Check out our companion blog!
July 11, 2022

The Five Most Dangerous New Cyber Attack Techniques (A review of the RSA Keynote)

The Five Most Dangerous New Cyber Attack Techniques (A review of the RSA Keynote)

2022 is a new world in the cyber attack space, and Katie Nickels, SANS instructor, and director of intelligence at threat detection vendor Red Canary, describes the top five new attack they are seeing in the space. Spoiler alert: one of them is attacks against backups! Learn from an expert as we discuss the top five attacks they are seeing right now. We talk about living off the cloud, MFA exploits, an increase in nation-state hackers, the increased use of stalkerware, and YES: attacks against backup infrastructure. We discuss each of these in this important episode of Restore it All!

Mentioned in this episode:

Interview ad

Transcript
Prasanna Malaiyandi:

Hi, and welcome to Backup central's restore it all podcast.

Prasanna Malaiyandi:

I'm your host WC Curtis w Curtis Preston.

W. Curtis Preston:

Wow.

W. Curtis Preston:

That's just, you will not assert my authority.

W. Curtis Preston:

So welcome folks.

W. Curtis Preston:

Welcome to the Backup Central's Restore it All podcast.

W. Curtis Preston:

I am your host, and I actually know how to say my name w Curtis Preston, AKA Mr.

W. Curtis Preston:

Backup, and I have with me, my voter abuse stress counselor, Malaiyandi.

Prasanna Malaiyandi:

Oh, my gosh, Curtis, how are you doing after?

Prasanna Malaiyandi:

So you volunteered at the elections and you were a site manager and

Prasanna Malaiyandi:

for the listeners, if you wanna understand how elections work

Prasanna Malaiyandi:

we did a podcast, uh, Last year.

Prasanna Malaiyandi:

Was it no.

Prasanna Malaiyandi:

Back in 2020 with Mark Thompson?

Prasanna Malaiyandi:

Yeah.

Prasanna Malaiyandi:

Election poll site manager explains us election systems.

Prasanna Malaiyandi:

Go take a listen to that, but yeah, you were in the primaries helping out

W. Curtis Preston:

Yep.

Prasanna Malaiyandi:

and you had an interesting time.

W. Curtis Preston:

Yeah.

W. Curtis Preston:

It's um, I, you know, I'll say the same thing to anybody

W. Curtis Preston:

that anyone that's Curious.

W. Curtis Preston:

If, if you do not trust our election system, then I would suggest you

W. Curtis Preston:

go volunteer as a poll worker.

W. Curtis Preston:

It, it is an incredibly information filled experience and, um, and that, and

W. Curtis Preston:

that's what we talk a lot about, about.

W. Curtis Preston:

In that podcast.

W. Curtis Preston:

And then I wrote a blog, something like how hard it would be to actually hack the

W. Curtis Preston:

elections, the, how absolutely improbable.

W. Curtis Preston:

So many of the things that people are saying happened,

W. Curtis Preston:

how absolutely improbable that.

W. Curtis Preston:

I mean, there's no proof that it did happen and and how

W. Curtis Preston:

difficult it would be to do that.

W. Curtis Preston:

And, and, and the closer you get to the actual process, the more

W. Curtis Preston:

you understand what I'm saying.

W. Curtis Preston:

But I will tell you that the process of volunteering to be a poll worker,

W. Curtis Preston:

especially election day, which is I get there at 6:30 in the morning.

W. Curtis Preston:

And I'm there till about 10 o'clock at night.

W. Curtis Preston:

And.

Prasanna Malaiyandi:

It's a long day.

W. Curtis Preston:

It's a long day and you know, it's funny

W. Curtis Preston:

California or San Diego county.

W. Curtis Preston:

Anyway, we do four days of voting.

W. Curtis Preston:

In fact, there are some sites there's 203 sites.

W. Curtis Preston:

I think voting sites and about a dozen of them are open 11 days.

Prasanna Malaiyandi:

Oh my God.

Prasanna Malaiyandi:

Could you imagine doing that?

W. Curtis Preston:

yeah, I, I basically said a big fat no, when they said I

W. Curtis Preston:

was like, listen, I got a JOB, I can't be, I can't be leaving for 11 days,

W. Curtis Preston:

I mean, if I'm gonna leave for 11 days, what's that.

Prasanna Malaiyandi:

Doing the podcast is your JOB, right?

W. Curtis Preston:

Yeah.

W. Curtis Preston:

Yeah.

W. Curtis Preston:

Um, yeah.

W. Curtis Preston:

And so I was like, I was like, I.

W. Curtis Preston:

I have zero interest in 11 day site, but I was at a four day site.

W. Curtis Preston:

And for the first three days we got a whopping, like a grand total of

W. Curtis Preston:

about 32 people over three day period.

W. Curtis Preston:

And then on election day we got 266 people,

Prasanna Malaiyandi:

Oh my God.

W. Curtis Preston:

Speaker:

significantly more than 32.

Prasanna Malaiyandi:

Yeah,

Prasanna Malaiyandi:

just a little.

W. Curtis Preston:

And, everybody's like, oh, I didn't, I didn't know you were open.

W. Curtis Preston:

It's like, it's like, I guess you don't listen to the news

W. Curtis Preston:

or the radio or anything.

W. Curtis Preston:

That that's part of the problem is, you know, nobody watches the news or listens

W. Curtis Preston:

to the, like, what's a radio, right?

W. Curtis Preston:

The.

Prasanna Malaiyandi:

Or checks their mail because

Prasanna Malaiyandi:

you got they because they sent out flyers.

Prasanna Malaiyandi:

They're like, Hey, here are those sites that are opened ahead of time.

Prasanna Malaiyandi:

Go vote early.

W. Curtis Preston:

yeah.

W. Curtis Preston:

So, and of those 266 people, I'd say 10% of them were abusive

Prasanna Malaiyandi:

Hmm.

W. Curtis Preston:

to, to one degree or another,

W. Curtis Preston:

um, you know,

Prasanna Malaiyandi:

Do you just wanna curl up in the fetal position?

W. Curtis Preston:

Yeah.

W. Curtis Preston:

And, and as a site manager, I take the abuse.

W. Curtis Preston:

Right?

W. Curtis Preston:

I take the, I take the crazy questions.

W. Curtis Preston:

Um, you know, I had a, I had a Sharpie gate question, which I don't know if you,

W. Curtis Preston:

you remember Sharpie gate, but this, this thing of like, that people were being

W. Curtis Preston:

handled Sharpie handed Sharpies instead of the official ballot marking pens.

W. Curtis Preston:

And if you got a Sharpie, then your ballot wouldn't count, which was nonsense.

W. Curtis Preston:

But that, that was one of.

W. Curtis Preston:

And somebody actually asked me about that.

W. Curtis Preston:

I was like, well, first off, not relevant to the current election because we use

W. Curtis Preston:

a ballot marketing device, which is a screen that creates your printed ballot.

W. Curtis Preston:

You will be doing, you know, that's one of the questions.

W. Curtis Preston:

Are we gonna get paper ballots?

