Security Unlocked


Discovering Router Vulnerabilities with Anomaly Detection

Ep. 37
Ready for a riddle? What do 40 hypothetical high school students and our guest on this episode have in common?Whythey can help you understand complex cyber-attack methodology, of course!In this episode of Security Unlocked, hostsNic FillinghamandNatalia Godylaare brought back to school byPrincipalSecurityResearcher,Jonathan Bar Or who discusses vulnerabilities in NETGEAR Firmware. During the conversation Jonathan walks through how his teamrecognized the vulnerabilities and worked with NETGEAR to secure the issue,andhelps usunderstand exactly how the attack workedusing an ingenious metaphor.In This Episode You Will Learn: How a side-channel attack worksWhy attackers are moving away fromoperating systemsand towards network equipmentWhy routers are an easy access point for attacksSome Questions We Ask: How do you distinguish an anomaly from an attack?What are the differences between a side-channel attack and an authentication bypass?What can regular users do to protect themselvesfrom similarattacks? Resources: Jonathan Bar Or’s Blog Post: Bar Or’s LinkedIn: Fillingham’s LinkedIn: Godyla’s LinkedIn: Security Blog: Related: Security Unlocked: CISO Series with Bret Arsenault

Securing the Internet of Things

Ep. 36
Thereused to bea time when our appliances didn’t talk back to us, but it seems like nowadays everything in our home is getting smarter.Smart watches, smart appliances,smart lights-smart everything! Thisconnectivity to the internetis what we call the Internet of Things(IoT).It’s becoming increasingly common for our everyday items to be “smart,” and while thatmay providea lot of benefits, like your fridge reminding you when you may need to get more milk, it alsomeans thatall ofthose devices becomesusceptible to cyberattacks.On this episode of Security Unlocked, hostsNic FillinghamandNatalia Godylatalk toArjmandSamuelabout protecting IoT devices, especially with a zero trust approach.Listenin to learnnot onlyaboutthe importance of IoT security,but also what Microsoft is doing to protect againstsuchattacks and how you canbettersecurethesedevices.In This Episode You Will Learn: Whatthe techniquesareto verify explicitly on IoT devicesHow to apply the zero trust model in IoTWhat Microsoft is doing to protect against attacks on IoTSome Questions We Ask:What isthedifference between IoT and IT?Why is IoT security so important?What are the best practices for protecting IoT?Resources:ArjmandSamuel’s LinkedIn: Fillingham’s LinkedIn: Godyla’s LinkedIn: Security Blog: Unlocked: CISO Series with Bret Arsenault[Full transcript can be found at]Nic Fillingham:(music) Hello and welcome to Security Unlocked, a new podcast from Microsoft where we unlock insights from the latest in new and research from across Microsoft's security, engineering and operations teams. I'm Nic Fillingham.Natalia Godyla:And I'm Natalia Godyla. In each episode, we'll discuss the latest stories from Microsoft Security, deep dive into the newest threat intel, research and data science.Nic Fillingham:And profile some of the fascinating people working on artificial intelligence in Microsoft Security.Natalia Godyla:And now, let's unlock the pod. (music)Natalia Godyla:Welcome everyone to another episode of Security Unlocked. Today we are joined by first time guest, Arjmand Samuel, who is joining us to discuss IoT Security, which is fitting as he is an Azure IoT Security leader a Microsoft. Now, everyone has heard the buzz around IoT. There's been constant talk of it over the past several years, and, but now we've all also already had some experience with IoT devices in our personal life. Would about you, Nic? What do you use in your everyday life? What types of IoT devices?Nic Fillingham:Yeah. I've, I've got a couple of smart speakers, which I think a lot of people have these days. They seem to be pretty ubiquitous. And you know what? I sort of just assumed that they automatically update and they've got good security in them. I don't need to worry about it. Uh, maybe that's a bit naïve, but, but I sort of don't think of them as IoT. I just sort of, like, tell them what I music I want to play and then I tell them again, because they get it wrong. And then I tell them a third time, and then I go, "Ugh," and then I do it on my phone.Nic Fillingham:I also have a few cameras that are pointed out around the outside of the house. Because I live on a small farm with, with animals, I've got some sheep and pigs, I have to be on the look out for predators. For bears and coyotes and bobcats. Most of my IoT, though, is very, sort of, consummary. Consumers have access to it and can, sort of, buy it or it comes from the utility company.Natalia Godyla:Right. Good point. Um, today, we'll be talking with Arjmand about enterprise grade IoT and OT, or Internet of Things and operational technology. Think the manufacturing floor of, uh, plants. And Arjmand will walk us through the basics of IoT and OT through to the best practices for securing these devices.Nic Fillingham:Yeah. And we spent a bit of time talking about zero trust and how to apply a zero trust approach to IoT. Zero trust, there's sort of three main pillars to zero trust. It's verify explicitly, which for many customers just means sort of MFA, multi factorial authentication. It's about utilizing least privilege access and ensuring that accounts, users, devices just have access to the data they need at the time they need it. And then the third is about always, sort of, assuming that you've been breached and, sort of, maintaining thing philosophy of, of let's just assume that we're breached right now and let's engage in practices that would, sort of, help root out a, uh, potential breach.Nic Fillingham:Anyway, so, Arjmand, sort of, walks us through what it IoT, how does it relate to IT, how does it relate to operational technology, and obviously, what that zero trust approach looks like. On with the pod.Natalia Godyla:On with the pod. (music) Today, we're joined by Arjmand Samuel, principle program manager for the Microsoft Azure Internet of Things Group. Welcome to the show, Arjmand.Arjmand Samuel:Thank you very much, Natalia, and it's a pleasure to be on the show.Natalia Godyla:We're really excited to have you. Why don't we kick it off with talking a little bit about what you do at Microsoft. So, what does your day to day look like as a principle program manager?Arjmand Samuel:So, I am part of the Azure IoT Engineering Team. I'm a program manager on the team. I work on security for IoT and, uh, me and my team, uh, we are responsible for making sure that, uh, IoT services and clients like the software and run times and so on are, are built securely. And when they're deployed, they have the security properties that we need them and our customers demand that. So, so, that's what I do all a long.Nic Fillingham:And, uh, we're going to talk about, uh, zero trust and the relationship between a zero trust approach and IoT. Um, but before we jump into that, Arjmand, uh, we, we had a bit of a look of your, your bio here. I've got a couple of questions I'd love to ask, if that's okay. I want to know about your, sort of, tenure here at Microsoft. Y- y- you've been here for 13 years. Sounds like you started in, in 2008 and you started in the w- what was called the Windows Live Team at the time, as the security lead. I wonder if you could talk a little bit about your, your entry in to Microsoft and being in security in Microsoft for, for that amount of time. You must have seen some, sort of, pretty amazing changes, both from an industry perspective and then also inside Microsoft.Arjmand Samuel:Yeah, yeah, definitely. So, uh, as you said, uh, 2008 was the time, was the year when I came in. I came in with a, a, a degree in, uh, security, in- information security. And then, of course, my thinking and my whole work there when I was hired at Microsoft was to be, hey, how do we actually make sure that our product, which was Windows Live at that time, is secure? It has all the right security properties that, that we need that product to have. So, I- I came in, started working on a bunch of different things, including identity and, and there was, these are early times, right? I mean, we were all putting together this infrastructure, reconciling all the identity on times that we had. And all of those were things that we were trying to bring to Windows Live as well.Arjmand Samuel:So, I was responsible for that as well as I was, uh, working on making sure that, uh, our product had all the right diligence and, and security diligence that is required for a product to be at scale. And so, a bunch of, you know, things like STL and tech modeling and those kind of things. I was leading those efforts as well at, uh, Windows Live.Natalia Godyla:So, if 2008 Arjmand was talking to 2021 Arjmand, what would he be most surprised about, about the evolution over the past 13 years, either within Microsoft or just in the security industry.Arjmand Samuel:Yeah. Yeah. (laughs) That's a great, great question, and I think in the industry itself, e- evolution has been about how all around us. We are now engulfed in technology, connected technology. We call it IoT, and it's all around us. That was not the landscape 10, 15 years back. And, uh, what really is amazing is how our customers and partners are taking on this and applying this in their businesses, right? This meaning the whole industry of IoT and, uh, Internet of Things, and taking that to a level where every data, every piece of data in the physical world can be captured or can be acted upon. That is a big change from the last, uh, 10, 15 to where we are today.Nic Fillingham:I thought you were going to say TikTok dance challenges.Arjmand Samuel:(laughs)Natalia Godyla:(laughs)Nic Fillingham:... because that's, that's where I would have gone.Arjmand Samuel:(laughs) that, too. That, too, right? (laughs)Nic Fillingham:That's a (laughs) digression there. So, I'm pretty sure everyone knows what IoT is. I think we've already said it, but let's just, sort of, start there. So, IoT, Internet of Things. Is, I mean, that's correct, right? Is there, is there multiple definitions of IoT, or is it just Internet of Things? And then, what does the definition of an Internet of Things mean?Arjmand Samuel:Yeah, yeah. It;s a... You know, while Internet of Things is a very recognized acronym these days, but I think talking to different people, different people would have a different idea about how Internet of Thing could be defined. And the way I would define it, and again, not, not, uh, necessarily the authority or the, the only definition. There are many definitions, but it's about having these devices around us. Us is not just people but also our, our manufacturing processes, our cars, our, uh, healthcare systems, having all these devices around, uh, these environments. They are, these devices, uh, could be big, could be small. Could be as small as a very small temperature sensor collecting data from an environment or it could be a Roboticom trying to move a full car up and down an assembly line.Arjmand Samuel:And first of all, collecting data from these devices, then bringing them, uh, uh, using the data to do something interesting and insightful, but also beyond that, being able to control these devices based on those insights. So, now there's a feedback loop where you're collecting data and you are acting on that, that data as well. And that is where, how IoT is manifesting itself today in, in, in the world. And especially for our customers who are, who tend to be more industrial enterprises and so on, it's a big change that is happening. It's, it's a huge change that, uh, they see and we call it the transformation, the business transformation happening today. And part of that business transformation is being led or is being driven through the technology which we call IoT, but it's really a business transformation.Arjmand Samuel:It's really with our customers are finding that in order to remain competitive and in order to remain in business really, at the end of the day, they need to invest. They need to bring in all these technologies to bear, and Internet of Things happens that technology.Nic Fillingham:So, Arjmand, a couple other acronyms. You know, I think, I think most of our audience are pretty familiar with IoT, but we'll just sort of cover it very quickly. So, IoT versus IT. IT is, obviously, you know, information technology, or I think that's the, that's the (laughs) globally accepted-Arjmand Samuel:Yeah, yeah.Nic Fillingham:... definition. You know, do you we think of IoT as subset of IT? What is the relationship of, of those two? I mean, clearly, there are three letters versus two letters, (laughs) but there is relationship there. Wh- wh- what are your thoughts?Arjmand Samuel:Yeah. There's a relationship as well as there's a difference, and, and it's important to bring those two out. Information technology is IT, as we know it now for many years, is all about enterprises running their applications, uh, business applications mostly. For that, they need the network support. They need databases. They need applications to be secured and so on. So, all these have to work together. The function of IT, information technology, is to make sure that the, there is availability of all these resources, applications, networks and databases as well as you have them secured and private and so on.Arjmand Samuel:So, all of that is good, but IoT takes it to the next level where now it's not only the enterprise applications, but it's also these devices, which are now deployed by the enterprise. I mentioned Roboticoms. Measured in a conference room you have all these equipment in there, projection and temperature sensors and occupancy sensors and so on. So, all of those beco- are now the, the add on to what we used to call IT and we are calling it the IoT.Arjmand Samuel:Now, the interesting part here is in the industrial IoT space. Th- this is also called OT, operation technology. So, you know, within an organization there'll be IT and OT. OT's operation technology and these are the people or the, uh, function within an organization who deal with the, with the physical machines, the physical plant. You know, the manufacturing line, the conveyor belts, the Roboticoms, and these are called OT functions.Arjmand Samuel:The interesting part here is the goal of IT is different from the goal of OT. OT is all about availability. OT's all about safety, safety so that it doesn't hurt anybody working on the manufacturing line. OT's all about environmental concerns. So, it should not leak bad chemicals and so on. A while, if you talk about security, and this is, like, a few years back when we would talk about security with an OT person, the, the person who's actually... You know, these are people who actually wear those, uh, hard hats, you know, on, uh, a manufacturing plant. And if you talk about security to an OT person, they will typically refer to that guard standing outside and, and, uh, the-Nic Fillingham:Physical security.Arjmand Samuel:The physical security and the, the walls and the cameras, which would make sure that, you know, and then a key card, and that's about all. This was OT security, but now when we started going in and saying that, okay, all these machines can be connected to, to each other and you can collect all this data and then you can actually start doing something interesting with this data. That is where the definition of security and the functions of OT evolved. And not evolving, I mean different companies are at different stages, but they're now evolving where they're thinking, okay, it's not only about the guard standing outside. It's also the fact that the Roboticom could be taken over remotely and somebody outside, around the world, around the globe could actually be controlling that Roboticom to do something bad. And that realization and the fact that now you actually have to control it in the cyber sense and not only in the physical sense is the evolution that happened between OT.Arjmand Samuel:Now, IT and OT work together as well because the same networks are shared typically. Some of the applications that use the data from these devices are common. So, IT and OT, this is the other, uh, thing that has changed and, and we are seeing that change, is starting to work and come closer. Work together more. IoT's really different, but at the same time requires a lot of stuff that IT has traditionally done.Natalia Godyla:Hmm. So, what we considered to be simple just isn't simple anymore.Arjmand Samuel:That's life, right? (laughs) Yeah.Natalia Godyla:(laughs)Arjmand Samuel:(laughs)Natalia Godyla:So, today we wanted to talk about IoT security. So, let's just start with, with framing the conversation a little bit. Why is IoT security important and what makes it more challenging, different than traditional security?Arjmand Samuel:As I just described, right, I mean, we are now infusing compute and in every environment around us. I mean, we talked a little bit about the conveyor belt. Imagine the conference rooms, the smart buildings and, and all the different technologies that are coming in. These are technologies, while they're good, they're serve a scenario. They, they make things more efficient and so on, but they're also now a point of, uh, of failure for that whole system as well as a way for malicious sectors to bring in code if possible. And to either, uh, imagine a scenario where or an attack where a malicious sector goes into the conveyor belt and knows exactly the product that is passing through. And imagine that's something either takes the data and sells it to somebody or, worse case, stops the conveyor belt. That is millions of dollars of loss very, uh, that data that the company might be incurring.Arjmand Samuel:So, now that there's infused computer all around us, we are now living in a target which in a environment which can be attacked, and which can be used for bad things much more than what it was when we were only applications, networks and databases. Easy to put a wall around. Easy to understand what's going on. They're easy to lock down. But with all these devices around us, it's becoming much and much harder to do the same.Nic Fillingham:And then what sort of, if, if we think about IoT and IoT security, one of the things that, sort of, makes it different, I- I th- think, and here I'd love you to explain this, sort of... I- I'm thinking of it as a, as a, as a spectrum of IoT devices that, I mean, they have a CPU. They have some memory. They have some storage. They're, they're running and operating system in some capacity all the way through to, I guess, m- much more, sort of, rudimentary devices but do have some connection, some network connection in order for instruction or data to, sort of, move backwards and forwards. What is it that makes this collection of stuff difficult to protect or, you know, is it difficult to protect? And if so, why? And then, how do we think about the, the, the potential vectors for attack that are different in this scenario versus, you know, protecting lap tops and servers?Arjmand Samuel:Yeah, yeah. That's a good one. So, uh, what happens is you're right. Uh, IoT devices can be big and small, all right. They could be a small MCU class device with a real-time operating system on it. Very small, very, uh, single purpose device, which is imagine collecting temperature or humidity only. Then we have these very big, what we call the edge or heavy edge devices, which are like server class devices running a Roboticom or, or even a gateway class device, which is aggregating data from many devices, right, as a, a, and then take, taking the data and acting on it.Arjmand Samuel:So, now with all this infrastructure, one of the key things that we have seen is diversity and heterogeneity of these devices. Not just in terms of size, but also in terms of who manufactured them, when they were manufactured. So, many of the temperature sensors in environments could be very old. Like, 20 years old and people are trying to use the same equipment and not have to change anything there. And which they can. Technically they could, but then those devices were never designed in for a connected environment for these, this data to actually, uh, be aggregated and sent on the network, meaning they per- perhaps did not have encryption built into it. So, we have to do something, uh, additional there.Arjmand Samuel:And so now with the diversity of devices, when they came in, the, the feature set is so diverse. Some of them were, are more recent, built with the right security principles and the right security properties, but then some of them might not be. So, this could raise a, a challenge where how do you actually secure an infrastructure where you have this whole disparity and many different types of devices, many different manufacturers, many of ages different for these devices. Security properties are different and as we all know talking about security, the attack would always come from the weakest link. So, the attacker would always find, within that infrastructure, the device which has the least security as a entry point into that infrastructure. So, we can't just say, "Oh, I'll just protect my gateway and I'm fine." We have to have some mitigation for everything on that network. Everything. Even the older ones, older devices. We call them brownfield devices because they tend to be old devices, but they're also part of the infrastructure.Arjmand Samuel:So, how do we actually think about brownfield and the, the newer ones we call greenfield devices? Brownfield and greenfield, how do we think about those given they will come from different vendors, different designs, different security properties? So, that's a key challenge today that we have. So, they want to keep those devices as well as make sure that they are secure because the current threat vectors and threat, uh, the, and attacks are, are much more sophisticated.Natalia Godyla:So, you have a complex set of devices that the security team has to manage and understand. And then you have to determine at another level which of those devices have vulnerabilities or which one is the most vulnerable, and then, uh, assume that your most vulnerable, uh, will be the ones that are exploited. It, so, is that, that typically the attack factor? It's going to be the, the weakest link, like you said? And h- how does an attacker try to breach the IoT device?Arjmand Samuel:Yeah, yeah. And, and this is where we, we started using the term zero trust IoT.Natalia Godyla:Mm-hmm (affirmative).Arjmand Samuel:So, IoT devices are deployed in an environment which can not be trusted, should not be trusted. You should assume that there is zero trust in that environment, and then all these devices, when they are in there, you will do the right things. You'll put in the right mitigations so that the devices themselves are robust. Now, another example I always give here is, and, uh, I, your question around the attack vectors and, and how attacks are happening, typically in the IT world, now that we, we have the term defined, in the IT world, you will always have, you know, physical security. You will always put servers in a room and lock it, and, and so on, right, but in an IoT environment, you have compute devices. Imagine these are powerful edge nodes doing video analytics, but they're mounted on a pole next to a camera outside on the road, right? So, which means the physical access to that device can not be controlled. It could be that edge node, again, a powerful computer device with lots of, you know, CPU and, and so on, is deployed in a mall looking at video streams and analyzing those video streams, again, deployed out there where any attacker physically can get a hold of the device and do bad things.Arjmand Samuel:So, again, the attack vectors are also different between IT and OT or IoT in the sense that the devices might not be physically contained in a, in an environment. So, that puts another layer of what do we do to protect such, uh, environments?Nic Fillingham:And then I want to just talk about the role of, sort of, if we think about traditional computing or traditional, sort of, PC based computing and PC devices, a lot of the attack vectors and a lot of the, sort of, weakest link is the user and the user account. And that's why, you know, phishing is such a massive issue that if we can socially engineer a way for the person to give us their user name and password or whatever, we, we, we can get access to a device through the user account. IoT devices and OT devices probably don't use that construct, right? They probably, their userless. Is that accurate?Arjmand Samuel:Yeah. That's very accurate. So, again, all of the attack vectors which we know from IT are still relevant because, you know, if you, there's a phishing attack and the administrator password is taken over you can still go in and destroy the infrastructure, both IT and IoT. But at the same time, these devices, these IoT devices typically do not have a user interacting with them, typically in the compute sense. You do not log into an IoT device, right? Except in sensor with an MCU, it doesn't even have a user experience, uh, a screen on it. And so, there is typically no user associated with it, and that's another challenge. So you need to still have an identity off the device, not on the device, but off the device, but that identity has to be intrinsic off the device. It has to be part of the device and it has to be stable. It has to be protected, secure, and o- on the device, but it does not typically a user identity.Arjmand Samuel:And, and that's not only true for temperature sensors. You know, the smaller MCU class devices. That's true for edge nodes as well. Typically, an edge node, and by the way, when I say the edge node, edge node is a full blown, rich operating system. CPU, tons of memory, even perhaps a GPU, but does not typically have a user screen, a keyboard and a mouse. All it has is a video stream coming in through some protocol and it's analyzing that and then making some AI decisions, decisions based on AI. And, and, but that's a powerful machine. Again, there might never ever be a user interactively signing into it, but the device has an identity of its own. It has to authenticate itself and it workload through other devices or to the Cloud. And all of that has to be done in a way where there is no user attached to it.Natalia Godyla:So, with all of this complexity, how can we think about protecting against IoT attacks. You discussed briefly that we still apply the zero trust model here. So, you know, at a high level, what are best practices for protecting IoT?Arjmand Samuel:Yeah, yeah. Exactly. Now that we, we just described the environment, we described the devices and, and the attacks, right? The bad things that can happen, how do we do that? So, the first thing we want to do, talk about is zero trust. So, do not trust the environment. Even if it is within a factory and you have a guard standing outside and you have all the, you know, the physical security, uh, do not trust it because there are still vectors which can allow malicious sectors to come into those devices. So, that's the first one, zero trust.Arjmand Samuel:Uh, do not trust anything that is on the device unless you explicitly trust it, you explicitly make sure that you can go in and you can, attest the workload, as an example. You can attest the identity of the device, as an example. And you can associate some access control polices and you have to do it explicitly and never assume that this is, because it's a, uh, environment in a factory you're good. So, you never assume that. So, again, that's a property or a principle within zero trust that we always exercise.Arjmand Samuel:Uh, the other one is you always assume breach. You always assume that bad things will happen. I- it's not if they'll happen or not. It's about when they're s- uh, going to happen. So, for the, that thinking, then you're putting in place mitigations. You are thinking, okay, if bad things are going to happen, how do I contain the bad things? How do I contain? How do I make sure that first of all, I can detect bad things happening. And we have, and we can talk about some of the offerings that we have, like Defender for IoT as an example, which you can deploy on to the environment. Even if it's brownfield, you can detect bad things happening based on the network characteristics. So, that's Defender for IoT.Arjmand Samuel:And, and once you can detect bad things happening then you can do something about it. You get an alert. You can, you can isolate that device or take that device off the network and refresh it and do those kind of things. So, the first thing that needs to happen is you assume that it's going breach. You always assume that whatever you are going to trust is explicitly trusted. You always make sure that there is a way to explicitly trust, uh, uh, uh, either the workload or the device or the network that is connected onto the device.Nic Fillingham:So, if we start with verify explicitly, in the traditional compute model where it's a user on a device, we can verify explicitly with, usually, multi factor authentication. So, I have my user name and password. I add an additional layer of authentication, whether it's an, you know, app on my phone, a key or something, some physical device, there's my second factor and I'm, I'm verified explicitly in that model. But again, no users or the user's not, sort of, interacting with the device in, sort of, that traditional sense, so what are those techniques to verify explicitly on an IoT device?Arjmand Samuel:Yeah. I, exactly. So, we, in that white paper, which we are talking about, we actually put down a few things that you can actually do to, to, en- ensure that you have all the zero trust requirements together. Now, the first one, of course, is you need, uh, all devices to have strong identity, right? So, because identity is a code. If you can not identi- identify something you can not, uh, give it an access control policy. You can not trust the data that is coming out from that, uh, device. So, the first thing you do is you have a strong identity. By a strong identity we mean identity, which is rooted in hardware, and so, what we call the hardware based root of trust. It's technologies like TPM, which ensure that you have the private key, which is secured in our hardware, in the hardware and you can not get to it, so and so on. So, you, you ensure that you have a, a strong identity.Arjmand Samuel:You always have these privilege access so you do not... And these principles have been known to our IT operations forever, right? So, many years they have been refined and, uh, people know about those, but we're applying them to the IoT world. So, these privilege access, if our device is required to access another device or data or to push out data, it should only do that for the function it is designed for, nothing more than that. You should always have some level of, uh, device health check. Perhaps you should be able to do some kind of test station of the device. Again, there is no user to access the device health, but you should be able to do, and there are ways, there are services which allow you to measure something on the device and then say yes it's good or not.Arjmand Samuel:You should be able to do a continuous update. So, in case there is a device which, uh, has been compromised, you should be able to reclaim that device and update it with a fresh image so that now you can start trusting it. And then finally you should be able to securely monitor it. And not just the device itself, but now we have to technologies which can monitor the data which is passing through the network, and based on those characteristics can see if a device is attacked or being attacked or not. So, those are the kind of things that we would recommend for a zero trust environment to take into account and, and make those requirements a must for, for IoT deployments.Natalia Godyla:And what's Microsoft's role in protecting against these attacks?Arjmand Samuel:Yeah, yeah. So, uh, a few products that we always recommend. If somebody is putting together a new IoT device right from the silicone and putting that device together, we have a great secure be design device, which is called Azure Sphere. Azure Sphere has a bunch of different things that it does, including identity, updates, cert management. All these are important functions that are required for that device to function. And so, a new device could use the design that we have for Azure Sphere.Arjmand Samuel:Then we have, a gateway software that you put on a gateway which allows you to secure the devices behind that gateway for on time deployments. We have Defender for IoT, again as I mentioned, but Defender for IoT is on-prem, so you can actually monitor all the tracks on the network and on the devices. You could also put a agent, a Micro Agent on these devices, but then it also connects to Azure Sentinel. Azure Sentinel is a enterprise class user experience for security administrators to know what bad things are happening on, on-prem. So, it, the whole end to end thing could works all the way from the network, brownfield devices to the Cloud.Arjmand Samuel:We also have things like, uh, IoT Hub Device Provisioning service. Device provisioning service is an interesting concept. I'll try to briefly describe that. So, what happens is when you have an identity on a device and you want to actually put that device, deploy that device in your environment, it has to be linked up with a service in the Cloud so that it can, it knows the device, there's an identity which is shared and so on. Now, you could do it manually. You could actually bring that device in, read a code, put it in the Cloud and your good to go because now the Cloud knows about that device, but then what do you do when you have to deploy a million devices? And we're talking about IoT scale, millions. A fleet of millions of devices. If you take that same approach of reading a key and putting it in the Cloud, one, you'd make mistakes. Second, you will probably need a lifetime to take all those keys and put them in the cloud.Arjmand Samuel:So, in order to solve that problem, we have the device provisioning service, which it's a service in the Cloud. It is, uh, linked up to the OEMs or manufacturing devices. And when you deploy our device in your field, you do not have to do any of that. Your credentials are passed between the service and the, and the device. So, so, that's another service. IoT Hub Device Provisioning Service.Arjmand Samuel:And then we have, uh, a work, the, uh, a piece of work that we have done, which is the Certification of IoT Devices. So, again, you need the devices to have certain security properties. And how do you do that? How do you ensure that they have the right security properties, like identity and cert management and update ability and so on, we have what we call the Edge Secured-core Certification as well as Azure Certified Device Program. So, any device which is in there has been tested by us and we certify that that device has the right security properties. So, we encourage our customers to actually pick from those devices so that they, they actually get the best security properties.Natalia Godyla:Wow. That's a lot, which is incredible. What's next for Microsoft's, uh, approach to IoT security?Arjmand Samuel:Yeah, yeah. So, uh, one of the key things that we have heard our customers, anybody who's going into IoT ask the question, what is the risk I'm taking? Right? So, I'm deploying all these devices in my factories and Roboticom's connecting them, and so on, but there's a risk here. And how do I quantify that risk? How do I understand th- that risk and how do I do something about that risk?Arjmand Samuel:So, we, we got those questions many years back, like four, five years back. We started working with the industry and together with the Industrial Internet Consortium, IIC, which a consortium out there and there are many companies part of that consortium, we led something called The Security Maturity Model for IoT. So, so, we put down a set of principles and a set of processes you follow to evaluate the maturity of your security in IoT, right? So, it's a actionable thing. You take the document, you evaluate, and then once you have evaluated, it actually give you a score.It says you're level one, or two, or three, or four. Four, that's the authentication. All else is controlled management. And then based on th- that level, you know where you care, first of all. So, you know what your weaknesses are and what you need to do. So, that's a very actionable thing. But beyond that, if you're at level two and you want to be at level four, and by want to means your scenario dictates that you should be at level four, it is actionable. It gives you a list of things to do to go from level two to level four. And then you can reevaluate yourself and then you know that you're at level four. So, that's a maturityArjmand Samuel:Now, In order to operationalize that program with in partnership with IAC, we also have been, and IAC's help, uh, has been instrumental here, we have been working on a training program where we have been training auditors. These are IoT security auditors, third party, independent auditors who are not trained on SMMs Security Maturity Model. And we tell our customers, if you have a concern, get yourself audited using SMM, using the auditors and that will tell you where you are and where you need to go. So, it's evolving. Security for IoT's evolving, but I think we are at the forefront of that evolution.Nic Fillingham:Just to, sort of, finish up here, I'm thinking of some of the recent IoT security stories that were in the news. We won't mention any specifically, but there, there have been some recently. My take aways hearing those stories reading those stories in the news is that, oh, wow, there's probably a lot of organizations out here and maybe individuals at companies that are using IoT and OT devices that maybe don't see themselves as being security people or having to think about IoT security, you know T security. I just wonder if do you think there is a, a population of folks out here that don't think of themselves as IoT security people, but they really are? And then therefore, how do we sort of go find those people and help them go, get educated about securing IoT devices?Arjmand Samuel:Yeah, that's, uh, that's exactly what we are trying to do here. So, uh, people who know security can obviously know the bad things that can happen and can do something about it, but the worst part is that in OT, people are not thinking about all the bad things that can happen in the cyber world. You mentioned that example with that treatment plant. It should never have been connected to the network, unless required. And if it was connected to the, uh, to the network, to the internet, you should have had a ton a mitigations in place in case somebody was trying to come in and should have been stopped. And in that particular case, y- there was a phishing attack and the administrative password was, was taken over. But even with that, with the, some of our products, like Defender for IoT, can actually detect the administrative behavior and can, can detect if an administrator is trying to do bath things. It can still tell other administrators there's bad things happening.Arjmand Samuel:So, there's a ton of things that one could do, and it all comes down, what we have realized is it all comes down to making sure that this word gets out, that people know that there is bad things that can happen with IoT and it's not only your data being stolen. It's very bad things as in that example. And so, the word out, uh, so that we can, uh, we can actually make IoT more secure.Nic Fillingham:Got it. Arjmand, again, thanks so much for your time. It sounds like we really need to get the word out. IoT security is a thing. You know, if you work in an organization that employs IoT or OT devices, or think you might, go and download this white paper. Um, we'll put the link in the, uh, in the show notes. You can just search for it also probably on the Microsoft Security Blog and learn more about cyber security for IoT, how to apply zero trust model. Share it with your, with your peers and, uh, let's get as much education as we can out there.Arjmand Samuel:Thank you very much for this, uh, opportunity.Nic Fillingham:Thanks, Arjmand, for joining us. I think we'll definitely touch on cyber security for IoT, uh, in future episodes. So, I'd love to talk to you again. (music)Arjmand Samuel:Looking forward to it. (music)Natalia Godyla:Well, we had a great time unlocking insights into security from research to artificial intelligence. Keep an eye out for our next episode.Nic Fillingham:And don't forget to Tweet us @MSFTSecurity or email us at with topics you'd like to hear on a future episode. (music) Until then, stay safe.Natalia Godyla:Stay secure. (music)

