The Security Circle

EP 109 Tom Vazdar: Why Cyber Security & Geo-Politics are Intrinsically Linked

Tom Vazdar Season 1 Episode 109

Share episode

Send us a text

Tom Vazdar is a renowned expert in cybersecurity and artificial intelligence, as well as the founder of Riskoria Advising & Professional Services LLC, where he supports organizations in integrating AI, managing risks, and safeguarding data. He leads the Enterprise Cybersecurity MSc program at OPIT - Open Institute of Technology and lectures in the global AI for Changemakers accelerator, fostering innovation in the nonprofit sector.

As a Program Board Member for eFraud Europe at RSA Conferences, Tom collaborates with leading experts, professors, and authors to shape content on cybercrime. He also served as an Advisory Board Member for Financial Cybercrime at Europol.

Tom is a board member of Disaster Tech Lab, advising on AI and cybersecurity in crisis response, and of the Croatian Association for Artificial Intelligence (CroAI), where he contributes to the development and promotion of AI technologies in Croatia. Through his work in strategy, education, and global collaboration, Tom is shaping the future of cybersecurity and artificial intelligence.


Security Circle ⭕️ is an IFPOD production for IFPO the International Foundation of Protection Officers

If you enjoy the security circle podcast, please like share and comment or even better. Leave us a fab review. We can be found on all podcast platforms. Be sure to subscribe. The security circle every Thursday. We love Thursdays.

Yoyo:

this is Yolanda. Welcome. Welcome to the Security Circle podcast. IFPO is the International Foundation for Protection Officers, and we are dedicated to providing meaningful education, information, and certification for all levels of security personnel, and make a positive difference to our members mental health and well being. Our listeners are global. They are the decision makers of tomorrow and today. And we want to thank you wherever you are for being a part of our Security Circle journey. If you love the podcast, we are on all podcast platforms. Don't forget to subscribe or even better, like, comment and share the LinkedIn post. Thank you for your company. With me today is a very special guest. His name is Tom Vazdar, and don't be forgiven if you haven't heard of him before. He's going to tell us some amazing things today about global cyber security challenges. He is a cyber security strategist and also an AI security strategist. Tom, wow. Thank you so much for joining us on the Security Circle podcast today. How are you doing?

Tom:

I'm doing great. Thank you for having me, Alanda.

Yoyo:

It's an absolute pleasure. I found you on LinkedIn because you were initially talking about Iran's hostile offensive. My ears pricked up and I thought, wow, I've got to ask you some more questions about that. But I think what we're going to get to today is the relevance of cyber security with geopolitics. Tell me why those two are intrinsically linked.

Tom:

They're completely linked together because cyber security operations, they cannot go without understanding geopolitics because everything is tied directly to politics in general, you know, every country, rural country, they're trying to establish some sort of dominance over the rest of the world, you know, autocratic systems, they all have some hidden agendas. There is the link actually and cyber security and cyber operations, they present direct link, actually how to conduct this on, you know, warfare without actually, um, conducting any kinetic operations. So everything is done in the cyber space. So we're talking here about cyber espionage. So we're talking about, uh, influence operations. We are talking about, uh, critical, um, infrastructure attacks, you know, all kinds of stuff that can undermine economies and, and democratic values of certain countries. So you mentioned Iran, you know, when we talk about Iran, it's not only Iran,, it's also the China, North Korea, Russia, all the countries, they have some interest. To undermine democratic values in the, on the Western world. So in particular, when we talk about Iran here, you know, throughout the years, Iran, they developed a really robust cyber warfare capabilities as part of their military strategy and, their focus, both on offensive and defensive operations, their cyber efforts are driven primarily by the Islamic Revolutionary Guard Corps, which is their primary, primary military force, you know. There are also some other state linked groups within Iran, which engage in cyber espionage and sabotage, and also influence operations, which are very, very relevant ever since Brexit since 2016. So many countries are actually doing something similar to undermine democratic values. Maybe it's actually a good thing to talk a little bit more also, that we do introduction about Brexit, because the way it started, you know, this is actually something that was very eye opening to the Western world, to the Western democracies, what's, what's actually happening. the influence operations behind Brexit, they were marked by a mix of different digital campaigns, targeted disinformations and also external interference. This was particularly from Russia. And all these operations, they were aimed primarily at, uh, And just swaying public opinion and manipulating media landscape and also amplifying diverse narratives, just to create confusion and to create polarization. This is very similar now what we're seeing also with the US elections. It was said at the beginning of this year that Two thirds of the world are going for elections this year. And basically if you watch news every day, that there is election in every, basically every country in the world. But what we are also seeing is actually this influence operations where there is, there is, uh, there are efforts actually to change public opinion for this or that, you know, political, uh, Of course. So going back to Brexit, how it happened here, uh, we are familiar and I'm sure your listeners already know about Cambridge Analytica case. This is one of the most infamous example that was linked actually to, that was linked to the Brexit, referendum, Uh, where actually there are bots and troll farms, but what Cambridge Analytica did, they created, uh, psychographic profiles of more than one million people on Facebook. And based on those psychographical, um, profiles, they actually knew how to target certain audience. In different communities, and polarize groups and actually manipulate, manipulate the whole Brexit, how it happened. So this was all attributed to Russian influence. And I know, and basically everything I'm sharing here is information that's also in open source intelligence, so nothing is hidden, nothing is secret, if your listeners would like to understand more and just go on Google perplexity, wherever one of the tools, you know, and search for something, all the information is out there. Now since 2016, there are also many books were written about Brexit, you know, what happened there about the influence operations and many things are clear now. So it's much easier to understand actually how all these operations were conducted with the aim, which groups were targeted, how it was done. With the role of artificial intelligence, you know, which is very prominent right now, it's even easier to conduct operations like this. I can talk about, about Brexit more, but maybe we can focus also on, on what other countries are doing in particular, what China is doing, for instance, this is also something that's very interesting.