W. Curtis Preston:

Yes.

W. Curtis Preston:

You are going to use a paper ballot.

W. Curtis Preston:

You're going to create it on that device right over there.

W. Curtis Preston:

Which is a computer.

W. Curtis Preston:

Is that a Dominion machine?

W. Curtis Preston:

Yes.

W. Curtis Preston:

Yes.

W. Curtis Preston:

That is Dominion machine, but it, you will be able to see the, the thing

W. Curtis Preston:

that it produces, which is your vote.

W. Curtis Preston:

Um, so yeah, just all day long.

W. Curtis Preston:

I don't mind questions.

W. Curtis Preston:

I absolutely don't mind questions.

W. Curtis Preston:

It's I don't need the, I don't need the.

W. Curtis Preston:

Yeah, the attitude like I, like, I give everybody the same spiel

W. Curtis Preston:

when they come up to the BMD.

W. Curtis Preston:

That's the ballot marking device.

W. Curtis Preston:

That's you might call it a voting machine.

W. Curtis Preston:

We do not call it that.

W. Curtis Preston:

A voting machine is what we used to do, which is, or what some

W. Curtis Preston:

states used to do, which is it.

W. Curtis Preston:

Records your vote, right?

W. Curtis Preston:

This is not a voting machine.

W. Curtis Preston:

This is a ballot marketing device.

W. Curtis Preston:

It prints your ballot.

W. Curtis Preston:

And I give this spiel to everybody about how it doesn't store your vote,

W. Curtis Preston:

how it doesn't transmit your vote and how that you will be able to see your

W. Curtis Preston:

vote before you print it, you'll be able to see your vote after you print it.

W. Curtis Preston:

Cetera, cetera, cetera.

W. Curtis Preston:

And this guy who was, you know, an anti BMD person was like, I

W. Curtis Preston:

don't need, I'll figure it out.

W. Curtis Preston:

Like, okay.

W. Curtis Preston:

Okay.

W. Curtis Preston:

Like, I'm just trying to help you vote, man.

W. Curtis Preston:

You know, like I don't need you to snap at me.

Prasanna Malaiyandi:

so I know before we've talked about like everyone, at some

Prasanna Malaiyandi:

point in their life should work retail.

Prasanna Malaiyandi:

Do you think everyone, at some point in their life should work an election?

W. Curtis Preston:

I agree.

W. Curtis Preston:

Yeah.

W. Curtis Preston:

I'm yeah, I think so.

W. Curtis Preston:

And first off it, it.

W. Curtis Preston:

So San Diego county, 200 polling sites, average of eight people.

W. Curtis Preston:

They wanted 10 people per site.

W. Curtis Preston:

That's 2000 employees that are temporary employees that need to be hired and

W. Curtis Preston:

vetted and trained prior to the election.

W. Curtis Preston:

It requires two days of training to be a poll worker, five

W. Curtis Preston:

days to be a site manager.

W. Curtis Preston:

And, you know, we, we only ended up having seven people.

W. Curtis Preston:

Let me just tell you.

W. Curtis Preston:

There's a big difference between seven and eight and eight, nine, you know, on

W. Curtis Preston:

election day, just try to get, there's no way to get the legally mandated numbers

W. Curtis Preston:

of lunches and breaks and whatnot, and still function as a, as a site.

Prasanna Malaiyandi:

because each person has their sort of

Prasanna Malaiyandi:

role responsibility, right.

Prasanna Malaiyandi:

Their task.

Prasanna Malaiyandi:

And it's not like everyone's just doing the same thing.

W. Curtis Preston:

Yeah, we cross train, right.

W. Curtis Preston:

We cross train across the whole site so that everybody can do every job,

W. Curtis Preston:

but still even with that, you have people that are better at certain jobs.

W. Curtis Preston:

And, um, so it was, I'm just saying, I, it was.

W. Curtis Preston:

It's a lot of work.

W. Curtis Preston:

And then, um, and then we had to tear down everything the next day.

W. Curtis Preston:

And, and now I'm today I'm, I'm sort of in, this is my first day where I get

W. Curtis Preston:

to sort of breathe after all of that.

W. Curtis Preston:

I don't have any election responsibilities, but yeah.

W. Curtis Preston:

Yeah.

W. Curtis Preston:

Uh, and I, you know, I was looking for, and I'll throw out our disclaimer Prasanna

W. Curtis Preston:

and I work for different companies.

W. Curtis Preston:

He works for Zoom.

W. Curtis Preston:

I work for Druva and this is not a podcast of either company.

W. Curtis Preston:

These are our opinions and not theirs.

W. Curtis Preston:

And, uh, be sure to rate us at ratethispodcast.com/restore.

W. Curtis Preston:

And also, if, you know, if you listen to this and you, you're interested in

W. Curtis Preston:

the things that we're interested in, then just reach out to me @wcpreston

W. Curtis Preston:

on Twitter, or wcurtispreston@Gmail.

W. Curtis Preston:

And we'll get you on, man.

W. Curtis Preston:

You know,

Prasanna Malaiyandi:

Come join us.

Prasanna Malaiyandi:

Come talk to us.

W. Curtis Preston:

come talk to us about.

W. Curtis Preston:

You know, tape, disc backups, archives security.

W. Curtis Preston:

We love talking security cuz it's so it's so adjacent to what we do.

W. Curtis Preston:

Right.

W. Curtis Preston:

It's funny.

W. Curtis Preston:

I, I, I grew up hating security.

W. Curtis Preston:

like when

Prasanna Malaiyandi:

They were the people who would like stop

Prasanna Malaiyandi:

you from doing things, right?

W. Curtis Preston:

yes, yes.

W. Curtis Preston:

Um, you you've been a Unix guy for a while.

W. Curtis Preston:

You, you was, RSH still a thing when you started.

Prasanna Malaiyandi:

Yeah.

Prasanna Malaiyandi:

Mm-hmm,

W. Curtis Preston:

Okay.

W. Curtis Preston:

So in order to get, we used dump and, and, and, and rdump back in the day, right back

W. Curtis Preston:

before I had a commercial backup utility.

W. Curtis Preston:

The only way that rdump would work is to be able to rsh as root

Prasanna Malaiyandi:

Oh,

W. Curtis Preston:

one server to another, without a password.

W. Curtis Preston:

Right.

W. Curtis Preston:

Put all those things together.

W. Curtis Preston:

And I just made a security person's head explode.

Prasanna Malaiyandi:

Back in the days before the internet.

W. Curtis Preston:

Well, we were, it was very, very, you

W. Curtis Preston:

know, like internet was just,

W. Curtis Preston:

I remember getting my AOL disc.

W. Curtis Preston:

I was an AOL customer.

W. Curtis Preston:

Jeezy, you've got mail.

W. Curtis Preston:

What I remember was just really hating the security folks because all

W. Curtis Preston:

they did, all they ever did was just get in the way of me doing my job.

W. Curtis Preston:

And I will say that if you are a backup person, then stop that, right.

