Smashing Security podcast #459: This clever scam nearly hijacked a tech CEO’s Apple ID

A judge has sentenced a CISO to 8 consecutive hours on the RSA conference floor. His crime: failing to disclose a breach to the Securities and Exchange Commission. Legal experts at the SEC are calling the penalty proportionate and corrective. Former RSA attendees are calling it ransomware.

Barbaric.

Smashing Security, episode 459. This clever scam nearly hijacked a tech CEO's Apple ID. With Graham Cluley and special guest Paul Ducklin. Hello, hello, and welcome to Smashing Security, episode 459. My name's Graham Cluley.

And my name is Paul Ducklin.

Duck, great to have you back on the show once again. Thank you for joining us.

It's a great pleasure.

So what fun stuff have you been up to lately?

Well, as you know, Graham, for very many years I haven't owned a car because I kind of got into bicycling.

Yes.

So when I need a car, which is only very occasionally, I hire one. And every time you seem to get a different model.

Right.

And the one thing you have to do, at least in Britain, when you hire a car, the rule is you get it full of fuel and you must return it full of fuel or they charge you some extortionate price to fill it back up.

Yeah.

And of course, because it's not your car, how do you know when you pull into the filling station which side the filler cap is on?

Okay.

And although I've been doing this for years and years and years, I only very recently discovered that if you look at the fuel gauge, digital or not, underneath it there's a little petrol pump icon that says this is the fuel gauge.

Yes.

And at the bottom of the little petrol pump icon, there's an arrow which is either on the left-hand side or the right-hand side. Guess what the arrow tells you?

I think bless you, Duck, for not knowing that.

What?

Well, I knew that. In the cars I've driven, I've noticed that. But I didn't know all cars did that.

When I owned cars, I just knew which side it was on, because after the third time you've got it wrong, you kind of know. The green car, it's on the left. The white car, it's on the right.

I have to look at the dashboard to remind myself sometimes.

So are you saying I've given the Smashing Security listeners a piece of advice that only I did not know?

Well, let's go on with the show. But before we kick off, let's thank this week's wonderful sponsors, Meta, Adaptive Security, and Vanta. We'll be hearing more about them later on the podcast. This week on Smashing Security, we won't be talking about how a Doge employee stole Social Security data and put it on a USB drive. You'll hear no discussion of how a foreign hacker is said to have broken into the FBI in 2023 and compromised the Epstein files. And we won't even mention how a new font rendering trick can cause AI assistants to not spot malicious commands hidden in seemingly harmless HTML. So, Duck, what are you going to be talking about this week?

I'm going to be asking, where does nobly helping the community at large with medical data end, and protecting your personal data and privacy begin.

And I'm gonna be talking about the devious way hackers almost stole a famous techie's Apple account, and how you could fall for the same trick. All this and much more coming up on this episode of Smashing Security. Graham.

Who's our sponsor this week?

Well, Adaptive Security is one of them.

Ooh. What do they do?

They train your staff not to be idiots, Joe.

That's harsh.

It is a bit. But you know when someone rings up the accounts department pretending to be the CEO and asks to be wired $50,000, and it turns out to be a bloke in a tracksuit? That's what we're talking about.

I'm familiar with the genre.

Yeah, so Adaptive Security, they stop that from happening. Proper security awareness training, not death by PowerPoint.

Thank goodness. Yeah.

Real-world examples tailored to your company. Phishing simulations. Vishing. Smishing—

You're just making up words now.

I'm really not, Joe. Voice, email, SMS, video, even AI deepfake scams. And the simulations use the kind of information attackers could actually dig up about you and your staff.

So it's realistic.

Yeah, it's uncomfortably realistic. And now they've got an AI content creator that lets security teams instantly spin up custom training. All you've got to do is paste in a news article. So it could be about a breaking threat or an internal policy update. It's all done. Multilingual, interactive in seconds.

Who's behind all this then?

Well, OpenAI, as it happens. Adaptive Security is the first cybersecurity company which is backed by OpenAI.

That sounds like a ringing endorsement.

So, if you'd rather your employees weren't the weakest link, head over to smashingsecurity.com/adaptive.

That's smashingsecurity.com/adaptive.

And thanks to Adaptive Security for supporting the show. Now, Duck, Matt Mullenweg. Are you familiar with Matt Mullenweg?

That's Automattic, isn't it?

