CyberWire Daily - Volt Typhoon goes undetected by living off the land. New gang, old ransomware. KillNet says no to slacker hackers.
Episode Date: May 25, 2023China's Volt Typhoon snoops into US infrastructure, with special attention paid to Guam. Iranian cybercriminals are seen conducting ops against Israeli targets. A new ransomware gang uses recycled ran...somware. A persistent Brazilian campaign targets Portuguese financial institutions. A new botnet targets the gaming industry. Phishing attempts impersonate OpenAI. Pro-Russian geolocation graffiti. Andrea Little Limbago from Interos addresses the policy implications of ChatGPT. Our guest is Jon Check from Raytheon Intelligence & Space, on cybersecurity and workforce strategy for the space community. And KillNet says no to slacker hackers. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/101 Selected reading. People's Republic of China State-Sponsored Cyber Actor Living off the Land to Evade Detection (Joint Advisory) Volt Typhoon targets US critical infrastructure with living-off-the-land techniques (Microsoft) Chinese hackers spying on US critical infrastructure, Western intelligence says (Reuters) Agrius Deploys Moneybird in Targeted Attacks Against Israeli Organizations (Check Point) Iran-linked hackers Agrius deploying new ransomware against Israeli orgs (The Record) Iranian Hackers Set Sights On Israeli Shipping & Logistics Firms (Information Security Buzz) Fata Morgana: Watering hole attack on shipping and logistics websites (ClearSky Security) Iran suspect in cyberattack targeting Israeli shipping, financial firms (Al-Monitor) Buhti: New Ransomware Operation Relies on Repurposed Payloads (Symantec) Operation Magalenha | Long-Running Campaign Pursues Portuguese Credentials and PII (SentinelOne) The Dark Frost Enigma: An Unexpectedly Prevalent Botnet Author Profile (Akamai) Fresh Phish: ChatGPT Impersonation Fuels a Clever Phishing Scam (INKY) Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
You're listening to the Cyber Wire Network, powered by N2K.
Air Transat presents two friends traveling in Europe for the first time and feeling some pretty big emotions.
This coffee is so good. How do they make it so rich and tasty?
Those paintings we saw today weren't prints. They were the actual paintings.
I have never seen tomatoes like this.
How are they so red?
With flight deals starting at just $589,
it's time for you to see what Europe has to offer.
Don't worry.
You can handle it.
Visit airtransat.com for details.
Conditions apply.
AirTransat.
Travel moves us.
Hey, everybody.
Dave here.
Have you ever wondered where your personal information is lurking online?
Like many of you, I was concerned about my data being sold by data brokers.
So I decided to try Delete.me.
I have to say, Delete.me is a game changer.
Within days of signing up, they started removing my personal information from hundreds of data brokers.
I finally have peace of mind knowing my data privacy is protected.
Delete.me's team does all the work for you with detailed reports so you know exactly what's been done.
Take control of your data and keep your private life private by signing up for Delete.me.
Now at a special discount for our listeners.
private by signing up for Delete Me. Now at a special discount for our listeners,
today get 20% off your Delete Me plan when you go to joindeleteme.com slash n2k and use promo code n2k at checkout. The only way to get 20% off is to go to joindeleteme.com slash n2k and enter code
n2k at checkout. That's joindeleteme.com slash N2K, code N2K.
China's Volt typhoon snoops into U.S. infrastructure
with special attention paid to Guam.
Iranian cybercriminals are seen conducting ops against Israeli targets.
A new gang uses recycled ransomware.
A persistent Brazilian campaign targets Portuguese financial institutions.
A new botnet targets the gaming industry.
Phishing attempts impersonate open AI.
Pro-Russian geolocation graffiti.
Andrea Little-Limbago from Interos addresses the policy implications of chat GPT.
Our guest is John Cech from Raytheon Intelligence and Space
on cybersecurity and workforce strategy for the space community.
And Killnet says no to slacker hackers.
I'm Dave Bittner with your CyberWire Intel briefing for Thursday, May 25th, 2023. A joint advisory from all five eyes reports a major Chinese cyber espionage operation
that has succeeded in penetrating a wide range of U.S. critical infrastructure sectors.
Microsoft, in its own report on Volt Typhoon, as the threat actor is being called,
says the group has been active since at least the middle of 2021.
The targets of the spying have included a slew of sectors,
including communications, manufacturing, transportation, government, IT, and education, among others.