W. Curtis Preston:

If that, if that's your way of looking at data security, cuz guess

W. Curtis Preston:

what we're gonna talk about today.

W. Curtis Preston:

We're gonna talk about information security.

W. Curtis Preston:

We're gonna talk about the RSA conference.

Prasanna Malaiyandi:

And for the people who are don't know who

Prasanna Malaiyandi:

their security people are, go talk to them, have a conversation.

Prasanna Malaiyandi:

Like I'm sure you both, like both teams are feeling the same sort of pressures and

Prasanna Malaiyandi:

issues and just sort of go chat with them and figure out what you could do together.

W. Curtis Preston:

Yes.

W. Curtis Preston:

You both have a common goal, right.

W. Curtis Preston:

Of keeping the company safe.

W. Curtis Preston:

It's just, you look at it from different sides, right?

W. Curtis Preston:

It's like the, that is that story about the elephant, like the people approaching

W. Curtis Preston:

elephant, like one grabs a tail, one grabs like blind people approach it.

W. Curtis Preston:

Do you know what I'm talking about?

Prasanna Malaiyandi:

Are you crazy?

W. Curtis Preston:

what do you know the story I'm talking about

Prasanna Malaiyandi:

no.

W. Curtis Preston:

It it's like three blind guys approaching an element.

W. Curtis Preston:

Like one, you know, gets the legs.

W. Curtis Preston:

One gets the trunk, one gets the tail and they describe the elephant

W. Curtis Preston:

in three different ways because it's what they're experiencing.

W. Curtis Preston:

You're experiencing the same thing is just you're approaching

W. Curtis Preston:

it from a different angle.

W. Curtis Preston:

And so just talk about it.

W. Curtis Preston:

It's like, listen, I know, I know you wanna do this.

W. Curtis Preston:

Here's how that makes my job difficult.

W. Curtis Preston:

And he's like, I know you wanna do this.

W. Curtis Preston:

Here's how that makes my job difficult.

Prasanna Malaiyandi:

Yeah, I need access to every single system

W. Curtis Preston:

Yeah.

W. Curtis Preston:

And those of you that have heard the podcast, if you've, if you've listened

W. Curtis Preston:

to the podcast, I, I, more than once, I'm sure I've told the story where

W. Curtis Preston:

I worked at at, uh, a company where I, where the, the security people

W. Curtis Preston:

shut me down in the middle of thing.

W. Curtis Preston:

It was a Y2K thing.

W. Curtis Preston:

It was, I just, I just lost it, but they were just, again, they

W. Curtis Preston:

were just trying to do their job.

Prasanna Malaiyandi:

Exactly.

Prasanna Malaiyandi:

Be kind.

W. Curtis Preston:

I mean, they, they did not, in my opinion, they did not do

W. Curtis Preston:

their job because they were specifically told not to do what they ended up doing.

W. Curtis Preston:

And that's why I went, you know, crazy.

W. Curtis Preston:

Yeah.

W. Curtis Preston:

Um, but the security people are your friends.

W. Curtis Preston:

And if you're a, if you're a security type person listening to this and you,

W. Curtis Preston:

you know, you hate the backup person.

W. Curtis Preston:

Please don't.

W. Curtis Preston:

So work together.

W. Curtis Preston:

This headline from, uh, RSA, I found this excellent article.

Prasanna Malaiyandi:

The RSA conference, just to be clear.

W. Curtis Preston:

Thank you.

W. Curtis Preston:

The RSA conference, which stands for,

Prasanna Malaiyandi:

Is it three dudes names?

W. Curtis Preston:

oh, I was gonna say really secure access.

Prasanna Malaiyandi:

Co-founders Ron ADI and Leonard, sorry, their last names.

W. Curtis Preston:

Okay, thank you.

W. Curtis Preston:

I was, I was very confused

Prasanna Malaiyandi:

Ron Reibes ADI Shamir and Leonard Adelman,

W. Curtis Preston:

Well, there you

Prasanna Malaiyandi:

R

W. Curtis Preston:

then what about the SANs Institute?

W. Curtis Preston:

Do you know what that stands for?

Prasanna Malaiyandi:

secure something.

Prasanna Malaiyandi:

Something,

W. Curtis Preston:

something something the security people listening to

W. Curtis Preston:

this podcast are like, oh man.

W. Curtis Preston:

Uh, but anyway, if you're a security person, you know

W. Curtis Preston:

what the SANs Institute is,

Prasanna Malaiyandi:

CIS admin

W. Curtis Preston:

well, there you go.

W. Curtis Preston:

This was a talk at the annual RSA conference

Prasanna Malaiyandi:

which I think they do every year is kind of like their keynote.

W. Curtis Preston:

The keynote was the top five dangerous cyber threats in 2022.

W. Curtis Preston:

So it's interesting because they are not, um, they're not very similar to

Prasanna Malaiyandi:

What we think about normally.

W. Curtis Preston:

no, what I'm saying is they're not the ones that they

W. Curtis Preston:

talked about just a year or two ago.

Prasanna Malaiyandi:

Hmm.

Prasanna Malaiyandi:

Yeah.

W. Curtis Preston:

Year or two ago, they were focused on living off the

W. Curtis Preston:

land attacks, um, command and control.

W. Curtis Preston:

Deep persistence, mobile exploit, checkmate and check rain.

W. Curtis Preston:

I believe that's his and threats at the perimeter.

W. Curtis Preston:

This is a very different list.

W. Curtis Preston:

And I gotta say, looking at this list, I feel somewhat vindicated

W. Curtis Preston:

because we've been talking about some of these things for a while.

W. Curtis Preston:

Wouldn't you say?

Prasanna Malaiyandi:

Oh yeah, for sure.

Prasanna Malaiyandi:

It's it's interesting, like you were talking about earlier in our discussion

Prasanna Malaiyandi:

about like security and backup are there's a lot of overlap there, right?

Prasanna Malaiyandi:

Even in this list that they came up with, there's quite a lot of overlap

Prasanna Malaiyandi:

between like what we normally talk about and think about from like a backup data

Prasanna Malaiyandi:

protection perspective and what they're worried about from a security perspective.

W. Curtis Preston:

Right.

W. Curtis Preston:

So let's talk about the first one.

W. Curtis Preston:

And it's called living off the cloud, which may sound familiar for those of

W. Curtis Preston:

you that followed the SANs Institute.

W. Curtis Preston:

So they had this concept of living off the land, which is people that were

W. Curtis Preston:

using system management tools and systems to basically stay persistent and move

W. Curtis Preston:

around laterally within the organization.

W. Curtis Preston:

We talked about lateral movement and minimizing lateral movement in.

W. Curtis Preston:

What podcast, when we had, uh, snorkel.

W. Curtis Preston:

Do you have, do you have the titles up there?

Prasanna Malaiyandi:

We did two, one was called security expert rips

Prasanna Malaiyandi:

Okta for the response to hack, which probably isn't as respo, uh, isn't

Prasanna Malaiyandi:

as relevant, but the next one is snorkel 42 security expert from Reddit

Prasanna Malaiyandi:

explains his security cadence series.

