Nigel Phair - Nigel Phair - Cybercrime, Cybersecurity, Cyber-Certification, and More
Cybersecurity Advisors Network
We are honoured to welcome Nigel Phair, founding force behind Australia’s first High-Tech Crime Centre, Director for CREST Asia Pacific and Cybersecurity Professor at Monash university, to the Secure-in-Mind podcast. In this episode, we trace his shift from AFP investigations to shaping global infosec certification, we touch on Australia’s evolving cyber-professionalisation debate, and explore how AI and low-/no-code tools are rewriting secure development. We cross a lot of territory, so whether you're on a board or on a development team, there'll be something for you. Blog post with...
info_outline
Philipp Amann - Policy, Patching, Programming
Cybersecurity Advisors Network
Nick Kelly is pleased to welcome Philip Amann, the current Head of Digital Security at the and veteran strategist from , The , the , and beyond, for our latest podcast episode. We cut straight to how real-world security gets built: nailing secure coding and patching before chasing zero-days, turning and mandates into everyday habits, and even gamifying developer training to tackle legacy tech. Whether you’re drafting policy or shipping production code, this conversation offers practical takeaways on making cybersecurity everyone’s business. Tune in for some incredible...
info_outline
Artificial Intelligence, Cybersecurity, and Society - With Vilija Vainaite
Cybersecurity Advisors Network
Vilija Vainaite is co-founder of Women 4 Cyber Netherlands, and of Encode Europe. Notes and links: Due to the volume of supporting links and text, we've listed them on the CyAN blog, available here: Vilija Vainaite on LinkedIn: John Salomon on LinkedIn: Check out the rest of CyAN's media channels on https://cybersecurityadvisors.network/media - and visit us at Original video at Intro/outro music courtesy of Studio Kolomna via Pixabay:
info_outline
Return of the Bride of Terrorism, With Bjørn Ihler
Cybersecurity Advisors Network
Bjørn Ihler is Director of the Sweden-based Khalifa Ihler Institute, as well as founder and CEO of Revontulet, a Norwegian consultancy devoted to helping organisations protect themselves against terrorism and violent extremism. Part III of our mini-series on terrorism and violent extremism deals with freedom of speech, laws, personal and corporate obligations, and support for survivors of extremist violence. Notes and links: Due to the volume of supporting links and text, we've listed them on the CyAN blog, available here: Bjørn Ihler on LinkedIn: John Salomon on LinkedIn: ...
info_outline
Bjørn Ihler - Let's Talk Terrorism, Part II
Cybersecurity Advisors Network
Bjørn Ihler is Director of the Sweden-based Khalifa Ihler Institute, as well as founder and CEO of Revontulet, a Norwegian consultancy devoted to helping organisations protect themselves against terrorism and violent extremism. We continue our conversation about terrorism - including whether the term has been watered down due to overuse, how we can spot extremist content, what some of the tactics of actors are, and how extremist and violent groups relate to more legitimate-yet-extreme political parties. Notes and links: Due to the volume of supporting links and text, we've listed them...
info_outline
Let's Talk Terrorism, With Bjørn Ihler
Cybersecurity Advisors Network
Bjørn Ihler is Director of the Sweden-based Khalifa Ihler Institute, as well as founder and CEO of Revontulet, a Norwegian consultancy devoted to helping organisations protect themselves against terrorism and violent extremism. An activist, expert, and frequent speaker on the topic of terrorist and violent extremist content (TVEC), Bjørn joins us today to share his thoughts on the very broad topic of "terrorism". What is it, who are the major actors, who is affected and how, where does terrorism come from, and more - these are all topics that we touch on in this fascinating...