That's right, which is the parent company of WordPress and some other things as well. And he's also the co-founder of WordPress, obviously. He's a big name in tech, isn't he? I mean, he did do something extraordinary with WordPress. He built something which is used by some astonishing statistic, the number of websites out there which are powered by WordPress, either WordPress.com or the open-source equivalent, something like 40% of the internet is using WordPress technology, I believe.

Is your site on WordPress, Graham?

It is, yes.

Yes, so is mine. So there you go. Two out of two.

That's 100%. In our survey, 100% of the internet is being run on WordPress. So he's done very well. He still managed to alienate almost everyone in the WordPress community over the years as well. He's a bit like Linus Torvalds. He can be a little bit prickly, I think sometimes. He divides opinion. But he's a big cheese, isn't he? And turns out he uses Apple devices. So he's got an Apple Watch, he's got an iPhone, and he's got an Apple Mac. And he also does something which not many people do with their Apple devices, which is that he has enabled lockdown mode. That is an optional feature of Apple's operating systems, which means that you shouldn't laugh, Graham.

It sounds like if you want to show your buddies how important you think you are. So I've tried it. It's very good, but is it? You can't do an awful lot.

Well, that's the problem, right? So lockdown mode, for anyone who doesn't know, it significantly restricts what your device can do, which is great news in terms of making it more secure, puts you at less risk, but it also makes your device really bloody difficult to actually use as a computing device. So much so that Apple actually specifically does not recommend it. They say, "This is designed for very few individuals." They would hate the vast majority of people to turn this feature on.

I don't think they have to worry about that happening.

So it is more if you're a politician or if you're a journalist— I mean, not if you're a journalist writing about snooker matches or something like that. But if you are a journalist who's working on some geopolitical or if you've got super secret sources who are in countries where there are authoritarian regimes.

Well, there have been some very, very, very deep and important gambling corruption allegations over the years in snooker. So don't knock snooker journalists for the risk that they may be under.

That's true.

So don't knock snooker journalists for the risk that they may be under.

All right. Okay, fair enough. Anyway, despite having lockdown mode enabled, Matt Mullenweg was still almost completely conned by an attack recently, which he has written about on his blog. So if you're sitting there thinking, well, this could never happen to me. I could never fall for a trick this. Just stay listening because maybe you could. Here is what happened to Matt. Right. So recently in an evening, there's Matt. He says that suddenly his Apple Watch, his iPhone, and his Mac, they all lit up with a message prompting him to reset his Apple ID password. Right, this is the thing built into the operating system. It's popping up saying, you need to reset your password. And he says it came out of nowhere. So he hadn't done anything to trigger it. And he's thinking, well, why am I getting this notification telling me that there's some kind of problem with this? And what was happening was that somebody was hammering Apple's own legitimate password reset process. And you can do this. You can go to Apple and you can say, look, this is my Apple ID. This is effectively my email address. I can no longer access my account. Please reset it for me. And if you do that, Apple will send this notification to your devices, basically saying, do you want to reset? If you do, this is the process which we want you to go through. So he was being battered by somebody who was probably hoping that eventually he'd get frustrated by all these hundreds of messages and just tap allow. And this is a technique which is called, well, some people call it MFA bombing. It relies upon MFA fatigue. You must have heard about cases of this kind of thing happening, Duck.

And you hit the other button instead.

And this is meant to be done so

Which is kind of funny when

that you get a heads up if this

you obviously guess the way in

kind of thing is happening.

which this is going.

So? Yes. In general, notification fatigue, as I've heard it. Yeah, the idea that you'll get a warning, you'll get a warning, you'll go, that's not me, that's not me, that's not me, that's not me.

Yes. It's a bit a denial of service attack in a way, because it stops you from doing your work or stops you from having fun with your device.

Once in a while, Graham, you've got to expect that these scammers who are probably doing this thousands or tens of thousands of times a day, they will coincide with a point at which someone thinks they really do or should reset their password and they'll fall in with their eyes wide shut, as it were.

Yeah, that's certainly possible. So eventually you can get fed up and you can do whatever the message is telling you to do because you're under such a barrage. Or you think, well, maybe it is legitimate. I just want the problem to go away. I will press every button until I find the button which makes these things bloody well stop.

Or you've jabbed the thing 50 times already and you jab it one more time in frustration. And this last time, because you're so Yeah. Yeah. annoyed you miss. And you hit the other button instead.

But Matt Mullenweg, he's a smart cookie. He's clearly savvy to the risks. But in his case, these guys didn't give up when he failed to fall for that particular trick. Instead, they took things up a notch. So it turns out that the people who were trying to trick him into giving them access to his account contacted Apple support themselves, pretending—

You have to grudgingly think that's quite clever.

