CyberWire Daily - The cyber phases of two wars show signs of intersecting. Developments in cyberespionage and cybercrime.
Episode Date: October 10, 2023Disinformation and Hacktivism in the war between Hamas and Israel. KillNet and the IT Army of Ukraine say they'll follow ICRC guidelines. The current state of DPRK cyber operations. The Grayling cyber...espionage group is active against Taiwan. A Magecart campaign abuses 404 pages. 23andMe suffers abreach. Voter records in Washington, DC, have been compromised. In our Solution Spotlight, Simone Petrella speaks with Raytheon’s Jon Check about supporting and shaping the next generation of the cyber workforce. Grady Summers from SailPoint outlines the importance of organizations managing and protecting access to critical data. And a look at CISOs willingness to pay ransom. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/193 Selected reading. The Israel-Hamas War Is Drowning X in Disinformation (WIRED) As false war information spreads on X, Musk promotes unvetted accounts (Washington Post) Elon Musk’s X Cut Disinformation-Fighting Tool Ahead of Israel-Hamas Conflict (The Information) US opinion divided amid battle for narrative over Hamas attack on Israel (the Guardian) Zelensky Compares Assault by Hamas on Israel to Moscow’s Invasion of Ukraine (New York Times) Russia cites ‘concern’ but does not condemn Hamas attack on Israel (Washington Post) The Israel–Hamas Conflict: Implications for the Cyber Threat Landscape (ReliaQuest) Hackers Send Fake Rocket Alerts to Israelis via Hacked Red Alert App Hacktivism erupts in Middle East as Israel declares war (Register) The Israel-Hamas War Erupts in Digital Chaos (WIRED) Hacktivists in Palestine and Israel after SCADA and other industrial control systems (Cybernews) Hackers Join In on Israel-Hamas War With Disruptive Cyberattacks (SecurityWeek) Israel’s government, media websites hit with cyberattacks (Cybernews) Website of Jerusalem Post crashes after multiple cyberattacks (OpIndia) Ukraine cyber-conflict: Hacking gangs vow to de-escalate (BBC News) North Korea Suspected in Massive Hack of DeFi Project Mixin (OODA Loop) Assessed Cyber Structure and Alignments of North Korea in 2023 (Mandiant) Grayling: Previously Unseen Threat Actor Targets Multiple Organizations in Taiwan (Symantec) The Art of Concealment: A New Magecart Campaign That’s Abusing 404 Pages (Akamai) Hacker Claims to Have Data of 7 Million 23andMe Users from DNA Service (Hack Read) 23andMe user data breached in credential-stuffing attack (Engadget) ‘Your DNA is for sale on the black market’: 23andMe data breach exposes customers (The Daily Dot) 23andMe User Data Stolen in Targeted Attack on Ashkenazi Jews (WIRED) 23andMe data breach affects a million users with Jewish heritage (Dataconomy) D.C. voter records for sale in cybercrime forum (CyberScoop) Hackers access voter information in DC Board of Elections data breach (WTOP News) DC Board of Elections investigates voter data breach (NBC4 Washington) The CISO Report (Splunk) October 2023 Patch Tuesday forecast: Operating system updates and zero-days aplenty (Help Net Security) Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
You're listening to the Cyber Wire Network, powered by N2K.
Air Transat presents two friends traveling in Europe for the first time and feeling some pretty big emotions.
This coffee is so good. How do they make it so rich and tasty?
Those paintings we saw today weren't prints. They were the actual paintings.
I have never seen tomatoes like this.
How are they so red?
With flight deals starting at just $589,
it's time for you to see what Europe has to offer.
Don't worry.
You can handle it.
Visit airtransat.com for details.
Conditions apply.
AirTransat.
Travel moves us.
Hey, everybody.
Dave here.
Have you ever wondered where your personal information is lurking online?
Like many of you, I was concerned about my data being sold by data brokers.
So I decided to try Delete.me.
I have to say, Delete.me is a game changer.
Within days of signing up, they started removing my personal information from hundreds of data brokers.
I finally have peace of mind knowing my data privacy is protected.