Yoyo:

Okay. Let me steer you, around the Brexit piece. We understand that Europe is a big hegemony. Russia is a big hegemony. America is a big hegemony. And so is China. We have emerging hegemonic states. So these are states with high populations, high GDP, high military presence. This is what builds the, hegemony, status. I guess what we're seeing is in the case of Brexit, Russia, undermining the hegemony, the unity, the power of the combined Europe. So we've talked about the what, we've talked about how they did it. We haven't talked about why they did it. What is Russia's motive to undermine our democratic unity within Europe?

Tom:

So the main idea here is actually to polarize groups. The main idea is to sow discontent between the population. They want people to fear, not trust their democratic institutions. So that's the main idea is actually to undermine the democratic process and to show them that the world we live in is not actually so shiny and wonderful, that there are many issues. This is the idea, actually, you know, if you want to rule somebody, then Install fear, you know, uncertainty, polarized groups. And this is what we are seeing, unfortunately, what we're seeing a lot now in the U. S. where we have completely polarized, groups, um, Democrats, Republicans, you know, so the way it looks right now, I don't think America was ever so divided as it is now. This is the only way how you can rule the world, you know, basically divide. Once you divide them,, they're actually very weak. And it's easier than to conduct additional operations.

Yoyo:

So you're talking about destabilization of what is a happy going, lovely country, happy people in jobs, have money, pay mortgages, good family life. And the destabilization starts, doesn't it? With the social media. Do we know if Russia and China have very similar strategies in relation to how they use cybersecurity and social media, or are they operating with very different strategies?

Tom:

Well, that's a very good question. So there are similarities, but we also need to understand, what is the main goal of each country. So we talk a lot about Russia. I mean, contribute so much to Russia, like there, and there is so much focus for Russia, like they're actually the main. culprit, but they're not. It's actually Chinese actors and hackers are the ones who are doing most damage, but that's not in the media. What we see, it's only Russia, it's in the media. But to understand what's happening within China, we need to understand actually what is happening at this moment. Actually, when did it start with China? We have to look back in history a little bit more, Mao Zedong. there was Deng Xiaoping, he was the main ruler of, of China and he was the architect, so called the architect of modern China. So basically, you know, he's the one who, uh, Who installed many market economy reforms in China. And actually from, from his time, this is late seventies, eighties. This is when China actually started rising to power. So what's happening right now at this moment in China, there are three main pillars. First is in China, they're focused very much on military, modernizing military and really rapid rate. So we see there, there are new types of ballistic missiles, aircraft carriers, submarines, stealth fighters, and those stealth fighters, you know, very much similar to F 35s. So, which is actually somehow, you know, Make you think like, how did they obtain this? You know, how, how, how did they develop this to look so similar? You know, so definitely something that we can attribute also to cyber operations, so there is in China, there is completely new, cyber and space force very much, similar would be see also in the United States. And this list goes on. So basically what is this telling us is that China is repositioning itself. And this is ranging, you know, when we look back, back far more in history, back to 1840s, you know, from the opium wars, wars, uh, this is in Japan occupation. Now, this is something that it's actually showing that China has actually a clear agenda, you know, they want to reposition themselves from being oppressed state or state. They actually, their goal is to become the global superpower, the only superpower, you know, and to become the leading economy. Right now they're about even with the U. S. economy, you know, so it's probably a matter of time, matter of years, couple of years, you know, when they will become actually, If U. S. lets them do it, you know, if they, when they will become the leading global economy. Um, so basically they're militarily, they're modernizing military, which is very vital for their, uh, success and very vital for the, uh, for the success of the Chinese Communist Party. So this is from the military perspective. The second one is, actually the economy. So economy, it's moving away from being producer of low quality goods and there want to be producer. And this is what we see also right now. They're a producer of high tech goods, robotics, uh, space equipment, you know, they went to the moon, you know, and renewable energy solutions. So China is very much repositioning itself from being. chip producer to something which, which is very high tech, you know, well, telecommunications, not to forget, you know, we know about the dispute about Huawei and other, other, um, big telecom companies, you know, they're being banned both in Europe and the U S um, so basically, you know, China wants to be the global leader in all the high tech areas. And this is what we see right now. So we see also China. You know, the way the communism works, you know, they have five year economy plans. So right now they're in their 14th cycle of the five year economy plan, which is ending in 2025. So we'll see from 2026, what will be their new five year plan, you know, but definitely on everything that that's. That was a briefing that needs to be done and they're very much working on their agenda. so China is doing everything to overtake United States, as the world's largest economy.