Isn't it? So they pretended to be Matt Mullenweg, and they said, I've lost my phone. I need to give you a new phone number to attach to my device. And because they were doing this all through Apple's actual real support channels, that interaction generated a real case ID number within Apple Support.

Yes. Which, even if it's a fraudulent approach, is quite correct. It means Apple has created a record that you can then know is false if you've got your wits about you.

Now, Apple, of course, they're not just going to hand over the keys to someone's account just because they appear to have said, oh, I've lost my phone. They're going to send notification emails to the people whose email addresses they have associated with that account, right? So they're going to send notification messages, and that's what happened. So real Apple notification emails arrived in Matt's inbox. And all of those messages, of course, were not phishing emails. They were properly signed from Apple's actual email servers with Apple's domain. This is pretty sophisticated Exactly. These weren't spoof emails, they weren't blocked by spam or anything else. They're completely legitimate emails to Matt about a completely fraudulent request from the hackers to gain access to his account. And it is at this point that Matt got a phone call. stuff, isn't it?

Uh-oh. He gets a phone call from Apple support. And Alexander was a pretty good support guy.

There is a few things that you are able to check over. This is just to ensure that the malicious third party won't be able to access your account.

And it sounds like Alexander from Apple Support is saying that someone tried to change Matt's phone number, which turned out was what the hackers were trying to do, but that Apple intercepted the attempt. And who else other than Apple would know that that had happened, I wonder? And so you think, well, this is really helpful. And he was so convincing, this support guy, that Matt actually thanked him.

I don't think that particularly requires So, the numbers are current. artificial intelligence. It just requires a

The emails are good.

voice that sounds believable enough.

The password is old, so maybe that was compromised. I do have two-factor on. Thank you so much. What was your name, by the way?

My name is Alexander.

Alexander, you are awesome. So thank you for being so— thank you very much.

It also seems to be the most obvious giveaway that this is a scam. Timely, helpful, joyful, continuous, real, useful support.

And it was answering the questions. Anyway, what can we learn from this? Yes. Matt Mullenweg, remember, he signed up for the lockdown mode. He thinks he's a tech VIP. Maybe he thinks he's getting the gold-plated support from Apple because of who he is. And then Alexander says, "Look, okay, so what we're gonna do, clearly this was a bogus support request which came in." They said, "Clearly someone is trying to phish you." "So what we're gonna do is we're gonna clear this bogus support request which has come in. We can cancel it. What I'm gonna do," he said, "is I'm gonna text you a link and you can then confirm your identity and we will cancel the support request." Where's the advice? Well, Apple is never going to call you first, right?

That well-known Apple domain.

They're not going to call you out of the blue. Always check the URL. Exactly, 'cause it's not the real apple.com. It's got that bit on the front. So Matt went to the link. Right.

Ah, yes, the 832 number, it was sent as a text message. This is just because we're reaching out to that mobile number as of right now, and we can confirm you are the person that does have access to this mobile.

So Matt arrives on this dodgy webpage, and at the bottom of the page, as Alexander points out, is a Sign In with Apple button.

So in relation to that request there, Matthew, you should see at the bottom, it may state the verification required. This is just to go ahead and process that cancellation request. As I stated, we've initiated the cancellation request, but for it to be processed, it does require an original account holder or a legacy—

Now he's pushing for Matt to do this because this is how you will clear the support request so we can close this whole thing down. And it's at that point that thankfully Matt was feeling a little bit unsure. And so we entered a completely different made-up case ID. And when he did that, he got exactly the same results. So nothing was being validated. The whole thing was a sham. He saw the same kind of page and he thought, well, hang on, you could enter anything here. And so he actually called Alexander's bluff. This is impressive. So this is obviously phishing, right?

So, tell me a little bit about the scam.

The whole elaborate scheme, the password reset spam, the fake Apple support call, the Isn't it just? real case ID, the authentic-looking emails, all of that was just for this one So head over to meter.com/smashing moment to steal those login details for Apple ID. to find out more. That's meter.com/smashing. Well, it's also very simple because the pixel-perfect clone website, there are any number of open-source tools you can download from GitHub, no less, air quotes for research purposes only, that don't require any technical skill. Yeah, I've done it with my own site as an experiment. Well, when Matt called this guy's bluff, Alexander was gone. It was silence. Now, interestingly, the guys at WordPress, they think it may have been an AI voice. It may have been an AI which was clever enough to actually have the entire conversation with Matt, because there are some demos which ElevenLabs, for instance, have put out where you can be chatting to a support chatbot, which is remarkably convincing. And it wouldn't be a surprise, maybe.