Delete.me's team does all the work for you with detailed reports so you know exactly what's been done.
Take control of your data and keep your private life private by signing up for Delete.me.
Now at a special discount for our listeners.
private by signing up for Delete Me. Now at a special discount for our listeners,
today get 20% off your Delete Me plan when you go to joindeleteme.com slash n2k and use promo code n2k at checkout. The only way to get 20% off is to go to joindeleteme.com slash n2k and enter code
n2k at checkout. That's joindeleteme.com slash n2k code N2K at checkout. That's joindelete.me.com slash N2K, code N2K.
Disinformation and hacktivism in the war between Hamas and Israel.
Disinformation and hacktivism in the war between Hamas and Israel.
Killnet and the IT army of Ukraine say they'll follow ICRC guidelines.
The current state of DPRK cyber operations.
The Grayling cyber espionage group is active against Taiwan.
A Magecart campaign abuses 404 pages.
23andMe suffers a breach.
Voter records in Washington, D.C. have been compromised.
In our Solutions Spotlight, Simone Petrella speaks with Raytheon's John Check about supporting and shaping the next generation of the cyber workforce.
Grady Summers from SailPoint outlines the importance of organizations
managing and protecting access to critical data.
And a look at CISO's willingness to pay ransom. I'm Dave Bittner with your CyberWire Intel briefing for Tuesday, October 10th, 2023. Before we begin, a quick thanks to Trey Hester for manning the mic while I was away last week.
I was a guest and keynote speaker at the CyberCon conference in Bismarck, North Dakota.
We'll have insights from that conference in Bismarck, North Dakota. We'll have insights
from that conference in the coming days. Moving on, the war that intensified Saturday with major
attacks into Israel by Hamas has been accompanied by extensive disinformation campaigns, some of
them directed by authorities, but much of it also spontaneously posted, especially in X, the platform formerly
known as Twitter, but in other platforms as well. TikTok and Telegram have been prominent among
those other platforms. On TikTok, footage from video games has been presented as video of Israeli
airstrikes. And on Telegram, unverified and often false claims of successful cyber attacks
have proliferated. But Twitter seems to have been particularly receptive to disinformation,
in part because the sale of blue checks has eroded filters that media outlets had once
imperfectly but usefully provided. It's now more difficult to determine what reports originate from organizations
that vet their reporting. X has also tended to promote inflammatory false information,
amplifying it because such content generates engagement, and the platform's influencer
culture gives careless influencers outsized clout with users. By the register's count, at least 15 known cybercriminal,
ransomware, and hacktivist groups have announced their active participation in disruptive attacks
targeting institutions in Israel and Palestine. International supporters of both parties to the
conflict are also coming under cyberattack. Some of the groups have long been aligned with Hamas,
others with Israel, and still others are ramping up operations against a long-term enemy whose support for Israel or Hamas serves as either pretext or provocation. While most of the activity
has been familiar DDoS or nuisance-level defacement. Some of it has targeted infrastructure, Security Week reports,
especially electrical power distribution
and military command and control.
It seems the attempts against infrastructure
and C2 have so far had limited effect.
According to Hack Read,
one pro-Hamas group, Anon Ghost,
seems to have been able to exploit a vulnerability
in the Israeli
Red Alert civil defense app to transmit false warnings of missile strikes. That particular
action has also been claimed by the Russian hacktivist auxiliary, Anonymous Sudan.
U.S. NSA cybersecurity director Rob Joyce commented yesterday that the cyber phases of the war have so far
been largely confined to nuisance-level hacktivists. The Wall Street Journal quotes Joyce as saying,
but we're not yet seeing real nation-state malicious actors. Israel has taken action
against Hamas funding, seizing Hamas-linked Binance cryptocurrency accounts, Financial Magnate reports.
Israel has also worked with British authorities to freeze at least one Barclays account linked to Hamas fundraising.
Among the hacktivist groups who've rallied to support Hamas in its current attack against Israel are two familiar Russian auxiliaries,
Killnet and, as we've seen, Anonymous Sudan.