Yoyo:

So when, if we're to take out our nationalities from this and think purely objectively, you can't help but think there's some emerging sea change here. Like you said, the increase of hate. Certainly, the increase of divisive opinions, and one can't help but think if we were in the future and we could look back at this time that this was hopefully a phase that we learned to see beyond that, that we learned. to spot when we're being manipulated. Do we have enough information right now to have that thought leadership and look ahead and think, how do we get ourselves out of this? I'll tell you a little true story. There's a newspaper clipping that I saw some 20 years ago. It was probably in one of our major national newspapers. And it showed two aliens in a spaceship with Earth in the background, and they're looking out the window at Earth. And one alien said to the other, Hey, Bob, should we go down and say hello? And the other alien said, Nah, they're not ready. They're still pointing weapons at each other. It worries me sometimes when we look ahead that we are still going to continue to point weapons at each other. What's, what do you see in the future,

Tom:

oh, definitely. No, it's going to be even more complex than it is now. Okay. You know, unfortunately, this is what history is telling us, you know, not to understand the future. We need to understand the history and this is the only way how we can move forward. So what is history telling us? You know, it's not looking so bright, but it's also telling us, you know, that, uh, When you look globally from the point of armed conflicts, uh, this is the lowest period in time of the armed conflicts in the world. You know, the, the, the most difficult times were somewhere 15th, 16th century. You know, there, there are many global wars and stuff, and I know it looks unbelievable, but this is actually, I read different books and this was also part of my PhD studies. For to understand actually the terrorism in the world, you know, so when you look Mediterranean area, this is actually the most conflict area in the world. There is always something happening, but even though, you know, right now we are so much exposed to different media channels, different news articles and everything. So you get probably wrong perception, like, well, this is really bad. What's happening right now. This is really terrible, but it's not, it was much worse before. So we can conclude both, you know, that. Yes, it's going to be much worse if you judge by what we see in the media, but if you look historically, you know, but this is actually the calmest period in history of mankind, which is really unbelievable, you know, because when you turn on TV, it's always something happening in the world, you know, but this is only showing us actually the power. Of information and the power of disinformation also, you know, so this is actually great for countries, you know, if they want to manipulate something, to place lots of wrong information around and then install fear and division between people, polarization. So this is, it's really, really interesting, you know, but, let me just go back a little bit briefly to China, because, we also, and it's also close to related to what you said, we need to understand also the different, China is actually, it is a communist country. So they have little bit different rules than we have in the Western world. So. China, they don't have democratic elections, they don't have to worry about those people who oppose or groups that oppose their plans, so they can basically map their vision and objectives very clearly and efficiently. And they'll be always successful because basically there is no opposition. Similar thing will be seen now in, in Russia, you know, just ban everybody and has different opinion. And suddenly, you know, It looks like everybody is very much, in favor of current politics, which is, which is, really wrong. You know, if you look from that perspective, one more thing about, about when I, when I talked about China, it's really important to understand their cyber operations is so we talked about military. We talk about economy. But there is also something really important, which is called belt and road initiative. This is something that China started in 2013, and this is their global initiative, which is intended to build up developing countries. Like we've seen what's happening in Africa. You know, China is the main investor in Africa now. And also in all their neighboring countries around China, they invest heavily and what's happening there, like Pakistan, Sri Lanka, I know they invest heavily in all these countries and they have. Lots of debt right now that they cannot pay off back to China. So, which is actually giving great opportunity for China to lease everything they built in this countries. So I want us to at least something property, you know, they can build their, and they're doing this in their military bases. So they're basically establishing, you know, control or all these countries, you know, and this is what we're seeing right now, about Chinese ships going around, you know, so there is really, really, it was very much in the media Also. When they rammed into, into Philippine boat, uh, Coast Guard boat. So this is actually how they installed dominance and they spread, you know, through their military. And all this is possible only because they have strong military, strong economy now, and for this Belt and Road initiative, you know, they heavily invested in many different countries just to have them under control. So. There are two main groups in China that are important for their success. This is Ministry of State Security, and there is also People Liberation Army. And both of these groups are also involved in cyber operations. Now, when we go to cyber operations, you know, there are different events. Starting 2010 onwards, where these two entities were involved through different APT groups, Active Persistent Threat groups. You know, they'll have weird names like APT 10, APT 40, 41. The same thing is with Iran, North Korea, they'll have, different names like APT something. And all these groups are sponsored by countries. So when we look at APT, for instance, APT 10 group, this is the one that was targeting managed service providers, because China figured out if the target managed service providers. Managed service providers, they can actually install supply chain attacks. So by targeting managed service provider, suddenly you attack like thousands of different companies through vulnerabilities. This is actually how you go there and do cyber espionage, steal intellectual property, Do whatever you want with them. This is ongoing, ongoing activity. The same thing is with, with other groups. And I'm, I don't want to talk now about in particular, but each group, because there are many of them. The thing is they're all sponsored by both ministry of, as I said, of state security and people liberation army, but they all have different agendas. I mentioned before, uh, Deng Xiaoping, you know, he's the one who said hide your strength by your time. And all this is really important to understand because they, they, when he said that, they understood that China is weak, but they also said we have time. We will grow our economy, we will grow our military, we have time. But there is also a firm Year by when they want to become a global superpower, and there is a book written by I forgot who now, but it's called 2004 China 2049 and China 2049 is basically manifesto By when China wants to establish global dominance and they want to be by when they want to become the global superpower and why 2049, because this will be the hundredth anniversary of the Chinese communist revolution and the modern Chinese communist party. So they have very clear agenda. They actually have these three pillars where they work, you know, military economy investments and cyber operations are big part of their global agenda. So by 2049. They want to be the global dominance. And this is why it's important to actually talk about China. And we are so much focused on Russia, you know, but the thing is actually we have to be focused on, on, on, on China because Russia is just, you know, they're doing similar things, but they don't have such, when you look at Russia's GDP, you know, it's very much, equivalent to GDP of Spain. So basically like Spain is going to conquer the world. They're not, so the same thing with Russia, but we look at the GDP of China and all, suddenly it's like, okay, this is very much similar what we see in the United States. I think this is why it's interesting to, to focus on them and see what they're doing because everybody else is just copying what they see.