Looking a Gift Card Horse in the Mouth

Ep. 35
Is it just me, or do you also miss the goodoledays of fraudulent activity?You remember the kind I’m talking about, theemails from princes around the world asking for just a couple hundred dollars to help them unfreeze or retrieve their massive fortune which they would share with you. Attacks havegrownmore nuanced, complex, and invasive since then, but because of the unbelievable talent at Microsoft, we’re constantly getting better at defending against it.On this episode of Security Unlocked, hosts Nic Fillingham and NataliaGodylasit down with returning champion, Emily Hacker, to discuss Business Email Compromise (BEC), an attack that has perpetrators pretending to be someone from the victim’s place of work and instructs them to purchase gift cards and send them to thescammer.Maybe it’s good tolookagift cardhorse in the mouth?In This Episode You Will Learn:Why BEC is such an effective and pervasive attackWhat are the key things to look out for to protect yourself against oneWhy BEC emails are difficult to trackSome Questions We Ask:How do the attackers mimic a true-to-form email from a colleague?Why do we classify this type of email attack separately from others?Why are they asking for gift cards rather than cash?Resources:Emily Hacker’s LinkedIn:’s2020Internet Crime Report’sLinkedIn:’sLinkedIn: Security Blog: Unlocked: CISO Series with Bret Arsenaulthttps://SecurityUnlockedCISOSeries.comTranscript:[Full transcript can be found at]Nic Fillingham:Hello, and welcome to Security Unlocked, a new podcast from Microsoft, where we unlock insights from the latest in news and research from across Microsoft security engineering and operations teams. I'm Nic Fillingham.Natalia Godyla:And I'm Natalia Godyla. In each episode, we'll discuss the latest stories from Microsoft security, deep dive into the newest thread intel, research and data science.Nic Fillingham:And profile some of the fascinating people working on artificial intelligence in Microsoft security.Natalia Godyla:And now, let's unlock the pod.Nic Fillingham:Hello listeners, hello, Natalia, welcome to episode 35 of Security Unlocked. Natalia, how are you?Natalia Godyla:I'm doing well as always and welcome everyone to another show.Nic Fillingham:It's probably quite redundant, me asking you how you are and you asking me how you are, 'cause that's not really a question that you really answer honestly, is it? It's not like, "Oh, my right knee's packing at the end a bit," or "I'm very hot."Natalia Godyla:Yeah, I'm doing terrible right now, actually. I, I just, uh- Nic Fillingham:Everything is terrible.Natalia Godyla:(laughs)Nic Fillingham:Well, uh, our guest today is, is a returning champ, Emily Hacker. This is her third, uh, appearance on Security Unlocked, and, and she's returning to talk to us about a, uh, new business email compromise campaign that she and her colleagues helped unearth focusing on some sort of gift card scam.Nic Fillingham:We've covered business email compromise before or BEC on the podcast. Uh, we had, uh, Donald Keating join us, uh, back in the early days of Security Unlocked on episode six. The campaign itself, not super sophisticated as, as Emily sort of explains, but so much more sort of prevalent than I think a lot of us sort of realize. BEC was actually the number one reported source of financial loss to the FBI in 2020. Like by an order of magnitude above sort of, you know, just places second place, third place, fourth place. You know, I think the losses were in the billions, this is what was reported to the FBI, so it's a big problem. And thankfully, we've got people like, uh, Emily on it.Nic Fillingham:Natalia, can you give us the TLDR on the, on the campaign that Emily helps describe?Natalia Godyla:Yeah, as you said, it's, uh, a BEC gift card campaign. So the attackers use typosquatted domains, and socially engineered executives to request from employees that they purchase gift cards. And the request is very vague. Like, "I need you to do a task for me, "or "Let me know if you're available." And they used that authority to convince the employees to purchase the gift cards for them. And they then co-converted the gift cards into crypto at, at scale to collect their payout.Nic Fillingham:Yeah, and we actually discuss with Emily that, that between the three of us, Natalia, myself and Emily, we actually didn't have a good answer for how the, uh- Natalia Godyla:Mm-hmm (affirmative).Nic Fillingham:... these attackers are laundering these gift cards and, and converting them to crypto. So we're gonna, we're gonna go and do some research, and we're gonna hopefully follow up on a, on a future episode to better understand that process. Awesome. And so with that, on with the pod.Natalia Godyla:On with the pod.Nic Fillingham:Welcome back to the Security Unlocked podcast. Emily hacker, how are you?Emily Hacker:I'm doing well. Thank you for having me. How are you doing?Nic Fillingham:I'm doing well. I'm trying very hard not to melt here in Seattle. We're recording this at the tail end of the heat wave apocalypse of late June, 2021. Natalia, are you all in, I should have asked, have you melted or are you still in solid form?Natalia Godyla:I'm in solid form partially because I think Seattle stole our heat. I'm sitting in Los Angeles now.Nic Fillingham:Uh huh, got it. Emily, thank you for joining us again. I hope you're also beating the heat. You're here to talk about business email compromise. And you were one of the folks that co-authored a blog post from May 6th, talking about a new campaign that was discovered utilizing gift card scams. First of all, welcome back. Thanks for being a return guest. Second of all, do I get credit or do I get blame for the tweet that enabled you to, to- Emily Hacker:(laughs) It's been so long, I was hoping you would have forgotten.Nic Fillingham:(laughs) Emily and I were going backward forward on email, and I basically asked Emily, "Hey, Emily, who's like the expert at Microsoft on business email compromise?" And then Emily responded with, "I am."Emily Hacker:(laughs)Nic Fillingham:As in, Emily is. And so I, I think I apologized profusely. If I didn't, let me do that now for not assuming that you are the subject matter expert, but that then birthed a very fun tweet that you put out into the Twitter sphere. Do you wanna share that with the listeners or is this uncomfortable and we need to cut it from the audio?Emily Hacker:No, it's fine. You can share with the listeners. I, uh- Nic Fillingham:(laughs)Emily Hacker:... I truly was not upset. I don't know if you apologized or not, because I didn't think it was the thing to apologize for. Because I didn't take your question as like a, "Hey," I'm like, "Can you like get out of the way I did not take it that way at all. It was just like, I've been in this industry for five years and I have gotten so many emails from people being like, "Hey, who's the subject matter in X?" And I'm always having to be like, "Oh, it's so and so," you know, or, "Oh yeah, I've talked to them, it's so-and-so." And for once I was like, "Oh my goodness, it me."Natalia Godyla:(laughs)Emily Hacker:Like I'm finally a subject matter in something. It took a long time. So the tweet was, was me being excited that I got to be the subject matter expert, not me being upset at you for asking who it was.Nic Fillingham:No, I, I took it in it's, I did assume that it was excitement and not crankiness at me for not assuming that it would be you. But I was also excited because I saw the tweet, 'cause I follow you on Twitter and I'm like, "Oh, that was me. That was me." And I got to use- Emily Hacker:(laughs)Nic Fillingham:... I got to use the meme that's the s- the, the weird side eye puppet, the side, side eye puppet. I don't know if that translates. There's this meme where it's like a we-weird sort of like H.R. Pufnstuf sort of reject puppet, and it's sort of like looking sideways to the, to the camera.Emily Hacker:Yes.Nic Fillingham:Uh, I've, and I've- Emily Hacker:Your response literally made me laugh a while though alone in my apartment.Nic Fillingham:(laughs_ I've never been able to use that meme in like its perfect context, and I was like, "This is it."Emily Hacker:(laughs) We just set that one up for a comedy home run basically.Nic Fillingham:Yes, yes, yes. And I think my dad liked the tweet too- Natalia Godyla:(laughs)Nic Fillingham:... so I think I had that, so that was good.Emily Hacker:(laughs)Nic Fillingham:Um, he's like my only follower.Emily Hacker:Pure success.Nic Fillingham:Um, well, on that note, so yeah, we're here to talk about business email compromise, which we've covered on the, on the podcast before. You, as I said, uh, co-authored this post for May 6th. We'll have a, a broader conversation about BEC, but let's start with these post. Could you, give us a summary, what was discussed in this, uh, blog post back on, on May 6th?Emily Hacker:Yeah, so this blog post was about a specific type of business email compromise, where the attackers are using lookalike domains and lookalike email addresses to send emails that are trying, in this particular case, to get the user to send them a gift card. And so this is not the type of BEC where a lot of people might be thinking of in terms of conducting wire transfer fraud, or, you know, you read in the news like some company wired several million dollars to an attacker. That wasn't this, but this is still creating a financial impact and that the recipient is either gonna be using their own personal funds or in some cases, company funds to buy gift cards, especially if the thread actor is pretending to be a supervisor and is like, "Hey, you know, admin assistant, can you buy these gift cards for the team?" They're probably gonna use company funds at that point.Emily Hacker:So it's still something that we keep an eye out for. And it's actually, these gift card scams are far and away the most common, I would say, type of BEC that I am seeing when I look for BEC type emails. It's like, well over, I would say 70% of the BEC emails that I see are trying to do this gift card scam, 'cause it's a little easier, I would say for them to fly under the radar maybe, uh, in terms of just like, someone's less likely to report like, "Hey, why did you spend $30 on a gift card?" Than like, "Hey, where did those like six billion dollars go?" So like in that case, "This is probably a little easier for them to fly under the radar for the companies. But in terms of impact, if they send, you know, hundreds upon hundreds of these emails, the actors are still gonna be making a decent chunk of change at the end of the day.Emily Hacker:In this particular instance, the attackers had registered a couple hundred lookalike domains that aligned with real companies, but were just a couple of letters or digits off, or were using a different TLD, or use like a number or sort of a letter or something, something along the lines to where you can look at it and be like, "Oh, I can tell that the attacker is pretending to be this other real company, but they are actually creating their own."Emily Hacker:But what was interesting about this campaign that I found pretty silly honestly, was that normally when the attacker does that, one would expect them to impersonate the company that their domain is looking like, and they totally didn't in this case. So they registered all these domains that were lookalike domains, but then when they actually sent the emails, they were pretending to be different companies, and they would just change the display name of their email address to match whoever they were impersonating.Emily Hacker:So one of the examples in the blog. They're impersonating a guy named Steve, and Steve is a real executive at the company that they sent this email to. But the email address that they registered here was not Steve, and the domain was not for the company that Steve works at. So they got a little bit, I don't know if they like got their wires crossed, or if they just were using the same infrastructure that they were gonna use for a different attack, but these domains were registered the day before this attack. So it definitely doesn't seem like opportunistic, and which it doesn't seem like some actors were like, "Oh, hey look, free domains. We'll send some emails." Like they were brand new and just used for strange purposes.Natalia Godyla:Didn't they also fake data in the headers? Why would they be so careless about connecting the company to the language in the email body but go through the trouble of editing the headers?Emily Hacker:That's a good question. They did edit the headers in one instance that I was able to see, granted I didn't see every single email in this attack because I just don't have that kind of data. And what they did was they spoofed one of the headers, which is an in-reply-to a header, which makes it, which is the header that would let us know that it's a real reply. But I worked really closely with a lot of email teams and we were able to determine that it wasn't indeed a fake reply.Emily Hacker:My only guess, honestly, guess as to why that happened is one of two things. One, the domain thing was like a, a mess up, like if they had better intentions and the domain thing went awry. Or number two, it's possible that this is multiple attackers conducting. If one guy was responsible for the emails with the mess of domains, and a different person was responsible for the one that had the email header, like maybe the email header guy is just a little bit more savvy at whose job of crime than the first guy.Natalia Godyla:(laughs)Nic Fillingham:Yeah, I li- I like the idea of, uh, sort of ragtag grubbing. I don't mean to make them an attractive image, but, you know, a ragtag group of people here. And like, you've got a very competent person who knows how to go and sort of spoof domain headers, and you have a less competent person who is- Emily Hacker:Yeah. It's like Pinky and the Brain.Nic Fillingham:Yeah, it is Pinky and the Brain. That's fantastic. I love the idea of Pinky and the Brain trying to conduct a multi-national, uh- Emily Hacker:(laughs)Nic Fillingham:... BEC campaign as their way to try and take over the world. Can we back up a little bit? We jumped straight into this, which is totally, you know, we asked you to do that. So, but let's go back to a little bit of basics. BEC stands for business email compromise. It is distinct from, I mean, do you say CEC for consumer email compromise? Like what's the opposite side of that coin? And then can you explain what BEC is for us and why we sort of think about it distinctly?Emily Hacker:Mm-hmm (affirmative), so I don't know if there's a term for the non-business side of BEC other than just scam. At its basest form, what BEC is, is just a scam where the thread actors are just trying to trick people out of money or data. And so it doesn't involve any malware for the most part at the BEC stage of it. It doesn't involve any phishing for the most part at the BEC stage of it. Those things might exist earlier in the chain, if you will, for more sophisticated attacks. Like an attacker might use a phishing campaign to get access before conducting the BEC, or an attacker might use like a RAT on a machine to gain access to emails before the actual BEC. But the business email compromise email itself, for the most part is just a scam. And what it is, is when an attacker will pretend to be somebody at a company and ask for money data that can include, you know, like W-2's, in which case that was still kind of BEC.Emily Hacker:And when I say that they're pretending to be this company, there's a few different ways that that can happen. And so, the most, in my opinion, sophisticated version of this, but honestly the term sophisticated might be loaded and arguable there, is when the attacker actually uses a real account. So business email compromise, the term might imply that sometimes you're actually compromising an email. And those are the ones where I think are what people are thinking of when they're thinking of these million billion dollar losses, where the attacker gains access to an email account and basically replies as the real individual.Emily Hacker:Let's say that there was an email thread going on between accounts payable and a vendor, and the attacker has compromised the, the vendor's email account, well, in the course of the conversation, they can reply to the email and say, "Hey, we just set up a new bank account. Can you change the information and actually wire the million dollars for this particular project to this bank account instead?" And if the recipient of that email is not critical of that request, they might actually do that, and then the money is in the attacker's hands. And it's difficult to be critical of that request because it'll sometimes literally just be a reply to an ongoing email thread with someone you've probably been doing business with for a while, and nothing about that might stand out as strange, other than them changing the account. It can be possible, but difficult to get it back in those cases. But those are definitely the ones that are, I would say, the most tricky to spot.Emily Hacker:More common, I would say, what we see is the attacker is not actually compromising an email, not necessarily gaining access to it, but using some means of pretending or spoofing or impersonating an email account that they don't actually have access to. And that might include registering lookalike domains as in the case that we talked about in this blog. And that can be typosquatted domains or just lookalike domains, where, for example, I always use this example, even though I doubt this domain is available, but instead of doing, they might do Microsoft with a zero, or like Microsoft using So it looks like an M at first glance, but it's actually not. Or they might do something like or something, which that obviously would not be available, but you get the point. Where they're just getting these domains that kind of look like the right one so that somebody, at first glance, will just look up and be like, "Oh yeah, that looks like Microsoft. This is the right person."Emily Hacker:They might also, more commonly, just register emails using free email services and either do one of two things, make the email specific to the person they're targeting. So let's say that an attacker was pretending to be me. They might register, or more recently and maybe a little bit more targeted, they might register like, and then they'll send an email as me. And then on the, I would say less sophisticated into the spectrum, is when they are just creating an email address that's like And then they'll use that email address for like tons of different targets, like different victims. And they'll either just change the display name to match someone at the company that they're targeting, or they might just change it to be like executive or like CEO or something, which like the least believable of the bunch in my opinion is when they're just reusing the free emails.Emily Hacker:So that's kind of the different ways that they can impersonate or pretend to be these companies, but I see all of those being used in various ways. But for sure the most common is the free email service. And I mean, it makes sense, because if you're gonna register a domain name that cost money and it takes time and takes skill, same with compromising an email account, but it's quick and easy just to register a free email account. So, yeah.Nic Fillingham:So just to sort of summarize here. So business email compromise i-is obviously very complex. There's lots of facets to it.Emily Hacker:Mm-hmm (affirmative).Nic Fillingham:It sounds like, first of all, it's targeted at businesses as opposed to targeted individuals. In targeted individuals is just more simple scams. We can talk about those, but business email compromise, targeted at businesses- Emily Hacker:Mm-hmm (affirmative).Nic Fillingham:... and the end goal is probably to get some form of compromise, and which could be in different ways, but some sort of compromise of a communication channel or a communication thread with that business to ultimately get some money out of them?Emily Hacker:Yep, so it's a social engineering scheme to get whatever their end goals are, usually money. Yeah.Nic Fillingham:Got it. Like if I buy a gift card for a friend or a family for their birthday, and I give that to them, the wording on the bottom says pretty clearly, like not redeemable for cash. Like it's- Emily Hacker:So- Nic Fillingham:... so what's the loophole they're taking advantage of here?Emily Hacker:Criminals kind of crime. Apparently- Natalia Godyla:(laughs)Emily Hacker:... there are sites, you know, on the internet specifically for cashing out gift cards for cryptocurrency.Nic Fillingham:Hmm.Emily Hacker:And so they get these gift cards specifically so that they can cash them out for cryptocurrency, which then is a lot, obviously, less traceable as opposed to just cash. So that is the appeal of gift cards, easier to switch for, I guess, cryptocurrency in a much less traceable manner for the criminals in this regard. And there are probably, you know, you can sell them. Also, you can sell someone a gift card and be like, "Hey, I got a $50 iTunes gift card. Give me $50 and you got an iTunes gift card." I don't know if iTunes is even still a thing. But like that is another means of, it's just, I think a way of like, especially the cryptocurrency one, it's just a way of distancing themselves one step from the actual payout that they end up with.Nic Fillingham:Yeah, I mean, it's clearly a, a laundering tactic.Emily Hacker:Mm-hmm (affirmative).Nic Fillingham:It's just, I'm trying to think of like, someone's eventually trying to get cash out of this gift card-Emily Hacker:Mm-hmm (affirmative).Nic Fillingham:... and instead of going into Target with 10,000 gift cards, and spending them all, and then turning right back around and going to the returns desk and saying like, "I need to return these $10,000 that I just bought."Emily Hacker:Mm-hmm (affirmative).Nic Fillingham:I guess I'm just puzzled as to how, at scale- Emily Hacker:Yeah.Nic Fillingham:... and I guess that's the key word here, at scale, at a criminal scale, how are they, what's the actual return? Are they getting, are they getting 50 cents on the dollar? Are they getting five cents on the dollar? Are they getting 95 cents on the dollar? Um, it sounds like, maybe I don't know how to ask that question, but I think it's a fascinating one, I'd love to learn more about.Emily Hacker:It is a good question. I would imagine that the, the sites where they exchange them for cryptocurrency are set up in a way where rather than one person ending up with all the gift cards to where that you have an issue, like what you're talking about with like, "Hey, uh, can I casually return these six million gift cards?" Like rather than that, they're, it's more distributed. But there probably is a surcharge in terms of they're not getting a one-to-one, but it's- Nic Fillingham:Yeah.Emily Hacker:... I would not imagine that it's very low. Or like I would not imagine that they're getting five cents on the dollar, I would imagine it's higher than that.Nic Fillingham:Got it.Emily Hacker:But I don't know. So, that's a good question.Natalia Godyla:And we're talking about leveraging this cryptocurrency model to cash them out. So has there been an increase in these scams because they now have this ability to cash them out for crypto? Like, was that a driver?Emily Hacker:I'm not sure. I don't know how long the crypto cash out method has been available.Natalia Godyla:Mm-hmm (affirmative).Emily Hacker:I've only recently learned about it, but that's just because I don't spend, I guess I don't spend a lot of time dealing with that end of the scam. For the most part, my job is looking at the emails themselves. So, the, learning what they're doing once they get the gift cards was relatively new to me, but I don't think it's new to the criminals. So it's hard for me to answer that question, not knowing how long the, the crypto cash out method has been available to them. But I will say that it does feel like, in the last couple of years, gift card scams have just been either increasing or coming into light more, but I think increasing.Nic Fillingham:Emily, what's new about this particular campaign that you discussed in the blog? I-it doesn't look like there's something very new in the approach here. This feels like it's a very minor tweak on techniques that have been employed for a while. Tell me what's, what's new about this campaign? (laughs)Emily Hacker:(laughs) Um, so I would agree that this is not a revolutionary campaign.Nic Fillingham:Okay.Emily Hacker:And I didn't, you know, choose to write this one into the blog necessarily because it's revolutionary, but rather because this is so pervasive that I felt like it was important for Microsoft customers to be aware that this type of scam is so, I don't know what word, now we're both struggling with words, I wanna say prolific, but suddenly the definition of that word seems like it doesn't fit in that sentence.Nic Fillingham:No, yeah, prolific, that makes sense. Emily Hacker:Okay.Nic Fillingham:Like, this is, it sounds like what you're saying is, this blog exists not because this campaign is very unique and some sort of cutting-edge new technique, it exists because it's incredibly pervasive.Emily Hacker:Yes.Nic Fillingham:And lots and lots of people and lots and lots of businesses are probably going to get targeted by it. Emily Hacker:Exactly.Nic Fillingham:And we wanna make sure everyone knows about it.Emily Hacker:And the difference, yes, and the, the only real thing that I would say set this one apart from some of the other ones, was the use of the lookalike domains. Like so many of the gift cards scams that I see, so many of the gift cards scams that I see are free email accounts, Gmail, AOL, Hotmail, but this one was using the lookalike domains. And that kind of gave us a little bit more to talk about because we could look into when the domains were registered. I saw that they were registered the day, I think one to two days before the attack commenced. And that also gave us a little bit more to talk about in terms of BEC in the blog, because this kind of combined a couple of different methods of BEC, right? It has the gift cards scam, which we see just all the time, but it also had that kind of lookalike domain, which could help us talk about that angle of BEC.Emily Hacker:But I had been, Microsoft is, is definitely starting to focus in on BEC, I don't know, starting to focus in, but increasing our focus on BEC. And so, I think that a lot of the stuff that happens in BEC isn't new. Because it's so successful, there's really not much in the way of reason for the attackers to shift so dramatically their tactics. I mean, even with the more sophisticated attacks, such as the ones where they are compromising an account, those are still just like basic phishing emails, logging into an account, setting up forwarding rules, like this is the stuff that we've been talking about in BEC for a long time. But I think Microsoft is talking about these more now because we are trying to get the word out, you know, about this being such a big problem and wanting to shift the focus more to BEC so that more people are talking about it and solving it. Natalia Godyla:It seemed like there was A/B testing happening with the cybercriminals. They had occasionally a soft intro where someone would email and ask like, "Are you available?" And then when the target responded, they then tried to get money from that individual, or they just immediately asked for money.Emily Hacker:Mm-hmm (affirmative).Natalia Godyla:Why the different tactics? Were they actually attempting to be strategic to test which version worked, or was it just, like you said, different actors using different methods?Emily Hacker:I would guess it's different actors using different methods or another thing that it could be was that they don't want the emails to say the same thing every time, because then it would be really easy for someone like me to just identify them- Natalia Godyla:Mm-hmm (affirmative).Emily Hacker:... in terms of looking at mail flow for those specific keywords or whatever. If they switch them up a little bit, it makes it harder for me to find all the emails, right? Or anybody. So I think that could be part of the case in terms of just sending the exact same email every time is gonna make it really easy for me to be like, "Okay, well here's all the emails." But I think there could also be something strategic to it as well. I just saw one just yesterday actually, or what day is it, Tuesday? Yeah, so it must've been yesterday where the attacker did a real reply.Emily Hacker:So they sent the, the soft opening, as you said, where it just says, "Are you available?" And then they had sent a second one that asked that full question in terms of like, "I'm really busy, I need you to help me, can you call me or email me," or something, not call obviously, because they didn't provide a phone number. Sometimes they do, but in this case, they didn't. And they had actually responded to their own email. So the attacker replied to their own email to kind of get that second push to the victim. The victim just reported the email to Microsoft so they didn't fall for it. Good for them. But it does seem that there might be some strategy involved or desperation. I'm not sure which one.Natalia Godyla:(laughs) Fine line between the two.Emily Hacker:(laughs)Nic Fillingham:I'd want to ask question that I don't know if you can answer, because I don't wanna ask you to essentially, you know, jeopardize any operational security or sort of tradecraft here, but can you give us a little tidbit of a glimpse of your, your job, and, and how you sort of do this day-to-day? Are you going and registering new email accounts and, and intentionally putting them in dodgy places in hopes of being the recipient? Or are you just responding to emails that have been reported as phishing from customers? Are you doing other things like, again, I don't wanna jeopardize any of your operational security or, you know, the processes that you use, but how do you find these?Emily Hacker:Mm-hmm (affirmative).Nic Fillingham:And how do you then sort of go and follow the threads and uncover these campaigns?Emily Hacker:Yeah, there's a few ways, I guess that we look for these. We don't currently have any kind of like Honey accounts set up or anything like that, where we would be hoping to be targeted and find them this way. I know there are different entities within Microsoft who are, who do different things, right? So my team is not the entity that would be doing that. So my team's job is more looking at what already exists. So we're looking at stuff that customers have reported, and we're also looking at open source intelligence if anyone else has tweeted or released a blog or something about an ongoing BEC campaign, that might be something that then I can go look at our data and see if we've gotten.Emily Hacker:But the biggest way outside of those, those are the two, like I would say smaller ways. The biggest way that we find these campaigns is we do technique tracking. So we have lots of different, we call them traps basically, and they run over all mail flow, and they look for certain either keywords or there are so many different things that they run on. Obviously not just keywords, I'm just trying to be vague here. But like they run on a bunch of different things and they have different names. So if an email hits on a certain few items, that might tell us, "Hey, this one might be BEC," and then that email can be surfaced to me to look into.Emily Hacker:Unfortunately, BEC is very, is a little bit more difficult to track just by the nature of it not containing phishing links or malware attachments or anything along those lines. So it is a little bit more keyword based. And so, a lot of times it's like looking at 10,000 emails and looking for the one that is bad when they all kind of use the same keywords. And of course, we don't just get to see every legitimate email, 'cause that would be like a crazy customer privacy concern. So we only get to really see certain emails that are suspected malicious by the customer, in which case it does help us a little bit because they're already surfacing the bad ones to us.Emily Hacker:But yeah, that's how we find these, is just by looking for the ones that already seem malicious kind of and applying logic over them to see like, "Hmm, this one might be BEC or," you know, we do that, not just for BEC, but like, "Hmm, this one seems like it might be this type of phishing," or like, "Hmm, this one seems like it might be a buzz call," or whatever, you know, these types of things that will surface all these different emails to us in a way that we can then go investigate them.Nic Fillingham:So for the folks listening to this podcast, what do you want them to take away from this? What you want us to know on the SOC side, on the- Emily Hacker:Mm-hmm (affirmative).Nic Fillingham:... on the SOC side? Like, is there any additional sort of, what are some of the fundamentals and sort of basics of BEC hygiene? Is there anything else you want folks to be doing to help protect the users in their organizations?Emily Hacker:Yeah, so I would say not to just focus on monitoring what's going on in the end point, because BEC activity is not going to have a lot, if anything, that's going to appear on the end point. So making sure that you're monitoring emails and looking for not just emails that contain malicious links or attachments, but also looking for emails that might contain BEC keywords. Or even better, if there's a way for you to monitor your organization's forwarding rules, if a user suddenly sets up a, a slew of new forwarding rules from their email account, see if there's a way to turn that into a notification or an alert, I mean, to you in the SOC. And that's a really key indicator that that might be BEC, not necessarily gift cards scam, but BEC.Emily Hacker:Or see if there is a way to monitor, uh, not monitor, but like, if your organization has users reporting phishing mails, if you get one that's like, "Oh, this is just your basic low-level credential phishing," don't just toss it aside and be like, "Well, that was just one person and has really crappy voicemail phish, no one's going to actually fall for that." Actually, look and see how many people got the email. See if anybody clicked, force password resets on the people that clicked, or if you can't tell who clicked on everybody, because it really only takes one person to have clicked on that email and you not reset their password, and now the attackers have access to your organization's email and they can be conducting these kinds of wire transfer fraud.Emily Hacker:So like, and I know we're all overworked in this industry, and I know that it can be difficult to try and focus on everything at once. And especially, you know, if you're being told, like our focus is ransomware, we don't want to have ransomware. You're just constantly monitoring end points for suspicious activity, but it's important to try and make sure that you're not neglecting the stuff that only exists in email as well. Natalia Godyla:Those are great suggestions. And I'd be remiss not to note that some of those suggestions are available in Microsoft Defender for Office 365, like the suspicious forwarding alerts or attack simulation training for user awareness. But thank you again for joining us, Emily, and we hope to have you back on the show many more times.Emily Hacker:Yeah, thanks so much for having me again.Natalia Godyla:Well, we had a great time unlocking insights into security from research to artificial intelligence. Keep an eye out for our next episode.Nic Fillingham:And don't forget to tweet us @msftsecurity, or email us at with topics you'd like to hear on our future episode. Until then, stay safe.Natalia Godyla:Stay secure.