Prasanna Malaiyandi:

It is, it was done back in may of this year of

W. Curtis Preston:

He talked about the idea of, one of the things that you

W. Curtis Preston:

want to do is minimize lateral movement.

W. Curtis Preston:

So in this, it's talking about living off the cloud, which basically

W. Curtis Preston:

just sounds like the, the cloud version of living off the land

Prasanna Malaiyandi:

It is a, it, it sounds reasonable.

Prasanna Malaiyandi:

I think the one thing they mentioned is.

Prasanna Malaiyandi:

With the cloud, right?

Prasanna Malaiyandi:

Living off the land, you have access to certain resources and everything else.

Prasanna Malaiyandi:

Cloud, you can just spin up things so quickly and use that as a staging

Prasanna Malaiyandi:

point for so many other attacks, right.

Prasanna Malaiyandi:

That it is.

Prasanna Malaiyandi:

Um, a lot more scary than something that's just within

Prasanna Malaiyandi:

the corporate network, right?

Prasanna Malaiyandi:

Because a cloud might not be like.

Prasanna Malaiyandi:

What's to prevent someone from spinning up an EC two instance, an AWS right.

Prasanna Malaiyandi:

Forgetting and accidentally leaving it open to the internet.

Prasanna Malaiyandi:

And now all of a sudden you have connectivity into

Prasanna Malaiyandi:

that cloud instance, right?

Prasanna Malaiyandi:

An attacker could.

Prasanna Malaiyandi:

And from there, depending on how the networks are configured, they could

Prasanna Malaiyandi:

easily get access to your internal data centers to other internal services,

Prasanna Malaiyandi:

just because you misconfigured something in your cloud environment,

W. Curtis Preston:

And then they also talked about.

W. Curtis Preston:

Enterprises tend to trust, uh, their, their own cloud provider.

W. Curtis Preston:

So if I want to attack you, and I know who your cloud provider is, I can

Prasanna Malaiyandi:

go through

W. Curtis Preston:

own environment inside that cloud provider and potentially

W. Curtis Preston:

allowing me not direct access, but, um, you know, just slightly easier because

W. Curtis Preston:

I'm coming from a place you trust.

W. Curtis Preston:

Um, which I would think is relatively easy to protect against,

Prasanna Malaiyandi:

Yep.

Prasanna Malaiyandi:

I don't know.

Prasanna Malaiyandi:

It

W. Curtis Preston:

again, not an information security because I, I'm

W. Curtis Preston:

not gonna trust you just because you came from AWS, I'm gonna trust you

W. Curtis Preston:

because you came from an IP address range or known IP addresses from AWS.

Prasanna Malaiyandi:

But, but even those known IP address ranges, just because

Prasanna Malaiyandi:

you're spinning up and down so quickly, if their private IP address is sure.

Prasanna Malaiyandi:

But if their public IP addresses, given how I can quickly spin up, spin down,

Prasanna Malaiyandi:

spot instances, everything else, like I don't actually know what IP range I

Prasanna Malaiyandi:

will necessarily get for those instances

W. Curtis Preston:

Well, again, I'm not running a corporate it

W. Curtis Preston:

network, but I would think that there's a way to deal with that.

Prasanna Malaiyandi:

Speaker:

there is, but it may be.

W. Curtis Preston:

I think that's the point of this, of this thing is

W. Curtis Preston:

to say, address that concern, right?

Prasanna Malaiyandi:

Cloud makes it easy to do all these dynamic things, but make

Prasanna Malaiyandi:

sure you're thinking about how to still secure, even though things could be

Prasanna Malaiyandi:

dynamic, don't just leave it all open.

W. Curtis Preston:

right.

W. Curtis Preston:

And then the next is attacks against multifactor authentication.

W. Curtis Preston:

And I've seen this.

W. Curtis Preston:

First off, there are many different types of multifactor authentication.

W. Curtis Preston:

There are different factors as they're called there is there's SMS.

W. Curtis Preston:

There's email.

W. Curtis Preston:

There are the little, um, the, to, you know, the little tokens,

Prasanna Malaiyandi:

Yep.

Prasanna Malaiyandi:

Yep.

W. Curtis Preston:

uh, and then there are like apps like

W. Curtis Preston:

authy or Google authenticator.

W. Curtis Preston:

There's also just in my life.

W. Curtis Preston:

I know I also use the Symantec app, like one of my financial vendors,

W. Curtis Preston:

I have to download the Symantec MFA app as well as the, um, uh, oh.

W. Curtis Preston:

And my, my bank has its own authenticator app.

Prasanna Malaiyandi:

And since we're talking about RSA earlier, right.

Prasanna Malaiyandi:

Remember back in the day, all the key fobs that you would have, right.

Prasanna Malaiyandi:

Which would give you the six digit code, which you then use for MFA.

Prasanna Malaiyandi:

And now everyone's moving away from that to, like you said,

Prasanna Malaiyandi:

SMS or one of these apps.

Prasanna Malaiyandi:

And I think the challenge is some of these methods are not as secure as others.

Prasanna Malaiyandi:

And so someone can impersonate can spoof can acquire those MFA codes that are

Prasanna Malaiyandi:

being sent to supposedly you Curtis, but they're intercepting it if you will.

Prasanna Malaiyandi:

And using it to register their own devices.

Prasanna Malaiyandi:

And once their own device is registered, now they have full access to everything.

W. Curtis Preston:

Exactly.

W. Curtis Preston:

And then, and then there's also just a concern when it is a physical

W. Curtis Preston:

token or when it is an app on a phone or when it is an SMS to a phone.

W. Curtis Preston:

What process do you have in place for when someone loses their, their token?

Prasanna Malaiyandi:

No one ever loses their stuff, Curtis,

W. Curtis Preston:

Right.

Prasanna Malaiyandi:

or when they trade in their phone.

W. Curtis Preston:

I don't know what you're talking about.

W. Curtis Preston:

The, um, so, and, and do you have backup authentication mechanisms in

W. Curtis Preston:

place for when somebody loses their, their primary authentication mechanism?

W. Curtis Preston:

And do you have a way to disable the, you know, whatever, whatever I think

W. Curtis Preston:

you should have like, like a more secure method, like an app or the token?

W. Curtis Preston:

If you're attempting a direct attack on a person or on a company and

W. Curtis Preston:

you've targeted a person, you can very easily target the physical

W. Curtis Preston:

thing that they're using as a token.

W. Curtis Preston:

Right.

Prasanna Malaiyandi:

Your phone, right?

Prasanna Malaiyandi:

This is what happens often with a lot of the crypto heists that you're seeing

Prasanna Malaiyandi:

is people call into the cell phone provider, pretend to be the person,

Prasanna Malaiyandi:

port the number over to another carrier.

Prasanna Malaiyandi:

Do the MFA, get the code and then clear out their crypto wallet.

W. Curtis Preston:

I went to a talk with, uh, Kevin Mitnick once, and

W. Curtis Preston:

I know not, everybody's a huge fan of Kevin Mitnick, but I learned a

W. Curtis Preston:

lot in that talk about things like.