Yoyo:

It makes sense when you said that most of the conflict, even historically, has been in the Mediterranean, because the way humans have devised their habitats. You have got the convergence in the Mediterranean of the most different types of nationalities of humans, haven't you? When you look at the big continents of America's and the India's and the Africa's, they are in a sense, unified being quite similar, but the Mediterranean is that convergence of difference. I don't know if we're ever going to get out of that, but you certainly got me thinking. Look, you've been in cyber security since 2001. Now I remember 2001. I mean, that was halfway through the series of friends. And I don't think even they have mobile phones in the series at that point. We weren't thinking about cyber security in 2001. Tell me, how your journey emerged to the point where not only were you working for banks, but through to Europol. And I want to ask you, which of the jobs you were in, in your career that you felt you had the most satisfying feeling or were making the most impact?

Tom:

There are many different roles where I worked in, but I got intrigued by information security actually around 2000, something like that, because at that time I lived in the United States and I was in charge of IT operations for a manufacturing company. I realized quickly, you know, by doing IT operations, the importance of actually securing information. And by securing it, I mean first by establishing, proper access rights, you know. So I figure out, okay, there is much more to this in, in, in, in information security. At the time, it was not called cybersecurity. It was information security because cybersecurity is just one subdomain of information security. Information security is a much wider area. For information security, we don't need computers. You know, if you have like printed paper, you need to secure that paper. So it's not cyber, it's, it's information security. But when we move everything on internet, suddenly there is a whole new domain, which is called cyber security. So I got certified as a CISSP back in 2004, I believe, something like that, early 2004. And this was really eye opening, you know, when I started studying actually for everything that's relevant for cyber security, you know, and basically learning about the risk and it's all about risk. When we talk about information and cyber security, understanding the risk, understanding actually the risk appetite of companies. You know, and this is actually what intrigued me a lot, actually, to focus a little bit more in this area. And after that, you know, I started working for Deloitte and then for a bank, you know, became chief security officer. So being a chief security officer was really, really satisfying. It was very difficult also. But I was in charge of the overall corporate security area, which involved both business continuity crisis management, which was really, really cool area crisis management, because if you're working for a bank, there's ongoing crisis, basically on a daily basis, you know, there is something to deal with. Um, and this is from outside. You don't even see that. Um, of course there, there are governance risk compliance Syria. So everything was in my domain. So being there, I was. I've been exposed also to both Europol, being their advisory board member for financial industry. Uh, also with the NISA, which is European Cyber Security Agency. I've been also on the advisory board with European Payment Council. So in different, different areas, everything related to payments and fraud. No, but this is, you cannot really distinguish one against the other because everything is so important. The cybersecurity is completely interlinked. And when we talk about fraud, this was also very eyeopening because I've seen lots of stuff happening, evolving, you know, from the very first man in the middle attacks in like 2008. 2007, something like that. Going forward, you know, seeing all the sophisticated types of attacks, you know, now with the involvement of artificial intelligence, I was really proud of myself when, when I acquired one, one tool for, which was machine learning, artificial intelligence back in 2015 for the deep network monitoring. And this was so eyeopening because suddenly you see everything that's happening on your network and this is really, really satisfying and normally with regular. tools. You cannot see the, see that, but once you put in perspective, artificial intelligence on the network, suddenly, you know, suddenly it's everything is very visual. You see everything you see probably more than you want it to see, but it's actually a great opportunity for you to fix everything. You know? So then of course you cannot fix overnight. You need to create an action plan and the short term, midterm, long term goals. So basically suddenly when you