Simulating the Enemy

Ep. 34
How does that old saying go?Keep your friends close andkeepyour understanding of a threat actor’sunderlying behavior and functionality of tradecraft closer?Asnew tools are developed and implemented for individuals and businesses to protect themselves, wouldn’t it be great to see how they hold up against different attacks withoutactually havingto wait for an attack to happen?Microsoft’s new open-source tool,Simuland, allows users to simulate attacks on their owninfrastructureto see where their own weaknesses lie.In this episode of Security Unlocked, hosts Natalia Godyla and Nic Fillingham sit down with Roberto Rodriguez,PrincipleThreatResearcher for the Microsoft Threat Intelligence Center (MSTIC)andSimuland’sdeveloper,to understand how the project came to life, and what users can expect as they use it.In This Episode You Will Learn:How community involvement will helpSimulandgrowHow individuals can useSimulandto seeexamples of actions threat actors can take against their infrastructureWhat other projects and libraries went intoSimuland’sdevelopmentSome Questions We Ask:What exactly is being simulated inSimuland?What do does Roberto hope for users to take away fromSimuland?What is next for theSimulandproject?Resources:RobertoRodriguez’sLinkedIn:’s blog post,SimuLand: Understand adversary tradecraft and improve detection strategies:’s Twitter:Cyb3rWard0g Fillingham’s LinkedIn:’sLinkedIn: Security Blog: Unlocked: CISO Series with Bret Arsenaulthttps://SecurityUnlockedCISOSeries.comTranscript:[Full transcript can be found at]Nic Fillingham:Hello and welcome to Security Unlocked. A new podcast from Microsoft, where we unlock insights from the latest in news and research from across Microsoft Security Engineering and Operations teams. I'm Nic Fillingham.Natalia Godyla:And I'm Natalia and Godyla. In each episode, we'll discuss the latest stories from Microsoft Security, deep dive into the newest threat intel, research and data science.Nic Fillingham:And profile some of the fascinating people working on artificial intelligence in Microsoft Security. Natalia Godyla:And now let's unlock the pod. Nic Fillingham:Hello listeners. Hello, Natalia. Welcome to episode 34 of Security Unlocked. Natalia, how are you? Natalia Godyla:I'm doing well, thanks for asking. And hello everyone. Nic Fillingham:On today's episode, we have Principal Threat Researcher from the MSTIC Group, Roberto Rodriguez, who is here to talk to us about SimuLand, which is a new open source initiative, uh, that Roberto, uh, announced and discuss in a blog post from may the 20th, 2021. Natalia, you've got a, an overview here of SimuLand. Can you give us the TLDR? Natalia Godyla:Of course. So SimuLand is like you said, an, an open source initiative at Microsoft that helps security researchers test real attack scenarios, and determine the effectiveness of the detections in products such as Microsoft 365 Defender, Azure Defender and Azure Sentinel, with the intent of expanding it beyond those products in the future. Nic Fillingham:And Roberto, obviously we'll sort of expand upon that in the interview. Uh, one of the questions we asked Roberto is how did this all begin? And it began with an email from someone in Roberto's team saying, "Hey Roberto, could you write a blog post that sort of explains the steps needed to go and, uh, deploy a lab environment that reproduces some of these techniques?" And Roberta said, "Sure." And started writing. And he got to about page 80. Uh, you got 80 pages in and decided, "You know what, I think I can probably turn this into, uh, a set of scripts or into a tool." And that's sort of the kickoff of the SimuLand project. There's obviously more to it than that, which Roberto will go into, uh, in the interview. The other thing we learned, Natalia is Roberto might have taken the crown as the busiest person in, in security. Natalia Godyla:He certainly does. And, uh, lucky us, we get to ask him questions about all of the open source projects that he's been working on. So we'll do a little bit of a Harbor cruise through those projects in addition to SimuLand and this episode.Nic Fillingham:And with that, on with the pod.Natalia Godyla:On with the pod.Nic Fillingham:Welcome to the Security Unlocked podcast, Roberto Rodriguez. Thanks for your time.Roberto Rodriguez:Yeah. Thank you. Thank you. Thank you for having me here. Nic Fillingham:Yeah. We'd love to start with a quick intro. If you could tell the audience, uh, about yourself, about your role at Microsoft and, and what is your day-to-day look like? Roberto Rodriguez:Sure. Yeah. So my name is Roberta Rodriguez. Um, I'm a Principal Threat Researcher for the Microsoft Threat Intelligence Center, known as MSTIC, and I'm part of the R&D team. And my day-to-day, uh, is very interesting. There's a lot of things going on. So my role primarily is to empower all their security researchers in my organization to do, for example, some of their development of detections, performing research in general. So I tend to follow my day-to-day into... I kind of like breaking it down into a couple of pieces. Like the whole research methodology has several different steps.Roberto Rodriguez:So what I do is I try to innovate in some of those steps in order to expedite the process, trying to maybe come up with some new tools that they could use. And at the same time, I like to dissect adversary tradecraft, and then try and just to take that knowledge and then share it with others and trying to collaborate with other teams as well. Not only in MSTIC, but yeah, but across like other teams at Microsoft as well.Natalia Godyla:Thank you for that. And today we're here to talk about one of the blogs you authored on the Microsoft Security blog, SimuLand understand adversary tradecraft, and improve detection strategies. So, um, can we just start with defining SimuLand? What is SimuLand? Roberto Rodriguez:Yep. So SimuLand is an open source initiative. It's, it's a project that started just as a blog post to talk about, for example, an end-to-end scenario where we can start mapping detections to it. So we decided to take that idea and started sharing more scenarios with the community, showing them a little bit how, for example, like a threat actor could go about it and trying to compromise the specific, you know, resources either in Azure or on Prem. And then try to map all that with some of the detections that we have, trying to validate detections and alerts from different products from the 365 Defenders security, Azure Defender. Roberto Rodriguez:And of course, Azure Sentinel at the end, trying to, trying to bring all those data sources together and then allow also not only people at Microsoft, but outside, right? Customers or people even trying to use trial licenses to understand the, you know, the power of all this technology together. Because usually, you know, when you start thinking about all these security products, we always try to picture them like as isolated products. So the idea is how we can start providing documentation to deploy lap environments, walk them through a whole scenario, map the... For example, attack behavior to detections, and then just showcase what you can do with, you know, with all these products.Roberto Rodriguez:Um, that's kind of like the main idea. And of course I, some of the output could be understanding, you know, the adversary in general, trying to go deep beyond just alerts. Because our goal also is not just to say, "Oh, this attack action happens. And then this alert triggers." The idea is to say first, you know, let's validate those alerts, but then second, we want you to go through and analyze the additional data, additional context that gets created in every single step, because at the same, you know, it will be nice to see what people can come up with. Roberto Rodriguez:You know, there's a lot of different data sets being showcased through this, you know, type of lab environments that, you know, for example, we believe that there could be other use cases that you can create on the top of all that telemetrics. So that's what we want to expose all that documentation that has helped us, for example, to do internal research. When I joined Microsoft, there was not much so I would say from a lap environment that was fully documented to deploy and then just try to use it right away when there is an incident, for example, or just trying to do research in general. So my idea was why can't we share all this with a community and see if they could also benefit because we're using this also internally.Nic Fillingham:I, I'd love to actually just quickly look at the name. So SimuLand, I'm assuming that's a portmanteau or is it, is it an acronym? Tell me how you got to SimuLand. Because I think that may actually also help, you know, further clarify what this is. Roberto Rodriguez:Yeah. So, yeah, SimuLand, uh, it's I believe, you know, it comes from as... Well, it has also some contexts around Spanish. Uh, so in Spanish we say simulando. So simulando means simulating something.Nic Fillingham:Okay.Roberto Rodriguez:But at the same time, I feel that SimuLand, the idea was to say, deploy this environment, which could turn into a, let's say like a land out there that it's, it's primarily to simulate stuff and to start, you know, learning about adversary trade graph. So it's kind of like the SimuLand, like the simulating land or the land of the simulation. And then also in Spanish, they simulando. So it has a couple of different meanings, but the, the main one is this is the land where you can simulate something and then learn and learn about that simulation in general. Roberto Rodriguez:So that, that was kind of like the thought that, you know, when behind it, not probably too much, but, uh, (laughs) that was idea. And I think that people liked it. I think it just stayed with the project. So-Nic Fillingham:And, and given that you're s- you're simulating sort of the threat space is, is this land that's being simulated? Is this your sort of sovereign, uh, land to protect? Or is this the, is this the actual sort of the theater of cyber war? Like what are you simulating here? Are you're simulating the attacker's environment. Are you simulating your environment? Are you simulating both?Roberto Rodriguez:Yeah, it's a great question. So we're trying to, primarily of course you simulate, let's say an organization that has, for example, like on-prem resources that are trying to connect to an Azure cloud infrastructure, for example. So simulating that environment first, but then at the same time, trying to execute some of those, for example, actions that I threat actor could take in order to compromise the environment. And of course that could come with some of the tools that are used also by, you know, known threat actors who trying to stay with public tools. So things that are already out there, things that have been also identified, but a few threads reports out there as well.Roberto Rodriguez:So we're trying to use what others also could use right away. You know, we don't want to, you know, of course share code or applications that no one has seen ever out there. So the idea is to primarily simulate the full organization environment, like an example of, of what that environment will look like, but then at the same time use public tools to perform some actions in the environment. Natalia Godyla:So, as you said before, you're exposing a lab environment that you had been leveraging internally at Microsoft so the community can benefit from it. What was the community using before in order to either test these products or do further research? Roberto Rodriguez:Sure. So I would say that there is a lot of different communities that we're building, let's say, like, for example, some active directory environments, uh, trying to simulate the creation of different, you know, windows endpoints, um, on a specific domain. And then they were using a lot of open source tools, for example, like, you know, things such as Sysmon from a windows perspective, like, oh, it's squarely also in windows, but then on other platforms. But at the same time, what I wanted to do is why can't we use that, which people are used to trying to use open source tools or just open tools. Roberto Rodriguez:And then at the same time trying to use, uh, for example, enterprise, security controls or products in general. That type of, uh, simulation of a full end-to-end scenario, I have not seen it before. I have seen, for example, some basic examples of one, let's say, um, you know, scenario from Microsoft Defender, evaluation labs, for example, they have a service where you can simulate two to four computers with MDE, which is Microsoft Defender for endpoint, those scenarios existed, but there was nothing out there that could have everything in one place. Roberto Rodriguez:So we're talking about Microsoft Defender for Endpoint, identity, Microsoft Defender for cloud application security, Azure Defender. And then on the top of that, Azure Sentinel detections, all that together was not out there. Once again, there was just a couple of scenarios, lap environments that were touching a few things, but he was not covering the whole framework or the whole platform to test all these different detections. But at the same time, how you can work with everything at once, because that's also one of the goals of the project is we always hear, for example, once again, detections from one product only, but then there is a lot that you can do when you have one detection from MDE, one detection from Azure Sentinel, MDI, et cetera, all that additional context was not public yet before SimuLand.Roberto Rodriguez:So that's what I was trying to do. Is to bring all this in one place and, and, you know, bringing everything to the SimuLand. (laughs)Nic Fillingham:Is there a particular scenario Roberto, that you can sort of walk us through that's sort of gonna, gonna fully cover the gamut of what SimuLand can do?Roberto Rodriguez:Yes, yes. Definitely. So there is one scenario in there. We're trying to, to of course, you know, add more scenarios to this, uh, platform. So the only one that we have in there is what I call golden SAML two, you know, still for example, or 4J SAML token, and then use that in order to, for example, modify Azure ID applications in order to then use those applications to access mail data, for example. So that's one scenario. The, the main part is golden SAML. That's scenario for example, what we're trying to do with SimuLand is to first make sure that we prepare whoever is using SimuLand to understand what it is that you need before you even try to do anything. Roberto Rodriguez:Right? Because usually we try to jump directly to the simulation and trying to let's say, attack an environment, but there is a lot of pieces that you need to happen before, right? So SimuLand gives you what is called preparation. So in preparation, and you understand all the licensing that you might need, not every scenario needs, uh, we'll need, let's say an enterprise license, or there's going to be a couple of scenarios where are going to be simple. So not too much going on in there, but next step is how to deploy an environment. So once you take care of the licensing, once you take care of, for example, what are the additional resources that you might need to stand up before you deploy a full environment? So now we can deploy it. Roberto Rodriguez:We provide also Azure resource manager templates. So arm templates to let's say first document the environment as code, and then be able just to deploy it with a few commands, um, rather than trying to do everything manually, which is time consuming and is too complex to, to figure it out. The next step of once we have the environment, then we can start for example, running a few actions. So if we go to golden SAMLs, a golden SAMLs starts with let's for example, use a compromised account that was the one handling the Active Directory Federation Services, for example, in the organization on Prem, then we take that and then we start, for example, accessing the database where we can instill the certificate to sign tokens. Roberto Rodriguez:Once we get that, then we can go through that whole scenario step-by-step as we go executing every single action, we can start identifying detections, images of what it would look like on MDI, MD, MDE, MKAZ, Azure Sentinel, all the way to even show you some additional settings that you might need to potentially enable if you want to collect more telemetry. And then at the end, which is, you know, closest scenario with, you know, showing you what it is that you did. And then, uh, at the same time, all the alerts that trigger or the telemetry that was available.Roberto Rodriguez:And since we are sharing a full environment where everything is running, then you can just go back to the environment and go deeper. Maybe do some forensics, maybe do some additional incident response actions. So that, that will be, I would say the, the end-to-end thing with SimuLand, what you can do once you jump into the project.Natalia Godyla:And so for users who've jumped into SimuLand and gone through some of the scenarios, what is your intent for the users once they have these results, what's the use case for them and how do you want them to interact with your team as well? How do you want the community to get involved? Roberto Rodriguez:Yes, that's a great question. So initially what we want to people using SimuLand is once again, go beyond just the alerts. Because alerts, which is one thing that will trigger, we're taking care of all that. So wherever is using, for example, the Microsoft 365 Defender products in general, you know, they are protected with all these detections, right? But my goal is for a researcher or a security analyst to go deeper into that telemetry once again, around in a specific, uh, so I run a specific on alerts so that they can learn more about the adversary behavior in general.Roberto Rodriguez:Usually we just see the alert and then we stop and then we just started the incident and then we pass it to somebody else. I want people to dive into the, you know, all this telemetry that is being collected and they start putting together that whole adversary tradecraft, for example. Understanding the behavior to me is, is very important. There is a lot of different things that you can do with a telemetry already in SimuLand. So that's just one of the goals. The second goal is to see if you're even ready for those types of, you know, alerts. For example, what do you do if you get all these four or five alerts in your environment? How do you respond to that? Roberto Rodriguez:So these could also be part of our training exercise, for example. So there is a couple of things that you can do in there. Another scenario could be, you know, exporting all the data that is being collected and then probably use it for some demos. Once again, also for some training, focusing a lot on trying to understand and learn the adversary tradecraft. Like for me, that's very important once again, because we don't just want to learn about one specific indicator of compromise, we want to make sure that we're covering, uh, scenarios that would allow us to, you know, respond and understand techniques or at the tactical level.Roberto Rodriguez:Um, and then from a collaboration with us, I believe that, you know, one could be trying to give us some feedback and see what else we could do with these scenarios. There is a couple of people in the community, for example, that are sharing some cool detections on the top of the stuff that we already developed. There is a lot of detections being insured through Azure Sentinel GitHub, through enter 65, advanced square is GitHub. And there is people just building things on the top of that. So we would like to hear more of those scenarios and maybe include all those to SimuLand so that we can make SimuLand also a place where we can share those schools, those cool detections ideas that people might have. Roberto Rodriguez:And that could be shared also with others using the environment. Everything I would say from a communication perspective happens through GitHub through issues. Anything that anybody would like to add or probably request, any features. It will be nice. We had one person asking us about, can we add, for example, Microsoft Defender, so MDO, which is Microsoft Defender for Office 365, I think it is. And so those, you know, for example, products, something that I had not added yet. So that's something that is coming. So, uh, invest the type of collaboration that I expect from the community as well.Natalia Godyla:And what's on the roadmap for simulant? What's next for evolving the project?Roberto Rodriguez:Yeah. So SimuLand has a couple of things that are coming out. So one is going to be automation, automation from the execution of attacker actions. So right now the deployment is automated. I would say, I would say 90% of the deployment is automated. There is a few things that are kind of hard to automate right now. And it's just a simple, just like a few more clicks on the top of the deployment. But from the attacker's perspective, we wanted to make SimuLand a project where you can walk someone through the whole process. These are the actions that take place in the whole simulation, and then you can start exploring one-by-one. Roberto Rodriguez:So it's a very manual process to, to go through the SimuLand labs, for example. So one thing that we wanted to do is to automate those steps, those attacker actions, because, you know, we have, for example, a few people that are taking advantage of how modular SimuLand is that they do not want to deal with preparation and deployment. All they wanna do is take the execution of the actions and then just plug them into their own environment. Because they say, I already have the same deployment. Well, yeah. A similar deployment with all the tools that you ask to be deployed. Why not? Can I just take the attacker actions and then just to start a learning or maybe do it in a schedule base, right?Roberto Rodriguez:Like every Friday we execute a few scenarios. So that turned into, uh, a new project, which I'm going to be releasing in Black Hat, 2021 in August. That project is called Cloud Katana. And that's a project where I will be using Azure functions to execute actions automatically. And then the other thing that we have for SimuLand is data export. So what I wanna do also is share the data that gets generated after going through the whole SimuLand scenarios, and then just give it to the community. Because I believe that we also have a few conversations with people from the community that say, you know what, I don't have the environment to deploy this. Roberto Rodriguez:You know, for example, I don't have resources to, you know, learn about all, you know, all of this, my company doesn't want to somehow, I don't know, support these type of projects, right? So a lot of things, you know, people are having some obstacles as well, right? To try to use these things, even like having a subscription in Azure might be an obstacle or constraint for a lot of people. So why not just give them the data with all the actions that were taken, all the alerts that were collected by Azure Sentinel, and then allow them to use, for example, plain Python code or PowerShell or Jupiter notebooks on the top of that, like, you know, to analyze the data, build visualizations from the top.Roberto Rodriguez:So we want to empower those that also, you know, my want to use it, but do not have the resources to do it. So that's also, you know, second thing in the, uh, uh, in the list for SimuLand. The other thing is going to be, so we have, uh, have a lot of things going on, but, (laughs) the, the other thing is going to be, how can we provide a CICD pipeline for the deployment? That's critical because want to make sure that people can plug these into, for example, Azure DevOps, and then they can just have the environment running and they may be, you know, bring the deployment down, you know, bring it up every week and then run a few scenarios, bringing down again.Roberto Rodriguez:So we wanted to make sure that he's also flexible for those too, right, to work with. And what else. And I think that the last thing that we have would, would be trying to see if we can integrate more products from Microsoft, and just share, uh, more scenarios. We have two or three coming, uh, hopefully in the next couple of months and it's going to be fun. Yeah. We have a lot of stuff in there. (laughs)Nic Fillingham:Tell me how you built SimuLand and then worked a full-time job in the MSTIC team. Was this actually a special project that you're assigned to, or was this all extra curricular? A little column A, little column B?Roberto Rodriguez:(laughs) Yeah. So once again, when I started right, these conversations, so I, I mentioned that my role is to also empower others and help to, you know, develop, you know, environments for research, because I love to do research as well, like dissecting. Yeah. Adversary tradecraft is pretty cool. And then the question was just, "Hey, can you build this environment?" Just a simple email? And I was like, "Yeah, I can do that." And I just, to be honest, it took me maybe a week or two to figure it out the infrastructure, and then maybe took me, uh, probably close to a month to write down the whole scenario and make sure that I have the PowerShell scripts that were actually working.Roberto Rodriguez:So let's say probably two months it, it took me to do this. It was extra curriculum activities. (laughing?) Definitely besides what I was doing already. Um, and it was fun. I mean, it was fun because that's what I love to do. So some of my boss is super cool, you know, letting me do all this research and then allow me just to also spend some time and trying to get some feedback from also our internal team and other teams as well. So yeah. So it turned into just as a question, can you do this? And I love those questions and somebody says, can you do this? I was like, I would say yes, but then I don't know what I'm getting myself into. And that's the fun part of it.(laughs)Nic Fillingham:Before we, before we sort of wrap up here, we're a better, are there any projects that you're working on right now or you're contributing to that you can, you can talk about? Roberto Rodriguez:Yeah. So I would say from an open threat research perspective, there's a project called Modeler. So Modeler is a project where I decided to every time I execute or go through my research process, and, and then let's say learn about a specific attack technique, I can collect the data. And then I share those datasets through that project. So for other people that would like to learn about those techniques, they can just access the data directly. So you can learn about adversaries through the data instead of trying to go through a whole process to like to emulate or simulate an adversary. Roberto Rodriguez:Which for a lot of people, it's, it's not that easy. So, you know, so for me, I wanted to find ways to expedite that process. Uh, so that project is something that I'm, you know, revamping, uh, soon. So I'm, I'm collecting more data sets from the cloud. Most of my datasets were windows base. I have a couple of from Linux. I have some from AWS, but I wanted to get more from, you know, from Azure. So SimuLand datasets are going to live in Modeler project. So, you know, anything that, you know, gets out of SimuLand, contributed directly to an open source project as well. Roberto Rodriguez:So that's one of them. And the other one is Cloud Katana, which is the one that I talked about a couple of minutes ago. So Cloud Katana, the automation of SimuLand attack actions, that one I'm spending, uh, a lot of time to, uh, that one will be released under Azure, but this is still going to be open source. So that's also something that we want to provide to the community to use. And let's say there is a, all the projects too. Yes, I have another project. So it is a project called OSSCM, O-S-S-C-M. And OSSCM is a project that I started to document telemetry that I use during research. Roberto Rodriguez:So I believe that a lot of people that want to dive into the technicians and the starring the, you know, defender world, they need to understand the data before they want to make the decisions of like building detections. So my goal with that project was to first document events that I use from different platforms. At the same time, I wanted to create a standardization like common data model for data sets, which by the way, Azure Sentinel is building their common data models through this project OSSCM. So it's also one of our interesting collaboration and opportunities that we have. Uh, Azure Sentinel reaching out to the community and saying, "Hey, instead of Pfizer reinventing the wheel, can we explore your project?" Which is OSSCM.Roberto Rodriguez:And then the third part of OSSCM is also a way to document, for example, you know, relationships that we identify in data. So when you want to build, for example, detections, most of the time you want to understand what events can I use to build a chain of events that would actually give me context around an attack behavior. So what we do is we explore the data, we identify relationships and we just document them through that project. So that way somebody else could actually use it and understand what can they do with that telemetry.Roberto Rodriguez:So I would say, once again, you learn about that telemetry, you standardize your telemetry, and at the same time, we give you some ideas into what you can do with our telemetry to build detections. So that's another project. Last one would be, (laughs) yeah, last one would be another-Nic Fillingham:There's more?Roberto Rodriguez:Yes. There's one more. (laughing)Nic Fillingham:Do you sleep, man? When do you sleep?Roberto Rodriguez:It is being hard but I try to manage my time for sure and do that, but it is, uh, a another project, it's private right now, but it's going to be public, uh, soon. It's going to be through the open threat research community as well. This project is a way to collaborate with, for example, researchers in the community that build offensive security tools or just tools to do, for example, you know, red teaming, they want to use those tools to perform certain actions in, in, in, in a specific environment. Roberto Rodriguez:So we want to, you know, collaborate and partner with them and start documenting those tools in a way that we can share with others in the community. So for example, me as a researcher, dissecting adversary tray graph, like all, all the techniques and the behavior behind on a specific tool or a specific technique, it takes time. Like for me, like it would take probably a couple of weeks to dissect all the modules of one tool. So the goal is to why don't we partner with the authors of those tools, we document those, uh, tools and then we can start also sharing some potential ideas into how to detect those scenarios. Roberto Rodriguez:That way we, you know, we expedite the research, right? We do it, let's say in a private setting with a lot of researchers from the community, and then we just distribute that, that knowledge across the world. So that way we also help and expedite that whole process. So open through research, we have data. Now we have knowledge, we have infrastructure and then we have a way to share it with our community. So it's like a whole kind of like the main parts of your, you know, research process, but we want to give it a community touch to the, you know, you know, to all this. And that's, and that's it. So I have a couple more, but that's, (laughing) that's kinda like another project that it's, it's, it's coming soon. So-Nic Fillingham:I, I think we're going to have to let you go, Roberto. 'Cause if you're just going to get back in today's projects and start submitting some more contributions.(laughing) But before we do that, I want to, I want to circle back to SimuLand, and again, for folks listening to SimuLand, um, they're going to get rid of the blog post. We'll put the link in the, in the show notes. Tell me, what is your dream contribution? What is sort of the first scenario that you want sort of contributed back into this project?Nic Fillingham:Or sort of, where are you really hoping that the community will come and rally around either a particular scenario or some sort of other... Who is the person you, you want to be listening to this podcast right now and go like, "Oh yeah, I can do that." What's that one thing you need, or you're really looking for?Roberto Rodriguez:Well, actually two things. So one is the automation of, of the attacker actions. It will be, uh, uh, a dream, I would say because I'm, I'm building it on the top of Azure infrastructure. So it will be easier to plug in into your environments to kind of like, you know, periodically do some testing and then map it to SimuLand scenarios. So you have like the full end to end, uh, the environment. You have the labs preparation infrastructure as code all the way to even automating those, um, you know, validation of analytics, for example.Roberto Rodriguez:That, that, that's one that even though it's something that it's been done in other places, I think the way how it's going to be done through, through Azure functions is going to be very, very interesting because we're going to have potentially not only attack our actions being automated, but we could maybe have some detections being automated on the top of that. So instead of releasing a tool that will only be used, let's say to attack, right, and a specific environment, we can use a tool that can do both to attack and defend the, uh, the environment.Roberto Rodriguez:So usually you see one or the other. One tool to attack or one to defend. The automation that I'm planning to, to release, which would be one of the dreams is to be able to attack and defend automatically. And I think that that would link also very nicely with projects like CyberBattleSim. So that's also one of the dreams is how can we, uh, for example, document SimuLand in a way that could help us create synthetic scenarios that CyberBattleSim can use and then drop an agent and then learn about the most efficient path to take? Because that's, you know, CyberBattleSim, right? Roberto Rodriguez:They build environments, synthetic environments to then, you know, teach an agent to take the most efficient path through like, you know, rewards and, and, you know, all this stuff. So SimuLand, the dream would be to connect also those projects. How can, you know how you can have these nice process where you can SimuLand can provide the adversary, tradecraft knowledge, all the, for example, preconditions and all the, the context that is needed to create a CyberBattleSim scenario, and then improve a model to, for example, automate some of that execution of attacks. Roberto Rodriguez:And then that model can then be used through Cloud Katana to then execute those paths automatically. And then at the end, you can have some detections on the top where you can apply a similar context. Because SimuLand comes with the attack and detections. So we might find a way to create a data model where we could say, here's the attack here, all detection. So we can maybe build something also with CyberBattleSim the same way. And the other one, so the other dream bug is for me in SimuLand would be, since I was talking to a few coworkers today about this, um, that it would be nice to maybe provide SimuLand as a service for customers or also for, you know, people in the community.Roberto Rodriguez:It will be nice to have a platform that people can just access and start learning about these, these tools, these, these data, uh, necessarily not give somebody of course control to execute something. We take care of the execution, but then just expose all this telemetry in a way that is easier for those that, you know, might not have the resources. I love to do things, to build things that would help others to, you know, to do more. So I think that that will be also one of the dreams is how can we just take SimuLand and then just make it a service for, you know, for the community.Roberto Rodriguez:That would be pretty cool. So if anybody is listening, (laughs) and, and, you know, would like to make that happen, it would be amazing to have SimuLand as a service for those that don't have the resources like schools, uh, you know, like has anybody in general, the community that, you know, would like to, you know, learn more about this.Natalia Godyla:Wow. Roberto, you're going to be busy. Roberto Rodriguez:Yes. (laughs)Natalia Godyla:For anyone who hasn't watched episode 26, we did discuss CyberBattleSim there. So if that peaked your interest, definitely check out that episode and Roberto, as we wrap up here, are there any resources, Twitter handles that folks can follow to continue to watch your work or maybe join the threat research community? Roberto Rodriguez:Yes, yes. Yes. So my Twitter handle is Cyb3rWard0g with a three and the zero. So instead of the E and the O. So Cyb3rWard0g in Twitter. So there is what I share everything that I do is through there. Um, if you want to join the community, we would love to, you know, learn from you and collaborate, go to the Twitter handle OTR. So OT and then R_community. And then they're in the profile and description of the Twitter handle, you have a better link for the, uh, for the discourse invite. So the moment you join that discord, all you have to do is just accept the code of conduct. We want to make sure that we're inclusive, which is welcome everybody. Roberto Rodriguez:And if you agree with that, just click the 100% emoji, and then you have access to, to, (laughing) and then you have access to all these channels where you can, you know, ask questions about open source projects. So that's the best way to collaborate.Natalia Godyla:Awesome. Thank you. We'll definitely drop those links in the show notes. And thank you again for joining us on the show today, Roberto. Roberto Rodriguez:No, thank you for having me. This was amazing. Um, I had never had the opportunity to talk about a lot of projects. Uh, usually it's a one project and then we will see when we talk about. So this has been nice. So thank you very much. I really appreciate it. And I hope to see you guys in another episode. Nic Fillingham:We hope so too. Thanks for Roberto.Roberto Rodriguez:Thank you. Natalia Godyla:Well, we had a great time unlocking insights into security from research to artificial intelligence. Keep an eye out for our next episode.Nic Fillingham:And don't forget to tweet us @msftsecurity, or email us at, with topics you'd like to hear on a future episode. Until then, stay safe.Natalia Godyla:Stay secure.