When Israeli government service sites
were knocked offline over the weekend,
Killnet claimed credit,
stating,
Israeli government,
you are responsible for this bloodshed.
Back in 2022,
you supported the terrorist regime in Ukraine.
That's according to a Killnet telegram post
cited by Cyber News. It goes on to say,
you betrayed Russia. Today, Killnet officially informs you of this. All government systems of
Israel will be subject to our attacks. The BBC reports that prominent and opposing
hacktivist auxiliaries stated over the weekend that they intended to abide by the guidelines
officials of the International Committee of the Red Cross recommended last week.
Russia's Kilnet and the IT Army of Ukraine both said that they intended to follow the rules
that would clarify the extension of international humanitarian law to activities in cyberspace.
The guidelines aim principally at protecting civilians and civilian infrastructure from harm.
How serious the hacktivist auxiliaries are about this is unclear.
North Korea has recently been active against blockchain and decentralized finance targets.
It was reported at the end of last week.
Mixin Network, which facilitates blockchain's transactions,
disclosed losses amounting to a bit less than $150 million in a late September attack.
U.S. Deputy National Security Advisor for Cyber and Emerging Technology Ann Neuberger
told Bloomberg that the tradecraft looked like the DPRK's.
Mandiant this morning published its assessment of the current organization
and conduct of North Korean offensive cyber operations.
It sees an evolution in both complexity and cooperation
as Pyongyang continues to run both espionage and financial crime.
Attribution of operations to specific North Korean groups is increasingly muddled as those groups share tools and targets and collaborate temporarily.
Some of the groups are isolated from the central authority and are self- regarding all North Korean activity as the work of the Lazarus Group are now over, according to Mandiant.
The Symantec threat hunter team this morning described what it characterizes as a hitherto unknown advanced persistent threat,
Grayling, which conducted cyber espionage against Taiwan between February
and May of this year. Its operations are marked by a distinctive side-loading technique,
and its targets have tended to be in the manufacturing, IT, and biomedical sectors.
While Taiwan has been Grayling's principal area of interest, the group may also have
prospected targets in the Pacific, in Vietnam,
and in the United States. There's no attribution, but Symantec blandly points out that whoever's
running the APT has strategic interest in Taiwan. If you're like the rest of us, you probably aren't
in the habit of close-reading 404 error pages, but they're now worth a little attention.
Researchers at Akamai have discovered a Magecart web skimming campaign that's been targeting
Magento and WooCommerce sites for the past few weeks. The researchers note,
Magecart attacks typically begin by exploiting the vulnerabilities in the targeted websites
or by infecting the third-party
services that these websites are using. In this campaign, all the victim websites we detected
were directly exploited, as the malicious code snippet was injected into one of their first-party
resources. In some instances, the malicious code was inserted into the HTML pages. In other cases,
it was concealed within one of
the first-party scripts that was loaded as part of the website. So do check your 404 error pages
and make sure they haven't been maliciously altered. A threat actor is selling data belonging
to nearly 1 million customers of DNA testing company 23andMe, Bleeping Computer reports. The threat
actor is selling the information for $1,000 per 100 profiles or $100,000 for 100,000 profiles.
Data Economy notes that the database is titled Ashkenazi DNA Data of Celebrities. The database is focused on individuals with Ashkenazi Jewish ancestry,
and while it's unclear that any of them are celebrities,
the reference lands an unpleasant suggestion of anti-Semitic animus to the theft.
23andMe thinks the attack was carried out by credential stuffing.
The attackers took credentials obtained
in other breaches of other online services and used them to access accounts whose owners had
recycled those credentials. CyberScoop reports that a threat actor breached Washington, D.C.'s
local election authority and accessed 600,000 lines of voter data, which included the last four digits of voters' social security numbers,
driver's license numbers, and home addresses.
The threat actor is offering the data for sale on a criminal forum.
The District of Columbia Board of Elections said in a statement,
DCBOE continues to assess the full extent of the breach,
identify vulnerabilities, and take appropriate measures to secure voter data and systems.
This remains an active investigation, and DCBOE will release additional information as it becomes available.