introduce AI on the network, you have like three year plan how to fix stuff because you cannot fix overnight. So this it's, I know every job that I had was really satisfying. So finally I decided to start my own business, which was actually something I always wanted to do by myself and go back to consulting because I believe I learned a lot throughout my career. And this is now actually something. That I really like doing, you know, I have clients on different continents and I really enjoy and always feel actually that I'm falling behind with knowledge. And basically every day I have to learn something new, you know, especially when I talk about AI and then AI in cybersecurity, there is something new happening, basically. every day and, and to, to learn, to understand, you know, this takes actually lots of time. I spent each day, at least a couple of hours just studying what's, what's new, what's happening out there, go for different webinars, different conferences. I'm also happy that I'm getting invited also to, as a keynote speaker, as a presenter. Which is really cool on different aspects of cyber security and also, and it's really interesting, you know, when, when people have so many questions, something that's really obvious to me, you know, but they have questions and I'll say, I feel really, really great when I can answer that. I'm also, I'm also a professor of enterprise cyber security for Open Institute of Technology, which is also very rewarding. You know, and because I have industry expertise, you know, so sharing that with my students, it's really cool. And I don't know, there is so much, you know, going on and everybody who would like to study cyber security, I would definitely encourage them to go in that area. I know there is a great shortage of people working in this area, you know, and there are so many different opportunities and then such a wide area. And there's so much to learn in cyber security. But for me, you know, in particular, my interest is basically, you know, for my PhD is cybersecurity culture, because I learned through time that you can have the best tools, you can have, technology, everything, but nothing will work unless we have the proper security culture. So this is actually, this was. Part of my research to understand actually at which level an organization is currently at, which state are the proactive, are the reactive organization. No, do they, how they invest money, for education, which groups are targeted. And from my experience, by talking to different companies is they have no plan. They have budget for education and just throw money at something. Just go and sending people go for this, go for that, you know, But is this the right group that should go somewhere? I know is, do you have the right risk appetite in the organization? So I can actually measure all this stuff, which is really, really cool. I like really doing that. And only from when you measure security culture, you can actually build your cybersecurity strategy. And then when you have cybersecurity strategy, you actually know where do you need to invest? You need to invest in technology. Do you need to invest in people in processes? What do you need to do here? And speaking of processes, I think it's really important that. Cyber security, people who work there, they need to understand business processes. Because once you understand the business process, you will also understand which information is in that business process. That's the only way how you can secure this information. So if

Yoyo:

you look at books like the art of war, major books written on strategy, you know, the, the, the art of war was really about the art of strategy and war. You're right. There are a lot of lessons to learn about the past. It's almost like we haven't really kind of figured out that we're actually in a war right now. I know that people have bandied around the word, you know, we're inside cyber warfare, there's cyber war for that. But if you think about it, the, the, the best way to defeat your opposition is to not even have them believing that you're in an actual war. So when you talk about business, uh, structure, business strategy, that's almost like, you know, understanding your, your threat, your, your understanding your target in a war. I feel like we're, we're not prepared. I feel like we're very vulnerable. And I feel that those with the biggest strategy emerging right now is obvious are the ones that are in a much stronger position. But you, you go back to the British empire, for example, or you go back to the most wonderful empires like the Roman Empire, there are others, there are other major empires. Those that have the biggest strategy, those that had the biggest armadas, the biggest navy, they had the best strategies. I don't feel like we've got the right strategy right now if you look at comparisons.