Dial 'T' for Tech Support Fraud

Ep. 33
We’ve all had a family dinner, Netflix binge, or otherwise relaxing moment ruined by a telemarketer trying to sellyou something you didn't need – a magazine subscription, insurance, you name it!But recently, people have been getting calls that are much more sinister in nature; people claiming to be employees of Microsoft, or Apple, or Amazon,have been callingunsuspecting victimsand urging them to pay the caller in exchange for cleaningtheir computer of viruses.Viruses that don’t exist.None of these peopleworkfor the companies they claim to,butrather are a small cog in a larger machine working to defraudthe public.On this episode of Security Unlocked, hostsNatalia GodylaandNic Fillinghamkick off athree-episodearc discussing tech support scams. To get started, they speak withAnupBKumar,Microsoft’sDigital Crime Unit’s Asia lead of investigation and analytics, to get a better sense of who is behind these scams, what their motivations are, and some ideas on how to stop them.In This Episode You Will Learn:Who these scammers target andwhyHow the scammers trick victims into trusting them.Why working with law enforcement is crucial to stoppingthe problemSome Questions We Ask:Do the scammers know that they are scamming?How pervasive is this scam?Can we stop the scam byhelping tofacilitatelegitimateemployment?Resources:Anup Kumar’s LinkedIn: Report a Scam: Security Services: Fillingham’s LinkedIn:’sLinkedIn: Security Blog: Unlocked: CISO Series with Bret Arsenaulthttps://SecurityUnlockedCISOSeries.comTranscript:[Full transcript can be found at]Nic Fillingham:Hello, and welcome to Security Unlocked, a new podcast from Microsoft, where we unlock insights from the latest in news and research from across Microsoft's security, engineering, and operations teams. I am Nic Fillingham.Natalia Godyla:And I am Natalia Godyla. In each episode, we'll discuss the latest stories from Microsoft Security, deep dive into the newest threat intel, research, and data science.Nic Fillingham:And profile some of the fascinating people working on artificial intelligence in Microsoft Security.Natalia Godyla:And, now, let's unlock the pod. Hello listeners, welcome to another episode of Security Unlocked. And, hello, Nic.Nic Fillingham:Hello, Natalia. How are you?Natalia Godyla:I'm doing well. So I have a question for you. Have you ever received a call from Microsoft Support telling you that there's an issue with your PC and if you paid a sum of money, say $75, they would help fix the issue for you?Nic Fillingham:You know, I have. I get these calls all the time, which is bananas because, first of all, I work in Microsoft. Second of all, I work in Security and know that these, these aren't real phone calls, these are tech support scams, and third, you can really easily put my name, and I guess your name as well, into, into Bing, into Google, and it'll show that we work for Microsoft and we work in Security, and so we're probably not good targets for this tech support scam. But, yeah, no, I get these all the time. And, and for me, they're sort of... you know, they're a mildly entertaining inconvenience, but for many people there, they're a real problems.Natalia Godyla:Yes. Unfortunately, not everyone knows that Support just won't call you. That's not part of the model. So we see that as a clear red flag, but others are, sadly, duped by it and then they lose money to these scammers to pay to fix their laptop. And, in reality, if there is an issue with the laptop, typically the solution is turning on and off again.Nic Fillingham:That is true. Turn it off and on, on again is often the solution to many of life's problems, uh-Natalia Godyla:(laughs).Nic Fillingham:... technical or otherwise. But tech support scams are a very real problem, and so we thought here on Security Unlocked, we'd take a few episodes to really dive into this issue and sort of better understand it. And so on today's episode, we are joined by Anup Kumar, who is the Asia lead in the investigation and analytics division of the Microsoft Digital Crimes Unit. Anup is joining us from Singapore, and Anup is very uniquely qualified to discuss this problem with us. Apart from leading the, the Asia Digital Crimes Unit, investigating tech support scams, Anup was the, uh, inspector of police for the Central Bureau of Investigations in India for over 10 years. And so, he's really seen the public sector, or sort of the government side, as well as the private enterprise side. Nic Fillingham:Anup really sort of walks us through the entire problem and understanding the motivations and how they work and the infrastructure and the culture of these tech support scammers are. Very happy to have Anup on the podcast and to really help us understand this problem. On with the pod?Natalia Godyla:On with the pod. Nic Fillingham:Welcome to the Security Unlocked Podcast, Anup Kumar. Thanks so much for joining us.Anup Kumar:I'm glad to be here. And I would like to congratulate both you and Natalia for doing such a great job, especially for somebody coming from this field. Your podcast, which I listen to when I'm jogging. It's quite insightful, and it's quite interesting, you know, to understand and see, you know, what else is happening, because, at times, you are just limited, uh, to our area of functioning, but there is so much more to security than just, you know, what we are doing here.Nic Fillingham:Oh, Anup, that's lovely. Thank you so much for saying that. Um, I think we can just end the interview there. That's, uh, that's all we need for-Anup Kumar:(laughs).Nic Fillingham:... today's episode. Just, um... no, that's wonderful. Thank you. But tha- thank you for joining us. It's wonderful to hear that you're a listener as well as, as now a guest. You're, uh, you're dialing in from Singapore, so, you know, obviously, thanks for getting up early for the interview. We appreciate that. Could you introduce yourselves to the audience? Uh, what is your role at Microsoft, what does your day-to-day look like, and then maybe we'll jump into this interesting topic of tech support scams.Anup Kumar:Sure. So I am from the Legal Department of Microsoft, and within this department, I am the Asia lead for investigation and analytics for the Digital Crimes Unit, and I'm based in Singapore and I cover the Asia region. So my team comprises of investigators and analysts, and our primary focus is to protect our customers against organized cyber crime, and also understanding the mechanics of cyber crime. And attribution is one important part of our job, but we take it a little bit further wherein we not only attribute it, but we also invest time and resources to filing civil and criminal referrals, which also means that a lot of my time also goes into working with the cyber crime units of the law enforcement agencies of various countries in the region in Asia.Nic Fillingham:On today's episode of the podcast, we're going to unpack tech support scams, and I'm very much looking forward to this conversation. When you say tech support scams, walk us through it. What is a tech support scam? Is it just getting an unsolicited phone call trying to get you to hand over your credit card details? Is it more than that? What do we need to know?Anup Kumar:So it's actually a mix of a lot of things. You know, at the end of the day, it's basically a scam. The only difference, I would say, is that generally, in this type of scam, uh, the perpetrator want you to go to your device or machine, whatever you're using, and trying to gain your trust in order to scam you. And while doing that, there'll be some kind of an urgency and try and scare you and then coerce you, or even at times sweet talk you, into believing that your device has got some kind of a technical issue which needs to be rectified.Anup Kumar:Earlier, it was limited technology companies, but we have seen that, uh, of late, you could be approached by, say example, your internet provider. You know, they could approach you stating that, "We are calling in from your internet provider. That is an issue with your IP address, et cetera," and then make you go near your device and try and remote login and try and get remote access to your device so that they can display that there is a big issue, which is most of the time not there at all, and make you believe that you need to immediately, uh, you know, get some kind of a service from them, for which they will charge you a fee. Many a times, these are like subscription charges, which keeps on recurring, and that is how, uh... you know, that's the basic mechanics.Anup Kumar:But over the time, it has moved on from just cold calling onto, you know, popups for example, which is now increasingly we are seeing that cold calling is reducing, but the popups are increasing, for example. But, at the end of the day, it is just a scam which uses technology extensively and is at a hyperscale.Nic Fillingham:Got it. So from my experience, I've received, you know, an unsolicited phone call. My phone will ring, it will be a number that I don't recognize, but it'll probably be a US number. I'll answer the phone and it'll be someone saying, "Hi, this is John Terry, whatever it is, from Microsoft. We've detected a problem with your PC and we're here to help. We wanna help you get this resolved. You know, are you in front of your computer right now?" And then they'll go through sort of this elaborate sort of scheme to, essentially, get me to go to my computer, turn it on, visit a web page, maybe install some kind of remote desktop client, then they'll try and sort of display something on my computer to make it look like there's a problem, to then make me think that I have to pay them to fix this problem that doesn't actually exist.Nic Fillingham:And so that's, that's sort of the experience. I mean, I knew what they were doing, but that's the experience that I sorta had. Is that the bulk of tech support scams, what I've just sort of described there, Anup, or are there other sort of permutations of that?Anup Kumar:Yeah, that's the bulk. That forms a major, because, you know, that's the easiest way that they can because most of the people have devices, machines, computers. So that's the reason that's the easiest way for them to make contact with you, speak with you. Uh, at the end of the day, they are just wanting you to speak and, you know, they improvise... they are very good at improvising. And, depending on who you are, what you are looking for, and they are very good at assessing that pretty quickly, and then accordingly, they will try and sell you anything which, in the first place, was never required for you.Nic Fillingham:Hmm.Natalia Godyla:And who are the target victims? Who did the attackers go after? Is it indiscriminate?Anup Kumar:Actually, I think many years back, when this started, you know, they were basically looking for people who are not technologically savvy, or maybe seniors, who do not understand as much, but over the years, it doesn't matter who it is, because they have improved their script, they have improved their conversation skills, they improved how they engage with the victim. So it could be anybody. Even, you know, I know certain people who are in the tech industry who were also scammed, you know, who lost money. At the end of the day, it is anyone who they can target or victimize.Anup Kumar:And the big shift now is that earlier, it was just cold calling, but now they have devised a mechanism so that the victim calls them up, instead of they calling the victim. So you can imagine that if the victim calls them up, they have almost won half the battle, because now the victim believes that there is an issue, and that is how that victim is calling up the number which is displayed on a particular popup.Natalia Godyla:It's an indicator that they've considered the scam to be credible. And how do attackers even pull off the tech support scams? What's the technology behind these scams?Anup Kumar:So one of the primary technology enabler are the popups. And, as you know, that pop-up has legitimate business use, for advertising or authentication. And popups are, basically, JavaScripts, right? So what they do is that they attach these JavaScripts on certain websites and then the JavaScript runs on a loop at the backend, and it could have intimidating, uh, sound or, you know, messages, apart from the display, the blue, uh, s- uh, display, which kind of would be representative of a particular company, and creates an impression and it kind of locks out their device and, you know, creates a situation of a panic for the victim.Anup Kumar:So that's the main thing. But we have also seen another thing, use things like add-words the... on the advertisement. So when you're going onto the search engine, the first pages, when you see, when you look for a Dell Support or a Microsoft Support is actually not the real Dell or Microsoft, it is the scammers which was there. However, now, all the search engines have taken care of that so, at least, on the first page, I can assure that you won't see the webpages of the scammer. So it is taken care of. But still you would encounter that.Anup Kumar:Secondly, could be search engine optimization. They use that quite a bit. Thirdly, it could be fraudulent URLs. They could be using URLs which consists of brand name, for example, Hotmail Support. So it actually is not Microsoft, but it's creating an impression as if it is associated with Microsoft. Or it could be, uh, uh, you know, sub-domains. For example, they could register and then add a sub-domain,, which, again, gives an impression, uh, that this is, uh, you know, associated with the company. And, similarly, it could also be that, you know, because they are also running name servers at the backend, so they will, they will customize the sub-domains according to whose server their target is. It could be Google, the next time it could be Apple, so they will keep on changing that depending on the process that they are running at that time. Anup Kumar:And, recently, we have come across, uh, potentially unwanted programs, or malware as we call them, uh, also being increasingly used, which is also, again, it's the same thing but then, at the end of the day, they will expect you to click a link. Once you click the link, it will run a kind of a scan, which displays that your device has all these viruses and all these issues which you need to take care of. But, primarily, it is user-initiated action in most of the time, because of which, eventually, they'll end up in the hands of these perpetrators.Natalia Godyla:Do the scammers know that they are scamming?Anup Kumar:(laughs) Yeah. I think in most of the cases, they know that they are scamming. And part... how they justify what we believe is that they are justifying that they are, at the end of the day, making a sales. But they know and understand that what they are doing. And there are many reasons how they get drawn into this, but they know what they are doing. And the infrastructure that has been used are all legitimate infrastructure, so these are registered entities. You know, they have got directors, they have got HR, they have got employee benefits. So, as somebody... you know, one of your s- earlier speaker had said, uh, cyber crime is a business. That's absolutely true. And if you want to see cyber crime as a business, this is one of the perfect examples of how it is run as a enterprise.Nic Fillingham:And so, Anup, one of the reasons why we're talking to you today and we're, we're doing this episode on, on the Security Unlock Podcast is because Microsoft is one of these entities that is being impersonated to perpetuate this scam. These scammers are... they are impersonating large corporations like Microsoft, like Dell, like Apple, Amazon, et cetera, et cetera, in order to operate this scam and have people think that there's something wrong, and to get that thing wrong, they need to sort of pay some money. So tell us, from Microsoft's perspective, from your perspective, the, the work that you and your team do, what is Microsoft's role in all of this, and what is Microsoft doing to, to try and combat this, you know, bizarre new form of, of cyber crime?Anup Kumar:Yeah. So, uh, you know, before we go there, uh, I would like to take a step back and-Nic Fillingham:Please.Anup Kumar:... you know, take you many years back, wherein around 2014, 2015, wherein we started receiving a lot of reports from our customers stating that they were scammed, and somebody representing Microsoft had reached out to them and all that. And that is where Microsoft felt that there is something that needs to be done about it and we opened up a channel called Report A Scam. It is like So anybody could come in and report to us. And we started receiving close to 24,000 reports a month. And when we began, the reports didn't make a lot of sense, because as you can understand that somebody reporting doesn't exactly know what pings to feed in and also things like, you know, uh, what will be important evidence or what will be important for investigation. So they were just putting in, you know, different stuff. Anup Kumar:But what we did was that down the line, we started using, uh, machine learning, and we start to triage the reports that we were receiving, so that we could, uh, attribute a particular domain and associate it with a phone number which has been reported, and then associate it with a merchant account which has been reported, and associate it with an entity which has been reported by somebody else. And you can imagine that this was a global program open for anybody could... and it gave us a very clear picture that this was a global issue, it was an industry-wide issue, and it was, basically, targeted towards developed English-speaking countries. Anup Kumar:But, uh, the interesting thing with machine learning and triaging was that it started to emerge a picture about groups of people or entities who could be clubbed together, that multiple reports could be clubbed better and make sense of, of what it is. And, apart from that, we also started scraping their tech support fraud-related popups and used a two-model machine learning approach of text and image classification. And crawlers would categorize, uh, these popups into legitimate words as fraudulent, and then we were feeding all this information into the artificial intelligence technology so that we could identify the fast moving scammers, we could prioritize, we could attribute or group them into certain group of people or their... based on their modus operandi, or based on the location where we believe they were, or where they are being reported or where they were targeting, because there were some companies who could be targeting from a particular country, there could be some entities who could be targeting a particular kind of a geography and things like that.Anup Kumar:So once we started doing that, picture started emerging clearly. And because DCU is a global team and, you know, we work across the globe and our team are based in Europe, US, and Asia, and, you know, and we cover the region and, and we work collaboratively together operationally as well. And we had the geographical reach to actually go and verify, on the ground, that were exactly the call center which actually scammed a particular victim was located. So you can imagine what was basically happening is that a victim could have reported from the US, and a merchant account ha- that has been reported is actually registered in, say UK, and the money was actually routed via China because there is, again, a, a merchant account showing up there, which is connected with another report, and then we have an associated domain name reported from Australia.Anup Kumar:And we could bring all that together and then identify who exactly... where the call center is located, and then we would deploy other outside investigators to go and verify that what exactly they are doing, and we're able to then pinpoint where they are coming from, who they are, and identify as much intelligence as possible out of them.Nic Fillingham:Wow. And so all of this began really just, I think you said maybe like five, six years ago, is that right?Anup Kumar:Yeah, that's right. Nic Fillingham:It is sort of a newish problem. It's a, it's a problem that's only been around... it hasn't been around for 10 years yet. Do we have any indication of the size? Do we know how many scammers there are, or sort of the volume of the victims that they've, they've encountered? How big is this problem, Anup?Anup Kumar:I think, at this point, I can only, you know, make certain assumptions, which I want to avoid, however, but the thing is that, as I said that 24,000 victims were reporting to us, now it's down to around 10,000. But actual number of people reporting to us is very, very small, because many a times victims, don't even realize and know that they have been scammed, or the victims don't even know how do they attribute who did it to them, so they don't know and they can't take any further steps. And there are very, very few people who actually report to us. Anup Kumar:So... but one thing I can say is that it's hundreds and thousands of victims all over. And, you know, this is an insight that we also got because of some of the work that we di- did along with the law enforcement agencies to understand that one call center was actually making hundreds and thousands of dollars, uh, every year. And so I don't have the exact number, and it's very difficult to really give, but we have a survey coming up, uh, which will give more insight pretty soon.Nic Fillingham:Anup, I wanted to ask if you could talk a little bit about the partnerships that you have gone and created with the law enforcement agencies and any other sort of like cyber protection groups that may exist at sort of the government or the industry level. Who is Microsoft partnering with? How do you partner with them? I wonder, are you able to... you know, without, um, you know, jeopardizing any sort of operational security here, can you tell us about maybe one of these engagements, one of, one of the, the times when maybe you've partnered with local law enforcement and you've gone and actually visited, uh, a call center on the ground and seen what the operation was like?Anup Kumar:Yeah, sure. But I also want to, uh, you know, take you more in-depth into why we stepped in and, uh, why why we felt a need to actually do something about it and partner with law enforcement agencies, because at the end of the day, it is definitely our brand name being used. And this was also one of the challenges that many of the victims, um, who actually tried to reach out to law enforcement agencies. This is typical of cyber crime, because the victim is in a country, the payment processor is in another country, the money was routed to a th- third country and likewise.Anup Kumar:So there are some challenges in terms of where does the victim actually go, and how does he, he or her report? So once we started realizing that our customers, our victims, could not actually be able to, you know, go to the country where these perpetrators are based and report it to the police, and even if they reported, the police is, is not able to take any action, because there is not enough evidence or enough material for them to proceed any further. That is when it was thought that, you know, we could step in and try and bridge that gap. And, uh, we started partnering with, uh, law enforcement agencies, uh, from the victim countries.Anup Kumar:We also, uh, started working with the law enforcement agencies, uh, in India where these call centers were based. We immediately understood, uh, the ground challenges and, uh, you know, I also want to mention here that I'm a former police officer and I was with the Central Bureau of Investigation, uh, back in India, and wore the federal law enforcement hat for about 11 years. So, on the ground, I could understand the ground realities, 'cause they wanted to take action but they were, uh, tied because it would also require a victim who is based out of India, would require some kind of a mutual legal assistance from the law enforcement agency from the, from the victim countries.Anup Kumar:So here, uh, what we did was that we... the intelligence and the analysis that we were able to do, and as I said that we would attribute it to the person, the entity, the directors who were involved in, in such type of operations. So what we did was that we built the intelligence which was good enough, which we could go and, uh, share it with the law enforcement, so now it was not a John Doe complaint that somebody did s- "I don't know who did to me, but I was scammed." So this was very specific, wherein victim reported to Microsoft and here is the victim's declaration, which our lawyers in, say for example US, went and approached the victim who lost money, got a declaration from them, and we built all the intelligence and we went to the law enforcement agency and told them sh- and showed it to them that, "This is what we have."Anup Kumar:And we also were ready to file a criminal complaint on behalf of Microsoft, because our name was being used to scam the victims. And once the law enforcement saw that, that there is enough meat and enough material, so they took internal approvals, they did verification, and once everything was... uh, you know, they could verify on the ground, they said, "Okay, let's go ahead." And, you know, they were keen to take prompt action on it. And, uh, you know, they went a step further that they said that, "Okay, let's not only do one call center, let's... why don't we do a sweep? Because, you know, doing one call center may not be effective enough, let's do a couple of them. Do you have enough intelligence?"Anup Kumar:And we... because of the machine learning and the triaging that we were doing, we already were sitting on a lot of information. So we built on that information and then, uh, the police... uh, we shared criminal complaints and the police took criminal action against them. They made arrests, they sealed the premises, and also, uh, you know, many of these cases, they have already framed charges and these are in trial at the moment. Anup Kumar:And then, likewise, it was just not limited to one state. And this was done by the state police. We went to various state police and once the name got out that our approach worked in one state, we knew that we could go to other states. So, likewise, we went from... to multiple states, three, four states, and we worked with the cyber crime units of those states and then, you know, they took in- uh, action based on, on our criminal complaint. Nic Fillingham:So these, these employees, these people who are working in these call centers, you know, I assume they're taking these jobs because they're paid, and maybe they're actually paid well, maybe scamming is, is lucrative. Is there also a role here to play for, uh, skilling up these sort of folks who are looking for employment, looking to make money, and seeing scamming as an opportunity for them? Is there a way that we can actually provide for the training better job opportunities? You know, is there something that can be done here to, to make not just scamming difficult, but to make it hard to get employees to actually conduct the scamming?Anup Kumar:I think Microsoft is doing quite a bit in this space as well. However, the thing is that these are people who do have some kind of a basic skill. And, as you can understand, that there is a very large backend processing operations, and there is a huge ecosystem which supports those operations. So there are a, a lot of trained people out there. So that issue will always be there of, uh, you know, things like unemployment, which drives these people. So creating more job opportunities would be, definitely, something, and, and Microsoft in India is heavily investing in this area, including, you know, creating a new office and space around the National Capital Region.Anup Kumar:And also up-skilling through various, uh, you know, our NGOs for the people so that not only use of the technology, but, you know, they could use that effectively so that, you know, these, these people that are working on the right side of the law. Also, I think education and educating, because many of these scammers are actually graduates out of college and they start their career with such type of acts, which will have an impact in their career later on as well. So, you know, educating from that point of view is also something that we are working on, we are focusing on.Anup Kumar:And, uh, we have also seen that not everybody who joins the call centers or who is part of the scam are people who intentionally intended to do that in the first place, because there are a lot of whistleblowers who actually reported to Microsoft who were employees of these companies, who once they understood and knew that what was happening, they actually reported to us, which actually helped us build some of the targets. And you can understand that somebody from inside, that's the best source of information for us. Anup Kumar:So we have seen that also increasing, and, and you can see that there is a lot of attention towards this in social media as well. I have seen a lot of people who are working in the in- in this industry, raising their voices, and also are creating awareness, uh, around why these people could... have been moved into, uh, into this, uh, this because of some greedy employers of theirs. Nic Fillingham:Yeah, it's fascinating. So it sounds like... I should ask, like are we... you know, is the scope of this problem, is it contained within India or is India, you know... we, we... you've mentioned India a few times. Are there other countries throughout Asia or throughout Asia Pacific, throughout the Americas, South America, like where, where else are tech support scams happening?Anup Kumar:Unfortunately, because of the ecosystem which exists, a bulk of the export-related calls are actually originating from India. But, uh, we are also seeing some countries in North Africa, uh, which are French-speaking countries, which are also setting up similar kind of, uh, setups. In India, the law enforcement agencies, uh, you know, we are in talks with some of the state agencies and, you know, clearly the message is that they want to clean up the entire city. Anup Kumar:Unfortunately, you know, in India, the COVID situation came in in, in 2020, and it's still going... ongoing. So that... you know, there was a lot of break towards it, but, clearly, you know, the, the action which was taken by the Federal, Federal Law Agency clearly gives a message that, uh, you know, India is serious about taking action against, against such type of scam, because... and there are people who are committed to take action against this, but only thing is that it will take some time, but I think we should be there.Natalia Godyla:How can you identify a scam from a legitimate support request, and what should you do if you're targeted by a tech support scam?Anup Kumar:First of all, I will say that please report it. Report it to a law enforcement agencies or Microsoft, if you are a Microsoft customer, because I can assure you that we are looking at each and every report, and it forms a part of the action that we are taking. And it's not limited to just criminal action, we are doing a lot of other things, civil actions, you know, even cease and desist, and, you know, even sending letters, educational letters, et cetera. We are doing a lot of stuff there. And it helps if you report. If you don't report, you know, you have lost money, but that, you know, that scammer will continue to scam someone else. So you need to please report.Anup Kumar:And remember that there are never any cold calls coming in from any of the companies. There is a lot of material and education being spread around this that there will never be a cold call coming in from... it is always has to be initiated by the customer. Uh, it is never that Microsoft will contact anyone. For that matter, any technology company will not contact anyone. If there are any technical issues, a lot of things are taken care by using technology. And if at all, there is any kind of error message on your device, remember that if it is a error message generated by the operating system, it will not have a number to call back. That's one of the important things to always remember. If there is a number to call, you are sure that this is a scam and you are being swindled. Anup Kumar:And if, if at all, you know, your device locks in, your screen is locked in because of that popup, the easiest thing to do is just restart your device. There is nothing wrong with your machine. You can stay confident, you can stay sure that there is nothing wrong with your device. Just shut down, restart the machine, I can assure you the popup will go.Nic Fillingham:So that... just to summarize that, Anup, so you're saying like if in any doubt, report it. Report it, report it, report it. We want that data. We want those reports. It sounds like there's some pretty sophisticated, some data science happening behind the scenes there to try and correlate those reports to try and link those reports to the phone numbers, to the websites, to the sort of payment infrastructure. And so, really, it sounds like the number one here is if you know you've been targeted or you think you've been targeted, just report it, because that data is gonna ultimately help, uh, either weed out false positives or help, uh, narrow down on actually identifying real scams. Anup Kumar:Yeah.Nic Fillingham:And then I think the second thing you said there, and it's, it's something that I've, I've seen a lot in literature, is, you know, Microsoft will never cold call you with an offer of tech support. I don't think we sell a product. Even in our sort of like highest enterprise tiers, I don't even know if we even have a product where Microsoft would, essentially, (laughs) cold call you to say that they've found a problem. So, so yeah, you'll never receive a legitimate cold call from Microsoft. That's probably the first one, and then the second one then is, if in doubt report, it.Anup Kumar:Yeah.Nic Fillingham:Would that be your two pieces of guidance or is, is there something else?Anup Kumar:Yeah. I think these are the two most important things, and always keep in the mind. And these are simple things, but just keep it in mind.Natalia Godyla:I really appreciate the simplicity of that. If you are targeted by a tech support scam and you start to worry, turn it on and off again. That's it.Anup Kumar:Yeah, that's it.Nic Fillingham:It fixes most things, really, doesn't it?Anup Kumar:(laughs).Nic Fillingham:You know, you can, you know-Natalia Godyla:(laughs).Nic Fillingham:... turn your car on and off, your toaster on and off. Um-Natalia Godyla:(laughs).Nic Fillingham:... I got one of those air fryers and it stopped working, and I just turned it off-Anup Kumar:(laughs).Nic Fillingham:... and just back on again, and now it's fixed. So-Anup Kumar:Yeah.Nic Fillingham:... it's amazing how well that works. Anup, I wondered if, if in your time researching and investigating these problems, have you visited, have you visited any of these call centers? Have you actually gone on the ground in India and seen some of these places, you know, in-person?Anup Kumar:Yeah. Oh, yeah. In fact, uh, visited in the sense, not, uh... you know, I've looked at it from outside because, uh, when these operations are being carried out, before we go to the law enforcement, one of the things that we do is that we, we verify that what we are writing on the criminal complaint is something which exists. So I would do... uh, you know, of course, we have a large team in India and, uh, with support, we have got team of outside investigators and we also have outside counsels who ensure that we, we take the right steps in the right manner.Anup Kumar:But I do visit, looking at, at it from outside and, at times, you know, I've seen pictures because these call centers also like to share a lot on social media. So they'll have birthday parties... as I said, you know, it's just another company, right? So they do share a lot. So I see that a lot in, in the reports that I get from our outside investigators, but actually going inside the call centers, I haven't done it myself. But, yeah, whenever the law enforcement does any kind of operations, uh, they do expect the complainants to be present. Anup Kumar:And also, there could be, you know, something technical that needs to be addressed or explained, so, um, me and, you know, our analysts and our outside counsels are there because we also want the law enforcement to feel comfortable and be there that we are not only writing a complaint, but we are also, uh, you know, providing any kind of, you know, clarifications that they may need, you know, before they take any kind of actions.Nic Fillingham:Anup, I think one of the things is you've sort of blown my mind here, is, you know, (laughs) the, the idea that these tech support scams, they just look and function like a business. Like they have birthday parties, they share pictures on social media, they have sales quotas, they... I think when you hear the word scam and cyber crime, I think you sort of think of underground organized crime, and I'm sure there must be some component to that sort of infrastructurally or sort of from a funding perspective, I mean, certainly that's where the money's going, but the day-to-day operation, these are people showing up to work, putting on a headset, doing a job, hitting a quota, having lunch with their friends, sharing memes. It's just blowing my mind to think that that, that sort of exists at sort of like, uh, some degree of scale.Anup Kumar:Yeah, actually that's the unf- unfortunate part. And, uh, and increasingly, it's just not tech support scam. We are seeing a lot of, you know, and I mentioned this, that cyber crime is run as a business now. I'm just digressing, but, you know, for example, Malware as a Service, you know, MaaS, as, as you call it, it's, basically, a service. They have got customer care. You can call them up. Uh, (laughs) and they will actually advertise that, uh, you know, you can, you can do this and that.Anup Kumar:So it's, basically, it's the same thing. The only thing is that here, because of the work that we have done, we have got a clear picture of how exactly they are operating, and it's very encouraging to see that, you know, the law enforcement and other agency, the cyber crime units are increasingly, you know, building their own capacities, and industry also. You know, we are coming together and trying to address this collectively, because this is not just one single company gonna address it all, uh, you know, take an action.Anup Kumar:Like, for example, you know, two, three years back, I attended an Interpol conference, wherein... and it was a cyber crime conference which Interpol organized, and, similarly, Europe will organized a cyber crime conference and, you know, I, I was invited, wherein I was able to address and talk to the law enforcement officers as to what exactly is happening on the ground and the challenges that, you know, that exist and need to address them. And these are big changes, because, you know, an Interpol cyber crime conference inviting industry, and it was just not Microsoft, there were other companies as well who were invited who work in this space, so the law enforcement is also opening up to this idea of partnering more of... more with, uh, with industry.Anup Kumar:Now, the way we, at least, in Digital Crimes Unit, the way we are trying to fight crime is, basically, by partnerships and, uh, you know, taking everyone together. It's just not we, uh, who are trying to do it, and we are doing it not only for our customers, but for the larger public as well, because it impacts everyone. It im- impacts my parents, you know, my seniors in the family, it impacts my family, my children. So we believe that this is, uh, you know, absolutely the right thing to do, and that is where our team is primarily focused on areas like this.Natalia Godyla:And for anyone who's interested in learning more about tech support scams, protecting themselves against tech support scams, where can they go? What resources are available to them?Anup Kumar:So there is, you know, a lot of material definitely from Microsoft. You can just go and, you know, just key in that word, "Tech support scam," and you will definitely find a lot of material there. And, and there are a lot of guidance, you know, some of the actions that we have done, details about that, you can just search on the internet, there is a lot of material. But the easiest is And, remember, Please report, to the listeners, whosoever, you know, has faced or has come across any such type of calls or such type of popups, et cetera. Whatever little information, uh, would also, remember, that could help out investigations.Nic Fillingham:We'll definitely put those URLs in the, uh, show notes. Anup, thank you so much for your time, and, and thank you for taking on this, uh, really, really important work. You know, I think we've only just scratched the surface here, so we'll, we'll definitely try and learn some more about tech support scams on Security Unlocked. I'd love to talk to you again on the podcast one day, but thank you so much for your time today.Anup Kumar:Same here. Thanks Nic, thank Natalia. It was a pleasure. Nice talking to you, guys.Natalia Godyla:Well, we had a great time unlocking insights into security from research to artificial intelligence. Keep an eye out for our next episode.Nic Fillingham:And don't forget to tweet us @msftsecurity, or email us at, with topics you'd like to hear on a future episode. Until then, stay safe.Natalia Godyla:Stay secure.