Microsoft writes that the threat actor intends to lie low and conduct cyber espionage for as long as they can.
It does this, the Five Eyes stress, by carefully living off the land,
exploiting existing legitimate administrative tools and privileges in its targets.
legitimate administrative tools and privileges in its targets.
Much of Volt Typhoon's activity has been directed against Guam,
a U.S. territory in the Western Pacific that plays host to important U.S. military bases.
Those bases would be important to any U.S. intervention on behalf of Taiwan,
should China decide to take a page from Russia's geopolitical playbook and invade what it regards as a renegade province.
For its part, China dismisses the reports as American disinformation
and denies its involvement in any activity the Five Eyes and Microsoft associate with Volt Typhoon.
Two Iranian threat actors have been observed targeting Israeli organizations.
The first, Agrius, has been observed conducting ransomware attacks against Israeli entities, Checkpoint reports.
What appears to be destructive ransomware attacks arebird, has been seen in recent attacks deploying their new C++ ransomware.
While the researchers did not elaborate on what organizations were victimized, the record writes the techniques reflect that of Agrius.
Public-facing web servers were the initial point of compromise which, when entered, allowed for reconnaissance and data stealing as the hackers were able to move laterally within networks.
Information security Buzz reports that another Iranian threat group is attacking Israeli shipping and logistics companies to lift customers' data. Israeli cyber firm ClearSky says with low confidence that this may be the work of
Tortoiseshell, also known as TA-456 and Imperial Kitten. At least eight websites were targeted in
the campaign, including SNY Cargo, logistics company Depot Log, and restaurant equipment
supplier SZM. AI Monitor says what the firm calls a watering hole attack
or an attack infecting the website of a specific group
has also victimized some organizations in the financial services industry.
The majority of websites as of mid-April had been purged of the malicious code.
A new ransomware operation calling itself Booty
has been discovered by researchers at Symantec.
The tool uses variants of Lockbit and Babook ransomware,
as well as a custom info stealer,
which is able to search for and archive specific file types.
The researchers were unable to attribute this new campaign,
which has been found to target both Linux and Windows machines, to any known threat actors, and so have dubbed the associated group Black Tail.
Sentinel Labs released a report today regarding a campaign that they've observed targeting over 30 Portuguese financial institutions.
financial institutions. Researchers assess with high confidence that this campaign is being conducted by a Brazilian threat group who they've referred to as Operation Magalena. Sentinel Labs
writes that this conclusion is further supported by the presence of Brazilian Portuguese language
usage within the infrastructure and malware. The threat group's infrastructure shows features that differentiate
it from other campaigns. One unique aspect was the existence of two simultaneous peeping title
variants on the same infected machine. The operation also uses Russian internet-as-a-service
provider TimeWeb Cloud, which researchers say is known for its lenient anti-abuse policies.
which researchers say is known for its lenient anti-abuse policies.
The operation uses multiple infection vectors, such as phishing emails,
malicious websites advertising fake installers of popular software, and social engineering.
Akamai detailed the activities of a new botnet by the name of Dark Frost,
observed targeting the gaming industry. The Dark Frost botnet consists of a conglomeration of stolen code from other botnets,
particularly Mirai, Gafget, and Cubot.
The threat actor seems driven, at least in part, by a need for attention,
as they've been observed on social media channels not only admitting to their illicit botnet creation and use,
but have shared live recordings of their attacks. The botnet has launched DDoS attacks against not only gaming companies, but those that are gaming company adjacent, game server hosting companies,
online streamers, and various other members of the community. While the malware was unsophisticated,
it was capable of significant
damage. With an ever-growing amount of source code from existing malware strains readily available,
as well as access to AI code generation, threat actors are seeing a significantly lower bar to
entry. Inky has detailed a new phishing attack that impersonates chat GPT creator OpenAI for credential harvesting.
The threat actors are using a multitude of techniques in this brand impersonation phishing attack,
including spoofing, dynamic redirection, and utilizing malicious links.
They falsify an email to appear to be from OpenAI that the researchers say looks nearly identical to the one users receive when
they sign up for a new ChatGPT OpenAI account. The hackers spoof the email address to appear to
come from the IT department of the receiver. They swap out the safe link in the legitimate email
for a malicious link that asks for a user's credentials. If they're entered, then they're
stolen. The UK's Ministry of Defense
this morning pointed out a geolocation spoofing stunt. They wrote that analysis by Geolect
indicates that since the 14th of May 2023, commercial vessels' automatic identification
system data has been remotely spoofed to create the impression of a 65-kilometer-long Russian
pro-war Z symbol on the Black Sea, visible on open-source tracking software. The tracks
reportedly show the vessel's speeds as upward of the rather implausible 102 knots, or just under
120 miles per hour, adding further evidence that the reports were fake.