Tom:

That's a very good question because you never know if you have the right strategy unless you see if it works or if it doesn't work. Um, I don't, I think sometimes that companies have their strategies than countries, you know, sometimes when, when I see what's happening in the world, all the polarization, you know, it makes you wonder like, Do they actually like, like the U. S. for instance, I wonder every day to actually have some strategy or not, you know, because this looks so much, uh, like they're completely lost. And the same thing is also, I would really like to see less polarization and. But somehow this is, this is part of the evolution where we are right now. We didn't come to this overnight. You know, this was the process that started 20, 30 years ago and it's evolving. So we will see actually what the evolution will do for us. I'm really hoping for the best. I want to believe that we are at the end of all this erosion of democratic values institutions. I really want to believe that, but somehow, I don't know if you look at the media and everything doesn't look so bright, but I don't know. We'll see. I really want to leave the world, you know, to my children, something where I grew in, like in the eighties, this was for me, this look, this was probably the best time. Maybe I was too young. Too small at that time, you know, but somehow it looked, everything looks so easy and I don't know, there are no wars or anything like that. You know, I mean, there were, but it didn't affect me, you know, personally, because I was probably too small to understand everything at a time. But I know, I think the world looks much more complex right now than it, than it used to be.

Yoyo:

I agree. Let's talk about, if we can, the Iran cyber attack with Russia, and Montenegro, and how, Even though that was a really tragic event for Montenegro, how that ultimately helped us all learn how to support the Ukraine better.

Tom:

Okay, so that's actually a really good example. So when we look back to 2022, August 2022, this is actually when Montenegro, which is a small Mediterranean country between Croatia and Albania, They recently joined NATO also. And basically by doing that, you know, they abandoned Russia and Russia was very influential over there. And what happened in August of 2022, you know, the many governmental institutions, you know, got attacked, uh, with cyber attacks, you know, they got ransomed, they got locked, you know, so basically for three, four weeks, the whole country was completely paralyzed. And, and, uh, there were DDoS attacks also, all kinds of stuff was happening, you know, so, and all this now, when we look, when we analyze the situation, it was attributed basically to Russia. And as a small country, you know, this looked actually like, like a perfect test bed. For them to test, you know, cyber militaries, uh, operations on a small country to see actually how they could do this elsewhere. So unfortunately what we see now in Ukraine is actually there are ongoing, there's also ongoing cyber warfare. No, when Russia attacked in, in, in February. Um, I don't know which year anymore, 2022, but when they attacked in February, um, they started actually with the, uh, the ransomware, sorry, with, with a cyber attack, which was called the wiper something, you know, so basically attacked all Ukrainian governmental institutions with, with the wiper malware just to raise their systems. But this is all they tested actually also in Montenegro and, and this is really coordinated, with, uh, attack, but their side, and it took a while to Montenegro actually to recover from this, you know, it took them like, like two months, you know, to get back to normal. And this is also the information from, from open source intelligence, you know, at that time in September of 2022, FBI also sent its investigate investigation team to see what's happening out there as they're also NATO ally. Yeah. Now to provide actually support to Montenegro, which they did know. So eventually, you know, they, they, they help them out, you know, out of this situation and from that moment, Montenegro actually invested lots of money into increasing their cybersecurity operations, you know, from the state level, uh, private organizations. So, so I know there's actually a lots going on right now over there. But definitely, you know, they're much better now than they used to be a couple of years ago. Yeah.

Yoyo:

Yeah. I guess we need to look out for those, sort of red flags because they can tell of bigger things to come or at least reveal a strategy, which is so easy to see with hindsight, isn't it?

Tom:

But

Yoyo:

you, you talked also, earlier a little bit about allyship. So we know that Russia doesn't attack Russian allies. Including China or those unorthodox religion, territories. And we, that's where I learned about the cerilic from you. Oh, perfect. We also know that Islam, does not at, let's phrase this the right way, that, Islamic, threat actor groups do not attack. other Islamic groups. Uh, so we know that that's almost segmented. you can see religion, the authenticity of religion dividing, territories in military, cyber military strategies. What else do we need to be looking at?

Tom:

So, okay, let's go back now to this Cyrillic alphabet that you mentioned. You know, this is something that we need to clarify for our listeners. Um, back in 2012, 2013, I believe this was the era of Zeus malware. And Zeus was actually the most notorious malware attacking financial institutions, stealing money from banking clients. And behind Zeus, there was a guy called, if I remember correctly, Viktor Bogachev, and he was never apprehended. You know, it was always believed that he is somewhere on the black sea on his yacht, you know, and then nobody can get a hold of him. But the way the Zeus malware was built was actually, it had certain triggers there. So malware would detect that there is a Cyrillic alphabet keyboard, Involved, you know, it would not trigger. So it will be there, but it, you would be never attacked. But if there is Latin alphabet keyboard, you know, you would get attacked. So basically, you know, this, this is actually showing some signals, you know, how this was, there is actually somebody else also behind the malware. It's not only that guy, Victor Bogachev, but there is probably a Russian state who was also behind malware. And because there is clear also agenda. you know, geopolitical agenda, you know, how to, how to attack, who to attack, you know, financial institutions only with the idea to degrade them, to steal money from clients, you know, to also, again, to instill fear in banking clients. Because what happens if you lose money from a bank, you will be angry at the bank. You're not going to be angry at Russia, you're going to be angry at the bank because they cannot protect your money. And this is actually What I learned at that time, you know, I got intrigued actually, to understand a little bit more about cyber warfare and cyber operations. It's not only about stealing money, it's actually about a bigger picture, you know, about geopolitics that we started discussing initially. And this, this was the eye opener to understand actually the major, um, the cyber influence operations, you know, everything that's happening here. Um, Cyber profiling, very interesting area, you know, so all this is part of, of cyber security, but when we talk also, you know, there is also, you know, we never mentioned North Korea, you know, North Korea, they're very much, you know, also involved in cyber warfare, you know, and, and they have also very clear, clear goals, you know, how they finance their, their country, you know, so basically through, um, their cyber operations, you know, they, you know, Fund, uh, their heavily sanctioned regime. Um, and they also fund by stealing money. Uh, they fund their military programs also, um, nuclear pro nuclear program. You know, all this is happening from cybersecurity operations because they use cyber attacks just to generate revenue through financial crimes. Um, everybody's probably familiar, familiar with, uh, cryptocurrency theft. Uh, but they're also involved in espionage and disruptive attacks against critical infrastructure globally. And when we talk also about North Korea, just to clarify, you know, their strategies. So they have financially driven cybersecurity operations. This is how they finance their state. Uh, there is, uh, espionage as I said, and infrastructure attacks. Uh, they use, they have a large network of IT, um, workers overseas, you know, who actually are not aware actually that they're working for North Korea, but they're actually operating globally on their false identities and just earning significant revenues that are also funneled back to, uh, to North Korea. And also, you know, the fourth thing is that there is a big political and strategic motive, where they actually have the idea to undermine U. S. They, they're in the constant fear that there'll be war any moment, you know, so they also want to build superpower like China. So it's really interesting, you know, how cyber is involved in all this stuff, you know.

Yoyo:

Is there any other country that we haven't talked about? Thought of, I understand that, Israel's got quite a strong superpower,

Tom:

israel is, it's a great country. Now, when we talk about cybersecurity, they're probably number one in cyber operations, both offensive and defensive operations, and basically, you know, every major cybersecurity product. Comes from Israel. So they completely developed this, you know, they understand this well. And if you want to learn cybersecurity, you should learn from Israel because they're on top of it. Now, there are so many well known companies that people are not even aware that they're actually Israeli companies. I'm not going to mention any company right now, but if you look on internet, you may get surprised actually, but just be learning, you know, well, this is also from Israel. They have really good, uh, cybersecurity operations, you know, I was fortunate actually to meet quite a few people from Israel also, you know, we're, we're doing, we're working in cybersecurity and this is always eyeopening, you know, just to listen to their stories about different types of operations, what's happening, you know, just to give you a perspective of everything in the world.

Yoyo:

It's, it's a shame they can't find Hamas's money, because if, with all that cyber security knowledge, uh, if only they could find Hamas's money.

Tom:

Oh, this is the information that we have right now. And we have only partial information now because what we're using, it's open source intelligence. We don't really know what's happening out there. Maybe they did find it, but they're actually waiting for something else to be found. So we don't know actually what is the big picture. We only have one portion of information that's being served to us through media.

Yoyo:

Yeah, absolutely. And that's very damaging because all media is the amplification of the owner of a handful of people who happen to manage those networks. Um, we're all waking up to that now, I think a little bit. What other emerging, states do we have other than North Korea, China, Russia, Israel? I mean, Israel's not a hostile state, but

Tom:

are there

Yoyo:

any? Iran. Who else?

Tom:

Well, there is also Syria.

Yoyo:

Okay.

Tom:

Also known for their cyber, cyber operations. And then, you know, but this is something when we look on the geopolitics. So basically every country has its own cyber operations, different interests, but From the Western world perspective, when we look, these, these, these four or five countries are the ones that we're looking at. They're actually somebody who wants to undermine our democratic values. Um, but what we also didn't discuss is actually the collaboration between these countries, you know. For instance, Iran, you know, they're collaborating heavily. And this is also what we see now in media with Russia. The bolstering their cyber, cyber, uh, capabilities through partnership with Russia and especially now in the, in the, during their Ukraine war and Russia has provided Iran, um, with, um, advanced surveillance tools, you know, uh, Which Tehran uses just to suppress internal discontent and also to enhance its cyber attack capabilities. And everything I'm saying is actually the public knowledge, public information. No, but the thing is, you know, when you put all this together, suddenly it looks scary and these are all pieces of information that they have to piece together,

Yoyo:

We have the five eyes, don't we? with the unification with America, UK, Australia, is it Japan and one other? I can't remember. So that's a good community of cyber security, um, collaboration.