Splunk has published a report looking at how chief information security officers are dealing with threats,
chief information security officers are dealing with threats, finding that 96% of the surveyed CISOs said their organizations sustained a ransomware attack in the past year. 83% of
these respondents said they paid the ransom. The report says the most significant number paid
somewhere between $25,000 to $99,000, while more than half of respondents paid more than $100,000.
A stunning 9% of respondents paid $1 million or more. The researchers add, of those who paid,
18% paid the ransom directly, 37% paid through cyber insurance, and 28% paid through a third party. And finally, today is
Patch Tuesday. Companies are in the process of rolling out their fixes and mitigations,
so keep your eyes open, and as Sissa would say, apply updates per vendor instructions.
Coming up after the break,
Simone Petrella speaks with Raytheon's John Chek about supporting and shaping the next generation of the cyber workforce.
Grady Summers from SailPoint outlines the importance of organizations
managing and protecting access to critical data.
Stay with us.
Do you know the status of your compliance controls right now?
Like, right now.
We know that real-time visibility is critical for security,
but when it comes to our GRC programs, we rely on point-in-time checks.
But get this.
More than 8,000 companies like Atlassian and Quora have continuous visibility into their controls with Vanta.
Here's the gist.
Vanta brings automation to evidence collection across 30 frameworks,
like SOC 2 and ISO 27001.
They also centralize key workflows like policies, access reviews, and reporting,
and helps you get security questionnaires done five times faster with AI.
Now that's a new way to GRC.
Get $1,000 off Vanta when you go to vanta.com slash cyber.
That's vanta.com slash cyber for $1,000 off.
And now, a message from Black Cloak.
Did you know the easiest way for cybercriminals to bypass your company's defenses is by targeting your executives and their families at home?
Black Cloak's award-winning digital executive protection platform secures their personal devices, home networks, and connected lives.
Because when executives are compromised at home,
your company is at risk.
In fact, over one-third of new members discover
they've already been breached.
Protect your executives and their families 24-7, 365,
with Black Cloak.
Learn more at blackcloak.io.
Grady Summers is Executive Vice President of Product at SailPoint,
a company that provides unified identity security.
In this sponsored Industry Voices segment,
we discuss the importance of organizations managing and protecting access to critical data.
The big picture is, you know, you'll see these studies, we've all seen them that 80-90% of enterprise data is unstructured, right? It's the stuff that's not in your snowflake or your
databases. And we're talking about everything from Word documents and PowerPoint and Excel to,
you know, common delimited files and IoT data, right? So it really runs the gamut. But the funny thing is,
if you look over the last 20 years, I've been in this industry for a long time,
it's weird how solutions grow up to address problems and become little islands or points.
What I mean is, we have a robust industry around governing access to applications,
your SAP or your Oracle or your Zoom or your Slack, but then we use a totally
different set of tools to look at the unstructured data. And from our perspective, it's crazy that
you would do these on two completely separate islands that rarely, if ever, talk. Why wouldn't
you think about access through the lens of identity for all of your data that matters
to you as an enterprise? And that's where we find ourselves today. And what is it that makes that data,
and I suppose specifically the unstructured data,
so challenging to deal with?
It's the $64,000 question, so to speak,
and why we've been working on this problem so hard at SailPoint.
One, it can be tough to know what's in there.
If it's a customer marketing database,
you know it's got customer data in there.
Second is it's tough to assign ownership.
Again, you take that example of a customer database or an ERP or a CRM, you know
that you've got a defined business leader who's responsible for that system. They can dictate the
controls that are put in place over it and the types of access that you allow. And the third
thing that makes it really hard is it's tough to know where unstructured data is. Whereas, again,
with a big ERP system, you know, okay, look, it's all right here where unstructured data is. Whereas, again, with a big ERP system,
you know, okay, look, it's all right here
within the boundaries of the system.
So you take those three things,
it can be tough to classify,
it can be hard to know exactly where it is,
because by its very nature, unstructured data,
anybody can create it, anybody can share it,
anybody can change access to it.
And then it's tough to really know who owns it
and who's responsible for it.