Well, particularly if it's just talking you through a script.

Yeah.

And it has to do with a UK biomedical research enabling organisation called UK Biobank.

Well, yeah, but in this case, it was interacting with him as well. Right.

Right.

Yeah. When Matt thanked him, Alexander said, oh, thank you very much. So there was a bit of to and fro between them. Right.

Yeah. And if you call them, you're not going to get through very quickly either. So both of those things should be red flags.

Don't click on links texted during a support call. Be suspicious of them as well. Go to whatever the business is, go there directly if you're concerned. If you receive a password reset prompt that you didn't request, then that should be a huge red flag. So approve nothing. Go to your settings yourself. Log in yourself. Multifactor authentication, it definitely can help. But of course, there are these sort of man-in-the-middle attacks, aren't there, where you can actually have the multifactor authentication token taken from you, and instantly the bad guys can use that token that you've entered to try and access your account.

Absolutely.

Although it's a lot better to have that kind of protection in place, it is not a 100% guarantee that your accounts are going to be safe. Yeah.

And never ever read out that two-factor authentication code to anyone else.

No.

Like a PIN, personal identification number. It's for you only.

Yeah, that's absolutely right. Just in the last week or so, the guys at Signal, which is the encrypted messaging app, they've put out a warning that there are messages going around claiming to come from the Signal security support chatbot. And it says, we've noticed suspicious activity on your device.

Oh boy, they've even justified the fact that you're going to have a chat with an AI up front.

Yes. These messages say, to prevent you losing access to your account, you have to pass verification. We are about to send you a verification code. Don't tell it to anyone, it says, not even Signal employees. Just send it to this number when you receive it.

Don't tell it to anyone except this person. Yes. I could imagine, given the fact that I was in dire straits in the middle of nowhere and a helicopter descended from the sky and whisked me off to one of the premier teaching hospitals in the country and basically restored me to pretty much as good as new. If somebody said, you know what, in your operation we use stainless steel screws to fit all the broken bits back together. If in doubt, Graham, don't give it out. Simple as that.

Well, that's a good little motto.

Sometimes we use titanium screws, but they're much more expensive. What we want to do is see what is the sort of risk-reward of that. I would probably go, you know what, that would be really helpful.

You should stick that on the front of your t-shirt.

Maybe I'll do that. I wouldn't want to begrudge the person, but I'd like to think that I would think twice, thrice, or even four times about saying, okay, I'll sign up for this thing so that you can use what happened to me way back then when I had the crash, but also all the other medical data that applies to me for every doctor surgery visit, every hospital visit, every surgery, every bit of medical treatment, possibly even including mental health treatment that I have for the rest of my natural life. That to me would feel like I was probably letting myself in for something for which nobody had really thought through the possible consequences fully. And that, sadly, is what seems to have happened in this case.

Okey-dokey. A little bit of time now to talk about Meta, who are one of our sponsors this week.

What does this one do?

They set up your office network so you don't have to.

That's it?

Yeah, well, pretty much. Yeah, that's it. You know when you move into a new office and suddenly you're juggling ISPs and floor plans and hardware and configuration? It basically becomes a second job, doesn't it?

Yes, I know this one. It's when the contractor turns up on the wrong day or at the wrong address and tries to install the wrong thing.

Right. That's the one, yeah. Well, meet us in tyre pitches. What if that just wasn't your problem?

Ugh. I'm listening.

So you hand them a physical address and a floor plan and they sort out the ISP, they design the network, they show up on site, they rack their own hardware.

Their own hardware? Not reselling someone else's kit.

Yep, their own hardware, and they get the whole thing up and running.

Hmm. But what if I like being put on hold for 45 minutes to listen to pan flute music?

Yeah. Well, tough luck, Joe. Tough luck. And once you're up and running, you get one dashboard. Monitoring, management, security, VLANs, firewall, DNS security, SD-WAN, the whole caboodle.

So full visibility with none of the legwork.

Yep, that's exactly it. And it's sold through a subscription model, so there's no nasty surprises. Right. There's even a hardware buyback program if you've already got kit from another vendor.

Ah, that's rather civilised. And thanks to Meter for supporting the show.

Duck, what's your story for us this week?

Well, my story goes around an exclusive story that was published on British news site The Guardian over the weekend.

