[SPEAKER_02]: He says you can even buy books from the store with my credit card in a single book.

[SPEAKER_02]: Oh, I've mentioned credit cards.

[SPEAKER_00]: Smashing security, Episode 448, the Kindle that got burned, with grand, clueless and special guest Danny Palmer.

[SPEAKER_02]: Hello, hello, and welcome to Smashing Security Episode 448, my name's Graham clearly.

[SPEAKER_02]: And I'm Danny Palmer.

[SPEAKER_02]: Danny, welcome back to the show, always a delight to have you on.

[SPEAKER_02]: You were last on, I think, a couple of months ago, would have you been up to since?

[SPEAKER_01]: Yeah, great to be back, thanks for having me, Graham.

[SPEAKER_01]: What have I been up to?

[SPEAKER_01]: Same as always, I suppose.

[SPEAKER_01]: No, doing my writing and reporting on their various cybersecurity issues for various publications, going to events.

[SPEAKER_01]: That sort of thing, I went to Blackout Europe but last week, which is a lot of fun.

[SPEAKER_01]: Lots of fun, really interesting there, lots of talks going on.

[SPEAKER_01]: Good catch up, lots of people.

[SPEAKER_01]: Yeah, it was a good time.

[SPEAKER_01]: I've been to Blackout Europe for a couple of years, as you really good.

[SPEAKER_01]: That's in London, isn't it?

[SPEAKER_01]: The Excel Center in London, yes, it's not as quite a glamorous venue as the sort of the main inverted commerce Blackout in the United States and Las Vegas, but if you're just there for the talks, it's all the same things really.

[SPEAKER_01]: It's good, and it's also at the sort of time of year as well, there's a lot of reflection on what's happened in the last year or so.

[SPEAKER_01]: Lots of interesting keynotes.

[SPEAKER_01]: But yeah, really, really good.

[SPEAKER_02]: Before we kick off, let's thank this week's wonderful sponsors Vanta and Threat Locker will be hearing more about them later on in the podcast.

[SPEAKER_02]: This week on smashing security, we're not going to be talking about how password manager last pass has been find 1.2 million pounds by UK regulators for a data breach that impacted 1.6 million breads.

[SPEAKER_02]: you'll hear no discussion of how the Trump administration is reportedly preparing to turn to private businesses to help mount offensive cyber attacks against foreign adversaries.

[SPEAKER_02]: And we won't even mention how Russians took the streets for a rare protest that Roblox had been banned.

[SPEAKER_02]: So, Danny, what are you going to be talking about this week?

[SPEAKER_01]: I'm going to be talking about ransomware, specifically against the Irish healthcare service.

[SPEAKER_01]: This isn't a time-traveling thing that is new stuff about that to talk about.

[SPEAKER_02]: And I'm going to be talking about how your Kindle might be a security risk.

[SPEAKER_02]: All this and much more come up on this episode of smashing security.

[SPEAKER_02]: Okay, before we go any further, I need to share a quick word with you about one of our sponsors today, Vanta.

[SPEAKER_02]: You know how everyone's got an AI assistant these days.

[SPEAKER_02]: Well, imagine one that doesn't just write high coos about zero-dane vulnerabilities, but actually does your audit work for you.

[SPEAKER_02]: That is Vanta.

[SPEAKER_02]: It connects to all of your tools, gathers evidence, tracks, compliance, and quietly helps you prove that, yes, you do take [SPEAKER_02]: Vanta automates all of that.

[SPEAKER_02]: It pulls everything together, keeps an eye on your systems and basically make sure you're ready for an audit at any time, which means no last minute panic for screenshots and policies.

[SPEAKER_02]: It also plugs into the tools you're already using and flags up issues before they become a right-ord mess.

[SPEAKER_02]: So if that sounds like something that might save you from a few sleepless nights, check out vantar.com slash smashing.

[SPEAKER_02]: And if you use that link, you'll get $1,000 off.

[SPEAKER_02]: So don't forget, vantar.com slash smashing, and thanks to vantar for sponsoring this week's episode.

[SPEAKER_02]: On with the show.

[SPEAKER_02]: So Danny, Danny, do you have any gadgets in the bedroom?

[SPEAKER_01]: I suppose there's no thing to get to that.

[SPEAKER_01]: It's probably my phone quite old school in that case.

[SPEAKER_01]: So when I'm reading, it's usually on a paper-based book.

[SPEAKER_02]: Thank heavens for that.

[SPEAKER_02]: I was worried what you might answer.

[SPEAKER_02]: It'd be honest.

[SPEAKER_02]: I know you're a bit of a doctor who fan and you may have got your son exclude driver out and jump to board the time rotor or things like that.