W. Curtis Preston:

How, how he gets, you know, how he hacks into physical, physical.

W. Curtis Preston:

He, he has a lot more social engineering and physical

W. Curtis Preston:

hacking than I would've thought.

W. Curtis Preston:

And like, and he, he does white hat hacking.

W. Curtis Preston:

Right.

W. Curtis Preston:

And he talked about getting into a bank by using a, um, what,

W. Curtis Preston:

what are, what are they called?

W. Curtis Preston:

The little badges.

W. Curtis Preston:

There's a name for that?

W. Curtis Preston:

The,

Prasanna Malaiyandi:

Oh,

Prasanna Malaiyandi:

the key card,

W. Curtis Preston:

that you,

W. Curtis Preston:

what.

Prasanna Malaiyandi:

the key card swipe

W. Curtis Preston:

Well, like it's key card.

W. Curtis Preston:

There's a, there's a name for that type of key card.

W. Curtis Preston:

But anyway, he, he has a scanner that he can scan that if he's he, he has two

W. Curtis Preston:

different ones, ones that he can scan from really close and the ones that he

W. Curtis Preston:

can scan from like several feet away.

W. Curtis Preston:

And he talked about going into a bathroom.

W. Curtis Preston:

the men's bathroom in a bank where he needed to go and just waited for

W. Curtis Preston:

a dude to come in, guys, you know, go into the bathroom and he's sitting

W. Curtis Preston:

there scanning the guy's card.

W. Curtis Preston:

Next thing you know, he's got a badge to get into the thing.

W. Curtis Preston:

Again.

W. Curtis Preston:

That's why we have MFA.

W. Curtis Preston:

Right.

W. Curtis Preston:

So, you know, you need something more than

Prasanna Malaiyandi:

Digest that.

Prasanna Malaiyandi:

Yeah.

W. Curtis Preston:

plus a digit,

W. Curtis Preston:

right?

Prasanna Malaiyandi:

Or a picture.

W. Curtis Preston:

Yeah.

W. Curtis Preston:

Face

W. Curtis Preston:

thumbprint.

Prasanna Malaiyandi:

Something else?

W. Curtis Preston:

Hopefully, he's not cutting off anybody's

W. Curtis Preston:

thumbs, but all right.

Prasanna Malaiyandi:

So the fourth one is attacks involving

Prasanna Malaiyandi:

stalkerware against mobile devices.

Prasanna Malaiyandi:

Right?

Prasanna Malaiyandi:

So.

W. Curtis Preston:

Yeah.

Prasanna Malaiyandi:

Yeah.

Prasanna Malaiyandi:

Well, if you think about this, this is a lot around, like

Prasanna Malaiyandi:

there is the NSO group, right?

Prasanna Malaiyandi:

You're starting to see a lot of these sort of things being used, where people

Prasanna Malaiyandi:

are able to leverage zero day bugs and other things to install spyware.

Prasanna Malaiyandi:

If you will, on mobile devices.

Prasanna Malaiyandi:

And they can do it without requiring any interaction from the user.

Prasanna Malaiyandi:

They're now able to track where the user's going, what they're doing,

Prasanna Malaiyandi:

read your emails, read all your text messages, pull out your MFAs.

Prasanna Malaiyandi:

Right?

Prasanna Malaiyandi:

It's all scary stuff.

Prasanna Malaiyandi:

And before we used to think, oh, it's only in spy movies and it

Prasanna Malaiyandi:

won't happen to the common user.

Prasanna Malaiyandi:

Now there's, there's like groups and companies, which this is what they do.

Prasanna Malaiyandi:

And it's

W. Curtis Preston:

Yeah, that, that that freaks me out.

W. Curtis Preston:

Right?

W. Curtis Preston:

The idea of people just sort of randomly grabbing my,

W. Curtis Preston:

somehow these, these exploits.

W. Curtis Preston:

That's why I will say like in my personal life, when, whenever.

W. Curtis Preston:

Apple comes out with, and they're like, this is a security

W. Curtis Preston:

update and I'm like, boom, I'm

Prasanna Malaiyandi:

Uh,

W. Curtis Preston:

done.

W. Curtis Preston:

I've already like, I'm halfway through reading the article and

W. Curtis Preston:

I've already started installing it

Prasanna Malaiyandi:

Yeah.

Prasanna Malaiyandi:

I think apple is the, yeah, I think apple products are the

Prasanna Malaiyandi:

only one that I, oh, sorry.

Prasanna Malaiyandi:

iOS products are the only ones that I immediately install.

Prasanna Malaiyandi:

My laptop.

Prasanna Malaiyandi:

I'm a little out of date

W. Curtis Preston:

Yeah.

W. Curtis Preston:

of course I, I'm not, I'm not dragging my laptop around.

W. Curtis Preston:

Like I used to.

W. Curtis Preston:

Right.

W. Curtis Preston:

I'm look, I'm looking at my laptop right now, which for the record

W. Curtis Preston:

is never on top of my laptop.

W. Curtis Preston:

It just sits there.

W. Curtis Preston:

Right.

W. Curtis Preston:

Um,

W. Curtis Preston:

yeah.

W. Curtis Preston:

So that's, that's kind of, so I, I guess the biggest thing there is again,

W. Curtis Preston:

secure your personal mobile device.

W. Curtis Preston:

Um,

Prasanna Malaiyandi:

be careful if you plug in, like, I've seen a lot of people,

Prasanna Malaiyandi:

they go and they just take the USB cable and they're like, oh, there's a USB port.

Prasanna Malaiyandi:

Let me plug it in.

Prasanna Malaiyandi:

Or they see a cable like plugged in or just standing there.

Prasanna Malaiyandi:

And they're like, oh, let me charge my phone quickly.

Prasanna Malaiyandi:

And they plug it in.

Prasanna Malaiyandi:

It's like, don't do those sort of things.

W. Curtis Preston:

we, we, we talked a couple episodes ago.

W. Curtis Preston:

I think we talked about this, about the, the dropping of the USB

W. Curtis Preston:

thumb drives and stuff like that.

W. Curtis Preston:

But again, that same talk that, uh, that I went to with Kevin Mitnick.

W. Curtis Preston:

He had a, he had a guy come up on stage and he handed him a, a USB cable, a

W. Curtis Preston:

USB charging cable for his iPhone.

W. Curtis Preston:

And he's like, I want you to examine this cable.

W. Curtis Preston:

He's.

W. Curtis Preston:

I'm examining it.

W. Curtis Preston:

And he's like, okay, you know, and he is like, does it look any different?

W. Curtis Preston:

And he's like, Nope.

W. Curtis Preston:

He goes, okay, we're gonna plug it in over here.

W. Curtis Preston:

And he plugged it and he plugged it into the wall.

W. Curtis Preston:

He plugged it into the wall and then he, and then he pulled up his laptop on

W. Curtis Preston:

the screen and we could see that he was reading the guy's data off his phone.

Prasanna Malaiyandi:

Yeah.

W. Curtis Preston:

I'm.