I think those three create this perfect storm
where enterprises just don't know what their crown jewels are,
they don't know where it is, they don't know who owns it,
and they don't know who has access to it.
You know, earlier today I was having a conversation with someone
who's in the critical infrastructure space,
and we were talking about the importance of taking an inventory of your assets.
And in this case, we're talking about physical assets,
machines, computers, and those sorts of things.
Is it similar to what we're talking about here
that people need a window into their data itself
so they can have visibility, know what they've got?
Yeah, it absolutely starts with that.
And it's funny that you mentioned talking to someone
and the same approach to physical assets.
And I would remark, I know you've been in this space a long time too, Dave.
It seems like history repeats itself and cybersecurity tends to repeat itself.
And with all these things, whether you're trying to protect unstructured data
or structured data or protect against malware or protect against breaches,
it's like, what do you have?
What's your policy?
And are you enforcing that policy?
It always comes down
to those three. And so yeah, for unstructured data,
we have to make it easier for customers
to assess what they have. And that's gotten so much harder
now with your
awesome file sharing and collaboration
platforms like a OneDrive or Dropbox
or Box, because
suddenly that data just can proliferate outside
the bounds of your enterprise in a way
it never could before.
So you've got to make it easy to understand what you have, but I'd say that's the first step.
And then you've got to start saying, well, who has access?
Who should have access to it, and what is it?
Well, can we go down that roadmap together here?
I mean, for an organization who's looking to get started on this journey, where do they begin? Yeah, so what we've really endeavored to do
is to walk a customer through that journey
with our SailPoint identity security platform.
And so we start to, hey, let's start to point it
so we can sort of look at your data stores
that you know about.
And we'll continue to kind of pull the thread on that
and follow links and understand
where do you have unstructured data in the enterprise.
And so when I say most companies don't know where it is, they generally know, look, it's
on this file store, this NAS system, it's in OneDrive, it's in Dropbox, it's in G Suite.
So you take a dozen or so starting points like that and you get pretty good coverage.
And so I'd say that's the first step is now we know, okay, what is our data?
And then of course you would use technology like CellPoint's data access security
to not only discover it, but then classify it.
So now you know where it is.
Now you know what you've got out there.
And when we're talking about classification, what does that entail?
Yeah, so classification is, well, looking at the data,
and as I'm sure you know, it's evolved so much from when I started
to work with data
classification technologies.
We're now deploying
artificial intelligence
to kind of understand
the entities
that are in a document,
how they relate
to each other
and develop this kind of
concept of
how data relates
to each other
or how individual entities
relate to each other
across different data stores,
right?
So it doesn't all have
to be in one document.
And of course, we do things like, you know, playing old school OCR to look into images, right? So you make sure that all the images and the PDF documents all properly get classified.
So it's come a long way. I'd say like the rest of SailPoint Technologies, we deploy the latest
machine learning to make sure that no stone is unturned and we really understand what's out there.
What is the other side of this journey like? I mean, once someone has this in place and it's
running effectively, how does that affect the organization?
Big picture, you know, the first step, we walk down the path that you and I just talked about,
an organization should have, you know, a great inventory of what they have and that the profiles
or the access to that data should be locked down only to those who need it. So I think that's the point at which an organization can catch their breath.
But as we look at toward an optimize, how do we optimize that longer term? We're really excited
to be taking some of the AI technology that we have built over the years to analyze access
patterns and roles and entitlements for every kind of access and apply that to unstructured data.
So what I mean is we can start to look and say, all right, you think you've cleaned everything up. We just found a
really weird outlier. Grady's the only person in his organization that has access to this particular
data about M&A, for example. So we can spot these unusual outliers. And then we want to make sure we
keep that stuff tight. And so we have some neat forensic capability where we can constantly monitor changes in access to unstructured documents. And we're aware of that do it like
this. So we can look at every little change that we can alert an end user if something starts to
fall out of bounds. So, hey, you had a pretty clean setup, but you just opened up this document
to a completely different group or different role or to the public, and you probably shouldn't have
given this classification. So it's a really neat way to keep things in control.