A Day in the Life of a Microsoft Principal Architect

Ep. 32
We’re formally sending out a petition to change the phrase “Jack of all trades” to “Hyrum of all trades” in honor of this episode’s guest,Hyrum Anderson. In this episode,hostsNatalia GodylaandNic Fillinghamsit down withHyrum Andersonwho, when he’s not fulfilling his duties as the Principal Architect of the Azure Trustworthy ML group, spends his time playing accordions, making cheese, andfoundingimpressive technologyconferences.He does it all!Rather than chatting with Hyrum about a specific capability that he’s helped to develop, or a blog post that he co-authored – because, believe us, the episode would last for hours – we decided to have a chat with him about his life, how hefirstgot intothe world of technology,and his thoughts on the current state ofcyber security.In This Episode You Will Learn:The differences between a risk and a threatWhy it’s easier to attack thandefendWhataPrincipal Architect of the Azure Trustworthy ML group does in his spare timeSome Questions We Ask:How does Hyrumthinkabout adversarial machine learningand protecting A.I. systems?What is it like for Hyrum to oversee both the red teaming and defensive side of operations?Why are we better at finding holes in security than we are at making sure they don’t exist in the first place?Resources:Hyrum Anderson’s LinkedIn: Anderson’s Twitter: on Applied Machine Learning in Information Security (CAMLIS) Learning Security Evasion Competition:Mlsec.ioNic Fillingham’s LinkedIn:’sLinkedIn: Security Blog: Unlocked: CISO Series with Bret Arsenaulthttps://SecurityUnlockedCISOSeries.comTranscript:[Full transcript can be found at]Nic Fillingham:(silence) Hello, and welcome to Security Unlocked. A new podcast from Microsoft where we unlock insights from the latest in news and research from across Microsoft Security, engineering and operations teams. I'm Nic Fillingham.Natalia Godyla:And I'm Natalia and Godyla. In each episode, we'll discuss the latest stories from Microsoft Security, deep dive into the newest threat intel, research and data science.Nic Fillingham:And profile some of the fascinating people working on artificial intelligence in Microsoft Security. Natalia Godyla:And now let's unlock the pod.Nic Fillingham:Hello Natalia. Hello listeners. Welcome to episode 32 of Security Unlocked. Natalia, how are you?Natalia Godyla:I'm doing great, Nic. And, and welcome everyone to another episode. Who do we have on the show today? Nic Fillingham:Today we have Hyrum Anderson, Dr. Hyrum Anderson, who, uh, is the Principal Architect of the Trustworthy Machine Learning group here at Microsoft. We have been trying to get Hyrum on the podcast for a long time, and Eagle eyed, Eagle eared, Eagle, Eagle eared. That's the thing I made it up. We're going to use it. Um, listeners will have actually heard Hyrum's name a bunch of times as well as a lot of the work that Hyrum has been pioneering. Hyrum is really one of the leading voices, uh, here at Microsoft in this brand new space that is really just sort of being defined now around Adversarial Machine Learning and protecting AI systems. And so it's fantastic to get a chance to get Hyrum on the podcast and hear about Hyrum's journey into security, into Machine Learning, into AI, and then, uh, finding his way to Microsoft.Natalia Godyla:Yeah. So Hyrum, as you said, is a leading voice in this area. And I think he said it really well when he framed the, the challenge here that an attacker has to be right once and a defender has to be right 100% of the time. And that perspective is what drives him to be proactive about researching Adversarial Machine Learning, knowing that the attacker community is aware that they can use Machine Learning and they'll leverage it when it becomes the right technique for them. So we as organizations and, and defenders listening to this podcast have to start thinking about it early. We just don't have the luxury to not be prepared.Nic Fillingham:I love that a lot of the work that Hyrum does, uh, ends up getting publicized and made public through research, through GitHub. If you listen to last week's episode with Will Peers, Will is actually on Hyrums team. And a lot of, a lot of the work that... A lot of the, the sort of research and, and think tank work that Hyrum and folks do, is not just being sort of absorbed into Microsoft products and services, it's being put out there for the community, for the public, for researchers, for security professionals to really help push the industry forward. So a great conversation, I think you'll really enjoy it. I think with that I'm with the pod.Natalia Godyla:I'm with the pod. Hello, Hyrum Anderson, Principal Architect of the Azure Trustworthy ML group. Welcome to the show today. Hyrum Anderson:Thank you, Natalia. Nice to be here. Natalia Godyla:Well, we're definitely glad to have you, and it'd be great to start by understanding who you are and what your role is at Microsoft. What is your day to day look like? Hyrum Anderson:Well, my role as Principal Architect really means that I code a little, and I talk externally a little, and I'm stuck in that awkward middle. Now that's what, that's what it really means. But it's a really fun role. I joined Microsoft to join a startup inside Microsoft to really address the question, how do we secure AI systems? You know, think about AI systems as a special case, but it is. There, there is a special case that should be considered in the context of larger security, and our little startup inside Microsoft is to address that. So that's why I joined Microsoft. And that's the title I got and I'm happy with it. Natalia Godyla:(laughs) And is this something that you've been working on for some time? Understanding the impact of AI systems or is this a new endeavor you're taking on at Microsoft? Hyrum Anderson:Well, I want to just know that this whole idea of Adversarial Machine Learning has been around a long time way before me. I'm not a founding father in any sense of all, all the brilliant work that's come since the mid 2000s, in exploiting weaknesses in AI systems. But you know, in five or six years ago, I became actively involved in this, especially as it relates to how does an attacker who wants to evade your anti-malware model, if he knew it was an AI system, what could he do special about that to make his job easier? So that's where I came into the game. How do I think like an attacker to get around security controls that are implemented as AI systems?Hyrum Anderson:And from that time, I think that's, that's where some of my work came to be known at. I spoke at Black Hat and DEF CON and things, and, and then, um, that were kind of built and finally, uh, has culminated in a new way of thinking of Microsoft, how do we do this here at Microsoft? And what, what would it look like for both us as Microsoft, you know, first party securing our own, as well as what could it look like for our customers so that everybody who deploys Machine Learning can do it safely and securely.Nic Fillingham:Hyrum, we've spoke with some of your, your colleagues on the podcast before. Could you sort of expand a little bit upon the, I think you've talked about the mission of Trustworthy Machine Learning at Microsoft, but some of the different roles that are involved, you know, how do you work with, with Rom, if you do, how do you work with folks like, uh, Sharon Shaw? How do you work with Andrew Marshall? Uh, the other folks at Microsoft, thinking about Adversarial Machine Learning and protecting AI systems?Hyrum Anderson:Our vision is that you should be able to build your Machine Learning model anywhere, and we can help you to manage the risk, any risk associated with that. That's the vision. And there's a lot of risks associate with Machine Learning that starts from simple things like, how do I know that my translation service is accurate and works for every language that it, you know, those, those are risks. There's also risk about ethics and fairness. Does a face detection work better for some and not for others?Hyrum Anderson:And this final piece of risk is security, and that's how we're focused. So this final piece of risk is, if there's somebody trying to deliberately cause my system or company or business harm, am I able to manage that risk? That's where the Azure Trustworthy Machine Learning team has come into play here as managing that third piece, working across Microsoft to manage the other pieces. Rom has been a internal champion for this effort since several years before I joined. We've had a professional relationship for several years and I, I've known him and he was instrumental in, in, uh, telling me about the cool efforts he wanted to get started here.Hyrum Anderson:So he has led this effort and I joined to help him co-lead this effort, uh, about a year and a half ago. So Andrew [Power 00:07:18], for example, we work with, uh, we try to stay abreast of relevant attacks and defenses in MSR, Andrew Power does a really good job of straddling the line between MSR and applied security. And it's a great resource for us. Our team actually has these, these two interesting parts. One is, how do we go about Microsoft to assess the security of our existing systems? So we have a red team. We have an, A, a red team that kind of goes around and does that. Hyrum Anderson:And the second part is how do we address, you know, how do we take those lessons learned and, and, um, implement defensive tooling, both at Microsoft and for our partners? That's the second piece. And as part of the, the learnings that we have from our red team, we also work with, uh, the great folks like Andrew Marshall in the ether committee to help us reach all the corners of Microsoft for defensive guidance. Andrew and team conduct assessments, and risk assessments of AI systems. And we, we try to, to make a one Microsoft efforts in, uh, making sure that we have a common voice in how we address risk mitigation.Nic Fillingham:Thank you for that explanation. It was fantastic. Matter of fact, uh, we just recently interviewed, uh, Will Pierce the, uh, AI red team lead days ago. Hyrum Anderson:Will is a treasure. Natalia Godyla:(laughs) Hyrum Anderson:Will is a treasure and I, I, if, if you haven't listened to Will's podcast, I have not, but I, I want to listen to it. He is a really interesting individual. Nic Fillingham:Yeah. And we talked about, you talked quite a bit about counterfeit, which is the, the tool that he sort of built for himself and then it spun up into a, a GitHub project that's been released into the wild. And that was a fascinating conversation. I would love for you to walk us through your journey as far back as you want to go into security, into Machine Learning and, and sort of eventually to Microsoft. When did this start? Were you into, you know, into Legos? Were you into pulling apart radios? Did you build your first computer when you were three? Like what, how did this passion and this career start for you? Hyrum Anderson:Oh, wow. That's, that's a great question. I, I want to just first, be- before I tell stories, I want to say that I am a relative newcomer to security. And the more I learn from real security people, the more I realize what I don't know about security. So I, I would consider myself as a, an engineer, a researcher who has applied his craft to security. And I'm really appreciative of, of members of my team who are teaching me all the time about, uh, new ways. That sad, (laughs) that said, I just have a story, a great memory I want to share with you of when I was in middle school, early high school, maybe.Hyrum Anderson:I come from a big family and everybody's a nerd. Like I, I had brothers who were coding Commodore 64. They used to get like these magazines. And if you were too cheap to buy a game, you could actually, you could actually like copy from the magazine.Nic Fillingham:Yeah. And photocopy the pages and cut it in. Hyrum Anderson:Yeah. Do you remember that?Nic Fillingham:I do. Yeah. Hyrum Anderson:So this, this is how I got my start up computers. I was actually just watching my much more patient older brothers do this, and they'd also coded Pascal and basic at the time. And so I, I got involved. But the security angle, so that the programming started early for me, but the, a really fun security angle is, um, my, my awesome parents and their big family is to help us to focus on the right time they had, they had a BIOS password, right?Nic Fillingham:Oh, wow. Hyrum Anderson:So the BIOS password did, did not allow... And this was like windows 3.1 or something. It-Nic Fillingham:Yeah.Hyrum Anderson:It didn't allow us to, to log in without the password. So we crafted a way to get around this. It included everything from... So they didn't apparently have regard for either physical or cybersecurity controls, and we exploited this weakness.Nic Fillingham:This is windows 3.1?Hyrum Anderson:(laughs) Yeah. No-Nic Fillingham:Okay keep going.Hyrum Anderson:... It was much simpler. One was, um, we taped a mirror to the ceiling.Nic Fillingham:Nice.Hyrum Anderson:And then we would tell my dad that it was time we needed to do homework on the family computer, and we would try to watch in the mirror what the BIOS password was. That didn't work so well. 'Cause we're not good at like the reversing, the mirror image. We also tried to put sticky glue on the keyboard so we could figure out what, like what the most common keys were and do kind of cryptographic, cryptographic to a middle school. Right? What were the most common keys? Can we figure out what words were involved in the password? Hyrum Anderson:Finally, my brothers and I, we found a BIOS book, and we realized that the keystrokes were logged even after boot, and we inserted a little utility into the autoexec doc, that file. If, if this is bringing you back in history, walk with me, enjoy this time.Nic Fillingham:Please, please keep going. Um, I'm, I'm having visceral memories here of my Osborne 3866. Keep going.Hyrum Anderson:We, we can make this little tool that would read the last characters typed in the BIOS buffer and dump at the desk. That was our, that was our, our final. So anyway, this, this sort of like rudimentary hacking process was my first introduction to skit computer security. I went on to be an engineer and in a signal processing and Machine Learning, got my PhD at the University of Washington and, and did a bachelor's and master's degree at BYU. Actually did not do anything in computer security, but I did work... I was a researcher at the National Labs and security kind of with a big guys.Hyrum Anderson:You know, situational awareness for defense industry, that things like that. That kind of helped me appreciate what I think so many people in security just get. And it's this sense of mission and purpose that I don't know that there's a better replacement for getting up to work every day than a sense of mission and purpose. And it's something I have sought at every career hits, right? Like if, if that's missing, I'm not really having a good time. Uh, when I eventually left the National Labs, I started on a data science team at this company called [Mendiant 00:13:26], who had just released a, a big report. Hyrum Anderson:And they were... Honestly my, my job, Jamie Butler, if you're listening, I remember Jamie saying, saying that, um, "Like we don't really know what to do with you. We just think data science can be cool here. And so we're gonna, yeah, we're trying to build a team and we're just going to kind of figure it out as we go. So there's no purpose." But that was really fortunate for me because you know, this was in the days when, uh, data science, Machine Learning, they're still kind of oil and water, but back then, it was like very much a new kind of endeavor, and gave me some early exposure to lots of failed attempts and some, some early wins in that.Hyrum Anderson:So from then I've, I've been a data scientist for security, then, you know, a Mediant became FireEye. And then I went to Endgame and, uh, worked with an excellent team at Endgame. I eventually was the chief scientist in Endgame, was acquired by Elastic, Elastic is a, a fantastic company. This opportunity at Microsoft, Rom said, "Hyrum, come to Microsoft. There's a startup here, Security Machine Learning." And here I am. That's my history.Natalia Godyla:And what are you working on now at Microsoft? Hyrum Anderson:Well, we do a, a number of these. So the, the team I lead includes the red team and the defensive side, and we are really busy on both fronts. Natalia Godyla:(laughs)Hyrum Anderson:So the red team work that happens now is much more sophisticated than when I started. And I was the red team. You know, that was really the, when, when I started at Microsoft and we did one, a red team engagement that has part, parts of which had been publicly disclosed, that was really Hyrum, the Machine Learning person going for a ride with the Azure red team, and saying like, "Hey, if you can find something that looks like this, it's probably a Machine Learning model. Let's go find it." And these really, really smart people, Kathy and Susie were able to find those things. And then I can tinker, um, that this model break it essentially. And they could complete the, the ops.Hyrum Anderson:So it was very much... I was a, kind of a one trick pony in a, what I consider a really high quality Azure red teaming experience that we can affect some big change. Now, our red team is I think, much more robust, uh, with Will Pierce, who you've interviewed. Now he's actually an ops person who gets ML. He gets both sides of the coin, and he'll go in now and do the whole engagement like himself, right? So that keeps us really busy on, on a day-to-day basis. We partner with both first and third-party teams in assessing if your Machine Learning could be vulnerable to some kind of violation that would cause your business pain. Hyrum Anderson:And there are lots of them. And nobody knows better than the team itself what that worst night, nightmare scenario would be. And we try to work with them to say, "Okay, that's the nightmare. Let's try to make it happen." And so we, we try to be... Take on that, uh, attack a persona, and then we, we work with them to try to, uh, tell them how we did it, recommendations to plug it.Nic Fillingham:Hyrum, it feels like we're better at poking AI systems and finding holes and finding flaws than perhaps we are protecting them. Is that sort of where we're at in, in this sort of, this sort of new journey in understanding how to go and secure AI? Are we now, are we sort of at the stage where we're working out how to break in, we're working out how to go and poke holes, but we, we maybe haven't quite got the sort of ratified tools or processes in place to, to, to strengthen them, or am I just missing an, the other side of the coin?Hyrum Anderson:You're exactly right. But I guess I would also ask like, isn't this always the case that Machine Learning or not is kind of always easier to be an attacker than a defender because of the asymmetry involved? An attacker has to be right once, a defender has to be right 100% of the time. Those kinds of things. The added wrinkle for Machine Learning, I think is that, whereas in like an information security system, you can patch a vulnerability, in an AI system, what it means that patch is a really gnarly issue. There are ways proposed to do it in academia and research. They're really cool and some of them work well in, in some cases, but there issues.Natalia Godyla:When do you expect attackers will start regularly using this technique? When should organizations be prepared to actively be red-teaming and build a program around it? And on the other end, when will we have the resources to build fully fledged programs and understand Adversarial Machine Learning?Hyrum Anderson:Well, first I want to make sure that we are talking about the, the difference between a risk and a threat. Okay? So the risk is here and it's everywhere, right? And it can be exploited and that's, that's our job. And, and the red team side of my team, that's what we do, right? The threat exists in niche areas. And those niche areas often don't actually care that this Machine Learning they're attacking, right? There's nothing special. So example, content moderation. It uses Machine Learning to determine if the content you're posting on LinkedIn, or I'm making this up. Wherever, whatever platform is appropriate to, to be seen by others.Hyrum Anderson:And nefarious people or whatever, for whatever motivation they, they want to get content up there and they find ways to obfuscate it. Right? So that's, that, that is an adversary attacking a Machine Learning model, probably the adversary in that case doesn't even know. But the adversary is finding blind spots or design oversights in that system. The same exists in fraud, the same exists in security. So there are adversaries whether they know it or not, who are attacking Machine Learning systems. What they aren't doing today are using these sophisticated algorithmic kind of fuzzing like procedures to attack.Hyrum Anderson:That's what we have not seen widely used. We've seen that a lot in sort of research laboratories. And probably the reason we haven't seen it in the wild yet, is like as easy. Like there's just easier ways, right? If I can just guess with my content moderation upload, and I can be right, like why in the world do I need to have a fancy algorithm to, to do it? So as generally, security is improving for systems in general, to plug some of these guess and check methods, which in my opinion, will never go away. There will be more economic incentive to have a kind of a sure-fire algorithmic way to do this for adversaries.Hyrum Anderson:I do not know if that's going to happen in the next year or the next five years, but economically speaking, if we're doing our job as defenders, that is something in the tool bag that exists is open source and that they will reach for when that becomes the lowest hanging fruit. Nic Fillingham:This feels like a unique point in time for cybersecurity where, and, and, and maybe I'm being too optimistic here, but where we, we do have an opportunity, we, the industry have an opportunities to sort of get ahead of something before it, before it gets ahead of us. Would you share that sort of optimistic view or do you, do you think we're sort of neck and neck? Hyrum Anderson:Yeah, by ahead. I mean, we're thinking about this and I don't think that adversaries are not thinking about it. I just don't think they have to, to pull up this bag yet. Right? So are we ahead? We have an opportunity to be ahead. I guess the concern I have is like, if, if you feel like you're ahead, you're guessing, you're guessing at a defense for an attack that doesn't exist. That means an attacker's gonna choose a different kind of attack. So I would not say that we're ahead. I, I think we have an opportunity to be proactive, especially at these higher level questions about how to manage risk. I think we are too early for things like I'm any tech in this kind of thing right now, right? Hyrum Anderson:Like tho- tho- those things are maybe a bit premature because kind of by construction, you can't be ahead of a threat, in sort of detection and remediation space. Because they haven't punched you yet. You don't know how to, you don't want to block that one. So I agree with you Nic, that we have an opportunity to be deliberate in how we frame this problem. And that is an excellent advantage. And when's the last time that's happened?Nic Fillingham:It certainly feels sort of unique, but I'm with you. You can't block the punch that you haven't experienced yet. And so that's probably a great analogy. I'm thinking back to the episode we did with, uh, Christian Seifert and Josh Neil in CyberBattleSim. You talked about how sometimes attacks on Machine Learning systems, I think content moderation was your example, the attacker, the adversary doesn't even know that they're attacking against a, a Machine Learning model. So that's sort of a really interesting perspective. But sort of try to bridge the gap there with, with the, uh, CyberBattleSim conversation, how far away do you think we are from having automated agents, automated sort of AI constructs, which I know is a sort of fantastical concept.Nic Fillingham:But like how far away do you think where we, we are from actually having Machine Learning on Machine Learning going at it, to some degree of scale and sophistication? Do you think we're... Are you thinking like it's a year, 5, 10 20? What, what, what does that timeline look like?Hyrum Anderson:Now, if you mean Machine Learning versus Machine Learning in a security context for like a breach? I think that's-Nic Fillingham:Absolutely. Yeah.Hyrum Anderson:Yeah. Believe it or not, like that is here in very narrow redefined things. So-Nic Fillingham:Okay.Hyrum Anderson:An example, my, I'll bring up Will Pierce, he published some research at his previous company about using Machine Learning to detect us kind of sandbox that you're in. So you know how to act in a piece of malware, and that sandbox might have Machine Learning employed also. There's this, um, combatitive elements between them. There's been other work published that has attempted to do things like simple reinforcement learning to choose what kinds of, sort of pen testing actions to get into a network that I think the authors would, would say is, is not yet mature.Hyrum Anderson:I myself have done research in using machines against machines, and trying to like a reinforcement learning approach to develop a malware strains that will, will evade Machine Learning model detector. So it's using Machine Learning against Machine Learning. In all these cases, they're narrow and there are easier ways in my opinion to date to do that. And if, uh, you know, our listeners are trying to think about kind of, I dunno. If you think about like the Avengers AI, (laughs) Jarvis, like taking on a big massive scale attack and, and another Jarvis defending it, we are very, very, very far away from that.Hyrum Anderson:I think Machine Learning and AI is best employed today on narrow tasks, sort of this more general artificial intelligence where we're, we're not very mature at all in that larger level of reasoning. So I would not raise any alarm about AI systems swarming our networks in, in mass and, and being effective. I think we're, you know, we're five plus years away from, from that. Nic Fillingham:So we're not going to have a, uh, Jarvis breach shield sort of moment any time soon, where that's the only instruction required and then the, the next thing, you know, you, you've got root access to, to the shield network. That's a, that's a long way away. Hyrum Anderson:That's right. And really the thing that, that you should be more concerned about is how Machine Learning could be used by an adversary to make that human much more efficient. And that's actually not a new thing either. I mean, adversaries are smart, they're economically motivated, and they, they use analysis to be smart about how they attack. Think about like a phishing campaign and who they target. They want to use data to inform them. And I, I wouldn't doubt that there are some Machine Learning models that would help them to predict who the ripest target might be, for example. Or in, in, in a breach scenario. Hyrum Anderson:Let me use, for a very narrow scope, let me use an agent to like, you know, if I know to find out what, what kind of, you know anti-malware is installed, and what's kind of, decide what the kind, the, the best payload would be to evade that. Computers are really good at that kind of fast, quick reflex math and, uh, Machine Learning is w would excel at that. I'd be far more, you know concerned about real adversary, like human adversaries equipped with Machine Learning that scales their intentions more than I would a, about like an autonomous act all by itself, AI doing all the hacking on its own.Natalia Godyla:And speaking of the future, what's next? What's your next big mission? The next problem you'd like to solve? Is it continuing to educate the ecosystem on Adversarial Machine Learning? Is it to get us to the point where we are establishing preventative measures? Or is it something else entirely?Hyrum Anderson:Really it's chasing this goal that while elusive I don't, do not believe is impossible. And that is, build your Machine Learning model wherever. And we want to help you to be able to manage that risk. And do it in a way that's natural in kind of the same kinds of motions that if you're a security professional, you're used to assessing or, or like doing compliance things or doing policy things. If we can do that, as Nic brought up earlier, that can be the beginning... Help, help people to begin security programs with AI, not as, as part of an overall security strategy for the business. You know?Hyrum Anderson:There, there are these special things you have to consider about AI, but you shouldn't make it its own security department, right? Security is a, a business kind of consideration, and we want to make that easy for you now. Today it's hard. Today AI is a special snowflake. We want to make it part of a security network of decisions.Nic Fillingham:I noticed you are the co-founder of the Conference on Applied Machine Learning for Information Security, CAMLIS. Can you tell us a little bit about CAMLIS, uh, if, if you would like to, and then is there anything else you'd sort of like to point listeners to, do you have a blog? Do you have a Twitter? Where can we go to play along at home with, with your work? Hyrum Anderson:So CAMLIS, the Conference on Applied Machine Learning and Information Security was founded by Keegan Heinz and myself several years ago, because we didn't find that right venue that was a mix. Really it's for Machine Learning people doing security things. And those would surface at major conferences, but there was never a place you could go for like a sink your teeth in kind of experience. And I have, I am just so thrilled with the community that has developed around CAMLIS and the quality, the people there. And so for anybody who would be interested in how Machine Learning is used in security, or maybe you're in Machine Learning and you want to learn a little bit more about security, this is a great place that has still a, it's still a boutique conference in the sense that there's not 3000 people there, where you can network. Hyrum Anderson:It's a great location. That will be happening later this fall. I wanna shout out to Edward Raff who will be chairing the conference this year, and you can find out more information in the coming months about that. The second thing I wanna give a shout out to, and this is much sooner, happening much sooner. For the last several years, a partner, Zoltan Balazs and I have been sponsoring a really clever competition that you're all going to want to participate in. So if you like packing things, and if you like malware, and you'd like Machine Learning, this is for you. Hyrum Anderson:This is the Machine Learning security evasion competition. You get prizes for attacking Machine Learning models to create evasive malware variants. This is as real as it gets. So it's real malware. The malware is actually bites on disks. So you're t-, you're, you, you take all the bits, you don't get a change code. You take all the bits and you get to disguise your malware or the malware we provide rather, to evade a suite of defensive solutions. And this attracts a really, really, really gnarly smart crowd of people who are good with both, both malware and Machine Learning, and do it in really clever ways. Even if you're not a malware reverse engineering ninja, there'll be ways for you to participate and still evade Machine Learning models.Hyrum Anderson:And, and I will, I will leave that there. If you'd like to know more about any of this, please do reach out to me. Twitter, I will respond to Twitter eventually. Um, Dr. Hyrum is my handle, or on LinkedIn, you can find me also. If you've heard about the announcement for the Machine Learning security evasion competition, you can head over to MLsec.IO.Nic Fillingham:Hyrum, what do you do for fun when you're not out there on the frontier of Adversarial Machine Learning? Hyrum Anderson:Nic, uh, you don't know this about me, but I am the most interesting man alive. And-Nic Fillingham:Oh, no. I knew that. Rom told us this.Hyrum Anderson:(laughs) Hey, so first I have five kids. So caveat that, that free time expression with knowing that I'm primarily a bus driver and, uh, an entertainer. But, um, so I, I live in Boise, Idaho. I grew up on a hobby farm, and I, I'm lucky enough to be able to work, uh, in a distributed manner. But my folks still have this farm that has like a milk cow. So my COVID hobby, I make artisanal cheese.Nic Fillingham:[inaudible 00:32:15].Hyrum Anderson:Yes. I do.Nic Fillingham:Keep talking.Hyrum Anderson:Handcrafted.Natalia Godyla:(laughs)Hyrum Anderson:Handcrafted [inaudible 00:32:20], and some Alpine sort of Swiss style cheeses, have little cheese cave. Also our viewers can't see this, but in the background, you'll, you'll notice like a little accordion. And, uh, I was a missionary for my church in Russia. And, you know, we didn't, I didn't have a lot of money, but I could spend $8 and buy that sweet puppy. Natalia Godyla:(laughs)Hyrum Anderson:As it turns out, when you have one accordion, they're like, they're like amoeba on a Petri dish. They just multiply. I now have three accordions. And the total amount of money I've spent on accordions is $8.Nic Fillingham:Hang on. You woke up one morning and your, your accordion had divided and split into two accordions?Hyrum Anderson:Yes, it's amazing. It's more like the neighbor's like, "Oh, weird nerd with the accordion, and I have something in my garage I'm trying to get rid of." But it, it brings such a thrill to me to have three accordions. Kids love accordions. And I am one of the most popular person with like elementary school kids, like who doesn't like happy birthday played on the accordion to them. I [inaudible 00:33:23] anymore. Nic Fillingham:I do, I do love a sort of an accordionie powered shindig, you know. A bulker or... That's beautiful.Natalia Godyla:Awesome. Thank you for sharing that. And thank you for joining us on the show today, Hyrum.Hyrum Anderson:Thank you, Natalia. Thank you, Nic. Great to be with you. Natalia Godyla:Well, we had a great time unlocking insights into security from research to artificial intelligence. Keep an eye out for our next episode.Nic Fillingham:And don't forget to tweet us @MsftSecurity, or email us at with topics you'd like to hear on a future episode. Until then, stay safe.Natalia Godyla:Stay secure.