info_outline
DPO & Hacker Éthique : Une synergie stratégique au cœur de la cybersécurité
Cybersecurity Advisors Network
Retour sur le webinaire organisé par l’initiative Black Is Ethical – 26 mars 2025 Le 26 mars 2025, l’initiative Black Is Ethical, soutenue par le Cybersecurity Advisors Network (CyAN) a organisé un webinaire autour d’un thème essentiel pour l’avenir de la cybersécurité :Comment instaurer une relation de confiance entre le Data Protection Officer (DPO) et le Hacker Éthique ? Ce webinaire a permis de croiser les regards de professionnels issus des domaines de la protection des données, de la sécurité offensive et de la gouvernance numérique. Version video: ...
info_outline
Information Sharing, Cybersecurity Politics, Threats, and More
Cybersecurity Advisors Network
This week, CyAN welcomes Gate15 Managing Director Andy Jabbour for a meandering talk around intelligence sharing, information security investments and ROI, US and European cyber policy, defence, and more. Notes and links: Due to the volume of supporting links and text, we've listed them on the CyAN blog, available here: https://cybersecurityadvisors.network/2025/03/21/new-podcast-information-sharing-cybersecurity-politics-threats-and-more/ Andy Jabbour on LinkedIn: https://www.linkedin.com/in/andy-jabbour/ ...and on BlueSky: @andyjabbour.bsky.social John Salomon on LinkedIn:...
info_outline
Breaking the Cycle: Combating Online IBSA for a Safer Digital Experience
Cybersecurity Advisors Network
Image-Based Sexual Abuse (IBSA) is a Growing Threat Online! IBSA can happen to anyone—regardless of age, sex, or gender. With the rise of AI and deepfakes, both real and fake intimate images are being shared without consent, causing immense harm. Explore the recorded session of "Breaking the Cycle – Combating Online Image-Based Sexual Abuse." Delve into expert discussions on the severe impacts of IBSA (Image-Based Sexual Abuse), strategies for prevention, and the pivotal role of technology in creating safer digital spaces. This webinar discusses the complexity and...
info_outline
State of (Cyber)War - Military Cryptology, Part II: The Cold War and Beyond
Cybersecurity Advisors Network
Due to the volume of supporting links and text, we've listed them on the CyAN blog, available here: Hugo Tarrida on LinkedIn: John Salomon on LinkedIn: Check out the rest of CyAN's media channels on https://cybersecurityadvisors.network/media - and visit us at Original video at https://youtu.be/twC6NTt9R8E Intro music courtesy of AlexiAction via Pixabay: https://pixabay.com/users/alexiaction-26977400/ Outro music courtesy of Studio Kolomna via Pixabay: Episode artwork via
info_outline
State of (CyberWar) Episode 6.2
In part III of our Middle East cyberwarfare mini-series, Hugo Tarrida and John Salomon talk about probably the most complex topic yet - Iran.
Following our analysis of the broader Middle East region, and of Israeli capabilities and activities, today's episode is an overview of Iran - the history of its online conflict capabilities, the history behind the establishment of these, and some major cyberattacks and influence campaigns attributed to the country and its various agencies and stakeholders.
Notes and Links:
As with our previous vide on Israel, it's difficult to judge the impartiality and factualness of many websites describing Iranian capabilities. We will thus stick to Wikipedia unless there’s something better - we tend to trust most US or European government agencies' and mainstream vendors' analysis, and certain reputable news sites unless there is a compelling reason not to do so.
We lean a lot on "the usual suspects" such as the BBC, The Guardian, the Council on Foreign Relations, and particularly, Wikipedia; yes, we know you're not supposed to do that. As always, do your own homework and draw your own conclusions, we’re not here to push a narrative.
We have our own views and opinions of current events. This discussion is not intended to endorse or condemn any particular viewpoint.
As with Hebrew, we don't speak a word of Farsi. Online translations tend to be even less consistent than those for Hebrew, so again, your mileage may vary.
01:24 Because someone will inevitably get mad, and we don't want that.