Okay. Yes. Yes. Now, you may have heard of UK Biobank. They're a charity, which for our North American listeners, that would be not-for-profit. Although they have a CEO, and that is Professor Sir Rory Collins. We'll come back to him in a moment. And my understanding is quite a lot of people have volunteered to participate in this. I mean, because people think that doing this will help medical research.

Yeah, it's de-identified.

Yeah, because people won't be able to identify who I am. But if this helps medical science, something like half a million people have volunteered to help this study of diseases and things.

And this is UK only, so that's half a million people out of what is our population, around 70 million. So it's a very significant number of people who genuinely think they're doing the right thing. Or maybe some of them are young enough that they haven't thought about how specific some of And they had the fact that she had a specific type of operation. I believe it was a hysterectomy in a particular month and year, and I think she was 71 years old. the conditions they might have in the future will be to them. You know, maybe they've just had things that tend So she had a lot of medical history in there. Oh, with just that information, let's say the date of birth. to happen to everybody so far, so they don't Let's consider that free of charge. Let's just assume to a first approximation everyone in the UK has a public date of birth. think that reidentifying them afterwards would be terribly hard. And you can also imagine why people would think, you know what, I was in a desperate situation, the National Health Service intervened and they basically saved my life. You kind of feel maybe I should give something back.

Horrendous.

And I wound up in hospital and then for 4 months I couldn't walk, but after 4 months I could walk again unaided. And to this day, all I have to show for it is some scars where the operations were done.

Yeah, it was pretty bad. And as I recall, Duck, as long as you remember now what side the filling cap is on your car, you should be safe going forward.

Well, it was a motorcycle.

The filling cap was in Yeah. the middle. It was a Right. So we've got all these volunteers. This data has been given to UK Biobank. So what has happened? What's gone wrong? motorcycle. It was a motorcycle.

Well, they require researchers to sign up and they vet them in some way. And I don't think they vet that they're great programmers or that they have experience in software engineering or that they have experience in cybersecurity or how to use GitHub properly, etc., etc. And also, people who've signed up for this, some of them might be surprised to know that these elite special group of trusted researchers already apparently number 20,000 people all around the globe.

Oh, right.

Who get access to some, much, or all And so you just go and say, well, what other things has 10538 had? Well, 3 years ago this, 5 years ago that, 7 years ago the other. of this data for whatever research it is In other words, you've de-anonymized that person. You've re-identified them. And of course, as you and I know all too well, it's not enough just to trust those people. You have to trust their computers as well, that they haven't got data scraping malware on them. You have to trust the network they're on. You have to trust the employer or the owner or the influencer of the institution where they study. they want to do. You can then go through the database and replace their magic number 10538 or whatever it is with the text Alice of Trellis Avenue. Done.

Okay. Right. Right. Right.

Yes.

Yes.

So they're required to publish their code.

Right. Right.

But of course they can't publish the data because anyone who wants to check the results has to go and persuade UK Biobank that they're cool as well.

Well, that seems sensible to me.

Now, I suspect that at least some of this code that was written would have been done, A, by people who weren't skilled software engineers to start with, or perhaps B, by some kind of vibe-coding AI.

Yes, very much so. Yes. How can I put it? And you can imagine what happened when they went to publish, because you can imagine you're a researcher, you're so excited. Oh, I've got this fantastic result. And you tell the AI, grab all my code and upload it, and then upload the PDFs and publish the report and put out the press release. Ah, okay. Well, obviously that's an oversight, but Duck, don't worry because that code has been de-identified, hasn't it? There's no way of working out it's Mrs. Miggins, you know, from 13 Trellis Avenue. That's not going to happen, is it? So that's all right.

Yes, that's sort of where the aforementioned Professor Sir Rory Collins, Chief Executive and Principal Investigator of UK Biobank, started his, I have to say, sort of semi-rebuttal of what The Guardian had done. The date of the operation unavoidably coincides with

What did The Guardian do?