Red-teaming AI with CounterFit

Ep. 31
It’s anall outoffensive on today’s episode while we talk about how the best defense is a good offense. But before we plan our attack, we need to know our vulnerabilities, and that’s where our guest comes in.On this episode, hosts Nic Fillingham and NataliaGodylaare joined by Will Pearce, who discusses his role asAI Red Team Lead from the Azure Trustworthy ML Groupand how he works to find weaknesses in security infrastructure to better develop ways to prevent against attacks.In This Episode You Will Learn:The three main functions of counterfeitWhy the best defense is agood offenseWhy Will and his team aren’t worried about showing their hand by releasing this software as opensourceSome Questions We Ask:Whatpreviously developed infrastructure was the counterfeit tool built upon?How AI red teaming differs from traditionalspecopsredteamingHow did the counterfeit project evolve from conception to release?Resources:Will Pearce’s LinkedIn security risk assessment usingCounterfit Fillingham’sLinkedIn:’sLinkedIn: Security Blog: Unlocked: CISO Series with Bret Arsenaulthttps://SecurityUnlockedCISOSeries.comTranscript:[Full transcript can be found at]Nic Fillingham: (00:08)Hello and welcome to Security Unlocked, a new podcast from Microsoft, where we unlock insights from the latest in news and research from across Microsoft security engineering and operations teams. I'm Nic Fillingham. Natalia Godyla: (00:20)And I'm Natalia Godyla. In each episode, we'll discuss the latest stories from Microsoft security, deep dive into the newest threat intel, research and data science.Nic Fillingham: (00:30)And profile some of the fascinating people working on artificial intelligence in Microsoft security. Natalia Godyla: (00:36)And now let's unlock the pod. Nic Fillingham: (00:41)Hello listeners, and welcome to episode 31 of Security Unlocked. Natalia, hello to you. Welcome. Natalia Godyla: (00:46)Hello, Nic. Happy to be here. Uh, what do we have on the docket for today? Nic Fillingham: (00:50)Today we have Will Pearce joining us. Will Pearce is the AI red team lead inside the Azure Trustworthy Machine Learning Group. Eager listeners of the podcast might recognize Will's name from a couple of episodes back where we had Ram Shankar Siva Kumar come on the podcast and mentioned Will a few times. Will is here to talk to us today about a blog post that he co-authored with Ram Shankar Siva Kumar on May 3rd, discussing the announcement of a new AI security risk assessment tool called Counterfit. And this is a great conversation, a sort of fascinating project here, and his job is about trying to break into our AI systems and compromise them in order to sort of make them, make them safer, make them better. And so we're gonna say that word, we're gonna say this word red teaming in quite a bit in the interview, and for those that may not be super familiar with the concept, we thought we might just sort of revisit it. Natalia, you've, you've got a good definition there, w- walk us through what does red teaming mean? Natalia Godyla: (01:47)And so red teaming originated in the military as a way to test strategies by posing as an external force. The US force would be the blue team, the defenders, and the red team would be someone that is trying to infiltrate the United States, and that same concept is now applied to security. So red teaming is that training exercise to determine where are the gaps in your security strategy.Nic Fillingham: (02:11)Right. And so in this context here, with regards to the Counterfit tool, Will just had a bunch of scripts that he had built himself just to sort of do his job. These are scripts he built for himself, and at some point Will talked about in the interview how he decided to pull them together into a toolkit and create a sort of an open source project that's now available up on GitHub, so that other AI red team folks, uh, really anyone who's out there trying to make AI systems more secure through red teaming can benefit from the work that Will's done. Natalia, some of the things that Counterfit can do, obviously we'll hear from Will in just a second, but what's your summary. Natalia Godyla: (02:45)I mean, there's so many different ways you can use this tool for offensive security. So you, you can pen test an red team AI systems using Counterfit, you can do vulnerability scanning, and you can also log for AI systems. So collect that telemetry to improve your understanding of the different failure modes in AI systems. Nic Fillingham: (03:07)Well, this is a great conversation with Will Pearce. I think you'll enjoy it. On with the pod.Natalia Godyla: (03:11)On with the pod. Today, we are joined by Will Pearce, an AI red team lead from the Azure Trustworthy ML Group to talk about a blog post called AI Security Risk Assessment Using Counterfit. Welcome to the show Will.Will Pearce: (03:29)Thank you. Thanks for having me. Natalia Godyla: (03:31)Awesome. Yeah. We're really excited to talk about Counterfit, and I think it'd be great to start with a little bit of an intro. So could you share who you are, what your day-to-day is at Microsoft? Will Pearce: (03:40)Yeah. Yeah. As you mentioned, Will Pearce, I'm the red team lead for the Azure Trustworthy Machine Learning team. My day to day is attacking machine learning inside Microsoft. So building tools, doing research and going after machine learning models wherever they live inside Microsoft.Natalia Godyla: (03:59)And Counterfit is a tool that helps with that, correct? Could you share what Counterfit is? Will Pearce: (04:05)Yep. Yeah. So Counterfit is a command line application that helps me automate these assessments. So this was sort of a lot of data processing that can go into them, and is taking a lot of time, and so I sort of built this command line application to take care of it. I come from the ops world, so traditional red teaming, you know, where you kind of hack networks. And so sort of the command line interface, that malware interface is what I was used to, but in the machine learning world, a lot of the tools or libraries, they're not, so they're not really readily available for you to automate things. And so I just kind of married the two together that basically wraps existing frameworks. Nic Fillingham: (04:47)Will, I'd love to step back just to speak to you. So you are the AI red team lead, tell us about AI red teaming or AI ML red teaming, how does that differ from sort of traditional SecOps red teaming?Will Pearce: (05:00)In and a lot of ways it doesn't, machine learning is a new sort of attack surface that is coming up like as businesses integrate machine learning into all kinds of things, the security of machine learning hasn't really been paid attention to. But you know, machine learning is part of a larger system, it's still an information asset that still the model files exist on a server. They're put into websites, all the normal stuff. And so a lot of those skills transferred, you know, one-to-one, the difference being is having that, that knowledge of how machine learning algorithms work, how you can bend them, how you can alter your inputs to get the outputs that you want, and a lot of it, a lot of the attacks are really just kind of engineering to get to that point. Nic Fillingham: (05:46)And the types of specialists that you have on an AI red team versus again, a sort of, sort of more, more generalist, uh, SecOps red team. Do you have data scientists and do have other statisticians and other folks that maybe have a different set of skills? Will Pearce: (06:01)Yep, absolutely. So we have a couple of members on the team that are extremely experienced data scientists and ML engineers. So basically blending of those skillsets, you know, where I don't have that formal background, but I do understand how sort of attacks work and, you know, how to run an op. They understand how the algorithm works at a, a very deep level, and so we, we have a lot of fun going back and forth brainstorming ideas. Natalia Godyla: (06:32)So bringing this back to the Counterfit project, how did the Counterfit project evolve? As I understand it, it started as a group of attack scripts, and, and now it's an automated tool. So what did that process of evolution look like? Will Pearce: (06:49)So earlier I mentioned all these things are libraries and-Natalia Godyla: (06:53)Mm-hmm (affirmative).Will Pearce: (06:53)... you know, I've been at Microsoft for nine months-ish. And coming from that ops role, it just wasn't scalable. So to write a script for every attack that you wanted to do-Natalia Godyla: (07:04)Mm-hmm (affirmative).Will Pearce: (07:05)... isn't scalable. So the first thing, just natural to want that tool, that malware type interface was to build, was to wrap these into a single tool that you could run any attack script that you wanted in, in an automated fashion. That was that, it was, it was just a need for an automated tool for my own purposes and it kind of evolved into this. Truth be told, I didn't necessarily think it was gonna be as popular as it was. Natalia Godyla: (07:29)(laughs)Will Pearce: (07:30)Yeah. I wrote it because I needed it, not because, you know, we wanted to release it, but it has kind of taken on a life of its own at this point where, you know, I don't do more bug fixes than I do attacks, but I could see in the not too distant future we would need a dev to like take care of the day-to-day maintenance of it, or, you know, build in whatever features we wanted for it. Nic Fillingham: (07:55)And did not thing exists here in this space Will, was there, was there nothing that allowed for the automation of, of the work that you were doing and that's why you sort of built it, or did something exist, but the modifications that would have been necessary to meet your needs would have been sort of too laborious? Will Pearce: (08:10)I shouldn't say nothing existed 'cause I don't... There was nothing that, you know, for example, data types, right? Like you have texts, images, NumPy, or, or arrays of numbers, things like that. A lot of the tools only focus on one of those data types or two let's say, right? But there's a wide variety of models at Microsoft that I need to test. And so having something that can do text, audio, image, any arbitrary data type is extremely valuable, and that was sort of the first step. It was just having a need, I didn't wanna use five different tools, you know, I wanted to use one, and so that was kind of the, the driver for me to build it. Nic Fillingham: (08:53)And I noticed, uh, Will it's been published through GitHub. So is the intent here for it to be a true sort of community initiative, community project and, and have contributors and, and sort of a, a vibrant community?Will Pearce: (09:05)Yeah, absolutely. Yeah, that's the plan. Ram will tell you I'm not the best data scientist, so this is the blending of offensive security and machine learning, right? And data science. And so there are just conventions in the data science world that I'm not familiar with, similarly, there are inventions in the offensive security world that data scientists aren't familiar with. So moving this Counterfit becomes a metaphor of sorts for these machine learning algorithms, where people feel welcomed to submit new research, um, and to really become a platform for the conversation between machine learners and security people to evolve, start to understand each other and what matters to the other. Natalia Godyla: (09:51)And are you also continuously updating the tool, so as you learn more adversarial attacks against AI, will you be feeding that into the product, and what does that process look like? Will Pearce: (10:04)Yeah, yeah, absolutely. So it exists on algorithms, right? Natalia Godyla: (10:09)Mm-hmm (affirmative). Will Pearce: (10:09)Uh, attack algorithms. So an algorithm basically iterates on an input in a particular way, right? And that's how it, you kind of create that output that you want. So there's that piece, is just creating new algorithms that will do whatever we think is useful for the particular task. But there's also things like a web interface that would be extremely nice for some users or, you know, just some niceties that aren't built in yet still somewhat difficult to look at the results of a scan or the samples of the scan. And so, so some of those things still need to be built in, but yeah, that's kind of the plan is to build any, you know, someone could submit a feature request tomorrow and we would probably build it the next day just because we're excited to see what people do with it and what they care about with it. Nic Fillingham: (11:05)So Will, if we could jump forward into, I think the three core functions or the three use cases of this tool as they're sort of listed out in the blog here for those that have read the blog post. So the first one is listed out as penetration testing and red teaming AI systems, and the, the tool here is preloaded with published attack algorithms, which can be used to, to test out evading and, and stealing AI models. We've had a bunch of your colleagues, uh, and peers on the podcast before, so we've learned a little bit on the podcast here about adversarial ML. We know that it's sort of a new frontier, we know that the vast majority of organizations out there don't have anything in place to protect their AI systems. Can you tell us a bit about this first scenario here? So evading and stealing AI models, what does that sort of look like in a hypothetical sense or in the real world, and then how do we use this tool to sort of test against it? Will Pearce: (11:59)Let me go backwards a little bit in your questions.Nic Fillingham: (12:01)Please. Yeah. Will Pearce: (12:02)So you mentioned that organizations don't have the tools to protect these systems.Nic Fillingham: (12:08)Right.Will Pearce: (12:08)That's only partly true, only because machine learning, the model itself is a very small part of that whole system, but there's a very mature information security presence around principles of least privilege, setting up servers, deploying end points. Like we know exactly there are very mature security processes that can already be attached to these things, the difference is because machine learning people aren't cued in to this, the security apparatus at a higher level, they're not aware that these things exist, right? So you're looking at ML engineers who are responsible for deploying an endpoint to, uh, you know, let's say a public site, but they're not aware that maybe the way they're deploying it, you know, they, they put secrets in the code or, or whatever. And that's kind of what this is about, is it is about marrying of traditional information security principles and this new technology, machine learning. Will Pearce: (13:07)So in terms of evading a model, I mean, what that looks like is basically you have a model that is responsible for taking input and making a decision based on that input. So the classic example is images, but, you know, if you think about authentication system, you know, where it uses your face, you know, Windows Hello, maybe there is a different face that would also work on it. So evading a model is basically just giving an input such that you get the output that you want. So in the traditional information security sense, it would be like bypassing a malware classifier, bypassing a spam filter, so that's how you get your phishing. Will Pearce: (13:43)Stealing is, it's basically turning machine learning on its head. So it's just reflecting the model back at itself. So all you do is you send in, you grab a dataset from online, there's ton of them, for example, like an email data set. So let's say you're a spam filter. I did some research like before I got to Microsoft, it was a spam filter. In their email headers, they leaked their spam scores. So you'd send an email and you'd get one back, and in the headers it would be like 900. Nic Fillingham: (14:12)Hmm. Will Pearce: (14:13)I recall it's interesting. And it was in every email. So what we did is we grabbed big data set of emails, like the Enron data set, and we just sent every single email, every single Enron email through this spam filter, and we collected the email we had already. And then for each email, we just collected the score, right? And then we just trained a local model to mimic the spam filter, and using that, we were able to sort of reverse that spam filter and figure out what words the model thought were bad and what words the model thought were good. Will Pearce: (14:46)And so Counterfit kind of automates that process. It gives you a framework in which you can put all that code into one place and then run that attack. The code we wrote for that particular attack, it was in like, you know, 15 different files, it was several different services. It wasn't pretty, or repeatable necessarily. And so Counterfit allows you to sort of aggregate all of the weird code that you might need and allow you to interface some target model with any number of algorithmic attacks, including, you know, model stealing. Nic Fillingham: (15:22)So I, I might've got this wrong Will, but, so if the goal is to stop adversaries from potentially stealing your model using this technique here where you, you'd basically grab a dataset, throw it at a, at a model, monitor the output and then go train your own model to mimic that. How does Counterfit help protect against that, or how does Counter- what kind of information or data does Co- Counterfit output to help you in that, in stopping model stealing? Will Pearce: (15:49)Um, (laughs) it, it doesn't.Nic Fillingham: (15:51)Oh.Will Pearce: (15:52)Counterfit is an offensive security tool. (laughs)Nic Fillingham: (15:55)Got it. Will Pearce: (15:56)So the primary piece being offense drives defense. Nic Fillingham: (16:00)Got it. Will Pearce: (16:01)So using this tool in that particular way, you can then test, right? In any number of scenarios, before you deploy a model, you can scan it and you, after you deploy a model, you can scan it, but you start to develop benchmarks. So in traditional information security, when you have a vulnerability scan, right? You scan the entire network, you get your list of critical, high, medium, low vulnerabilities. You then go start checking, you know, patching, check it, and then you re-scan the next month. This is a similar function. Natalia Godyla: (16:34)So we talked through two of the use cases here, the pen testing and red teaming, and then you just touched on vulnerability scanning. Can you provide a little bit more color on how you intend security professionals to use it for logging, what's the, the purpose, the driver behind that use case? Will Pearce: (16:54)Yeah. So logging... (laughs) Going back to security foundations, currently machine learning, a lot of them don't log-Natalia Godyla: (17:00)Mm-hmm (affirmative).Will Pearce: (17:02)... or they, they don't explicitly log for the purpose of security. So they'll log telemetry data, they'll log usage data, but that doesn't feed any higher level security processes. So the Counterfit has logging built in where it will track every input and every output, just as you would, you would put a l- a logging mechanism behind a model where you would track every input and every output. So we've built it in here so organizations can get some form of logging during an attack, right? So they could then turn those logs into some sort of detection pipeline, some sort of ability to detect a particular attack, but ideally organizations would log, right? They're gonna be logging anyway. And so I think it, in a lot of ways, it's just about getting machine learning people to start thinking about these security motions in a consistent way. So if you're gonna collect logs, do it in a way that's repeatable (laughs) and consistent and gives you the information that you need to, to do whatever you need to do, whether it's, you know, telemetry data or usage data or w- whatever it is.Nic Fillingham: (18:11)You know, you talked about a, a golfer Counterfit to sort of fit the nature of a metasploit, and being, uh, popular and, and powerful red teaming tool. What efforts are being made, or what's being done to ensure that this doesn't end up being an actual breach toolkit for adversaries? How do you toe that line of making a, a powerful tool for red teams who are ultimately trying to do good, and actually, you know, making it easier for adversaries to go out there and evade or steal models? Will Pearce: (18:39)I don't have a good answer for you. Well, I mean, in a lot of ways, you know, offense drives defense, right? So we think adversaries are gonna be doing this anyway. So in this way, if we can get a tool into people that make it easier for everybody (laughs) including adversaries, you know, we would hope that organizations would start putting mitigations in place for these things. If they see an uptick in attacks, they should do something about it, if they don't, then great, it's obviously not on the radar of attackers. And I would say currently it is not really on the radar of attackers. Nic Fillingham: (19:19)Well, not until this podcast comes out. Will Pearce: (19:21)Yeah, yeah. Exactly.Natalia Godyla: (19:21)(laughs)Will Pearce: (19:22)And so we're, yeah, I think we're maybe a little ahead of schedule just in terms of what this tool represents, and we might've missed the mark completely, right? Like we might be, we don't know if attackers are gonna go this route of attacking machine learning. There are certainly new attacks every year that come out, so the trend is up, but I think widespread abuse has yet to be seen, which I guess is the whole point here is to get ahead of that. Nic Fillingham: (19:51)Well, let me to just recap to make sure I, I sort of understand this. So as someone red teaming and penetration testing AI machine learning systems, you had a lot of disparate scripts, a lot of disparate tools, a lot of disparate processes, you needed to bring them all together into a, into a single pane of glass, to use an overused, uh, analogy. So you created a first and foremost for you, then you realize it would be a powerful tool for, for others out there that are, that are trying to protect AI machine learning systems through red teaming, through, as you say, offense drives defense. Can you share any examples of how the, the tool, either the, the work that you've done in protecting ML systems at Microsoft or with customers or other projects, do you have any stories you can tell of how this tool has been used out in the wild and, and some of the things that it's done to help find vulnerabilities, help patch gaps? Yeah, what are some of the positive stories or positives outcomes? Will Pearce: (20:42)Yeah. I mean, in the wild, I don't think so. You know, it's like when I go back-Nic Fillingham: (20:46)(laughs)Will Pearce: (20:46)... to talk to my, my like traditional red team peers, for them, machine learning is still a main in a lot of ways. So it's like they only hear about it in terms of, you know, they're only being sold at, right? Like they only say an EDR and it's like, okay, well, we've seen this story a million times. Like two years ago, it was application white listing. So it's gonna take, I think a little bit to get on board, but there are a couple of use cases. There's one we did with the expense fraud where you would take a receipt and you would change a digit to be more, right? So you would spend 20 bucks, you get a receipt for 20 bucks, but you'd change the two to three, then you would net $10.Will Pearce: (21:25)There, in a lot of systems, there's still like a human in the loop, so a lot of engines will have like a rule that says, if this is below 90% confidence, send it to a human, otherwise just trust the machine learning algorithm. There's a number of different NLP models that we've gone through, uh, with this where you can, you know, make algorithms say racist things or impolite things, and you can basically force it to do that. Nic Fillingham: (21:56)NLP is, uh, natural language processing? Will Pearce: (21:58)Mm-hmm (affirmative). Yeah. It's also neu- neuro linguistic programming-Nic Fillingham: (22:03)Okay. Okay.Will Pearce: (22:03)... and I, I think it's natural language processing. (laughs)Nic Fillingham: (22:04)But it's, it's sort of, it's sort of the processing of written or spoken word?Will Pearce: (22:08)Yup. Yeah, exactly. So have you, I'm sure you might've heard of GPT-3, Open AI.Nic Fillingham: (22:11)Yes, we have.Will Pearce: (22:15)Yeah. So there's, there's a couple things there with the, like that dataset for example. They pulled everything from the internet, right? And it's like as much public data as they possibly could, but it's like, just because it was public doesn't mean it should have been public. So there's a number, an amount of PII that you can pull out of GPT-3 that, you know, organizations might not be aware exists inside the model. A lot of models like will memorize training data, and so, you know, when you deploy like an NLP model to an end point and you don't realize this, if that model has PII in it, you know, you're kind of exposing it to whoever has access to that end point. And that's, that's a new challenge for sure. Will Pearce: (23:02)It also, you know, if you have PII saved in your model, like it's easy to say a database has PII, this falls within a particular compliance boundary, but when you say, this model has PII, where does that fall? Does it fall inside of that same compliance boundary? Security would say yes, but a lot of machine learning data scientists, they're not there yet. And so, you know, you might have a model that is deployed that is backed by this NLP system where you can pull PII from, and Counterfit kind of helps automate this and helps me, you know, play and tweak and, you know, figure out what I need to send to model to get the output that I want. Natalia Godyla: (23:45)How do you coordinate with teams inside Microsoft to build a feedback loop? I'm, I'm assuming you're, as you said, tweaking along the way, and with your findings, you've discovered vulnerabilities or opportunities to evolve the way that we're handling our AI systems. How do you work with teams to better the process? Will Pearce: (24:08)Yeah. It's report writing. (laughs)Natalia Godyla: (24:11)(laughs)Will Pearce: (24:12)So sometimes we reach out, you know, there's a particular service we wanna go after, maybe it has a high impact, a high value to us, you know, maybe there's something that we, we wanna do 'cause we think for style points, so, you know, we wanna go after that. So we'll reach out and we'll contact PLC as like, hey, we're, as the trustworthy machine learning team we wanna attack your model, we'll give you a report. Other times we'd go into the Azure website and I just look at all the products that exist and I just provision them into my, into our own tenant and attack them from there, and then write the report and send it over.Will Pearce: (24:50)So it usually depends, it's a production system. I usually provision it if I can, and go after it that way. If it's not quite there yet, or it's, you know, a high impact use case, you know, for example, the PII one that we just talked about, will work directly with the team and kind of set up an official project. We have like rules of engagement, you know, there's a cadence, and in the end it's a report that basically states what we did, recommendations that we have, and a kind of a, a pat on the back and-Natalia Godyla: (25:23)(laughs)Will Pearce: (25:24)... good luck, not good luck, but, you know, reach out if you need anything kind of thing. And I would say, yeah, it's been positive. I think it's really difficult to show impact. So in a traditional information security sense, getting domain admin, you know, it's an easy way to show impact. Dumping a database full of PII, you know, it's an easy way to show impact, but, you know, when you, uh, change an image to make a dog look like a cat, and then you'd like, okay, see, this is possible? Like it's a harder sell and it doesn't quite hit home. So, you know, a lot of the work done is really just trying to show impact and give teams just an easy way to see the risks that exist-Natalia Godyla: (26:11)Mm-hmm (affirmative).Will Pearce: (26:12)... without having to, not dumb it down, but without having to resort to toy examples. Nic Fillingham: (26:19)So are there folks out there Will listening to this podcast hearing about the Counterfit tool who may not think of themselves as sort of the target audience for this, you know, protecting AI and ML systems is, is obviously still very nice and red teaming AI and ML systems, it sounds like even more so. Can you talk to us about some of the types of data scientists, security ops folks, what are some of the roles out there of people that should be taking a look at Counterfit and sort of thinking about the AI systems that might be in use in their organizations that need to be pen tested, vulnerability tested, logged, et cetera, et cetera, who, who needs to use this tool that maybe doesn't realize they need to use this tool?Will Pearce: (26:58)You know, really anybody using machine learning. But Microsoft has a mature information security program, a lot of places don't. So what this tool doesn't give is like, there's no model inventory, there's no tracking of assets. There's, there's none of th- those foundational security things that are, that would normally in place, right? Like how do you know what to vulnerability scan in a traditional environment where you can either scan, right? You can just every internal IP address possible, you know, or you can pull it out of an asset inventory, right? Organizations for their models don't even have asset inventories yet. If there is a machine learning person who is wondering, you know, what is possible, you know, with this model, like what can I get it to do? Like those are the kinds of people, and it's just bringing it into their own process, their own machine learning development life cycle, and saying at the end of this, I'm gonna scan and see, see what's there. Will Pearce: (27:53)Or maybe they're the ones responsible for deploying models to a public endpoint, and they were like, you know what? Let's see what this thing kicks out, right? Let's, let's, let's see what Counterfit comes up with. We're just point Counterfit, and if something falls out, like we'll deal with it then. But I don't know, from the security side, anytime you mention machine learning to security people, they, math, like they just don't wanna talk to you 'cause they assume machine learning means math. Nic Fillingham: (28:19)(laughs)Will Pearce: (28:20)And in a lot of ways-Nic Fillingham: (28:20)Math hard.Will Pearce: (28:21)... it does. Natalia Godyla: (28:21)(laughs)Will Pearce: (28:21)Yeah. And I, to be fair, I was maybe one of those people in the beginning, but I have always enjoyed like numbers and data and things like that. So this is kind of a, in some ways a dream, right? For me, because that's the things that I'm interested in. But I would say if there is an interest in data and numbers and watching what comes out, like it is a rabbit hole that just doesn't end, right? Like you can think of, I mean, in, in all the ways like attacks are, are just like this, like attackers need feedback, right? To, to be successful, and machine learning model is the same way. It's like you input data, you get output, and then you in the middle, there's some inference, there's some like black box that you have to like wonder what happens. Will Pearce: (29:08)And so I think in a lot of ways, security people are, already think that way. So for Counterfit, like if you have a product that you wanna bypass, if you have a spam filter you wanna bypass, like figure out how these, these algorithms that, you know, researchers built that you can use in your ops, and you'll find that fortunately, that all the math has done for you and, and all you have to do is get your data in the right format and just let the math take care of itself. Nic Fillingham: (29:39)I wonder if you should make up some t-shirts or some stickers that say like, you know, just Counterfit it. Like should we verb-Natalia Godyla: (29:45)(laughs)Nic Fillingham: (29:45)... should we verb that now and then like put it all over Blackout Conference in RSA and-Will Pearce: (29:50)Yeah.Nic Fillingham: (29:51)... get all the, get all the SecOps folks out there just, uh, just point Counterfit at it and see what happens. Will Pearce: (29:56)Yeah. Well, it's funny. So the spam filter attack that I mentioned earlier, the reason it's called Counterfit is because it is a, like a model stealing piece. So I think in some libraries like to fit a model is the term. Natalia Godyla: (30:11)Mm-hmm (affirmative).Will Pearce: (30:12)So it's like to Counterfit is to steal it. Nic Fillingham: (30:15)Very clever. I think you're, you're neck and neck with a cyber battle SIM for-Natalia Godyla: (30:19)(laughs)Nic Fillingham: (30:19)... coolest, uh, ML tool name, uh, to come out, in, of, of Microsoft. Will Pearce, thank you so much for joining us on Security Unlocked today. Before we wrap, before we let you go, tell us where our listeners can go to learn more about this project and/or potentially follow you on the inter webs.Will Pearce: (30:36)You can go to, to get the tool, go to, and there is a highly recommend the Wiki, and Docker and/or Ubuntu, or if you're brave, you can install it on Windows. And I am on Twitter @Moohacks, which is...Nic Fillingham: (30:57)Moohacks as in M-O-O or M-U? What's Moohacks? Will Pearce: (30:59)Uh, M-O-O... I can't remember if I have the underscore, on my Git I have Moohacks. Nic Fillingham: (31:06)All right. What will we find if we follow you on Twitter, or is that an NSFW question? Will Pearce: (31:11)No, it's mostly, uh, machine learning things... Well, it's a good mix I think. Machine learning and, uh, cybersecurity research that I like. Nic Fillingham: (31:20)Sounds good. All right. Well, Will Pearce once again, thanks for being on Security Unlocked. Will Pearce: (31:23)Yeah. Thank you very much. Natalia Godyla: (31:25)Well, we had a great time unlocking insights into security from research to artificial intelligence. Keep an eye out for our next episode. Nic Fillingham: (31:36)And don't forget to tweet us @msftsecurity, or email us at with topics you'd like to hear on a future episode. Until then, stay safe.Natalia Godyla: (31:47)Stay secure.