W. Curtis Preston:

Damn that's.

W. Curtis Preston:

Yeah.

W. Curtis Preston:

So stay away from, you know, stay away from strange devices.

W. Curtis Preston:

This is also why you don't enable the USB, you know, the USB, uh,

W. Curtis Preston:

the data access on the USB ports.

W. Curtis Preston:

When you put in a strange device, this is why you don't just randomly

W. Curtis Preston:

use random chargers out there.

W. Curtis Preston:

Bring your own charger.

W. Curtis Preston:

Um, Know thy cable.

W. Curtis Preston:

Um, so the, the next one is another one.

W. Curtis Preston:

That's that's kind of, and again, this is one of these, like, um, this is sort

W. Curtis Preston:

of like the cloud, the cloud is not bad, but the cloud is being used in bad ways.

W. Curtis Preston:

Bitcoin is not bad, but being Bitcoin is being used in bad ways.

W. Curtis Preston:

And there's a couple different articles that I saw in this, this.

W. Curtis Preston:

The the, the CRN article doesn't specifically mention Starlink, but

W. Curtis Preston:

the other article did, and they were saying that that Starlink

W. Curtis Preston:

enables a lot of really cool stuff.

W. Curtis Preston:

And they were talking about how they were able to re enable

W. Curtis Preston:

access in Ukraine, for example.

Prasanna Malaiyandi:

When the modems got wiped and they lost access and

W. Curtis Preston:

right.

W. Curtis Preston:

J just similar to.

W. Curtis Preston:

To that DR story that we had with, uh, the island that, uh, they, they had to

W. Curtis Preston:

use wireless internet, or they had to use satellite internet, which I'm guessing

W. Curtis Preston:

was not as good back then as it is now.

W. Curtis Preston:

But what he was saying was be concerned about nation state hacking and With

W. Curtis Preston:

the advent of things like Starlink, you could be dealing with a nation state

W. Curtis Preston:

that doesn't look like a nation state.

Prasanna Malaiyandi:

yep.

Prasanna Malaiyandi:

The lines get blurred right between.

W. Curtis Preston:

So it's

W. Curtis Preston:

not E it's not as easy as like, well, I'm just gonna, like, I don't do

W. Curtis Preston:

any business with anybody in Russia.

W. Curtis Preston:

I'm just gonna block off all access from Russia.

W. Curtis Preston:

Right.

W. Curtis Preston:

Um, you know, I dunno if I ever told you, but I, the backup central got hacked once.

Prasanna Malaiyandi:

Oh

W. Curtis Preston:

Did I tell you that it was a just years ago, but

W. Curtis Preston:

it was a SQL injection attack.

W. Curtis Preston:

And for, for a relatively short period of time, I was flying some country's flag

W. Curtis Preston:

on the, on the front page of my website.

W. Curtis Preston:

And also, uh, I was, there was some stuff in my metadata that was.

W. Curtis Preston:

Bad stuff.

W. Curtis Preston:

I don't remember what it was, but it, they had inserted stuff in my

W. Curtis Preston:

metadata, which didn't need to be there.

W. Curtis Preston:

Um, and that was the, that was the biggest evidence that, that that's actually how

W. Curtis Preston:

I, something, something clued me in.

W. Curtis Preston:

But, um, yeah, it was SQL injection attack recovered via backups.

W. Curtis Preston:

Of course.

Prasanna Malaiyandi:

Nice.

W. Curtis Preston:

Um, good news is backup central.

W. Curtis Preston:

Doesn't have like A huge.

W. Curtis Preston:

Change rate

Prasanna Malaiyandi:

yeah.

W. Curtis Preston:

it's like once a week I put in a new episode.

W. Curtis Preston:

So,

W. Curtis Preston:

um,

Prasanna Malaiyandi:

And since you were talking about backups, since

Prasanna Malaiyandi:

we're talking about Ukraine, I can't remember where I was reading this

Prasanna Malaiyandi:

article, but they were mentioning, they were talking about Ukraine and

Prasanna Malaiyandi:

how they got hit with these attacks.

Prasanna Malaiyandi:

Like, and they were talking about how because they've been so like the it

Prasanna Malaiyandi:

industry there has gotten so used to dealing with disruptive operations,

Prasanna Malaiyandi:

they're actually really, really good at restoring their environments.

Prasanna Malaiyandi:

Because they're kind of doing it all the time.

Prasanna Malaiyandi:

Like when not Petya hit.

Prasanna Malaiyandi:

Right.

Prasanna Malaiyandi:

And other things like that, they're able to like quickly get up and running

Prasanna Malaiyandi:

in like hours rather than like weeks that most other companies take, because

Prasanna Malaiyandi:

they're like, oh yeah, we just drill.

Prasanna Malaiyandi:

We practice, we practice, we practice.

Prasanna Malaiyandi:

and so they have it down.

W. Curtis Preston:

and I think the same is true of me.

W. Curtis Preston:

It's like the reason why I got so good at backup is because it, you

W. Curtis Preston:

know, partly because I had a job and that was all I did was backups.

W. Curtis Preston:

But then I left that job to become a quote, real sysadmin.

W. Curtis Preston:

And they put me at the headquarters of Amoco and they had the,

W. Curtis Preston:

the, the actual headquarters part, which is where I was at.

W. Curtis Preston:

They.

W. Curtis Preston:

They had an it department that was kind of had been ignored.

W. Curtis Preston:

And so I was, I was in there doing the, the person that was running

W. Curtis Preston:

the it department, uh, just, wasn't a very strong CIS admin.

W. Curtis Preston:

And, uh, and so they brought us in to, to assist and, and so we started

W. Curtis Preston:

doing things like crazy things, like loading the most recent, uh,

W. Curtis Preston:

patches and rebooting the servers once in a while and things like that.

W. Curtis Preston:

But.

W. Curtis Preston:

But they were dying left and right.

W. Curtis Preston:

and so, so I just got really good at not only like just doing backups and restores,

W. Curtis Preston:

but doing bare metal backups and restores,

Prasanna Malaiyandi:

and doing quickly and pain free.

W. Curtis Preston:

yeah,

W. Curtis Preston:

exactly.

W. Curtis Preston:

And, uh, you can hear all about that in the episode.

W. Curtis Preston:

Uh, how I, what is something about how I got the nickname crash?

W. Curtis Preston:

I think

Prasanna Malaiyandi:

Uh, sure.

W. Curtis Preston:

there's a, we have an episode we talked.

W. Curtis Preston:

How I used to be called crash,

W. Curtis Preston:

Well, anyway, it's up there somewhere.

W. Curtis Preston:

One of those episodes, we'll find it, see if I can figure it out.

W. Curtis Preston:

But, um, yeah, that's how I got the nickname crash, cuz I was

W. Curtis Preston:

like, I was rebooting servers and they weren't coming back up and

W. Curtis Preston:

then, so I got really good at it.

W. Curtis Preston:

So that's interesting.

W. Curtis Preston:

So

Prasanna Malaiyandi:

the last one, your favorite

W. Curtis Preston:

and the last one we need, we need a drum roll sound.