Spoofing AIS, which the Defense Ministry says is used to track vessels and ensure their safety,
increases maritime accident risk.
The ministry credits pro-Russian actors who likely conducted the spoofing as an information operation,
potentially in an attempt to bolster Russian morale ahead of an anticipated Ukrainian counter-offensive.
And finally, if you were wondering how things are in the world of cyber-auxiliaries, privateers, and general no-goodniks,
Killnet's boss spokesperson, Kill Milk, this week announced that he was firing a bunch of his hacktivists. The Russian outlet Lenta.ru reports that Killnet participants cite clearing out groups from the gang that are insufficiently professionally contributing
to attacks against the West. So, hacktivists, up your game or you're out.
Coming up after the break,
Andrea Little-Limbago from Interos
addresses the policy implications of ChatGPT.
Our guest is John Cech from Raytheon Intelligence and Space
on cybersecurity and workforce strategy for the space community.
Stay with us. Do you know the status of your compliance controls right now?
Like, right now.
We know that real-time visibility is critical for security,
but when it comes to our GRC programs, we rely on point-in-time checks.
But get this.
More than 8,000 companies like Atlassian and Quora have continuous visibility into their controls with Vanta.
Here's the gist.
Vanta brings automation to evidence collection across 30 frameworks, like SOC 2 and ISO 27001.
They also centralize key workflows like policies, access reviews, and reporting,
and helps you get security questionnaires done five times faster with AI.
Now that's a new way to GRC.
Get $1,000 off Vanta when you go to vanta.com slash cyber. That's vanta.com slash cyber for $1,000 off Vanta when you go to vanta.com slash cyber.
That's vanta.com slash cyber for $1,000 off.
And now a message from Black Cloak.
Did you know the easiest way for cybercriminals to bypass your company's defenses
is by targeting your executives and their families at home?
Black Cloak's award-winning digital executive protection platform
secures their personal devices, home networks, and connected lives.
Because when executives are compromised at home, your company is at risk.
In fact, over one-third of new members discover they've already been breached.
Protect your executives and their families 24-7, 365, with Black Cloak.
Learn more at blackcloak.io.
Thank you. USA Conference for insights on cybersecurity and workforce strategy for the space community.
Can you give us some insights as to what the situation is on the ground? I mean,
I know we talk over on the cybersecurity side about that there are skills gaps,
that there's challenges in hiring people. Is it pretty much the same in space?
Yes, I would say in space, the same rules apply, right? There's the skills gap,
it's lack of diversity, right? Something that we also need to address.
Because, I mean, space has Earth's problems.
It's all the same thing.
I love it.
Right?
Just in a different level of the atmosphere.
Right, right.
Even when we build that moon base, it'll be the same.
Just a little, just a little bit.
You know, all the same rules and problems will apply to the moon, I'm sure.
So how are you and your colleagues at Raytheon coming at that to try to narrow those gaps?
Well, one of the key things is making sure that there's context. So to solve any problem, you really need to have the people that are deep into cyber,
that are here to do all the right things around that,
which would be implementing the zero-trust pillars,
ensuring that you're doing all the things to secure an
environment, but also marrying them up with people with deep space knowledge, people that understand
how satellites work, how the communications work between ground stations and those things floating
above us. And how does that, and how do they talk between them? So you put those two contexts
together. You just can't just have, it's, you know, ultimately cyber is a team sport and that requires all players to be engaged in helping each other fill the gaps
that they don't have in knowledge. And that's one of the critical learnings we have within Raytheon
is we have a part of our business that does offensive cyber. So we've developed something
we call Raytheon Offensive Labs, where we teach our defenders to think like an attacker,
which means that's a totally different mindset
you approach a problem to
versus one of the gaps we have in traditional learning.
I'll say in traditional colleges and universities,
they do great work,
but they don't teach offensive cyber.