Pearls of Wisdom in the Security Signals Report

Ep. 30
It’s our 30thepisode! And in keeping with the traditional anniversary gift guide, the 30thanniversary means a gift of pearls.Sofrom us to you, dear listener, we’ve got an episode with somepearlsofwisdom!On today’s episode, hostsNic FillinghamandNataliaGodylabringback returning champion,Nazmus Sakib, to take us through the newSecurity Signals Report. Sakib walks us through why the reportwasdoneand then helps us understand the findings and what they mean for security.In This Episode You Will Learn:How pervasive firmware is in our everyday livesWhy many people were vulnerable to firmware attacksHow companies are spending the money they allocate towards digitalprotectionSome Questions We Ask:What was the hypothesis going into the Security Signals Report?How do we protect ourselves from vulnerabilities that don’t exist yet?Wereany of the findings from the report unexpected?ResourcesNazmusSakib’sLinkedIn: Signals Report: Fillingham’sLinkedIn:’sLinkedIn: Security Blog: Unlocked: CISO Series with Bret Arsenaulthttps://SecurityUnlockedCISOSeries.comTranscript:[Full transcript can be found at]Nic Fillingham:Hello, and welcome to Security Unlocked, a new podcast from Microsoft where we unlock insights from the latest in news and research from across Microsoft Security engineering and operations teams. I'm Nic Fillingham.Natalia Godyla:And I'm Natalia Godyla. In each episode, we'll discuss the latest stories from Microsoft Security, deep dive into the newest threat intel research and data science. Nic Fillingham:And profile some of the fascinating people working on artificial intelligence in Microsoft Security. Natalia Godyla:And now let's unlock the pod. Nic Fillingham:Hello listeners. Hello, Natalia. Welcome to episode 30 of the Security Unlocked podcast. 30 is the, uh, traditionally, uh, celebrated with a pearl. Uh, I don't have any pearls on me right now. Natalia, do you have any pearls? Natalia Godyla:I have pearls. I'm not wearing them. I should have worn them to this recording. I feel like it could have been attribute to this massive milestone. Nic Fillingham:I mean, it's a milestone for you and I. I think that the listeners, they sort of probably don't care as much as you and I do, but, but we'll, we'll... after this we'll, we'll toast ourselves and we'll go put on our finery and look at our pearls. And anyway (laughs)-Natalia Godyla:(laughs).Nic Fillingham:... on today's episode, we have a returning guest, Nazmus Sakib, who's here to talk about the security signals report published back at the end of March. There's a blog post, which you can find on the Microsoft Security blog from March 30th. There's also an accompanying report that you can download from the secured core PC website. And this report is called the Microsoft security signals report, and it is all about firmware and firmware attacks. Nic Fillingham:And a bunch of things that I sort of thought I knew, but didn't, one of them is I just didn't realize how pervasive firmware is. Firmware is, is everywhere inside your PC. It's not just your BIOS. You know, there's multiple components inside the average computer that have firmware in them. And so that was sort of the first thing that I was sort of quite shocked about to learn. Natalia what were some of your takeaways? Natalia Godyla:The steady increase in firmware attacks was, uh, shocked me, five fold increase over the last four years. I mean, firmware is a clear target because it houses such sensitive information, but it had been historically too difficult for attackers to target. Now that they're looking for new threat factors, they're targeting firmware because it's often overlooked. There's not a ton of visibility into firmware. So they recognize it's an opportunity for exploitation. Nic Fillingham:I came into this thinking that the percentage of organizations that have encountered a, a firmware attack, a firmware incident, a firmware breach will be really low. I thought it would be, I don't know, five, 10, 15%. It's over 80, over eight zero, which is just, uh, phenomenal. And so, you know, that was sort of really quite sort of surprising to me. And we spent quite a bit of time in the interview with, with Sakib sort of breaking that number down and understanding sort of why it is so big and what the scope of it is. Again, a great conversation. I encourage everyone to go read the blog, download the report, follow along at home. On with the pod. Natalia Godyla:On with the pod. Nic Fillingham:Welcome back to the Security Unlocked podcast, Nazmus Sakib. Thanks for joining us.Nazmus Sakib:Thanks for having me back, uh, Nic and, and, and Natalia. I appreciate it. I guess, uh, our, uh, expansive chat about cricket was not enough of a disqualifier.Natalia Godyla:(laughs).Nazmus Sakib:And, um, um, I'm grateful to be, to be back on. Nic Fillingham:Yeah. Awesome. Uh, I'm looking forward to, uh, sneaking some cricketing talk into another episode of Security Unlocked. We'll, we'll get to that in just a second. There was a blog post on March the 30th, the blog post is called new security signals study shows firmware attacks on the rise, here's how Microsoft is working to help eliminate this entire class of threats.Nic Fillingham:There is a fascinating paper associated with this called the security signals report, which you can download for free. We'll put a link in the show notes. Sakib you're here to talk to us about the findings in this research work. Before we jump into that, could you re-introduce yourself to our audience, please? What do you, what do you do at Microsoft? What's your role? What is your day-to-day look like?Nazmus Sakib:Thanks. So I'm on the operating systems team broadly at, at Microsoft and specifically on the enterprise and security team. Our team works on building in the security features that go into our, our operating systems, Windows, obviously, and as we work on our cloud infrastructure and Azure, we're also looking at, uh, security capabilities in Linux as well, since that's a, a big area of growth and a really important piece of the puzzle for our, for our customers in Azure.Nazmus Sakib:So my team works on the intersection of hardware, firmware and operating system security features. Uh, we're the team responsible for secured core PCs and secured core server where we're working on alongside our [OEM 00:05:00] ecosystem, the, uh, the Dells, the HPs, Lenovos, uh, of the world to build more secure systems right out of the gate, as those systems, uh, leave the factory floor and go off to our customers. Nazmus Sakib:We wanna try and shift a bit of the burden of protecting against security attacks to mitigate threats. We wanna shift it left so that there's less of that configuration and management overhead on the end customer. We at Microsoft and collaboration with our partners can do a lot more of that, uh, on behalf of the customer. Nic Fillingham:Got it. And this report, the security signals report, the 2021 security signals report. Uh, it was commissioned by Microsoft. It was commissioned, I think in part by your team, partnered with a group called hypothesis. I'd love to start with what was the hypothesis? What was the sort of the idea or the big question that you, you all had coming into deciding to create and launch this research?Nazmus Sakib:We didn't have necessarily, you know, one or two questions that we were specifically interested in. What we wanted to do was to have more qualitative insight into what customers were experiencing to compliment the signals that we get to see from the day-to-day, you know, operation of our products and services. We get a lot of signals, obviously as part of the intelligence that we have in general at Microsoft from a, a threat intelligence perspective, right. Nazmus Sakib:But we wanted to really understand a bit better around where customers were at and how were they experiencing threats? How are they responding to threats? Like how are they viewing their estate? How are they analyzing and, and bucketing risk? And how are they investing in order to mitigate that risk? So that really was the Uber goal behind doing, doing the research is to compliment the data that we already get internally from the day-to-day operation of our products and services, and really get better insights of how customers are experiencing threats and how they're responding to those threats, tactically and strategically. Natalia Godyla:So I'll, I'll start with a big question. What are the major takeaways from the security signals report? What was the big aha?Nazmus Sakib:The big aha. There were maybe a couple of things that, you know, immediately come to mind. And I'm sure as we continue through the conversation, there are a few more that will come to recognize. One was the last time that I was on the podcast, we talked a lot about how we're investing in firmware threat protection. We were seeing a trend that suggested that, you know, based on the security research, based on a couple of recent attacks, that this was something that firmware attacks was something that was, you know, in the near future, if you will.Nazmus Sakib:What was particularly surprising at least to me, was that over 80% of the respondents and there were, you know, a thousand respondents mentioned that they'd suffered at least one firmware attack in the last couple of years. And so that to me, you know, confirmed one aspect of the hypothesis, if you will, that had internally that, that firmware is a ripe avenue for attack, for threat [inaudible 00:08:20] to exploit. The surprise was that, you know, real customers were, were seeing it.Nazmus Sakib:And it was at a scale that perhaps we had an accounted for earlier. So it wasn't from our attacks wasn't something that was in the near future. It was actually something that customers were, were experiencing in the present. So that certainly stood out for me. In relation to that, I think, you know, it was a pleasant surprise that, uh, you know, customers are trying to, and enterprises are trying to respond to, to firmware attacks.Nazmus Sakib:I saw that 33% of respondents said that they were doing, uh, firmware threat modeling, which is a really high number. Threat modeling is generally a pretty advanced security procedure. And, uh, generally it's assigned that whoever's doing, it takes the security life cycle of how they're managing their own estate, their, their product, their services seriously, if they're digging in and trying to do a threat model as well. So that was a pleasant surprise. Nazmus Sakib:And, you know, it goes well with that, that earlier data point, you know, if customers are experiencing some of these, these threats, they're likely going to invest in ways to mitigate those sorts of attacks. So that was a pleasant surprise for me in the data as well.Nic Fillingham:When I saw the top level findings from this study, given the massive sample size, like over a thousand respondents, that's pretty big. I was absolutely shocked to see that 80% or even more than 80% of respondents said that they'd experienced the firmware attack. If you'd asked me, hey, what percentage of, uh, of enterprises, you know, across the, the spectrum do you think have had a firmware attack? I would have said 10%, 20. I mean, I'm making that up, right. Nic Fillingham:But to I think your point when you talked about the, the hypothesis of why you commissioned this research, I would have thought that firmware attacks were very much something that were [inaudible 00:10:12] and a future threat as opposed to something that four out of five have encountered today. So I think you said you were a little surprised there, but I'd love to learn a bit more about this 80% number.Nic Fillingham:Can you sort of walk us through the spectrum of types of firmware attacks that make up this 80% and, you know, your thoughts on that number? Was it much, much higher than you expected? Nazmus Sakib:Yeah. It was higher than I, than I expected. I think, um, I was at some level expecting to be a little surprised, but 80% was definitely more than I was expecting. How do I explain that number? We're asking our... the respondents to, to think holistically, like these were, uh, IT decision makers. So they were more likely to be responsible for larger estates like you're described, right, Nic. Nazmus Sakib:That, you know, they may be managing a lot of PC end points that, you know, may come to mind more immediately, but also potentially servers, potentially other connected devices like IOT systems or a whole range of the sort of connected appliances equipment that you see and get a modern workplace. Right. And so to me, as I think about how a respondent wold have answered a question, I think they would have come at it, not just from the perspective of, you know, is, has my PC firmware been compromised as part of attack. Nazmus Sakib:They were likely answering that from the perspective of, as any of the systems in my estate that constitutes more than just PCs has been been compromised. So I think that's one way that I can sort of think about like how that number could have been, you know, higher than I was expecting is that respondents were looking at it from the perspective of, you know, I'm not just the person that manages PCs, I'm the person that manages infrastructure.Nazmus Sakib:And there are many things that go into that infrastructure, and have any of those things been compromised using firmware. So to me that was something that helped explain things in my mind. The other aspect is just, you know, for me personally is recognizing that, you know, firmware is, is just on, you know, quote unquote, everything. You know, we often think a lot about, and especially from our last conversation right Nic where we talk a lot about boot firmware.Nazmus Sakib:But firmware is on all the components that, that go in to make a device work, right. Firmware is on your network controller, if you have, you know, firmware helps make your wifi packets move on a network. Firmware is on your, your storage device, right on your hard desk or your SSD. And so customers correctly, I think probably interpreted firmware to account for all of those things. And so if they've potentially encountered an attack where a buggy networking firmware may have been part of the compromise, they, they perhaps kind of answered that question that way.Nazmus Sakib:So that's how I've been able to kind of explain that number. And it's, it's pretty insightful to, to sort of come at it from that perspective at least for me, is to, to make sure that, you know, I'm looking at the problem space and the breadth that customers have to experience it.Nic Fillingham:That's a fantastic clarification there. And it's, and it's an assumption that I had coming into this that you've, you've just [inaudible 00:13:28]. Firmware is not just boot firmware, firmware is, is everywhere. To your point it's not, so it's not just PCs and on PCs it's not just boot firmware. As you were walking through that list of things, I sort of distinctly remember, you know, I have, uh, a laptop that was updating the other day, or I got some sort of notification saying that there was an update required and it was touch pad firmware. Nazmus Sakib:Right, right. Nic Fillingham:So there's obviously, you know, some silicon that helps the touch pad work and that has firmware inside of it. And I guess if it has firmware inside of it, it's a potential vector for attack. Nazmus Sakib:Yeah, exactly. If you have a hardware device, right, or a hardware component, it has firmware. And so I think to me that was one of the big kind of, uh, moments of, of making sure that I wasn't kind of being narrow and fixed in my kind of perspective is just like, yeah, of course, um, you know, we need to be thinking about, about from where in that expansive way. Nazmus Sakib:We do but I think it's one of those things where, you know, if, uh, your focus is in a particular area as that's where, you know, your immediate like, uh, engineering schedule is or happens to be, you know, it's easy to kind of lose sight of that. So I think, you know, looking at it from the customer's perspective that they're interpreting firmware as being more than just for PC class devices.Nazmus Sakib:And then also, you know, looking at firmware as not being just boot firmware, I think, you know, that helps explain why that number was, was high and why that number isn't surprising. Natalia Godyla:So the other finding in the report was around investment levels. The data showed, what was it that 39% or 29% of budgets was dedicated to protecting firmware? What is typically that budget used for? What technologies is, is that 29% encompassing? And is that the right amount?Nazmus Sakib:That's a really interesting question. And I think it's one where one of the big things that we've spent a lot of our time on in trying to interpret that data. Uh, a lot of those investments in, in firmware security that 29%, I think you're going into what I'd call like the, getting the fundamentals, right. And making sure that as Nic was talking about making sure that you're putting firmware updates out, getting them out through your estate to the estate current.Nazmus Sakib:That's where a lot of that time is going. And oftentimes from our updates like doing it, it seems kind of basic, but it is, uh, can be a time consuming process and just making sure, especially in a managed environment, if you're trying to ensure that you're, you're controlling the network and especially in, in more controlled environments, if you are restricting access to the, to the open internet, then that also ends up meaning that you need to more proactively manage how updates are deployed. Nazmus Sakib:So that's where a lot of that investment is going in, in making sure just the basics are covered. Now, I think, you know, a lot of enterprises have sort of said it in the aggregate that, you know, I think if I recall the number correctly, you know, 62% of enterprises said they weren't, getting to, to be able to spend enough time on strategic work. And, you know, I, I wonder if that's one of those pieces where customers feel that they could be doing more in the firmware space.Nazmus Sakib:We did see a correlation where if a respondent had said that they'd been attacked or been, uh, compromised by a former attack, their levels of investment did go up as, as you'd expect. And so I think, you know, I take those signals to mean that I think, uh, that the customers recognize that they could be investing more in some strategic investments and that it is likely that there is some room there for customers to bolster their defenses against some of these firmware attacks. Nic Fillingham:Sakib, to folks listening to, to the episode and you know, about to go and download the report and, and read through it. What do you want them to take away from that? Nazmus Sakib:Right. So I think, you know, if there was a key [inaudible 00:17:48] takeaway and the report does look at firmware, we also asked about software and hardware. I think the big thing that sticks out is that where customers wanna go, where different enterprises want to get to from a security perspective. And that is to be more proactive, I think in general, right? And so getting to a place where they can have more proactive protections is, is I think something that, that stood out.Nazmus Sakib:I think a couple of things that help bolster that is some of the technologies that companies mentioned, that they would be investing more in compared to where they are now in the next two years were AI, ML and trusted execution engines like TEEs. So those are protected enclaves in a system, which are ultimately ways where you can end up creating more of that proactive protection rather than wait to know what an attack is or what any particular strain of malware is.Nazmus Sakib:And then, you know, figure out how to block that strain of malware. It clearly looks like customers are trying to get to a place where they're not playing whack-a-mole, and have ways where they have more systemic protections, whether that's using technologies like machine learning and AI that are data driven, or by using more fundamental hardware protections like TEEs to mitigate things out of the box of how things are built and architected. Nazmus Sakib:So that was like the key, key takeaways that customers, companies, enterprises, they're all trying to get to a place where they have more proactive protections. Now in terms of where Microsoft is and how, how we can kind of help customers on that journey, I think, you know, we're, as I mentioned, we're working on secure core PCs, which is a collaboration with our ecosystem. Nazmus Sakib:We have had secured core PCs for, you know, it's getting close to a couple of years now since we, since we launched. And so I think, uh, a little over a year and a half, we recently at ignite in, in March. We announced that secured core is now or will be coming to, to servers and also edge products like IOT devices. Um, because we recognize that customers are experiencing a lot of the same problems that we saw in the PC space, where they're trying to figure out how to be more proactively protected by design, by the operating system, by the hardware that's manufactured by an OEM or device manufacturer. Nazmus Sakib:So we're bringing that same set of, uh, of principles over to servers and, and IOT as well. And alongside that, one of the other things that customers mentioned as an area of interest is advanced threat protection technologies and Microsoft Defender for end point has been investing in firmware protection capabilities alongside all of their existing investments around operating system and, and services security.Nazmus Sakib:So we'd definitely want a partner with customers on this journey. We're investing, I think, in, in a bunch of different areas and we're, we're constantly looking at, at our data, we're trying to find ways to connect with our customers to make sure that we're, uh, we're effective partners and ensuring that we're helping them stay ahead of, of attackers. Natalia Godyla:Sakib could you clarify a few of the phrases and terms you just used, um, trusted, enclave, TEEs?Nazmus Sakib:Right. So trusted execution engines or enclaves there, they're class of technologies that involve creating an isolated environment for code to execute. And they're often used in conjunction with a general purpose operating system. So the easiest way to think about it is that when you have an operating system and anything that's a sensitive asset, whether that's some sensitive data, whether that's, uh, a key use to access sensitive data.Nazmus Sakib:Rather than keep it in the operating system where both legitimate and illegitimate applications may be able to access that sensitive data, you can create a system where that sensitive data is stored on this trusted execution engine, which has hardware and software safeguards to better prevent illegitimate access from malware.Nazmus Sakib:So depending on the, the architecture, OEM has something like a trust zone which you can, you know, look at as a trust execution engine. Intel has a SGX, which we can interpret as a, uh, as a form of a trusted execution engine. Uh, there are these capabilities that are available on different hardware platforms that help operating system vendors, as an example, create these isolated enclaves for storing sensitive data and keys. So at TEE is a trusted execution engine often referred to as, as hardware enclaves as well. Nic Fillingham:Got it. Okay, so I've read the report. I see that over 80% of enterprises have, have experienced some kind of firmware attack. I see that, you know, potentially not enough either attention or time or money or investments being, being made in, in sort of proactive protections. And so that's, that's definitely a takeaway there. What about protecting existing hardware estate? You know, is there more that I can do to better secure my devices that, that may not have a vulnerability now, but may have a vulnerability in the future? Nazmus Sakib:Right. I think, you know, for those sorts of sorts of, uh, systems, which, you know, you're, you're totally right. You cannot, uh, especially in a large enterprise, just change, uh, all your hardware out on a dime. And so I think having strategies to manage the risks from older systems is, is a necessity. There are two things that I think would be most useful. One, I think we kind of touched on, which is what a lot of customers and, uh, enterprises are doing is making sure that the basics around updates and patching are being done.Nazmus Sakib:And finding ways where you can ensure that you have the right pipeline around that, around making things as automated as possible, uh, and getting to a place where there's good consistency around firmware updates and that, you know, you're not falling behind. I think, uh, it sometimes feels, uh, unfashionable perhaps, but, uh, it's a really important capability to have, is that the ability to make sure that firmware updates are happening and, you know, that's doubly important for, uh, older systems, they may not be capable of using some of the newer mitigations. TNazmus Sakib:he other one I would say is that, uh, a lot of great works kind of gone in, I think, to the firmware protection capabilities of Microsoft Defender for endpoint. By its very nature. It is not as dependent as say some other protections that we have around new hardware. So it can actually provide protection based on you know, signals that it's getting on older systems as well.Nazmus Sakib:So I think it would be a big lift for, uh, the older hardware, if you're able to do updates consistently and you get to take advantage of, of tools that, uh, work on on older systems like Microsoft Defender for endpoint, those sorts of ATP solutions that, that are more data-driven and so it can provide protection for older systems as well. Nic Fillingham:Sakib just to, to wrap up here. So I did note in the report that there was a percentage of, of respondents here that sort of admitted that firmware is entirely unmonitored or essentially unmonitored. I think it was 20% or something. Ut was, it was, it was sort of a scary number. If I, as a listener, if I am, uh, you know, listening to this episode and going, oh gosh, I'm, I'm in that 20%, we, we don't monitor firmware.Nic Fillingham:Where would you point the 20% of organizations out there that, that aren't monitoring firmware? What's the, what's the first thing they can go do? Is there an easy first step to start to get a handle of this? Nazmus Sakib:Yeah, I think the work that the Microsoft Defender for end point team has been doing around firmware scanning, it's already, I think, a pretty useful tool and I know that they're, they're continuing to, to, to figure out how to make it better. And so I think to me that seems like a good thing for, for customers to, to consider as a starting point, and especially given all the other insights that and experiences that the tool, the service has. Nazmus Sakib:It's a way to have some familiarity as you kind of get into a new space. I know that, you know, when I perhaps take on a new project or a new area, I think, you know, if it's, uh, if there are at least some islands of familiarity, it's much easier to get started, it's a lot less scary. And so I think for a lot of customers who may be familiar with monitoring other data from the operating system for other applications, using a familiar tool, a familiar interface to also start looking at firmware data, I think, uh, it's a good place to, to get started. Nic Fillingham:Well, awesome. Sakib, thank you so much for joining us again on Security Unlocked. Again, we are talking about the security signals report, the 2021 security signals report or sort of thought paper. There's a link in the show notes. I encourage everyone to go down, download and read through the report. It's really sort of a fascinating snapshot of what the, the state of a firmware security is across the industry.Nic Fillingham:Before we wrap up, though, I have to ask [inaudible 00:27:50] is currently in Sri Lanka for a two test series. First test was a draw, what's gonna happen in the next test? Nazmus Sakib:And the rate it's going, it's probably gonna be another draw, um, lots of runs. So it seems likely that, uh, it'll be a draw, but you know, it's [inaudible 00:28:07]. You never know things can change in, uh, the space of a single session. So, so yeah, uh, there were a lot of runs in the first test. It looks like there are a lot of runs in the second one. So I think as of right now, I think it's a, it seems like it's headed for a draw after a couple of days, but let's see. Nic Fillingham:Natalia we're they were talking about, uh, cricket. Natalia Godyla:Considering I didn't know any of the words, I guessed, Cricket.Nic Fillingham:Yeah. And so a test match, I'm trying not to butcher this Sakib so correct me if I'm wrong, but for Natalia, Natalia as a test match, imagine a baseball game that goes of maximum five days. Natalia Godyla:(laughs).Nazmus Sakib:(laughs). Nic Fillingham:And, and Natalia, and the other thing about cricket is that, especially test cricket every 15 minutes, you have to stop for tea and cucumber sandwiches. That's, um-Natalia Godyla:Oh, okay. Nic Fillingham:... that's built into the rules.Natalia Godyla:Well, you sold me at that. Yeah.Nic Fillingham:Yeah. Yeah. And, and, and regardless of the way that you have to wear a seven piece suit entails. Natalia Godyla:(laughs). Nic Fillingham:It doesn't matter, it's-Nazmus Sakib:(laughs).Nic Fillingham:... that's, that's every, every-Natalia Godyla:Well now you're just taking advantage of the knowledge gap (laughs). Nic Fillingham:(laughs) Possibly. Nazmus Sakib, again, thanks for being on Security Unlocked. Thanks for joining us. I'm sure we'll talk to you again in the future. And again, uh, folks go down and download and read through the security signals report. And if you're in that 20% of folks not tracking, uh, firmware security, see if you can get on top of that one. It sounds like it's probably something you should prioritize. Nazmus Sakib:Thank you, Nic. Thank you, Natalia. It's a, it's a pleasure to be on and, uh, great to have the discussion and, and I hope that the listeners find it fascinating. And, and obviously we love to hear from customers and listeners as well.Natalia Godyla:Well, we had a great time unlocking insights into security from research to artificial intelligence. Keep an eye out for our next episode. Nic Fillingham:And don't forget to tweet us @msftsecurity or email us at with topics you'd like to hear on our future episode. Until then stay safe.Natalia Godyla:Stay secure.