W. Curtis Preston:

You boo.

W. Curtis Preston:

The fifth one is attacks against system backup

Prasanna Malaiyandi:

Speaker:

No one ever does that.

W. Curtis Preston:

Right.

W. Curtis Preston:

And you know, this has become huge, you know, and they're saying here that backups

W. Curtis Preston:

were the last line of defense, but they're also becoming the first line of attack.

W. Curtis Preston:

And, you know, they're saying that the back the software used to create

W. Curtis Preston:

the backups have flaws and the backup software vendors have had

W. Curtis Preston:

to address these vulnerabilities.

W. Curtis Preston:

And, and I would say it's, it's.

W. Curtis Preston:

It it's less of a flaw generally in the backup software itself, but more

W. Curtis Preston:

in the overall infrastructure, right?

W. Curtis Preston:

Yes.

W. Curtis Preston:

There's also, I'd say that historically backup software was not written

W. Curtis Preston:

with information security in mind.

W. Curtis Preston:

Back in the day, you had to be root to run your backups.

W. Curtis Preston:

You had to be root everywhere.

W. Curtis Preston:

So I used to joke a lot about the back.

W. Curtis Preston:

You know, backup admin is like trust your backup admin because they can delete

W. Curtis Preston:

everything, including your backups.

W. Curtis Preston:

So that's no longer the case.

W. Curtis Preston:

And, and I will say this, if you're I say it all the time, if your backup

W. Curtis Preston:

software still requires you to have root on servers that you're backing

W. Curtis Preston:

up and or root on the backup server.

W. Curtis Preston:

In order to just run the backups, then you need to run.

W. Curtis Preston:

Don't walk from that backup software product.

W. Curtis Preston:

The, you should be able to put a junior person in charge of the backups,

W. Curtis Preston:

which you shouldn't do, but I'm just saying you should be able to do that.

W. Curtis Preston:

Put someone who does not have sysadmin privileges in charge of the backups and,

W. Curtis Preston:

and they should be able to do everything that they need to do without needing

Prasanna Malaiyandi:

Operate root.

Prasanna Malaiyandi:

Yep.

Prasanna Malaiyandi:

I'm just trying

W. Curtis Preston:

Because you wanna limit the blast radius, right.

W. Curtis Preston:

And the backup user itself is powerful enough, but the, you know, just limit

W. Curtis Preston:

the blast radius wherever you can.

W. Curtis Preston:

But the, but the biggest thing I think, um, is, as I said earlier,

W. Curtis Preston:

is we talk about it a lot is . How people are storing their backups.

Prasanna Malaiyandi:

So because all this data, right?

Prasanna Malaiyandi:

There's a lot of data.

Prasanna Malaiyandi:

There are a lot of systems you're backing up, right?

Prasanna Malaiyandi:

Typically you end up writing to something, some other storage

Prasanna Malaiyandi:

device for your backups.

Prasanna Malaiyandi:

And a lot of people just dump it out over a standard protocol,

Prasanna Malaiyandi:

like NFS or SMB . Right.

Prasanna Malaiyandi:

great because now I can just bring in any storage array.

Prasanna Malaiyandi:

I just plug it in.

Prasanna Malaiyandi:

I now start backing up to it.

Prasanna Malaiyandi:

Easy peasy.

Prasanna Malaiyandi:

The downside is it's an open protocol, right?

Prasanna Malaiyandi:

It's an open endpoint that anyone else can also access.

Prasanna Malaiyandi:

So

W. Curtis Preston:

Emphasis on open

Prasanna Malaiyandi:

yeah, it is open.

Prasanna Malaiyandi:

Um, and so anyone can access it, which means if ransom, if a attacker.

Prasanna Malaiyandi:

exploits, it's not even your backup server, but even any other server in

Prasanna Malaiyandi:

the environment, they could potentially gain access to that Mount and start

Prasanna Malaiyandi:

accessing, deleting, exfiltrating, which is probably even a bigger issue, right.

Prasanna Malaiyandi:

Your data.

Prasanna Malaiyandi:

And you could be in trouble.

W. Curtis Preston:

Yeah.

W. Curtis Preston:

And I would say, I would add to that just like the default installation

W. Curtis Preston:

of a lot of disk space backup products is, is not an NFS target.

W. Curtis Preston:

It's just a regular disc target race, just a, you know, SQL back slash backups.

W. Curtis Preston:

Um, that's not good either, especially if it's a windows box, you know?

W. Curtis Preston:

Yes.

W. Curtis Preston:

I prefer Unix and Linux and yes, I think they're more secure.

W. Curtis Preston:

They're not perfect, but it is a stating a fact saying that windows is

W. Curtis Preston:

the number one target for ransomware.

W. Curtis Preston:

It's not the only one, but it's definitely the number one.

W. Curtis Preston:

And so for your backups to be sitting on a Windows server, And, and then

W. Curtis Preston:

the backups are inside that server

W. Curtis Preston:

you know, so

Prasanna Malaiyandi:

Speaker:

That's probably not a good

W. Curtis Preston:

attacked, you can, you can do that.

W. Curtis Preston:

There are ways to address all of these concerns

Prasanna Malaiyandi:

Yep.

Prasanna Malaiyandi:

Which we talked about in numerous.

W. Curtis Preston:

yeah,

W. Curtis Preston:

we have.

W. Curtis Preston:

Yeah.

W. Curtis Preston:

So, but, but I just do, I do find it interesting cuz we talk about

W. Curtis Preston:

it a lot and sometimes I, I feel like I live in the, you know,

Prasanna Malaiyandi:

Can I bubble

W. Curtis Preston:

of, of a backup company and I'm like, yes, but it's nice to see.

W. Curtis Preston:

vindication of the RSA conference saying that one of the top

W. Curtis Preston:

five data risks right now

W. Curtis Preston:

Is the, you know, the loss of your

Prasanna Malaiyandi:

Speaker:

attacks on your backups

W. Curtis Preston:

you're doing them.

W. Curtis Preston:

And, you know, and, and the, and I've said it before, but I'll say it again.

W. Curtis Preston:

The reason this is the case, I'd say two things.

W. Curtis Preston:

One is.

W. Curtis Preston:

Hacking, you know, and, and, and all, and, and ransomware and

W. Curtis Preston:

all that's creating an industry.

W. Curtis Preston:

So there's resources and stuff that, that, that the bad folks

W. Curtis Preston:

just didn't have back in the day.

W. Curtis Preston:

But the other is the, in the backup industry's move from tape to disc as

W. Curtis Preston:

their primary protection mechanism.

W. Curtis Preston:

And so it makes it really easy to get access to it.

W. Curtis Preston:

If you haven't done the right things, um, go.

Prasanna Malaiyandi:

One of the articles on the SANs list of

Prasanna Malaiyandi:

bad backups is from tech target.

Prasanna Malaiyandi:

And there was a quote from the, one of the presenters, right?

Prasanna Malaiyandi:

Backups are boring.

Prasanna Malaiyandi:

Boring is good.