That's Grady Summers, Executive Vice President of Product at SailPoint.
In an ongoing series we call Solutions Spotlight,
we look at some of the persistent workforce challenges facing folks in cybersecurity.
In today's edition, N2K President Simone Petrella
speaks with Raytheon's Executive Director of Cyber Protection Solutions,
John Check, on his organization's efforts Petrella speaks with Raytheon's Executive Director of Cyber Protection Solutions, John
Cech, on his organization's efforts to shape and support the next generation.
Like everybody else, we were struggling to fill some cybersecurity roles. So we said,
okay, Raytheon manufactures things, let's manufacture talent. That's a great idea,
right? Everybody's talked about cyber training, but really put an extreme focus on it to ensure that we were getting people that are living the work every day on certain missions and then training people to be able to be effective on those missions.
The way we're measuring that is really, okay, those people, when they join the teams, are they effective in their roles?
And are we getting the customer satisfaction we'd expect for that person really contributing to the missions that we're supporting?
facts we'd expect for that person really contributing to the missions that we're supporting.
And that's one of the key ways we focus on from a customer-facing metric.
From a Raytheon, it's the, okay, we have reduced the amount of open positions we have.
We are filling the roles that our customers are expecting us to. And that's a very tangible way to measure the success of we're filling the open positions,
right?
Versus looking for that perfect candidate
that's never going to show up with all those skills we want. We're taking the initiative to
train them. And it's a real investment bias, typically, like I said, up to maybe 16 weeks.
Yeah. Well, and do you have any background into what was the impetus or the kind of catalyzing
event that kind of made Raytheon think about taking this kind of manufactured talent
perspective. And I asked the question because I've been in this space for a while myself,
and I'd say one of the biggest challenges we have is having organizations step up and say,
how do we think about this strategically as a team, as opposed to waiting for talent to kind
of get created externally, and then we bring them in. So was there a watershed moment that
made the organization realize we need to really
invest in this?
Well, I'd say it was during the pandemic is really, I think, what really changed the dynamic
of how you're going to hire, who you're going to hire, and how you can really interact with
potential teammates or talent that you want to bring on board, right?
Before then, you could go to different events, Black Hat, DEF CON, whatever,
and you can meet with individuals
and talk about what you do
and people can do materials like a hiring event.
That was all lost, right, during that time period.
It became very hard to uncover the people
that really you get exciting roles for them potentially,
but it's really hard to connect.
So part of the attack we took initially
was really training internal folks, people that are already on board to say, okay,
this person already has these skills. They have the right clearances required for this type of
work. Let's get them into the training curriculum that will tailor, you know, be very specific to
their needs and really ensure that they have those skills. So we really started more with
our internal folks and then really migrated to more of a, okay, we're going to hire external candidates and train them up. Because
with an internal person, you already understand where they are in their maturity of their talent
level and the skills that they have. Whereas an external person, it's much harder to gauge that
no matter how thorough or how much of a role-based assessment you do, it's very difficult when it's
an external candidate. Yeah. So how is Raytheon thinking about those team skills that are needed to execute on these
job roles that are in demand, not only internally, but from your own customers?
Well, I mean, it ultimately comes down to the soft skills for us, right? Which typically is
somebody continuous learner, right? Are they going to – that's what it requires.
You can't be afraid to fail.
You've got to be able to say, okay, I'm going to try to learn a new skill.
It's going to be difficult.
I'm going to get frustrated, but I'm going to keep persevering. And really, that perseverance trait helps in all aspects of cybersecurity because that's one of the things we do is when you're going after – there's a new threat that's emerged.
Doing the forensics to figure, okay, what's happening? How did this happen? Who's doing it?
How do we stop it? What's the remediation? All those things come into somebody, you have to be
very, you have a lot of perseverance to get through that process because it can be very frustrating
with a lot of maybe dead ends or long nights and other activities where it takes the right
mindset as well. So really, we look for people that have those skills,
somebody that's inquisitive, right?
They always are asking why.
Well, why does it work this way?
What could we do differently?
