not the case.
I heard a story about Mittnick talking about help desk. He was saying that the way he would social engineer a target
was that he would call in and help the help desk solve a problem.
Like he faked to be a contractor.
He'd solve the problem.
And then a week later, he would call the help desk again and say,
hey, I need you to fill out this.
You remember me.
Remember me, fill out this paper.
Oh, wow.
Right?
Yeah.
And it's like, yeah, so maybe we're coming back to those kinds of things.
Yeah, I mean, the long play, by the way,
is something we actually see from the other players.
More in the text, email message situation,
like the Iranians and the South Koreans.
You'll see them social with somebody for like a month now
before they ever bother to send that link or that attachment.
But they're pulling people through.
They're hitting these business process outsourcers
that are like third parties that manage a lot of our data.
And the other thing that's really important
that they're doing is there's a focus
on telecoms and SMS
and particularly the ability
to overcome second, like two-factor, right?
Or the ability to get somebody
to send a reset code or something
directly to a phone that they control.
And it really proves that we have to really rethink, you know,
how much we rely on phone numbers as a reliable way to sort of authenticate somebody.
Because we're still trying to get people to use two-factor on phones, right?
We're still on this journey.
And I will say that I still, you know, I still think it's a speed bump, right?
Yeah, yeah, yeah.
But it's just not an enterprise.
Like, a speed bump is not like a doorway, right?
Like, it's not enough for an enterprise.
Maybe for certain things, it's enough.
But if you are trying to protect an enterprise, it probably won't do it.
So you're on this panel at the NYS conference, called cyber intelligence in a rapidly changing world and some big-time
luminaries on that panel i'm not saying you are but you know other people there are other people
there right yeah no we had some really interesting people on the panel who had spent a lot of time
looking at crime from various aspects jackie from chain analysis i thought had a really interesting
uh sort of view into the problem.
She looks at the blockchain and she watches a lot of this movement. And one of the things she said
is she's seen sort of a drop off in some of the many criminal actors. And she attributes this
to maybe some success. And, you know, we're seeing zero days in the crime space now.
And there's a thought that maybe some of the,
there is actually an increasing barrier to entry.
So some of our defenses may actually be working.
So that's why we're talking about innovations here, right?
Or like new problems instead of talking about,
oh, it's the same old thing we've seen a thousand times.
We're actually talking about zero days
and new ways to social engineer
and people are defeating the second factor things. And that's good. That's, that means that
some of the things that we're doing may actually be working, which you never, ever hear in this
business. Well, you said Jackie's from chain analysis. I heard about chain analysis from
Andy Greenberg's book, Traces in the Dark. And up until that point, I think most of us thought that,
you know, blockchain was anonymous.
I mean, we knew it probably could be broken, but they blew that idea completely out of the water.
It's a really strange concept.
Because I think it was the first thing you heard about blockchain is that it would be anonymous.
And that doesn't seem to be the case at all.
Well, I mean, if you look at the design specs, it's supposed to be transparent.
It's a transparent ledger. It's the opposite. be the case at all. Well, I mean, if you look at the design specs, it's supposed to be transparent. It's a transparent ledger.
It's the opposite, right?
It's a transparent measure.
And it's given us a tremendous amount of insight and a lot of adversaries,
not just the criminals, well, not just the regular, the gold-fashioned criminals,
but we also have like the North Koreans now.
And we could see the scale of their program, and it's in the hundreds of millions.
It's amazing, yeah.
Yeah.
And it's going right into a nuclear weapons program. I think you and I are in the wrong biz. Okay. Yeah. Clearly.
That's Rick Howard and John Holtquist speaking at the MY's 2023 Cybersecurity Conference. And I'm pleased to be joined once again by Andrea Little-Limbago.
She is Senior Vice President of Research and Analysis at Interos.
Andrea, it is always great to welcome you back.
I want to touch base on geopolitics, something you and I talk about regularly,
but also how that intersects with cyber, of course, but the folks in the C-suite.