[SPEAKER_01]: I do have a ton of exclude drive around here somewhere.

[SPEAKER_01]: Oh, do you?

[SPEAKER_01]: I'm not sure.

[SPEAKER_01]: I'm not sure where exactly, but there's definitely one in this office.

[SPEAKER_01]: Well, I've got a COBO.

[SPEAKER_01]: I've come in with a COBO.

[SPEAKER_02]: Alfred, I am not particularly familiar.

[SPEAKER_02]: Tell me more.

[SPEAKER_02]: So a COBO is an ebook reader, a bit like a Kindle.

[SPEAKER_02]: I absolutely love it.

[SPEAKER_02]: If I wake up in the middle of the night and can't sleep, I don't know about you, but I don't like to look at my phone too much in the middle of the night, because, you know, that's just a weight [SPEAKER_02]: and just doom scrolling for hours and hours.

[SPEAKER_02]: So it's not a recipe for a good night's sleep, but I'm very happy slipping some earphones in, listening to a podcast.

[SPEAKER_02]: By the way, if you're listening to smashing security and you want to help us out, please do listen to our back archive of 447 episodes.

[SPEAKER_02]: Well, she don't have to listen to them at all.

[SPEAKER_02]: Just play them while you sleep.

[SPEAKER_02]: It really helps out.

[SPEAKER_02]: But anyway, yeah, you can listen to podcast while you sleep.

[SPEAKER_02]: I'm also happy to reach for my cobo ebook reader.

[SPEAKER_02]: To read me book, because that won't disturb my wife.

[SPEAKER_02]: It's not like I have to turn the light on.

[SPEAKER_02]: And it's guaranteed to have me nodding off in no time at all.

[SPEAKER_01]: That's the thing with ebooks.

[SPEAKER_01]: You don't need the light on.

[SPEAKER_01]: Traditional books don't come with their own bad lights.

[SPEAKER_02]: Right, they don't.

[SPEAKER_02]: And of course on an ebook reader, you can have hundreds and hundreds of different books, so whatever, take your fancy, you can take a look at it.

[SPEAKER_02]: Now of course, Kindles are the most famous and probably the most successful ebook readers, and I'd throw a cobalt out because I just don't want to be locked into Amazon, and I don't fancy given Jeff Bezos anymore money.

[SPEAKER_01]: I think he is quite a bit of money as well from what I heard.

[SPEAKER_02]: He does have quite a lot.

[SPEAKER_02]: But a lot of people do have Kindles, of course, and they're amazing little gadgets, they sit on your bedside table, they're connected to the internet, they're battery life, one of these e-book readers, it lasts for weeks and weeks because of the e-ink display, so it's not sapping lots of energy that way.

[SPEAKER_02]: Just one touch on the screen, you can practically download any book that's ever been written and be read in it within seconds.

[SPEAKER_02]: I mean, it's amazing [SPEAKER_02]: They're in our homes, they are part of the internet of things.

[SPEAKER_02]: Uh-oh.

[SPEAKER_02]: Yeah.

[SPEAKER_02]: Funny isn't it, whenever we say internet of things, they see when you work inside the schedule.

[SPEAKER_02]: All right, all right.

[SPEAKER_02]: Danger, danger will robinson.

[SPEAKER_02]: Something's gonna go badly wrong.

[SPEAKER_02]: But I think most people tend to forget about them as a potential threat, because you're too distracted by your computers, your laptops, your smartphones, [SPEAKER_02]: You might be extending your concern to your internet enabled doorbell or your routers and other things which you may have inside your home, but for many people I think they forget about things like ebook readers and that may be a big mistake because a security researcher with the incredibly glamorous and exciting name of Valentino Ricotta.

[SPEAKER_02]: has just revealed to the world how your Amazon Kindle e-reader could be a threat.

[SPEAKER_02]: He is a reverse engineer at fails, which is the French defense giant.

[SPEAKER_02]: Yes.

[SPEAKER_02]: And he was at like yourself.

[SPEAKER_02]: Danny, at Black Hat Europe in London last week.

[SPEAKER_02]: He gave a talk, I don't know if you saw it, it had the title, don't judge an audio book by its cover.

[SPEAKER_01]: Did you see it?

[SPEAKER_01]: I didn't see this one, but it definitely has a good name.

[SPEAKER_01]: There's half the half the battle at these conferences is having the interesting name, preferably of a pun to get people in coming to see it.

[SPEAKER_02]: Well, there is an analogy there with books, as well as now you need a cool name for your book, you need a cool cover for your book.

