Command Line Heroes

What began as a supposed accounting error landed Cliff Stoll in the midst of database intrusions, government organizations, and the beginnings of a newer threat—cyber-espionage. This led the eclectic astronomer-cum-systems administrator to create what we know today as intrusion detection. And it all began at a time when people didn’t understand the importance of cybersecurity. This is a story that many in the infosec community have already heard, but the lessons from Stoll’s journey are still relevant. Katie Hafner gives us the background on this unbelievable story. Richard Bejtlich outlines the “honey pot” that finally cracked open the international case. And Don Cavender discusses the impact of Stoll’s work, and how it has inspired generations of security professionals.If you want to read up on some of our research on ransomware, you can check out all our bonus material over at redhat.com/commandlineheroes. Follow along with the episode transcript.  

It’s a strange situation when someone can hold something hostage from halfway around the world. It’s tragic when your own pictures and files are remotely encrypted. But when it’s a hospital’s system? Ransomware becomes a problem about life or death. Eddy Willems recounts his involvement in defeating an early ransomware attack that targeted AIDS researchers. At the time, there was a way to discover the encryption key. But as Moti Yung warned, asymmetric encryption would change everything. In the years since, ransomware attacks have become much more popular—thanks in part to the rise of cryptocurrencies. While criminals think it’s an anonymous way to collect payment, Sheila Warren tells us that the opposite is actually true.If you want to read up on some of our research on ransomware, you can check out all our bonus material over at redhat.com/commandlineheroes. Follow along with the episode transcript. 

All communication leaves the possibility for crossed wires. And as we become more connected, there’s a chance for those with ill intentions to steal our information and meddle in our daily lives—with devastating results. Smriti Bhatt breaks down the complexity behind machine-in-the-middle attacks. Johannes Ullrich tells us why we shouldn’t always trust that free WiFi. And the “father of SSL” Taher Elgamal notes that while cryptography can address the increasingly sophisticated nature of malware, there are no safe bets in security.If you want to read up on some of our research on machine in the middle attacks, you can check out all our bonus material over at redhat.com/commandlineheroes.Follow along with the episode transcript.  

Overwhelming numbers are scary—even in the best of circumstances. You can plan for them, build up your defenses, and do everything imaginable to prepare. But when that horde of zombies hits, their sheer numbers can still cause devastation. Botnets are digital zombie hordes. Jamie Tomasello recounts the scale of the Bredolab botnet—and the many malicious kinds of missions it carried out. Martijn Grooten explains how botnets work, and why they can be so difficult to permanently dismantle. And Darren Mott shares some of the successes the FBI had in rounding up some of the world’s most prolific bot herders.If you want to read up on some of our research on botnets, you can check out all our bonus material over at redhat.com/commandlineheroes. Follow along with the episode transcript.