What sort of insights do you have on that?
Yeah, no, thanks.
And there are areas that tend to be disconnected in most conversations,
but what we're seeing at the C-suite level is a growing push,
both for greater cybersecurity domain expertise, as well as geopolitical expertise. And that,
you know, unfortunately, Russian invasion of Ukraine kind of, you know, was the prompt,
the forcing function on that regard. However, some of that discussion had started earlier,
following the start of the U.S.-China trade war, but wasn't necessarily taken as seriously as it is now.
And it's been a good seven years since then.
So the various kinds of sanctions and regulations and so forth really have just continued at a rapid pace.
If nothing else, it's a compliance issue in many regards for some of these companies that the C-suite needs to be aware of.
It's a compliance issue in many regards for some of these companies that the C-suite needs to be aware of.
But it is thinking about how can you build a resilient company in these times of shifts and looking across the major shifts that are going on to really shape this new normal.
Clearly, climate change will be one of them.
The technological revolution that's underway is one of them. But the geopolitical landscape is shifting in ways that we have not seen for decades. And that is something that's
starting to raise much more awareness. And we have folks on the board are starting to ask,
how are you building your company to be resilient against some of those shifts?
The folks I speak to always emphasize that you have to approach the C-suite in the language they understand, which tends to be risk, material risk to the business.
And yet everything, it seems these days, flows through cyber.
I mean, even the social aspects of social media.
We're coming up on an election season here,
and that affects everything as well.
Are we seeing a heightened awareness from the C-suite
to focus on those elements?
I'd say a growing.
I'm not sure I'd say heightened yet.
Okay.
I wouldn't go quite that far.
And I think to your point, I mean,
so much of the geopolitical politics
and the risk associated with it are manifest through cyber. And that's why we see so much of that far. And I think to your point, so much of the geopolitical politics and the risk associated with it are manifest through cyber.
That's why we see so much of that interconnected. So I think there's a rising
awareness. I think the World Economic Forum
did what their findings from earlier this year
that they did a polling of a bunch of executives
and their best estimate was that there will be some sort of catastrophic cyber event in the next two years that is geopolitically motivated.
And take that with a grain of salt, but it just shows that there is a heightened awareness at a minimum, whether they're actually doing something that's a little bit different about it. But the connectivity between geopolitics and cybersecurity
and then that having an impact on the businesses
is something that is growing in awareness.
Those are questions that are starting to pop up.
We're hearing them a whole lot more.
And so we're starting to see some shifts in that regard.
And I think what's interesting, and you mentioned social media,
and you almost think about that as being the the front end risks that are, that we
see like social media and some of the information and all, and the various kind of, we've seen
disinformation campaigns targeted at companies already numerous times. So that's one component
of it and the data security. And then some of the backend risks could be the hardware that we're
seeing right now that's being in the companies. And there's actually a really good book along the
lines that separates it by front endend risk and back-end risk
for cyber and geopolitics.
It's called The Wires of War by Jacob Helberg
that I would recommend.
I really like that framing because it is sort of
the software risk and then the hardware risk.
And then the data that goes along with it.
And I don't think many companies are thinking
about it that way quite yet.
And compliance is forcing some of them to,
when you have something like Huawei technology
that is not allowed to be within your infrastructure.
That's a forcing function on the hardware side.
And then even some of the software apps,
but even just data security, data privacy laws are forcing as well.
But I think it's still really nascent, I think,
when it's getting into business discussions.
Well, and we're seeing shifts of emphasis on bringing some core manufacturing back to the United States, chip manufacturing, things like that.
But then in the next breath, you hear the folks leading that effort saying, well, we don't have enough people here who are trained.
And so it's going to take us longer than we thought it would.
Strong geopolitical implications there. No, it's going to take us longer than we thought it would. Strong geopolitical implications there.
I was just reading the other day that the Taiwan semiconductor manufacturing,
the biggest semiconductor company, was building
a plant in Arizona, and then it's getting delayed for that reason, for
inability to find all the labor that they need.