the date of birth of the child born So, The Guardian during that operation, doesn't it? found someone who had volunteered with UK Biobank. And went to her and said, look, we'd like to see just how well this is de-identified. Will you give us some of your medical data? Just some snippets of your history, just enough critical information, and we'll see how little of it we need until we do a search and bang, we get one record. And as soon as you get down to one record, then you know the magic anonymized ID that ties that record to all the others, which is the whole purpose of this project, right, that you can tie this surgery to that treatment, this counseling to that behavioral change, etc., but without knowing who it is. You can imagine if it's 1 minute to midnight, then depending on when the midwife writes it down, you might get it wrong by 1 day. But you only need month and year. So if you start by going, okay, let's focus on month, year, C-section, right? You also have the issue that I believe there are something like 100,000 operations in the UK each year for hernia. And with this particular volunteer, they had the month and year in which she was born, which I think for most people in the UK, given the number of breaches so far, we should consider a matter of public record. That's the most common operation, apparently. So suddenly the fact that this sounds like a very unlikely coincidence that an attacker could ever guess is not true. But imagine if they actually had data that they had bought off the darkweb from an earlier breach from a healthcare institution that had been hit by ransomware. Data had been stolen, the ransom wasn't paid, and the crooks decided to sell it on. Just imagine that on its own. You would think that's quite annoying for those individuals who everyone now knows they had trouble with their throat in such a month year. That would be bad enough, but that alone could now be enough to de-anonymize all of those people. And that's something like up to 50,000 people a year in the UK. So Professor Srivouri's disclaimer, I don't think he's being disingenuous. I think he may just genuinely not realize how easy it is to stitch together little bits of data from lots of sources.

So let's call her Alice. And now, just with those two pieces of information—

One operation in one month that they knew, yeah, bingo, de-anonymised. That's just one person, done.

Yes. Yes. And now, whoever it was is able to find out everything else about all the other treatments that they've had.

Yes, because you find that one record and it It's not 15, it's 12. says, we're not telling you this is Alice from Trellis Avenue. This is, you know, 10538. AI always gets that wrong.

Thank goodness this person agreed to be a guinea pig for The Guardian so that they were able to prove that this was possible. So the boss of UK Biobank, that CEO, what's he had to say about this?

Well, he has reacted in a way that I think is

Someone else said, can you draw some fried chicken? So I drew a little cartoon chicken and put it in a frying pan.

very old-fashioned and suggests that he's not familiar with where we

Someone else said, oh, I'm thinking of going to Japan this year before World War III ruins everything. Am I safe to go? And I said, well, you don't say where you're going to Japan from. That would be a useful and relevant detail.

are in, you might call, de-anonymisation skills and abilities. He just said, "We take your privacy extremely seriously." Oh!

So I was able to answer all these questions and I was earning credit so that I could then myself ask questions of the AI. I have to say, I find it really addictive pretending to be an AI answering questions. Red flag number one. That's a novel line. Yes. Not heard that one before.

I am also a UK Biobank participant, so I know how much this matters.

Oh, how do we know his month and year of birth? I bet we could find that out, probably from Companies House.

Yes.

Right.

Or you could just look at a photo of him, roughly guess his age. That gives you the year, and then you've got 12 months to play with. So it's not that hard, right? Okay.

You can skip. Okay.

He said, we know that the possibility of your data being identified can never be completely removed. But it would require someone to have specific matching information from another source. That is what The Guardian has done.

There are some which are a bit weird,

The participant featured chose to give specific personal health information. The Guardian then cross-referenced this. This is not a failure of our approach to data confidentiality because the participant shared the information to identify themselves.

but you've now earned, you see, some credits Right, so we've already agreed so you can ask questions. that date of birth is basically public knowledge now, right? Because we've all had so many breaches.

Correct.

Okay, so yes, they would have had to have known when she'd had her hysterectomy operation, for instance. I mean, it would be difficult, wouldn't it, finding out when someone else has had an operation? I mean, unless you handed it over? I think this is the future of AI.

Unless you happened to be able to reconstruct that data as an attacker.

If we had human-powered AI, I personally find this quite— I particularly enjoyed the drawing tasks.

Maybe a cybercriminal who's made millions off ransomware and has got plenty of money and time to burn, or a state-sponsored attacker who's funded to do this as a job.

I think this is quite a good answer to things.

I would imagine that there are very, very, very many people in every country of the world, including the UK, who, when they have been in hospital for some serious specific operation, have received get-well-soon messages on social media from their chums.

Use AI rather than all these computers to do things.

Wouldn't you think that? So that gives you the month and year of the operation. And even if it doesn't actually say what they're in for, many people will give it away. Or you might notice if there's a picture in the ward, you might be able to reconstruct what it is. But here's an even easier way to do it. Apparently, and this doesn't just disproportionately affect women, this only affects women. Approximately 40% of births in the UK these days are by caesarean section, which requires an operation, surgery.

Ah.