Prasanna Malaiyandi:

Keep it boring.

W. Curtis Preston:

Yeah, yeah.

W. Curtis Preston:

Backups are boring.

W. Curtis Preston:

That's why nobody wants to be the backup person, but you know, it is what it is.

W. Curtis Preston:

And, you know, you know, I saw that quote and I was like, I

W. Curtis Preston:

don't know how I feel about that.

W. Curtis Preston:

And I don't mean that like, Like I'm being insulted

Prasanna Malaiyandi:

Yeah, I think, I think instead of boring,

Prasanna Malaiyandi:

I think it's what is it simple or

W. Curtis Preston:

Yeah,

Prasanna Malaiyandi:

easy or something like that,

W. Curtis Preston:

Yeah.

W. Curtis Preston:

The problem is the, and again,

W. Curtis Preston:

to a hammer, everything looks like a nail, but, and I work for a.

W. Curtis Preston:

Cloud backup vendor.

W. Curtis Preston:

But to me, the only way to do backups today, easy is to use the

W. Curtis Preston:

SaaS product that does backups.

W. Curtis Preston:

Everything else is hard, right?

W. Curtis Preston:

Buy a box, secure that box, buy some backup software, secure that backup

W. Curtis Preston:

software, buy a backup target, secure that and all that stuff.

W. Curtis Preston:

You know, just all of that.

W. Curtis Preston:

That is not simple.

W. Curtis Preston:

It used to be simple.

W. Curtis Preston:

It is not simple anymore.

W. Curtis Preston:

And you can't just hand the keys to the backup kingdom, to the, to the new person

W. Curtis Preston:

and expect them to figure all that out.

W. Curtis Preston:

Right.

W. Curtis Preston:

They're

Prasanna Malaiyandi:

Here you go.

Prasanna Malaiyandi:

Good luck.

W. Curtis Preston:

Good luck, please, please keep the keys to

W. Curtis Preston:

our kingdom secure from all the bad, you know, hackers out there.

W. Curtis Preston:

Uh, the only way to do that in my opinion is to use SaaS service and,

W. Curtis Preston:

and, and, by the way, it, it, you know, let me rephrase what I'm saying

W. Curtis Preston:

is the only way to do it simply.

Prasanna Malaiyandi:

Yep.

W. Curtis Preston:

We've had the guys from Veeam on here.

W. Curtis Preston:

Right.

W. Curtis Preston:

I'm not anti Veeam and they've got answers to these concerns.

W. Curtis Preston:

It's simple if you know what you're doing, but to me, um, and

W. Curtis Preston:

I'm not saying it's, I don't know.

W. Curtis Preston:

I, I'm not attacking these folks.

W. Curtis Preston:

I'm just saying there's nothing simpler than just put in an agent and point.

W. Curtis Preston:

Right.

W. Curtis Preston:

You don't have any of the backend security

Prasanna Malaiyandi:

Issue story

W. Curtis Preston:

stuff to worry about, right?

W. Curtis Preston:

Yeah.

W. Curtis Preston:

Anyway.

W. Curtis Preston:

All right, well, um, you know, I'm gonna go maybe have a beer and, uh, think

W. Curtis Preston:

about my, all those people yelling at me over the over the, over the election.

Prasanna Malaiyandi:

not just gonna start.

Prasanna Malaiyandi:

Oh, about the election.

Prasanna Malaiyandi:

Okay.

Prasanna Malaiyandi:

Yeah, no, I thought you were going to be like, yeah, I'm gonna go call all those

Prasanna Malaiyandi:

people who told me I was wrong in the past and you just have like a book somewhere

Prasanna Malaiyandi:

and you're just going through it.

Prasanna Malaiyandi:

Crossing out line by line,

W. Curtis Preston:

Yeah.

W. Curtis Preston:

Yeah.

W. Curtis Preston:

Um,

Prasanna Malaiyandi:

awkward silence.

Prasanna Malaiyandi:

He didn't deny it.

Prasanna Malaiyandi:

He might actually have a book.

W. Curtis Preston:

I don't know.

W. Curtis Preston:

Maybe I might have a book.

W. Curtis Preston:

I'm just saying maybe I got it all up in here.

W. Curtis Preston:

You know, maybe

Prasanna Malaiyandi:

good with names.

Prasanna Malaiyandi:

You're not good with names.

Prasanna Malaiyandi:

I

W. Curtis Preston:

Okay, dang it.

W. Curtis Preston:

Dang it.

W. Curtis Preston:

I am busted.

W. Curtis Preston:

I suck at names like literally.

W. Curtis Preston:

I mean people that I know and talk to all the time, it, it hasn't

W. Curtis Preston:

happened to me with you yet, but I've had people that I've known for

W. Curtis Preston:

years and then I'll be talking to 'em and I'll be in the middle of a

W. Curtis Preston:

conversation with him and I'll realize, I can't remember this person's name.

Prasanna Malaiyandi:

This happened to me the other day, I was on a video

Prasanna Malaiyandi:

call and I was talking to the person.

Prasanna Malaiyandi:

And for some reason, my mind just went blank.

Prasanna Malaiyandi:

And luckily though they had the name of the person at the bottom of the screen.

Prasanna Malaiyandi:

I was like, oh, thank God.

Prasanna Malaiyandi:

It's like someone I interacted with so much.

Prasanna Malaiyandi:

Like I was like, I should know this.

W. Curtis Preston:

Yeah.

W. Curtis Preston:

And I met a, I met a new person, one of the folks that worked with me at the

W. Curtis Preston:

election and, uh, his name is, is Allen.

W. Curtis Preston:

I had to think about it for a minute.

W. Curtis Preston:

And the reason I had to think about it was because somebody else started

W. Curtis Preston:

calling him, Larry, his name's not Larry.

W. Curtis Preston:

They, they reminded him of Larry.

W. Curtis Preston:

And so they started calling him Larry, and then halfway through the election.

W. Curtis Preston:

He just turns his badge over and he puts his, puts his name as

W. Curtis Preston:

Larry I'm like, okay, for a guy like me, that is not helpful.

W. Curtis Preston:

Like, I

Prasanna Malaiyandi:

You're like it's already hard enough keeping track

W. Curtis Preston:

it's already hard enough.

W. Curtis Preston:

And then he added another he's like, well, my dad always called

W. Curtis Preston:

me Bob or something like that.

W. Curtis Preston:

I was like, grrrr, like stop.

Prasanna Malaiyandi:

That's why like,

W. Curtis Preston:

Yeah.

W. Curtis Preston:

Anyway.

W. Curtis Preston:

All right.

W. Curtis Preston:

Well, thanks

W. Curtis Preston:

for discussing the, the RSA conference with me

Prasanna Malaiyandi:

how's it going?

Prasanna Malaiyandi:

Anytime, Curtis, and go enjoy your beer.

W. Curtis Preston:

I will definitely do that.

W. Curtis Preston:

And remember folks out there.

W. Curtis Preston:

Thanks for listening.

W. Curtis Preston:

And remember to subscribe so that you can restore it all.