It's way easier said than done,
but we are seeing the company shift in that regard.
But it's interesting, I'm also seeing in some cases
out of governments or corporate executives
talking about the risk on one side
and then in a different forum talking about how they're reinvesting,
say, in China and growing a labor force
or growing a new plant there.
And so it's very hard to see.
You can't have it both ways.
And I think some companies
are trying to have it both ways right now
because they've been able to.
And that's,
especially in the area of supply chains,
they've grown globally
absent any thought about geopolitics.
Globalization as it expanded
over the last few decades
really didn't take geopolitics
into consideration
and now it has to.
So it's a big mindset shift that I think is slowly coming around. And for sure, some
industries are thinking about it a lot more than others. Yeah, I mean, just thinking in my day-to-day
life, I mean, for all of us, the number of items, consumer items, our mobile devices, our televisions, everything that comes through China.
And so think about a company like Apple, who we all rely on. Even if you don't have an Apple
device, you know someone who does. They can't just pivot and find another manufacturer with
the scale and precision and all the things that they've come to expect that China can provide.
Yeah, no, I agree.
And then even going down to the materials that go into those technologies, the critical minerals,
that's really becoming another area of discussion and dispute between China and, say, Australia, the U.S., European countries.
and, say, Australia, the U.S., European countries.
And so that also becomes another area of concern is if we're trying to decouple,
where do you get the critical minerals needed
to create the technologies?
Where do you suppose we're headed here?
Are we on a trajectory of, for the short term,
increased tension, or are we at some sort of equilibrium? What do you suppose we are?
Oh, yeah, I think a lot of it depends. I mean, we're at a new equilibrium for sure,
following Russia's invasion of Ukraine. But with regard to China, it so much depends on what China
does towards Taiwan. I think we're at an equilibrium right now for the level of tensions.
They're higher than they were several years ago. I don't foresee any rethinking
of the sanctions on their major tech companies
and their AI companies and so forth.
There's the unethical labor conditions that they have
also impacts the regulations of their companies.
And I don't see that going away
or us shifting policy.
I've actually heard recently a couple of Congress folks
calling for rethinking some of the policies towards China, but I just can't imagine that
happening. Just given the wide scale IP theft and we keep finding, you know, there seems to be some
new data breach linked back to China. So I can't imagine that happening anytime soon. But really,
the unknown is China's behavior towards Taiwan. And that, for many people, has always been like,
oh, that's a distant future.
I think more, and the government for sure
is planning for that more now.
And I think many of the companies are starting to think
that what would happen then?
I think Russia invading Ukraine was a forcing function on that,
but I think some of the other aspects of U.S.-China relations
have further raised the concern.
Yeah. All right. Interesting times.
Andrea Little-Limbago, thanks so much for joining us.
Thank you. ThreatLocker is a full suite of solutions designed to give you total control, stopping unauthorized applications, securing sensitive data, and ensuring your organization runs smoothly and securely.
Visit ThreatLocker.com today to see how a default-deny approach can keep your company safe and compliant. And that's The Cyber Wire.
For links to all of today's stories, check out our daily briefing at thecyberwire.com.
Don't forget to check out this weekend's edition of Research Saturday,
where Dave Bittner sits down with Deepan Desai from Zscaler to take a look into DuckTale. We'd love to know what you think of this podcast. We'll see you next time. Liz Irvin, and senior producer Jennifer Iben. Our mixer is me, with original music by Elliot Peltzman. The show is written by our editorial staff.
Our executive editor is Peter Kilby,
and I'm Trey Hester, filling in for Dave Bittner.
Thanks for listening.
We'll see you back here next week. Thank you. AI and data products platform comes in. With Domo, you can channel AI and data
into innovative uses that deliver measurable impact.
Secure AI agents connect, prepare,
and automate your data workflows,
helping you gain insights, receive alerts,
and act with ease through guided apps
tailored to your role.
Data is hard. Domo is easy.
Learn more at ai.domo.com. That's ai.domo.com.