[SPEAKER_02]: Once people have bought it though, based upon the name and the cover, they're kind of a captive audience and similarly with security talks, the number of security talks which I've been lured to, with a whore, that sounds juicy.

[SPEAKER_02]: And then you get there and you got, oh my goodness, you're putting a fork in your eyeball trying to keep yourself awake.

[SPEAKER_01]: as they're read enough of scream.

[SPEAKER_01]: Yeah.

[SPEAKER_02]: God, figure out what it is.

[SPEAKER_02]: Don't worry, Danny.

[SPEAKER_02]: I think that's true for many of us that we find ourselves in that situation.

[SPEAKER_02]: I think it's incumbent upon the security researchers to not just be really, really clever at the technical stuff.

[SPEAKER_02]: They have to be good communicators as well.

[SPEAKER_02]: If you really understand a subject, I feel that you should be able to explain it to your auntie or to a 14-year-old.

[SPEAKER_01]: Here's the exact thing, a long time ago, and I was in journalism school, and we were told with a story, how do you explain this story to your mates down the pub, basically?

[SPEAKER_01]: Right, sir.

[SPEAKER_01]: They're basically informed, a lot of my reporting over the years.

[SPEAKER_01]: Pubs in one way or another, as well.

[SPEAKER_01]: Ha ha.

[SPEAKER_02]: So, this ricotta chap, he's been staring his Kindle for years, there it has been sitting in a saintly on his bedside cabinet and he's been thinking about it, he's thinking about it, he's thinking about the amazing things it can do, he says, you can even buy books from the store with my credit card and a single book.

[SPEAKER_02]: Oh, I've mentioned credit cards.

[SPEAKER_02]: Internet of things, credit cards, now already, ooh, the little spider sense is going off there.

[SPEAKER_02]: Danger, danger.

[SPEAKER_02]: And of course, if you compromise the device, you've pretty much cooked control over someone's wallet.

[SPEAKER_02]: Yeah, if you manage to gain access to their credit card details.

[SPEAKER_02]: So what fascinated Ricotta was how the Kindle would actually work in the background.

[SPEAKER_02]: What it's gobbins were doing behind the scenes.

[SPEAKER_02]: And whenever a book or an audio book appears on an Amazon Kindle, there is a process, a system process which is running in the background automatically scans the file to extract the metadata like the title of the book or audio book.

[SPEAKER_01]: That's another red flag there.

[SPEAKER_02]: Metadata.

[SPEAKER_02]: Yeah, something could go possibly go very wrong here.

[SPEAKER_02]: Yes, but it's funny, isn't it?

[SPEAKER_02]: Metadata, like, author, cover image, that sort of thing.

[SPEAKER_02]: I find it quite amusing that Facebook renamed themselves Meta, of course, because they've been collecting Meta data out of billions of people around the planet for years and years and haven't all done that good a job at securing it or not exploiting it in various passions.

[SPEAKER_02]: Again, you know, the clue is there, right in the name, isn't it?

[SPEAKER_02]: Anyway, the Kindle supports lots of formats, it supports e-books, it supports PDFs, it supports images, it supports audible audio books.

[SPEAKER_02]: And it was in the audio book format where a cutter found a problem in the way much the Kindle parsed that data.

[SPEAKER_01]: Uh, that's interesting.

[SPEAKER_01]: Sounds like that's sort of thing where people may not necessarily think about that is a place to look for issues.

[SPEAKER_01]: Right.

[SPEAKER_02]: And if you think about it, there are many, many Kindles out there, which don't actually have speakers.

[SPEAKER_02]: And so they may not actually ever be used for playing audiobooks.

[SPEAKER_02]: A good point.

[SPEAKER_02]: Yeah.

[SPEAKER_02]: My book read it's not a Kindle.

[SPEAKER_02]: My particular one doesn't have a headphone socket and doesn't have speakers.

[SPEAKER_02]: And so you can't play audiobooks on it.

[SPEAKER_02]: But the code running on the ebook reader is the same.

[SPEAKER_02]: It's all there and it's analyzing these files.

[SPEAKER_02]: So even those Kindles, which can't play audiobooks, they still scan audiobook files to extract the metadata and the audible audiobook file format.

[SPEAKER_02]: It's kind of a complex multimedia format.

[SPEAKER_02]: It's sort of a bit like an MP4 video, although there's not a video component.

[SPEAKER_02]: There is an audio component.

[SPEAKER_02]: And like we said, this metadata as well.

[SPEAKER_02]: And as this chap racotta explained, that makes it a wonderfully rich target for security researchers.

[SPEAKER_02]: Because Kindle's extractor borrows quite deeply into that data and parsing that data in order to try and work out what is what?