Programs, that's typically learned
by somebody that has an interest in cyber,
and they're doing that in a cyber defense competition
where they're defending against a red team
that's trying to attack their
fictitious network for supporting
a company or a CTF
or one of those other aspects where you get more
of the flavor of okay
the greatest thing ever, my most enjoyable
experiences in cyber are after you do
an exercise like that
and the red teamers are
out briefing the teams that they were attacking and the conversations are the best because they're
like oh yeah when you typed in that 100 character password and it took you 30 you know 30 seconds to
do that we'd already seen it cut and paste it and we're owning everything you had at that point wow
so it's a great dialogue because that person's not even thinking.
They're thinking, I'm being super secure
because I'm doing 100-character password
and taking the time.
Meanwhile, the attacker's like,
yeah, I could see you doing it the whole time.
I was just cutting and pasting
and putting it where I needed to go next in your network.
So it's great.
Those are learnings that have to continue,
and I think space will exactly the same rules apply,
and that's what we're really focused on
is how do we marry the, okay, here's what attackers would do in space what does it look like
at a cyber vector and how do we ensure that the defenders understand what that looks like and in
a situation like that to see it be able to be done in a collaborative way you know there's an
adversarial element to it but at the end of the day, in that particular case, everybody's on the same team.
100%.
And it really is.
I mean, people look forward to that.
That's like one of the highlights because that's when you truly get the learnings of when you were doing all.
And over time, one of the things we participate in is the National Collegiate Cyber Defense Competition.
It's in its 18th year this year.
And so there's absolutely been a maturity level of the teams that come to participate each year from the colleges and universities has greatly improved.
They've clearly learned and are way more advanced than they were when the competition started.
When it comes to the security of satellites, for example, in a previous life, I worked in the television industry back in the 90s. And I remember talking to my friends in master control who were responsible for the uplinks and things like that.
And I remember they would use phrases like, let's light this candle and things like that.
But I also remember asking them, how are we ensuring that we're not stepping on each other's signals?
What keeps someone from lighting up an uplink and just stomping on someone else's signal?
And the response I got over and over again was,
well, we're gentlemen.
We would not do that.
I suspect we're probably not 100% in that mode anymore
with the dependence on satellites that we have now,
the global arena, and having adversaries out there?
Is that an accurate view from my point of view?
I would say, without a doubt, people,
and I'm not going to say would become complacent,
but certainly, okay, great, that communication you have
from the ground to the satellite is encrypted.
Okay, but once that satellite's up there,
what are all the sensors it has that can receive input?
Okay, but once that satellite's up there,
what are all the sensors it has that can receive input?
Yeah.
How are other outside entities trying to, you know,
reach your security through those other sensors and other vectors, even outside of just what the communications link is?
I think, you know, satellite manufacturers
have the same challenges that everybody else does.
There's a lot of times when people release products,
there are other features like microphones or RF capabilities that are turned off.
But it's still out there.
It still has the capability.
So if an attacker knows a feature that's on something,
they just upload the driver, start taking advantage of it,
move laterally within that platform.
So it's really something you have to think about.
It's not just the straightforward attack vectors.
When you think like an attacker,
okay, what comprises this?
What are all the different components?
How do I test each component
to figure out what is the way I would be compromised?
And as a defender,
that's one of the exact things
we need to make sure we're locked down.
If you really don't need a certain sensor on a satellite,
don't put it up there and shoot it up into space with it on.
I was thinking along those lines.
I imagine the conversation when someone walks into their boss's office
and says, boss, I accidentally bricked the router.
That's a different conversation than, boss, I accidentally bricked the satellite.
Because you can't just swap out
something that's in
geosynchronous orbit.
Well, it's interesting because from my perspective,
I feel like there's
at the terrestrial level,
OT systems and space,
they share a lot of the same challenges.
OT systems, a lot have been around
a long years. There's a lot of satellites that were
launched a long time ago when cybersecurity
wasn't a concern.
So you get that whole aspect of it.
The satellites can't be,
you don't take them down for downtime
to swap out parts.
In the OT systems, it runs
and you do not mess with it.
You're changing the oil while the engine is running.
There's certain aspects. I mean, obviously, you can get
physical access to some OT systems.
We don't have a space shuttle anymore.
Yeah, that's really, if you think about it,
there's definitely some similarities.
So one of the things I'm more focused on currently
is how do you treat some of those same challenges?
Because, you know, like a smart person once told me,
everybody's a unique snowflake, but human behaviors are all the same.
And with cybersecurity, space is a unique environment, but all the cybersecurity challenges, opportunities exist the same there as they do here on Earth.