Well, we seem to have fallen

It kind of does, doesn't it?

into it headlong. I think it tries to be a little bit serious, but this is more of an Onion thing. The headline on the site is: A judge has sentenced a CISO to 8 consecutive hours on the RSA Conference Expo floor. His crime: failing to disclose a breach to the Securities and Exchange Commission of the USA within the mandated 4-day window. Legal experts at the SEC are calling the penalty proportionate and corrective.

That's probably not the kind of stitching which he was done which earned him his

Former RSA attendees are calling it barbaric.

professorship and knighthood, I suspect. Yes. I mean, Graham, if you think that we now have enough processing power around the world and enough data storage to build statistical inferencing models— some people call them LLMs or AIs— such that you can essentially reconstruct the full text of all the Harry Potter novels by steering this thing in the right way to guess what comes next. It is barbaric. Okay, now just to be devil's advocate for a moment, couldn't you argue that The Guardian has been a bit sensationalist here? Because nobody's actually been identified against their will so far, have they? I've been there. No, I don't know that they're being too sensationalist. I think that the article they published, which we'll put in the show notes, does give a reasonably balanced view. Have you been to the RSA Expo floor? Yeah, it sounds like he's made an assumption about probability that probably doesn't actually hold very much water. The fact that nobody's been caught doing this yet, it is not the same as it can't be done. And we have to worry about this because, of course, the Health Service more and more wants to use our data, and it wants to give it to some companies who are promising to do remarkable things, which they say will help make our Health Service more efficient.

Yes.

And I think there are understandable concerns about how well that data is going to be looked after. It sounds like it wasn't done well enough in this case.

Yes, particularly if one of those companies is an American startup that claims by taking a tiny drop of blood from your thumb, it can diagnose 7 trillion diseases and save the planet.

Yeah.

See, former CEO now serving 11 years in a federal prison. So there isn't clear and obvious advice for this. So I don't want to say to people, do not sign up for these programs. Because you may feel so strongly about the value that you got from something like the National Health Service that you feel it is actually worth cybercriminals getting at your stuff potentially in the future, that you're prepared to take that risk because the benefits to other people from learning from what went right and wrong in your treatment, that it just could all work out. But don't be seduced by the fact that, hey, this is absolutely fantastic. The de-identification or the anonymization of the data is bound to be enough. And don't forget that data breaches are very sadly in the healthcare industry much more common than you might like.

Well, we've got time right now to chat about one of our sponsors this week, Vanta.

Oh yes, my favorites. What do they do again?

They stop you running your entire security program out of a spreadsheet, Joe.

That seems aimed at me personally, Graham.

Well, it is a little bit, yes. But you know how most companies have to prove they're secure to customers or auditors and regulators? And the whole thing involves chasing down evidence, filling in questionnaires and forms, updating the same spreadsheet cells over and over again.

Over and over again. It sounds utterly soul-destroying.

Yeah. Well, Vanta automates all of that.

Automates it, how?

Well, their trust management platform keeps a continuous eye on your systems. It pulls everything into one place and keeps you audit ready around the clock. So no more staring at the ceiling at 2 AM wondering whether you've got the right controls in place or whether one of your suppliers has been breached.

The stuff of nightmares.

Yeah, it would be, wouldn't it? But this Vanta solution uses AI as well, and it's the useful kind, flagging risks, collecting evidence, slotting into the tools your team already uses so you move faster, scale without the headaches, and perhaps actually get some sleep. Go to vanta.com/smashing to find out more.

That's vanta.com/smashing. And thanks to Vanta for supporting the show.

And welcome back. And you join us at our favorite part of the show, the part of the show that we like to call Pick of the Week.

Pick of the Week.

Pick of the Week is the part of the show where everyone chooses something they like. Could be a funny story, a book that they've read, a TV show, movie, a record, a podcast, a website, or an app. Whatever they wish. It doesn't have to be security related necessarily. Well, my Pick of the Week this week is not security related. My Pick of the Week this week is a website which tickled me. Everyone's gone mad about AI. Everyone's using AI left, right, and center. Are you bored with AI or are you horrified with AI, duck?

Sorry, what was that, Graham? When I heard AI, I thought, oh golly, more slop.

Well, this is a bit of fun. This is a website called youraislopbores.me. Link in the show notes.

I'm going there. I want you to go there. So this presents itself as being a bit like an AI chatbot where you can type in a question. And as is the case often with these AI chatbots, it's not going to give itself away for free, right? Oh, it's an MITM attack.

