True crime stories – A day in the life of a cybercrime fighter [Audio + Text] – Naked Security
Paul Ducklin talks to Peter Mackenzie, Director of Incident Response at Sophos, in a cybersecurity session that will alarm, amuse and educate you, all in equal measure.
[MUSICAL MODEM]
PAUL DUCKLIN. Welcome to the Naked Security podcast, everybody.
This episode is taken from one of this year’s Security SOS Week sessions.
We’re talking to Peter Mackenzie, the Director of Incident Response at Sophos.
Now, he and his team… they are like a cross between the US Marine Corps and the Royal Navy Special Boat Service.
They go steaming in where angels fear to tread – into networks that are already under attack – and sort things out.
Because this episode was originally presented in video form for streaming, the audio quality isn’t great, but I think you’ll agree that the content is interesting, important and informative, all in equal measure.
[MORSE CODE]
[ROBOT VOICE: Sophos Security SOS]
DUCK. Today’s topic is: Incident response – A day in the life of a cyberthreat responder.
Our guest today is none other than Peter Mackenzie.
And Peter is Director of Incident Response at Sophos.
PETER MACKENZIE. Yes.
DUCK. So, Peter… “incident response for cybersecurity.”
Tell us what that typically involves, and why (unfortunately) you often need to get called in.
PETER. Typically, we’re brought in either just after an attack or while one is still unfolding.
We deal with a lot of ransomware, and victims need help understanding what happened.
How did the attacker get in?
How did they do what they did?
Did they steal anything?
And how do they get back to normal operations as quickly and as safely as possible?
DUCK. And I guess the problem with many ransomware attacks is…
…although they get all the headlines for obvious reasons, that’s often the end of what could have been a long attack period, sometimes with more than one load of crooks having been in the network?
PETER. Yes.
I describe ransomware as the “receipt” they leave at the end.
DUCK. Oh, dear.
PETER. And it is, really – it’s the ransom demand.
DUCK. Yes, because you can’t help but notice it, can you?
The wallpaper has got flaming skulls on it… the ransom…