As you head back after a conference like this, what sort of things are on your mind?
Do you find yourself energized, a little overwhelmed?
What are you going to bring back to your team and your colleagues?
Well, I'm a continuous reframer.
So I'm always a glass is almost always full type of person.
I'm there to solve the challenges that come up.
I'm not there to worry about them.
That doesn't help anything.
So one of the key things I'm going to take away from this conference is making sure the team knows we
are making progress. There are good things that are happening, right? You can be overwhelmed by
all the things that aren't good, but there's a lot of goodness that's coming out. There's a lot
better collaboration. There's starting to be true information sharing, not just for the purpose of,
hey, here's my information, but people are taking action related to it. They're starting to really,
hey, here's my information,
but people are taking action related to it.
They're starting to really, you know,
we're getting through the formative stages.
Maybe we're close to the end of the beginning to where we can really move on
and truly start collaborating
because within cybersecurity,
without a doubt, 100%,
no one can defend on their own.
And unless you have an environment
that you've cultivated over time,
which starts with ensuring that you are doing
everything you can to persist the fight as long as we can. So from my perspective, if somebody on my
team finds another job at another company, I'm thrilled. I'm so totally supportive because that
means there's another friend of mine out there that I can call that will get new experiences
that I won't probably rely on or they'll rely on me at some point in the future to figure out and
solve some tough problems.
And that's what, you know, when you think about
what's your goal of why you're doing things,
that's where I really try to hone in on.
I mean, my goal is to protect our way of life.
Point blank and persist the fight.
Well, after when I'm long gone, you know,
sitting on a porch, napping next to the cat
that's also napping, you know,
I'll be sleeping soundly because I know that
there'll be a great next team focused on solving the cybersecurity problems of the day that will be
way beyond the problems I experienced when I was doing it.
That's John Chek from Raytheon Intelligence and Space.
You can hear more of my conversation with him on today's T-minus Daily Space Intel briefing.
And I am pleased to be joined once again by Andrea Little-Limbago. She is Senior Vice President for Research and Analysis at Interos.
Andrea, it's always great to have you back.
You know, ChatGPT has been in the news a lot,
and I wanted to touch base with you about these language models
and what we're seeing around the world responding to this when it comes to policy.
Yeah, thanks, Dave. And there's been great discussion
about the technology, and there's been a lot of fun discussions that we can do as far
as making emails sound like they were written by Shakespeare and so forth.
Obviously, there's some benefits going along with it, but there also is
the negative side where we do see aspects of encouraging hate speech,
false information,
and so forth. There's actually some new words that are being coined based upon this.
Hulu citations, because some of the citations created are fake that go along with it. And so it adds a lot of complexity that may say something is very valid. I'll cite a Washington Post article
and turns out the article does not exist.
So there's hallucitations that go along with that.
There's algorithmic disgorgement,
which goes along with what,
to the point on the policy side,
it's the penalty that the FTC
can now wield against companies.
And so when they are using deceptive practices
on how they obtain the data
that's required for training the algorithms.
And so basically what they have been able to do, and this has been since Cambridge Analytica,
so it's been not just in response to ChatGPT, but we're going to obviously see a growing usage of it,
that companies need to erase those algorithms if they were using data without consent for training.
That's why one of the bigger aspects in the U.S. is the FTC, and there's also
an AI copyright lawsuit
going on, a first-class action lawsuit in the U.S.
against GitHub
and some of the training and output of
some of their work.
But then, even more globally,
we're seeing Canada, Italy, Spain, and
some EU working groups brought together
to either review or block.
Italy's taken the stance of trying to block the use of it.
Spain just announced recently that they're reviewing now whether they want to be blocking it as well.
And they're going to start bringing some coordination across the EU in that regard.
Because some of the concerns over some of the false and negative
information that can come from it, as well as the lack of consent
required for some of the training. You can especially think about facial recognition is a train without the consent of the people,
but then also copyright infringement by training on articles that should be copyright.
So there's a whole range there. And it's everything from sort of at that level to in Australia,
there's a mayor who is suing because what the output of ChatGPT said for him was that he was a current mayor.
He was in jail when he was actually the whistleblower that put someone in jail.
So just not just, but there are things along those lines that continue to happen.
There are, you know, it's almost defamation suits where information about someone may be false.
There was an example recently where one professor looked up,
other professor basically asked, you know, who are all the professors that had sexual harassment claims against them?