Securing Hybrid Work: Venki Krishnababu, lululemon

Ep. 29
On this week’s Security Unlocked we’re featuring for the second and finaltime,a special crossover episode of our sister-podcast, Security Unlocked: CISO Series with Bret Arsenault.Lululemon has been on the forefront of athleisure wear since its founding in 1998,but while many of its customers look atitexclusively as a fashionbrand,ata deeper level thisfashion empire is bolstered by a well thought out and maintained digital infrastructure that relies on ahard workingteam to run it.On today’s episode, Microsoft CISO Bret Arsenault sits down with VenkiKrishnababu, SVP of Global Technology Services at Lululemon.Theydiscuss the waysin whichtechnology plays into the brand, how Venkileada seamless transition into the remote work caused by the pandemic, and how he’s using the experiences of the past year to influence future growth in the company.In This Episode You Will Learn:Why Venkifeels sopassionatelyabout leading withempathyWhy Venki saw moving to remote work as only the tip of the iceberg; and how he handled whatlaidbelow.Specific tools and practices that haveleadto Venki’ssuccessSome Questions We Ask:What is the biggest lesson learned during the pandemic?How doesone facilitate effective management during this time?Howdoes Lululemonviewthe future of in-person versus remote work?Resources:VenkiKrishnababu’sLinkedIn: Arsenault’s LinkedIn: Fillingham’sLinkedIn:’sLinkedIn: Security Blog: Unlocked: CISO Series with Bret Arsenaulthttps://SecurityUnlockedCISOSeries.comTranscript:[Full transcript can be found at]Nic Fillingham: (00:08)Hello. Welcome to Security Unlocked a new podcast from Microsoft, where we unlock insights from the latest in news and research from across Microsoft security engineering and operations teams. I'm Nic Fillingham.Natalia Godyla: (00:20)And I'm Natalia Godyla. In each episode, we'll discuss the latest stories from Microsoft Security, deep dive into the newest threat intel, research and data science.Nic Fillingham: (00:30)And profile some of the fascinating people working on artificial intelligence in Microsoft Security.Natalia Godyla: (00:36)And now, let's unlock the pod. Hello, everyone. Welcome to another episode of Security Unlocked and hello, Nic, how are you doing today? Nic Fillingham: (00:46)Hello, Natalia. I'm doing very well, thanks. I'm very excited for today's episode because, you know, for the past, you know, 18 months-ish, however long we've been working from home, I've been almost always in workout gear and my workout gear is, uh, is predominantly by a company called, uh, Lululemon. Very nice, comfortable stuff. And the reason I'm saying this is that I actually have a very sort of legitimate reason to be standing here in front of you in my, my Lululemon workout gear, which is?Natalia Godyla: (01:14)Well today we have another takeover episode. So you won't be hearing from us. You'll be hearing another episode of Security Unlocked CISO series with Bret Arsenault. And today Bret is chatting with the SVP of Global Technology Services at Lululemon, Venki Krishnababu.Nic Fillingham: (01:33)Yeah. This is a great episode two of this new series. For those of you listening to the Security Unlocked podcast, uh, two episodes ago, we dropped the very first episode of this new series with Mark Russinovich. We got a great response from folks, so we thought let's, let's drop another episode. This is episode number two of that new series. And today Bret speaks with not an internal Microsoft leader, but an external, external class here at Microsoft, customer CISO equivalent in Venki Krishnababu from Lululemon. It's a fantastic conversation. I learned a lot about how Lululemon is, is very much a technology company and Bret talks to Venki about, about Venki's career, how he's helped steer Lululemon's technology strategy through the pandemic and what their learnings have been over the past year and how that's sort of going to influence their security strategy in the future.Nic Fillingham: (02:22)Fantastic conversation, and very much, uh, a really strong episode two for this series. So highly recommend that in addition to being subscribers of Security Unlocked you become a new subscriber of Security Unlocked CISO's series with Bret Arsenault, which you can find and CISO is spelled C-I-S-O. So Natalia Godyla: (02:45)Yes, and this is going to be the last time that we share one of these episodes in our feed. So as Nic said, if you are interested in this new series, go ahead to that link and subscribe so you don't miss any of the upcoming episodes, which will be dropping every other Wednesday. Nic Fillingham: (03:00)And with that, on with the pod.Natalia Godyla: (03:00)On with the pod.Bret Arsenault: (03:06)Today, I have a special guest joining me, Venki Krishnababu. Venki is the Senior Vice President of Global Technology Services at Lululemon, the athletic apparel company based in Vancouver, BC. Venki is a transformational, business savvy, tech leader with extensive global technology experience. He's been at Lululemon for three years and was previously the CTO of Premera Blue Cross, where his leadership was pivotal to their digital transformation. Before that he was at Nordstrom for 17 years, where he led the company's service-based architecture strategy. And also for those who don't know, it's been over a year, Venki lives in my neighborhood, and yet we are doing things remotely still. We haven't had a chance to meet in person. So I hope soon we can actually meet in person. Venki Krishnababu: (03:47)Yeah, likewise, Bret, I'm definitely looking forward to meet you as well. It's such a great neighborhood and thank you for having me in your, uh, first podcast. I never see that as a risk at all because, uh, I know you Bret, so, uh, glad to be here and join and learn and share. Bret Arsenault: (04:04)No, I appreciate it. I think today would be great is to discuss some of the biggest lessons learned from the pandemic in terms of having to send employees home overnight, to remote working, not being employed. And it's just an amazing time, I think a lot of people talk about it, but understanding what it means for you at Lululemon as the senior leader you are, and then to how other people can learn from that. I think, you know, for me personally, someone recently said, yeah, I'm working from my home office, which I believe you may be doing today, and I realized I was blessed enough, one, to have a home and, two, that if I have an office that means I have a job and I know that's not true for everybody during these times. So I'm not confused by how fortunate we are, but I would think it'd be a great session for us to have a conversation on how we're making these things work for our respective companies. Venki Krishnababu: (04:46)Yeah, absolutely. And I share the same sentiment, Bret, very grateful to have a home and to have an office and to have a family under one roof and, uh, very, very blessed to be here and be part of this podcast.Bret Arsenault: (04:58)That'd be great. Before we get into the topic though, maybe you could give me a little bit about how you got into the tech industry and a little bit about your career path, because I think it's a pretty interesting background.Venki Krishnababu: (05:08)Yeah. Sure, Bret. It's been, I'm coming at the cusp of around 27 plus years, um, in technology. Predominantly, it's, uh, all about enabling retail business with, um, strong engineering and technology teams. I started out as a hardcore database engineer. That's where I started and, uh, and worked in different roles in almost two decades at Nor- Nordstrom, different type of roles, architecture, engineering, leadership, production support, operations, contact center, OMNi, all kinds of, you know, experience, um, all stemmed up to one thing which I'm very passionate about, which is leading and supporting people and delivering, delivering some great values for retail business and enabling them. And that's been, uh, my entry into technology and I love of technology, I love people, working with people and, and creating some great stuff together.Bret Arsenault: (05:55)It's a truly diverse background on all the different roles that you've had. So I think you're exceptionally qualified for the conversation today, which was, even with 27 years of experience, um, I don't think any of us predicted the situation we have, even when I was table topping pandemic exercise, I didn't see it the way this happened out. But I think as people come back to work, it's one thing to think about sending people home, but as we start, you know, working on people coming back and how we do productivity, how do you think about companies truly embracing this hybrid work environment? And what does that look like for Lululemon in the retail industry? Venki Krishnababu: (06:27)Yeah. In a, such a, an interesting time as we live in, uh, Bret, as you said, no one was ready to prepare to face this global pandemic, and it hit us so fast, it came like a flash on us. And the, since pandemic, many companies have, uh, pivoted and successfully shifted and shifted their business to digital work from remote. One thing pandemic has done is demystified this work from home. And it's also kind of gave an ultimatum kind of for us, set the ultimatum for leaders like us, which is a remote work or no work.Bret Arsenault: (07:01)Right.Venki Krishnababu: (07:01)I mean, that's the kind of the ultimatum. So, uh, frankly speaking Bret, to answer your question about the hybrid, mileage, you know, varies, it depends from one company to another company. And we are in the early stages of, uh, exploring hybrid environment and we also leaning in and learning from our peers and especially technology industry, like, [inaudible 00:07:22] and Microsoft and other top technology companies are kind of in the forefront, trailblazing it, we also learning and watching the industry. To me, it's uh, we are, as I said in the early stages, I'm a strong believer of test, learn, let the data and experience drive the decisions and how this hybrid work is going to set. But we are definitely exploring a hybrid work environment.Bret Arsenault: (07:45)That's amazing. And you, you're obviously a unique company in that you're a tech company, you do retail, you have manufacturing. And then this, you know, with the recent acquisition of the Mirror you also have a hardware line. So as I think about it, and I'd be curious, I think this is a practitioner's forum, so what would be in your mind, the biggest lesson you learned, uh, in this past year during the pandemic? Like, you know, what would you do again and what would you do differently? If we could focus on those two areas, it'd be super helpful for probably me and our listeners. Venki Krishnababu: (08:13)Yeah. Oh, boy. Talk about lessons. There are many, we as, uh, leaders and humans, I truly believe I am a student forever and we are continuous learners and that's the mindset I come in every day. And this pandemic has taught us a lot of stuff. And one thing which stood out for me, besides technology, besides, you know, creating a scale of remote shift and all this stuff, one thing really, really stood out for me, which is people and how resilient and the adaption and adoption of, to this new way of working, shifting and doing that in less than three, four weeks. To be honest, I was, I'm humbled, at the same time incredibly impressed and thankful to the entire, you know, team here, rallied and within three weeks we are, in our three to four weeks, our end year corporate functions. We call it as SSC, which is Store Support Center.Bret Arsenault: (09:05)Mm-hmm (affirmative).Venki Krishnababu: (09:06)Everything we do revolves around our guest in stores, we call it as our corporate headquarters our store support centers. So what we did is we shifted our entire, more than almost 2000 plus work force, corporate functions, completely remote work. And that's just kind of the, the tip of the iceberg, right?Bret Arsenault: (09:24)Mm-hmm (affirmative).Venki Krishnababu: (09:24)So then if you take the next step, you know, as we go through the pandemic, pandemic, like March, April, pretty much the entire economy, our entire market, everything was shut down, I mean, we have to close our stores. So then what happened? Business shifted. So we started to go full on digital. And as a result, if you look at our contact center, we call it as the guest education center, GEC. We used to have almost 400 folks concentrated in one full building to serve our guests. This is the, the guest first in our contact line, right? If anything, wrong with the order or if they need any help or even for something they want to buy, apply many functions and services, GEC, uh, performs. We shifted them to work from remote, the entire GEC workforce, and that happened in less than four to five weeks. And this all things, like you said, right, we are not prepared. There's no step-by-step playbook, if a global pandemic hits, exactly these are the things you had to do. Venki Krishnababu: (10:26)What we did is, uh, having a, a resilient team and then all leaders and the team putting their heads together, had one goal in mind, how do we enable our people? How do we serve our guests in the best possible way? And business continuity. If we keeping these three a priority, we made several decisions and we implemented several technologies and we enable this, uh, remote workforce. So that's what I would say the biggest learning for me is the resiliency and when committed people put their heads together and how they evolve out of a crisis, it is mesmerizing for me to watch and share very, very fortunate to be part of that journey. That's the first thing I would say in, like, a macro level for me, learning is about how did we adapt and adopt? And then the secondary set of learnings, right. There are technologies, there are platforms and the demystifying of working from home. You know, we, we enable many collaboration tools that also includes our teams who full, went on full on teams, enterprise level, and on top of that security. You know, once we go remote, we are no-Bret Arsenault: (11:33)Yeah.Venki Krishnababu: (11:33)... longer protected by the, you're, you're, you're kind of very core to that, and, um, uh, you're an expert in that area. Like the, you know, we no longer protected by the perimeter of our SSE and all the security is out the window. Now we need to pivot and how did we pivot, you know, ensuring that we have a large scale cloud centric, scalable VPN platforms, [inaudible 00:11:52] and another of how did we enable our GSE workforce? So many companies have gone through several ways to e- enable their workforce and keep the business running and humming. One thing I can tell about the second part of the question you asked about is, like, we are definitely much better prepared. My biggest wish is, we don't want to go through this again.Bret Arsenault: (12:14)Yeah.Venki Krishnababu: (12:14)You know, as the pandemic subside, we got a lot of community learnings as well, also social behavior learning, hopefully we learn and apply them so we don't have to go through that again. But in that case for, for better reason, if we go there, I would say resiliency planning, in my books, is a never ending process. It's always have to happen in continuum. So what we have learned, create a playbook, whatever you have, we have, we rely and lean on that and improvise further is what I would say I would do differently. Learn, apply, improvise, iterate, and make it even better.Bret Arsenault: (12:49)No, that's great. I think to your point around people being resilient, we've also got resilient systems, but I think we've learned a lot about people resiliency and in particular, the impact on managers. For a minute on the tech side, I'm curious though, you did some pretty interesting things with RFID at Lululemon through COVID, I think, that really helped. Can you explain a little bit about that? Venki Krishnababu: (13:07)Yeah. So what we have done is, we have, uh, rolled out our RFID platform, which is truly helpful in store operations, not only for store operations, all our OMNi fulfillment functions. So during pandemic, what we did is, we were able to provide, continue to provide, of course, with safety first and precaution, all the social distancing precaution, and we followed all the regul-, uh, regulations and rules, what we did is we used those platforms to unlock, uh, many new capabilities to start with, uh, store fulfillment and on, uh, shipped from stores, be able to pivot and ship digital orders and fulfill e-com orders, uh, from stores as an example. And then as the pandemic, in a start to somewhat subside, we start to slowly open the stores based on the capacity on the guidelines of the local government there, right? So we unlocked many new capabilities in preparation to provide that great service to our educators in a socially distances manner at the same time in safe manner.Venki Krishnababu: (14:12)Some of the technology, like, curbside pickups and then virtual wait-list, which is, um, and on digital appointments, contactless payments, and the list goes on and on it's because of the, some strong foundational platforms we put in place and which allowed us to create new many technical capabilities to help our educators. We call our sales associates as educators. So educator in store, empowering them with some powerful technology that enabled them to serve our guests, in-store guests in a much secured, socially distanced manner without compromising the service. So those are some technology unlocks we have done and we, the, the foundation which we put, allowed us to do OMNi fulfillment, the buy online pickup in store, buy online and pickup at door is another one which we enabled and gift tubs. Uh, during holiday seasons, we created less dense packed gift tubs, which is focused only on gifts. So it was, it was, uh, quite a journey. And we did all that in, like, three, four months, like, flash speed, I would say.Bret Arsenault: (15:12)So here's my question then. Do you think that you used to go too slow? Venki Krishnababu: (15:15)Oh, wow. The thing is speed and-Bret Arsenault: (15:18)That was, that was k-, that was kind of mean, but, I mean, it's, I mean, I look at, I look at all this digital transformation, I even look at us and I'm like, well, why didn't I push on some of those harder, sooner? Venki Krishnababu: (15:27)No, what happened is it's everyone rallying towards the same thing, right? And all of a sudden you get this momentum and the flywheel effect. But you're right, the entire world digital acceleration, which is supposed to be five to 10 years, it happened within one year because pandemic forced us.Bret Arsenault: (15:43)Yeah. No. And I think in fairness, like, it's sort of a teaser question which was, some of the things that you did wouldn't have worked had it not been for the pandemic, like, people in the in-store experience and everything else. And one of the things I was curious about in that scenario, if we could is, that, so you have the, the things you did when you, as it happened and as you were into the middle of the pandemic, now we have, as you said, more places coming online in different capacities. In this hybrid workforce, what's Lululemon thinking about the models going forward. Is it, you know, nobody's coming back or certain rules are coming back or it's 50/50, or what, what's, what's your, what's your principled view on that?Venki Krishnababu: (16:19)The principal view on this is as, as I mentioned earlier, Bret, we are in the early stages. We are definitely, you know, exploring our, um, hybrid work environment, our SSCs are still there, uh, which is our corporate headquarters or the tech hubs or the hubs. We are a global company. We have SSC's across the globe. So what we are doing is it's, uh, definitely we're going in with the mindset of explore this hybrid environment and understand how this works for us and then are just as needed as we go, right? And this is where, what I truly believe on and let, let that data and let the experience dictates how we evolve. The percentage of 50 here, 50 there is somewhat secondary.Bret Arsenault: (17:05)Mm-hmm (affirmative).Venki Krishnababu: (17:05)What primary is, there's no one size fits all approach for this. Some companies might go a hundred percent, some companies might say, hey, you gotta be 80% here and 20% there. So for us, we have not decided on percentage, rather we have more of a test and learn, explore, understand. And also we also keenly leaning on other industries too. And this is where, Bret, I would love to hear from you also, turn the question back to you, like how you're seeing it and hear from you as well.Bret Arsenault: (17:34)Hey now, you don't get to do that to the host. Venki Krishnababu: (17:36)(Laughs).Bret Arsenault: (17:36)I think adapt and adopt and adopt and adapt, you know, model. That's a virtuous cycle that you have to think about and I think that's a smart way to think about it. I think for me, I mean, there's always a balanced view and so the question is there's companies, and some industries are more prone and capable to be able to do this, but, you know, where you're a full-on prem department and does the pendulum swing all the way to the right or as you, you know, it's, how far do you swing that pendulum? And I think much like you, our, our view is, we certainly have seen that people have the capability to be productive remotely in many of the roles, and we will continue to embrace and support that, but we'll also use the data to make sure, like, I look at the daily data on our productivity, on our collaboration capabilities, on the wellness of our employees and if we start seeing it get out of whack, or frankly, if we see competitive pressures-Venki Krishnababu: (18:22)Mmm.Bret Arsenault: (18:22)... we'll react to those as well. But for sure, the two things I would say we've been seeing is, we've seen a new model that can work and be very effective, both for our employees and our vendors. And we'll continue to adopt more of that. And then we will continue to use, like you said, the data to let us know whether it's still working or if we've gone too far. Venki Krishnababu: (18:42)Yeah.Bret Arsenault: (18:42)And I think that's going to be super interesting, but it's, I think the biggest issue, and I'd be curious to hear your view on this is, is how to help managers be effective in that model. Like the IC, the individual contributors, I kind, that's not so hard to go do, but we've, the data's shown us, that managers really bear the brunt of timezone changes of their work force or, you know, trying to be more available and they, they take a lot more of the hit. So how do we make sure that they don't have biases in that space or that we arm them to be super effective? And I know we've talked a little bit about that in the past. How are you guys, how are you thinking about that with, uh, you know, enabling your managers to be effective managers in this scenario?Venki Krishnababu: (19:18)Uh, yeah, I think, uh, it is important to ensure that we are providing the necessary support and the guidance for our, our leaders, right? I would start with first, ensure there's proper logistics and infrastructure, which includes, um, security is implicit, right-Bret Arsenault: (19:33)Yes.Venki Krishnababu: (19:34)... part of that.Bret Arsenault: (19:34)Sure.Venki Krishnababu: (19:34)So make sure that's there and be clear about what the policy, the why behind it and be crystal clear about it. If you leave gray area it's a slippery slope so you gotta be clear about that. And then followed by do not lose sight of culture. The, the culture is also important for any, any company. And it's very important and continuous feedback gathering and creating active, explicit listening sessions, understanding what's going on in the ground and that deep listening is important. And then corrections followed by the continuous feedback loop, uh, is, uh, in a, in a technical term, we call it a CICD loop, right? Bret Arsenault: (20:07)Yeah, right.Venki Krishnababu: (20:07)So the same way, same way we need to have that continuous, agile feedback loop, uh, to make micro corrections as opposed to waiting for something big to happen and making a macro corrections, which would be painful. And again, the second part would be leadership, leading people, leading teams, supporting them even in a pre-pandemic time in a global multinational workforce like us is never an easy task, right? We are highly distributed. We are global, multinational company. I have teams in, uh, in, in global in our different locations. So some level of careful and thoughtfulness is required even before this pandemic started. Now with this pandemic in mind, we need to make sure inclusivity, equity and equal-, all this stuff is part of, you know, being explicit about it, this area is important. And the last but not least, I would say definitely empathy, creating that empathy and leading with empathy and extra empathy at this time for our people is ex- extremely important as we navigate through this pandemic.Bret Arsenault: (21:08)Thank you. Let me come back to a comment you made about getting data and being empathetic. I think, you know, we refer to as digital empathy and I think-Venki Krishnababu: (21:14)Yeah.Bret Arsenault: (21:14)... these times have shown us that's super important. I'm not looking for an advertisement for Microsoft or any other company, but I am curious, like, what are some of the tools you're going to use to actually help people be productive in a hybrid workforce? And what are some of the tools you're going to use to really be able to, you know, collect that data that people could learn from on the, on the call? Venki Krishnababu: (21:32)So another good question, uh, Bret. There are some tools, and I personally also use it for my personal effectiveness, we use this, uh, all 365 Suite quite a bit, uh, the My Analytics part-Bret Arsenault: (21:43)Oh, right.Venki Krishnababu: (21:43)... which clearly tells me, okay, how much time I'm spending on meetings, how much think time I have and who are my top collaborators, all those things are really intriguing to me and I sometimes s-, I go into this deep introspection, why did I do that in our last week for that long, right? So allows me to understand, okay, how do I balance my time? And, and a lot of other folks within the company also use it. And I also use screen time for my mobile devices. And, um, you know, that's another way to look at it. I'm a big believer in data, but there's only one area. I don't measure things with data, Bret, this is going to be somewhat related and at the same time, why I believe technology, data analytics going to help us provide insights and become efficient continuously. There's no question about that belief. Venki Krishnababu: (22:30)But what I believe mo-, beyond that is, in, um, we as leaders having the right team, right people, empowering them, creating the friction-free platform for them to collaborate, when we do all those things and keep an eye on those things, productivity becomes an a, an automatic outcome of that. And so that's where I pay close attention to the, the, the stress levels of the team. I, I, when I'm in the meeting, I explicitly ask for, let's have the video let's have, especially one-on-one, we need to able to read the body language, understand how our people are responding. There's so many things you can pick up as human, which machines still not learned it yet. Bret Arsenault: (23:06)Yeah.Venki Krishnababu: (23:07)So it's a combination and balance between leadership that human empathy and connection followed by take advantage of this rich data and analytics and tools, which allows you to create more effectiveness and also make course corrections and adjustments. Bret Arsenault: (23:23)Yeah. And I think it's a, it's a great comment even where data's shown us that, like, I look at, you were mentioning workplace analytics, and I look at two-party calls and how much they've gone up, which is really, it's a replacement for the hallway conversation, that really subtle little thing like, hey, how did you do this? But now it requires a call. So you see those things go up. And I think, you know, having the ability to still do those is important. And then for me, sadly, I get the, hey, you sent this thing in off-hours. I'm like, no, I didn't. I was in a different timezone, but I haven't, I haven't been able to trick the system into that part yet.Venki Krishnababu: (23:54)Well, the technology, Bret, um, really helped me. This is my personal story I'm sharing. I'm a, I'm a runner. I love to run. And, and, and what happened during this peak of this pandemic, I lost sight of that and meetings after meeting, back-to-back, back-to-back, back-to-back. And then I kind of look at it and then use this, uh, work on analytics data, like, there's no breaks and I'm going, like, crazy. This is not sustainable. So what I did is took the data, worked with my personal assistant and ensured that incorporates, stitch deliberate breaks, that lunchtime is sacred time, unless really, really some major emergency that block is for me and I'm going to go run. That really helped me to get that mental balance. So same, I encourage my team also to ensure that you have deliberate breaks, look at, watch for data, watch for how the pattern changes. So definitely the technology does help and, uh, we also have to explicitly watch for it too.Bret Arsenault: (24:48)Yeah. I think that's a great example on the taking the lunch break. I think that's super important. One of the things that I think about in this scenario is just from a, just to knowing new perspective, if I could, I have this sort of standard set of questions that I ask everybody. So do you mind if I run you through a couple of them? Venki Krishnababu: (25:05)Yeah. Sure. Bret Arsenault: (25:06)All right. What's a book you're currently reading and what's the book you would recommend that people read?Venki Krishnababu: (25:12)Oh, wow. The book is about brave leadership by Brené Brown. Uh, it's really, really a good book on leadership. I really dig a lot of, you believe I, the, the number of years your book was this technology book for me, it's like 60/40. Bret Arsenault: (25:25)Yep. Yep.Venki Krishnababu: (25:25)So, um, and then, um, I'm also on the technology side, it's more of, Bret, you might notice this, uh, this, this third party supply chain software, right. That, I'm reading more on the industry, how that's, it's fast evolving industry and fascinating at the same time, so I'm reading about that. I definitely do recommend the Brené Brown's book of, if you are a really a, a big fan of, uh, leadership and wanting to get, incorporate some big, there's some good leadership lessons also incorporated which we all can learn and apply. And it's very practical. Bret Arsenault: (25:56)No, that's great. And I love practical leadership books, right? I think that's, uh, that's probably one of the most important ones for me. That's super helpful. Thank you. I'd just like to think from a priority, you mentioned supply chain, it's obviously a growing risk area in terms of impact, amplitude frequency and time to exploitation. So what I'm wondering from you, you don't have to be on supply chain, but just the three things that people or practitioners on this phone should think about in order to make sure that they can secure their hybrid workforce. And then the one thing they should avoid. So three things they should do. And one thing they should avoid from the perspective of, you as the Senior Vice President of Technology at Lululemon?Venki Krishnababu: (26:35)Three things I would say is, I always look in terms of, uh, three compartments of anything I do. One is, starts with people. With people, making sure that around us and education and how they're adapting, I'm taking it, in fact, your question a little bit more into macro level, uh, Bret, about with this hybrid workforce, what are the three things we as leaders need to, you know, watch for and do, right? So working with our people, understanding how they are working with their teams, especially for leaders who are leading other leaders, it's extremely important to get that pulse and then training around us, listening, all those things got to be incorporated from a people's standpoint. And, uh, how do you ensure that that digital fatigue is not getting the best of you? And that's going to be the, the million dollar question every day, every leader, when they wake up, need to answer, and what am I going to do today, to reduce that digital fatigue? So that's on, on people.Venki Krishnababu: (27:31)Then on process, right? So if you look at process, there're many process, uh, got naturally evolved and some of them pandemic driven. So we have, uh, launched the safe buildings, you know, when you come in operational capacity matters, where you sit matters, the social etiquette, um, or social distancing matters. And some of them are technology driven, some of them are process driven. So process driven's are, you have to ensure that you're declaring when you're coming in and, uh, setting some setting standards and workforce policies. And that's the, the process aspect of it. Venki Krishnababu: (28:01)And how do you gain access is another example you have to go through, especially in being a remote, the computer you're using, the device you using, the [inaudible 00:28:09] kind of exploding in one end, how do you ensure that when you onboard certain things or it's super clear, it's super secured, right? Very well secured. Those are the things from a process standpoint. From a technology standpoint, um, this is, uh, what, what I would say is every day we had to look at what platforms we'd use, what are the things we need to bring in? I gave examples, uh, last time, Bret, that enablement of GEC workforce with Azure VDI is a big unlock. Bret Arsenault: (28:37)Yeah. Venki Krishnababu: (28:37)There is this balance between empowering and also securing, protecting our employees and, and our workforce. And there are tools which allows you to solve those, right? And then you working on this technology, evolving technology, you know, and, and also meeting with industry experts and learning from them, then incorporating them. So technology is the one fast moving part of this three components. So how do you keep pace with that? So keeping pace with it.Venki Krishnababu: (29:02)One thing I would avoid is, this is an ultra marathon. Take pit stops and ensure that you're taking care of yourself too. Don't get, you know fatigue. As I said, don't let fatigue gets the best off you, because once, you, if your health is not good, if you're done, so you can't think, you can't make the right decisions, it's so important, uh, for, for everyone is, and especially for leaders too. Find the way to distress yourself, and, um, either it's running, running for me, yoga for someone, who knows, you know, it depends on each one. So that's what I would avoid, avoid that fatigueness and watch for that stress signals carefully. Bret Arsenault: (29:40)Yeah. I totally agree and understand, uh, the different points you're bringing up, but I liked the people, the process, and then the technology piece. And I think this avoidance thing, I think, people have become far more mindful I hope it sustains post uh, any pandemic situations, 'cause I think, uh, like I said, the only thing, you know, you can take into retirement or anything else you ever do is your health. So I think that's a really good way to think about it. Is there anything else you want to add, Venki, that just freeform that you'd like to add or things you'd wanted to portray as a message.Venki Krishnababu: (30:08)Yeah. I mean, this is more of an opportunity for, uh, me to share. We here at Lululemon uh, we are, I would say is in a, in a great, uh, spot of innovating. We are a vertical product brand and we are, um, OMNi-channel and, uh, multinational, global company and technology is kind of in the s-, core and center of enabling, and we are doing some innovative work and, uh, innovative work in terms of, uh, new technologies, new platforms, either it's RFID or it's blockchain or it's data mesh, uh, in, um, Azure data analytics, Azure data breaks or, I mean, we have doing some, several technologies and building some great stuff and, and doing some wonderful work in, uh, in the cloud. So we are hiring. So would love for folks to, you know, look at us more of an innovative technology as, company as well in addition to being a vertical brand.Bret Arsenault: (31:02)That's a great way to close it out, because I think it's, uh, one of the things is for people to get to know their company and I think people could think of you as a retailer or an apparel company when the reality is you're so much more in the terms of you're digitally, uh, transformed, you're doing even hardware work and the way you think of the creative value of how you pull together data, customer experience and all the other work, it's, it's a testament to a great, a great business and how every company today is both, uh, technology company and more.Venki Krishnababu: (31:28)Yeah. Thank you, Bret.Bret Arsenault: (31:30)Thanks so much.Natalia Godyla: (31:35)Well, we had a great time unlocking insights into security from research to artificial intelligence. Keep an eye out for our next episode.Nic Fillingham: (31:42)And don't forget to tweet us @msftsecurity or email us at with topics you'd like to hear on a future episode. Until then, stay safe.Natalia Godyla: (31:53)Stay secure.