02:13 Islamic Republic of Iran Armed Forces: https://en.wikipedia.org/wiki/Islamic_Republic_of_Iran_Armed_Forces (or if you prefer the official website: https://www.president.ir/en/76724)
02:02 IRGC: https://www.cfr.org/backgrounder/irans-revolutionary-guards
02:18 IRGC, aka "Sepah" (in Iran, according to Wikipedia): https://www.cfr.org/backgrounder/irans-revolutionary-guards - a very cursory search didn't yield an official website. Possibly they have some SEO work to do.
02:29 Quds Force: https://en.wikipedia.org/wiki/Quds_Force
02:34 Hezbollah: https://en.wikipedia.org/wiki/Hezbollah
02:35 Houthis: https://en.wikipedia.org/wiki/Houthi_movement
02:58 We may have gotten confused here - the US government has multiple pages listing sanctions on the "IRGC-CEC", but outside of these, and news articles covering these sanctions, we can't really find anything on this organization. There is, however, the IRGC Cyber Defense Command: https://www.globalsecurity.org/intell/world/iran/irgc-cyber.htm
03:50 A lot of information comes from either US government sanctions (see above), Iranian anti-government activist groups, and vendors/CSIRTs providing threat actor information - it is surprisingly difficult to find objective, well-researched information on IRGC and regular armed forces cyber actors. The language barrier is probably a major issue.
03:45 Information on the Supreme Council of Cyberspace (BBC: Supreme Council of Virtual Space) is slim, for example https://wilmap.stanford.edu/entries/regulatory-entity-supreme-council-cyberspace or Wikipedia´s page at https://en.wikipedia.org/wiki/Supreme_Council_of_Cyberspace_(Iran) - the official website has a lot of photos of guys in hats meeting and looking serious.
05:07 National Information Network: https://en.wikipedia.org/wiki/National_Information_Network
05:17 Great Firewall of China: https://cs.stanford.edu/people/eroberts/cs181/projects/2010-11/FreeExpressionVsSocialCohesion/china_policy.html - this comparison may be a bit of a stretch, although by some accounts we've read, Iran's domestic Internet offers pretty high speeds as well as content filtering/surveillance, so maybe it's not a terrible analogy.
06:20 Al Jazeera article on the topic: https://www.aljazeera.com/news/2024/2/24/iran-unveils-plan-for-tighter-internet-rules-to-promote-local-platforms
07:20 https://www.hackread.com/iran-biggest-cyber-army-israel/ - includes a link to INSS report on the topic (the mentioned Israeli think tank)
07:51 Honker Union: https://www.moderninsurgent.org/post/honker-union
07:57 2010, sorry. Article: https://www.zdnet.com/article/baidu-dns-records-hijacked-by-iranian-cyber-army/
08:25 https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-335a
08:32 https://www.cisa.gov/topics/cyber-threats-and-advisories/advanced-persistent-threats/iran
08:44 For example: https://www.zdnet.com/article/mrbminer-crypto-mining-operation-linked-to-iranian-software-firm/ and https://www.cisa.gov/news-events/cybersecurity-advisories/aa22-320a - that said, we may have gotten things a bit mixed up since there are also a lot of non-malware (of the massive-pile-of-FPGA type) Iranian cryptominers - a bunch of which were shut down in 2019 after power usage concerns: https://www.bbc.com/news/technology-48799155
09:16 Russian government entities may not be big ransomware actors, but Russian state-affiliated and state-tolerated actors are sure a different story...