And the list was not accurate. And so that can be really, as you can imagine,
really harmful to someone if their name were to show up on that list and be
taken as truth. So there's a lot of issues starting to go along with it.
They're going to start, I think, imposing some guardrails going forward. And it's interesting that it's really been quite
quick on the policy side, much faster than we've seen in some other areas.
Why do you suppose it's been so quick? Is it the amount of attention that it's gotten?
I think that helps with it. And then I think also just the accessibility of it.
If you think about it,
I mean, kids are able to use it to help explore and write papers at this point. So it's very,
you know, the user experience goes along with them. That makes it very useful for anyone to be able to use. And I think that alone makes it much more omnipresent than something that would
require someone to have a computer science PhD to leverage algorithms. So I think the usability
really played a big role in it.
I think that coupled with, you know,
there was a data breach that occurred a little while ago
where some of the search history was leaked
along with some payment information.
I think that also added to it.
The biggest probably impetus was the usability
and how quickly it spread.
Do we have any elections coming up where there's concern?
I mean, obviously, the U.S. in 2024,
but anything on a closer horizon
where folks have raised an issue here that there's concerns?
You know, that's a good point.
I think more broadly,
there's just growing concern around all elections
as far as deep fakes than even voice mimicry, where it sounds like a politician saying something that they never actually said.
And we are seeing, we saw a fair amount of that in the last presidential election, and there has been different aspects of that popping up across the globe.
So that for sure is something to be concerned about.
globe. So that for sure is something to be concerned about. There were some instances in Nigeria over their recent election and some protests where a lot of disinformation was
exposed that then led to ethnic conflict in the area. So it's a whole range, and some of that
can be automated. And that's where you want to get the connection of bots with disinformation
to help it spread. It's again where some of the algorithms
come in and really get to the widespread nature of it. Are you optimistic that there's going to
be policy solutions to this? As you say, I mean, the response has been quick, which I suppose is
refreshing and good, but is this something we're equipped to handle? I'm not sure. And that's where I think we're going to learn a lot over the next year
for what may be working and what doesn't.
Because on the one hand, it's interesting.
Under Wassner at one point, which is preventing dual-use technologies,
there was a discussion on how to treat encryption
and then a little bit of discussion on algorithms.
And part of the pushback was, well, how do you ban math?
And that does make it very hard. So I think there's going to be
sort of that tendency coupled with a tendency for
ideally more of a guardrail approach
that basically helps provide guidance
on how to properly get training data
and consent and so forth.
And that could actually help move forward
quite well and progressive.
I do worry about the all-out blocking
and banning of it,
because I do think that
when you ban very capable technologies
for some and not others,
that then puts you at a disadvantage.
So I think if,
I'm optimistic that we can find ways to leverage generative AI
in a way that can be beneficial and provide the force-multiplying power
that it could while still protecting and preserving
people's profiles, the defamation,
and help train it in a better way.
But I think it's going to be a long ways to go.
There's going to be a lot of trial and error. I think we'll see
over the next few years.
Alright, well Andrea Little-Limbago,
thanks for joining us.
Cyber threats are evolving every second. Thank you. ThreatLocker is a full suite of solutions designed to give you total control, stopping unauthorized applications, securing sensitive data, and ensuring your organization runs smoothly and
securely. Visit ThreatLocker.com today to all of today's stories, check out our daily briefing at thecyberwire.com.
We're privileged that N2K and podcasts like The Cyber Wire are part of the daily intelligence routine of many of the influential leaders and operators in the public and private sector, as well as the critical security teams supporting the Fortune 500 and many of the world's preeminent intelligence and law enforcement agencies.
N2K Strategic Workforce Intelligence optimizes the value of your biggest investment, your people.
We make you smarter about your team while making your team smarter.
Learn more at n2k.com.
This episode was produced by Liz Ervin and senior producer Jennifer Iben.
Our mixer is Trey Hester with original music by Elliot Peltzman.
The show was written by Rachel Gelfand.
Our executive editor is Peter Kilby and I'm Dave Bittner.
Thanks for listening.
We'll see you back here tomorrow. Thank you. you can channel AI and data into innovative uses that deliver measurable impact. Secure AI agents connect, prepare, and automate your data workflows,
helping you gain insights, receive alerts,
and act with ease through guided apps tailored to your role.
Data is hard. Domo is easy.
Learn more at ai.domo.com.
That's ai.domo.com.