So you can effectively become the machine. I've been playing with this, Duck, so I've actually had great fun pretending to be an AI, answering other people's questions that they've been put into what they may assume is an AI. So for instance, someone asked me, can you draw a strawberry? And I thought, well, yes, I can draw a strawberry. So I did a sort of rough sort of Microsoft Paint style picture of a strawberry. And then I wrote the word strawberry, albeit I put about 15 Rs in it. And sent that off to them and they were happy.

Now, I'm actually on that site right now, Graham. So help me along here.

All right.

It says I've got 1 token and I asked a question. I said, how long is a yard? And hasn't used up my tokens, so I haven't been asked to solve anything yet.

Oh, go and click on the tab which says LARP as AI.

Oh.

And if you go there and you click on start LARPing, you should receive a question.

Oh, it says someone has asked, stop looking at me. Not a real question. Submit and earn token.

There you are.

Oh, that's it.

That's all you got to do. You see?

Am I even real? No, of course not. Break up text blaming alignment of stars and high credit score. Oh, that's good. So I have to tell this person what they can tell to their SO. I'm going to put, uh, Pisces, dollar, dollar, dollar, excess error 404. I see what you mean.

It's quite addictive.

So you can literally put anything and you earn the tokens.

Now, it is possible for the person receiving your answer to say that it was spam or, you know, offensive or something like that. Then maybe you won't get a token, but I imagine you're just bashing the keyboard now, aren't you?

Oh, now I've asked a question that I actually don't know the answer to. Can I skip? I'm just gonna put dunno. That'll do. I've got 6 tokens already. Explain to cat why is legally obligated to cuddle right now. Let's put meow exclamation point. That's important. I've got 8 tokens already. Why do eyes exist? I can't hear you. Motivational quote for people whose only goal today is not crying. This is getting a bit weird. I've got 9 tokens now, Graham.

You're doing very well, Duck. Well done.

Is that good?

Well, I think so.

So now I can go back and spend those, can I? I won't do it now. I'm going to save it up for later.

Folks, you can try this out for yourself. Go to youraislopbores.me, and who knows, you could be answering a question from Duck when he uses up some of his credits. Duck, what's your pick of the week?

Graham, my pick of the week is something that I read on LinkedIn, which delighted me because as far as I can see, it's a real post replying to an article where the post is not AI, which is surprisingly rare on LinkedIn these days. And it's a chap by the name of Vaughn Shanks.

Okay.

Who is responding to a satirical news story on a website called The Exploit.

Right.

Working on a booth?

I have. Oh, I think that was back in the days when it was— it wasn't quite as pay-to-play as it's become. Anyway, the bit that Vaughn Shanks added is an explanation of what the RSA conference expo floor is, because people may not know, right? And his definition of it is fantastic. He says the expo floor, for the uninitiated, is 50,000 square meters of vendors who all do the same thing, none of whom can quite explain what that thing is, and every single one of whom has as of 18 months ago, always been an AI company. The defendant is said to be in good spirits.

Well, it's good timing because I think RSA is on next week, isn't it?

Yeah, something like that. It's fun to go, but 8 consecutive hours?

Oh, it's rough.

It's going to be hard. As Vaughn Shanks points out, he says, his joke is, the defendant is said to be in good spirits. But sources close to the case warn that will change about 40 minutes in, somewhere between the third autonomous threat detection platform and the man offering to scan his badge just to send some resources over. The sentence is believed to be the harshest handed down to a security executive since the SolarWinds incident.

Brilliant. I love it. Very funny. Thank you so much, Duck, for joining us this week. I'm sure lots of our listeners would love to find out what you're up to and follow you online. What's the best way to do that?

You can just visit my website. It is paulducklin.com/about and find out about me. And if you think I can create some fantastic content for you, whether it's written, spoken, or visual, please get in touch.

Fantastic. And of course, I'm on social media as well. You can find me on LinkedIn, or you can follow Smashing Security on Reddit, Bluesky, and Mastodon. And don't forget to ensure you never miss another episode. Follow Smashing Security in your favorite podcast app, such as Apple Podcasts, Spotify, and Pocket Casts for episodes, show notes, sponsorship info, guest lists, and the entire back catalog of around about 459 episodes. Check out smashingsecurity.com. Until next time, cheerio. Bye-bye.

Bye. You've been listening to Smashing Security with me, Graham Cluley, and I'm grateful to Duck for joining us this week, as well as this episode's sponsors, Adaptive Security, Vanta, and Meta, and to all those chums who've signed up for Smashing Security Plus via Patreon. As members of Smashing Security Plus, they not only get episodes of the pod earlier than the great unwashed public, and ad-free episodes at that.

Cheerio. Bye-bye.