09:40 A 2022 indictment of Iranian ransomware actors came alongside OFAC sanctions of IRGC-affiliated ransomware attacks around the same time: https://www.bleepingcomputer.com/news/security/us-govt-sanctions-ten-iranians-linked-to-ransomware-attacks/
10:51 https://www.bbc.com/news/world-europe-62821757
11:12 OilRig / Helix Kitten: https://attack.mitre.org/groups/G0049/
12:42 https://www.cfr.org/cyber-operations/
13:20 https://www.darkreading.com/cyberattacks-data-breaches/iran-dupes-military-contractors-govt-agencies-cybercampaign
13:52 Shamoon: https://en.wikipedia.org/wiki/Shamoon
14:00 Sony Pictures hack: https://en.wikipedia.org/wiki/2014_Sony_Pictures_hack
14:55 Operation Ababil: https://en.wikipedia.org/wiki/Operation_Ababil
15:24 Nope, not gonna link it
15:35 https://krebsonsecurity.com/tag/izz-ad-din-al-qassam-cyber-fighters/
16:37 Edalat-e Ali: https://malpedia.caad.fkie.fraunhofer.de/actor/edalat-e_ali - note that a lot of sites discussing this group seem to have a decidedly anti-regime view. Not that that's a bad thing, but we're really trying to keep it factual
17:11 https://www.darkreading.com/threat-intelligence/iranian-apts-dress-up-as-hacktivists-for-disruption-influence-ops
18:18 Islamic Republic of Iran Broadcasting: +https://www.abu.org.my/portfolio-item/islamic-republic-of-iran-broadcasting/ - again, the Iranian government is really not great at (at least English language/international) SEO for their own websites
18:57 https://en.wikipedia.org/wiki/Mahsa_Amini_protests
20:57 https://en.wikipedia.org/wiki/Censorship_in_Iran
21:30 https://www.techradar.com/news/using-a-vpn-may-be-a-crime-under-strict-new-iran-internet-law - according to a Persian language website linked to in the above Wikipedia article, Khamenei ordered the Supreme Council of Cyberspace to ban VPNs outright in February 2024.
23:04 AnonGhost; https://cybernews.com/cyber-war/israel-redalert-breached-anonghost-hamas/ - a lot of sites associate it with #OpIsrael, for example https://www.hackread.com/opisrael-anonghost-claims-leaking-hundreds-of-israeli-facebook-account-credentials/ - but given Anonymous' decentralized and fluid nature, who knows (a case study on JSTOR (pdf) that makes only passing reference to #OpIsrael refers to "Anon" as a group which it most certainly is not...)|
28:18 https://www.reuters.com/fact-check/us-document-approving-8bn-military-aid-israel-is-fake-2023-10-09/
31:14 https://en.wikipedia.org/wiki/2024_Iranian_strikes_in_Israel
31:44 https://www.japantimes.co.jp/news/2024/04/17/world/politics/digital-misinformation-iran-strike
33:02 https://archive.nytimes.com/thelede.blogs.nytimes.com/2008/07/10/in-an-iranian-image-a-missile-too-many/
34:54 Press TV: https://www.presstv.ir/ - Wikipedia: https://en.wikipedia.org/wiki/Press_TV
38:06 Also check out our episode on Chinese disinformation activities, including the 50 Cent Party: https://youtu.be/xBAJ2rBKrMc
Bonus links about Iranian disinformation activities:
Natto Thoughts always has some good resources on disinformation: https://nattothoughts.substack.com/p/mideast-crisis-and-russia-cyberspace
New York Times - "From Opposite Sides of War, a Hunt for Elusive Facts": https://www.nytimes.com/2024/01/25/business/media/misinformation-fact-checking
Israel-Hamas armed conflict resource hub: https://www.disinfo.eu/israel-hamas-resource-hub/
How Longstanding Iranian Disinformation Tactics Target Protests - https://www.washingtoninstitute.org/policy-analysis/how-longstanding-iranian-disinformationtactics-target-protests
Israel-Hamas armed conflict resource hub - https://www.disinfo.eu/israel-hamas-resource-hub/
You can find CyAN's Secure-in-Mind YouTube channel at https://youtube.com/@cybersecadvisors - and of course, our videos about cyber conflict on the State of (Cyber)War playlist here.
All of our episodes are also available in audio format on Apple iTunes, Amazon Audible, Podcast Republic, Spotify, and Libsyn - links on our Media page.
Original video at https://youtu.be/GAeyNb4-27A
Intro music courtesy of AlexiAction via Pixabay: https://pixabay.com/users/alexiaction-26977400/
Outro music courtesy of Studio Kolomna via Pixabay: https://pixabay.com/users/studiokolomna-2073170/