Tom:

Mm hmm. I mean, there is, there is, uh, well, fortunately through NATO, you know, there is lots of cooperation in the cyber warfare because what we need to understand is that there are five dimensions of warfare. where NATO actually cooperates. So first it's not air, I mean kinetic warfare, you know, land, air, sea, but then there is the fourth dimension is cyber and the fifth dimension is space. So this is actually how you, how you conduct warfare. So right now for this chat, you know, we were discussing only cyber warfare and this is actually where there is lots of cooperation between countries, you know, basically on both offensive and defensive side. Um, But definitely, you know, if somebody wants to write a PhD thesis on this, you know, this is, it can be ongoing effort. There is so much to research and so much to write about. Yeah.

Yoyo:

Lastly, you have the opportunity to, speak to young minds. as you talked to earlier, what are they thinking about collectively right now when you speak to young minds? What are their concerns? What do they want to get stuck into? Where is their motivation right now?

Tom:

This is also another really good question about young minds. Now, I have two kids. I mean, they're not kids anymore. One is 20 and 24. But you know, when I talk to them, you know, they're basically a younger generation. When I talk to them, you know, Somehow they're, they're not so much concerned about the world. Maybe it's me. I don't know. Sometimes I feel like I, it's me who is exaggerating what's happening out there. Uh, but what they definitely want, you know, they have one to have a good life. They want to live in peace, you know, they want to have education and also want to travel the world. And when I asked them, so why don't you go now and travel? And my older son said, well, I would like to go and see, you know, the Middle East and everything. I'm like, well, maybe this is not the best time to go. time now to travel over there, you know, but, but they have the same desires that every generation had, you know, just to open their eyes and live life full in their fullest. But we will see, you know, what the future brings us, I don't know.

Yoyo:

What about your students?

Tom:

Well, the students actually, they have the, since they're all in cyber security, they want to learn more about cyber security. They want to understand what are the current events, what is the technology advancement, but they're also very much interested in this influence operations because this is a very hot topic, you know, and this is something that was not so much discussed. And as I said, you know, we started 2016 with Cambridge Analytica, But now it's actually even more sophisticated. Now, when we have AI in the big picture for the last few years, because with the AI now there is, there is so much that you can do differently and faster and on a larger scale, you know, so they want to understand actually how this works, you know, how do we defend, how do we actually use this for, for peaceful purposes, not only for, Uh, some military warfare operations, but again, you know, to be defensive, you need to understand the offensive side also. And also they want to learn, they want to understand this.

Yoyo:

It makes you wonder, doesn't it? That if without the conflict, we would never have progressed so far as far as technology is confirmed. we almost have to have the conflict to have the progress.

Tom:

But it has been like that throughout the history, you know, so saying right now, it's not in any way different than what was happening in the past. The only thing is for many years, it was pretty calm, you know, so we actually somehow, I don't know, got too relaxed or something, you know, but what's happening right now, it's actually just happening throughout the history. There was always some type of war, unfortunately. And after war there comes peace, you know, so we'll see, you know, if we will have the global peace someday.

Yoyo:

Lastly, what's ahead for you?

Tom:

Well, I want to have actually good life. I want to, I want to learn more, uh, about, about cybersecurity, artificial intelligence, because this is something that it's really interesting for me, you know, I like learning, I like studying every day, you know, do different type of research. Thank you. I like building what I recently discovered is that I like building chatbots, which is really cool. Something that actually provides answers. Yeah, something that's useful. Yeah.

Yoyo:

Right, right.

Tom:

So it's actually useful because I think this is also one of the ways how you can learn more and much faster because it's a completely different way of thinking. Learning than we used to learn. Now, before you would have just to read book after book and stuff, but right now you can target certain information. That's very much of interest to you and drill in, you know, and you can do it on a much faster and wider scale than we were able before. So this is actually the great benefit of, of AI. I'm very much interested in that. Yeah.

Yoyo:

Good. Well, listen, I don't know if you've been told this before, but occasionally, when you say certain words, you sound a little bit like Christopher Walken,

Tom:

when

Yoyo:

he says that, you know, that is a very bad Christopher Walken impression. But there are just a couple of times where I had this little smile across my face because he has the most amazing and distinguished voice. And there are just a couple of things that you say that are very similar. Tom, what a great mind you have, and what great purpose. Keep inspiring those students to do everything for the better good. Thank you so much for spending your time talking to the Security Circle today

Tom:

thank you, Yolanda, and I enjoyed this very much. Thank you.