All the soft skills really lead to,
because what we found is,
you have somebody that has those committed soft skills,
they can learn any content that's brought to them, typically.
If they have the desire to do it, they're going to
learn, be effective, and be a very effective teammate on whatever mission they are going
towards. Switching gears just slightly, knowing that Raytheon certainly has been doing quite a
bit both in the public sector as well as the private, what are some of the ways that you
think about how there can be better collaboration between the public and the private sector as
we talk about how to solve this talent gap problem beyond what we're even seeing in individual
organizations? Well, the way I relate to the talent problem is it has three key aspects with a lot of
side spokes to it. So the first thing is we got to solve the quantity problem, got to remove
artificial barriers of entry to people that want to join the cyber fight and also people that are thinking about it, giving them the awareness of, hey, that sounds interesting, and maybe I'd want to join in doing that.
you're bringing in. And the third is you've got to support them once they've reached that goal,
which that gets to the aspects around, okay, the continuous training, tailored role-based training that they will need, but also all those soft things of avoiding burnout, of ensuring
people's voices are heard. When they see something, they provide a suggestion, people follow up on it
and ensuring that the organization as a whole makes it a priority to do all those things.
So it's easy to say there's a cybersecurity problem and we don't have enough people, but are people taking an active role?
And that's what I'd like to think, that we are taking an active role, participating in all the events that we can from a STEM perspective with NCCDC and U.S. Cyber Games and other events,
CDC, and U.S. Cyber Games and other events, as well as having our own internal lab to train people,
as well as trying to remove those barriers on our job postings and not say, thou shall have,
you know, X number of, you know, I have a four-year degree with this type of coursework, with this GPA, with these certifications, and all those things that are really a wish list and
really trying to say, if you have these skills and you're determined to do these types of things, we can train you.
And that's really a real mind shift for us as well, because Raytheon is a company of engineers
and we take engineering very serious, but we recognize we can't do it by the traditional
pathways alone. We have to open that aperture and not have that artificial limiting
of potential candidates that can join the workforce.
John, thank you so much for joining us today
and I appreciate the time.
Thanks, Simone.
It's been great.
I love this conversation.
That's Raytheon's John Cech
speaking with our own Simone Petrella.
Cyber threats are evolving every second, and staying ahead is more than just a challenge.
It's a necessity. That's why we're thrilled to partner with ThreatLocker,
a cybersecurity solution trusted by businesses worldwide.
ThreatLocker is a full suite of solutions designed to give you total control,
stopping unauthorized applications,
securing sensitive data,
and ensuring your organization runs smoothly and securely.
Visit ThreatLocker.com today to see how a
default-deny approach can keep your company safe and compliant.
And that's The Cyber Wire.
For links to all of today's stories, check out our daily briefing at thecyberwire.com.
We'd love to know what you think of this podcast.
You can email us at cyberwire at n2k.com.
Your feedback helps us ensure we're delivering the information and insights
that help keep you a step ahead in the rapidly changing world of cybersecurity.
We're privileged that N2K and podcasts like The Cyber Wire are part of the daily intelligence routine of many of the most influential leaders and operators in the public and private sector,
as well as the critical security teams supporting the Fortune 500 and many of the world's preeminent intelligence and law enforcement agencies.
and many of the world's preeminent intelligence and law enforcement agencies.
N2K Strategic Workforce Intelligence optimizes the value of your biggest investment, your people.
We make you smarter about your team while making your team smarter.
Learn more at n2k.com.
This episode was produced by Liz Ervin and senior producer Jennifer Iben.
Our mixer is Trey Hester with original music by Elliot Pelsman.
The show was written by our editorial staff.
Our executive editor is Peter Kilby and I'm Dave Bittner.
Thanks for listening.
We'll see you back here tomorrow. Thank you. That's where Domo's AI and data products platform comes in. With Domo, you can channel AI and data into innovative uses that deliver measurable impact.
Secure AI agents connect, prepare, and automate your data workflows,
helping you gain insights, receive alerts, and act with ease through guided apps tailored to your role.
Data is hard. Domo is easy.
Learn more at ai.domo.com. That's ai.domo.com.