The hidden cost of data hoarding. [Research Saturday]

CyberWire Daily

N2K Networks, Inc.

Daily News, Tech News, News, Technology

4.6 • 1K Ratings

🗓️ 11 January 2025

⏱️ 33 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

This week, we are joined by Kyla Cardona and Aurora Johnson from SpyCloud discussing their research "China’s Surveillance State Is Selling Citizen Data as a Side Hustle." Chinese technology companies, under CCP mandate, collect vast amounts of data on citizens, creating opportunities for corrupt insiders to steal and resell this information on dark markets. These stolen datasets, aggregated into "Social Work Libraries" (SGKs), mirror lower-tech versions of CCP internal security databases. Kyla and Aurora discuss how Chinese cybercriminals use these SGKs and their implications compared to Western, European, and Russian cybercrime ecosystems. With expertise in Chinese OSINT and cybersecurity policy, both researchers bring deep insights into the geopolitical and technical dynamics of China's digital landscape. The research can be found here: “Pantsless Data”: Decoding Chinese Cybercrime TTPs A Deep Dive Into the Intricate Chinese Cybercrime Ecosystem China’s Surveillance State Is Selling Citizen Data as a Side Hustle Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcript

Click on a timestamp to play from that location

0:00.0	You're listening to the Cyberwire Network, powered by N2K.
0:09.7	Ransomware, supply chain attacks, and zero-day exploits can strike without warning,
0:17.2	leaving your businesses sensitive data and digital assets vulnerable.
0:21.5	But imagine a world where your cybersecurity strategy could prevent these threats.
0:26.3	That's the power of the Threat Locker Zero Trust endpoint protection platform.
0:31.6	Robust cybersecurity is a non-negotiable to safeguard organizations from cyber attacks.
0:37.4	Threat Locker implements a proactive, deny-by-default approach to cybersecurity,
0:42.1	blocking every action, process, and user unless specifically authorized by your team.
0:47.6	This least-privilege methodology mitigates the exploitation of trusted applications
0:53.0	and ensures protection for your organization
0:56.0	24-7-365. IT professionals are empowered by threat locker application allow listing, ring fencing,
1:05.0	network control, and EDR solutions, enhancing their cybersecurity posture and streamlining internal IT and security operations.
1:13.6	To learn more about how Threat Locker can help mitigate unknown threats in your digital environment
1:19.6	and align your organization with respected compliance frameworks, visit Threatlocker.com. Hello, everyone and welcome to the CyberWires Research Saturday.
1:41.0	I'm Dave Bittner, and this is our weekly conversation with researchers and analysts
1:45.8	tracking down the threats and vulnerabilities, solving some of the hard problems and protecting
1:51.0	ourselves in a rapidly evolving cyberspace. Thanks for joining us.
2:16.6	We looked at China's data breach and leak ecosystem, and we discovered that there's a lot of interesting differences between the Chinese-speaking cybercrime world and the Russian and English-speaking cybercrime world. We found that their cybercrime ecosystem depends a lot more in persistent access,
2:22.9	often persistent insider access directly to data sources,
2:27.1	and that they often siphon off this data and sell it on the black market.
2:31.8	In today's sponsored Industry Voices Research Saturday,
2:35.6	we speak with Kyla Cardona and Aurora Johnson from SpyCloud.
	...

Transcript will be available on the free plan in -34 days. Upgrade to see the full transcript now.

Previous episode | Next episode

Disclaimer: The podcast and artwork embedded on this page are from N2K Networks, Inc., and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of N2K Networks, Inc. and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.