[SPEAKER_02]: And when he took a look at Amazon's custom code for parsing audible audio books, he found what he described as an obvious text book heap overflow.

[SPEAKER_02]: that doesn't sound good.

[SPEAKER_02]: It doesn't sound good and I know it can also sound pretty technical and scary to many people, you know, like a heap overflow, what on earth does that mean?

[SPEAKER_02]: But what it means is that Amazon's code miscalculated how much memory it would require to handle the audio book data and so if someone were to carefully craft values inside a [SPEAKER_02]: shove it into memory, but it hasn't got enough room for it all, and so it overrides other code running on the Kindle device itself.

[SPEAKER_02]: And that kind of flaw can be used for code execution, meaning an attacker could make your Kindle run somebody else's code.

[SPEAKER_01]: So basically means that baddies could make essentially malware go onto your device which could do all sorts of nasty things you don't wish for.

[SPEAKER_02]: It's the same kind of thing which we've seen time and time again with PDF files for instance the same kind of thing that we've seen with images sometimes have been so many over the years exploits of images.

[SPEAKER_02]: which have been sent via messaging services to smartphones, where the image handler on your iPhone or on your Android device screws up in its handling of that data file overwrite some of its own.

[SPEAKER_02]: Memory may have a buffer overflow or something like that, and then code will execute on the device and potentially be nasty.

[SPEAKER_02]: So, not a good thing.

[SPEAKER_02]: Now, this particular exploit which Vantino Ricotta discovered wasn't perfectly reliable, but he said, well, didn't actually matter very much, because if the Kindle actually crushed sometimes, the way in which the Kindle is made is if it crashes, it just automatically restarts itself.

[SPEAKER_02]: Okay, and tries again, opening the files, which I don't put them before.

[SPEAKER_02]: So it has another go.

[SPEAKER_02]: and he said the exploit runs silently in the background without the victim ever noticing and he says that because Kindle's often stay powered on for days or weeks at a time, can be a problem.

[SPEAKER_02]: So he did a live demo at Black Hat Europe in London and he managed to log into a victim's Amazon account.

[SPEAKER_02]: from his own browser without knowing the password because he was able to use this technique to steal their Amazon session cookies, which is the tokens that keep you logged in for sites.

[SPEAKER_02]: You don't have to perpetually keep on read logging back in.

[SPEAKER_02]: It remembers you are allowed to be there.

[SPEAKER_02]: And that's what we needed to do.

[SPEAKER_02]: And then for a second vulnerability, he was able to [SPEAKER_02]: Now fortunately, Ricotta is not a bad egg.

[SPEAKER_02]: He's actually a good cheese.

[SPEAKER_02]: Sorry.

[SPEAKER_02]: He reported the problem to Amazon, which took it seriously enough.

[SPEAKER_02]: They coughed up $20,000 bounty.

[SPEAKER_02]: Very nice work.

[SPEAKER_02]: I have to say.

[SPEAKER_02]: How lovely is that?

[SPEAKER_02]: It's not a bad hit for a bit of research.

[SPEAKER_02]: No.

[SPEAKER_02]: It's not a bad pay packet at all.

[SPEAKER_02]: Of course there are other people who are doing live bit work for Amazon and get paid a bit more than that, don't they?

[SPEAKER_02]: Jeff Bezos, [SPEAKER_02]: I believe is shallow, slightly higher here.

[SPEAKER_02]: But I think it's very, very generous of Amazon to award basically 5.38 seconds worth of the amount of the that Jeff Bezos earns to Mr.

Ricotta for his hard work finding this random ability.

[SPEAKER_02]: But there's some other interesting sites.

[SPEAKER_02]: This one is that of course, how would a malicious attacker a hacker get this attack onto your Kindle?

[SPEAKER_02]: Are they going to creep in like an injure in the dead of night and install it onto your Kindle?

[SPEAKER_02]: No, they're not.

[SPEAKER_02]: But what they could do is of course, they could publish an audio book and Amazon allows self publishing.

[SPEAKER_02]: So anybody can publish something up on Amazon.

[SPEAKER_02]: You've got to jump through a few hoops and upload a PDF for a book or something like that.

[SPEAKER_02]: No, it's similar process.

[SPEAKER_02]: I imagine for an audio book as well.

[SPEAKER_02]: And Ricotta points out that a malicious book could theoretically be delivered through that entirely normal channel.

[SPEAKER_02]: So if I were to release.

[SPEAKER_02]: I don't know, uh, an audio book of smashing security.

[SPEAKER_02]: Top, cyber security gifts to give someone this you'll tide, which I'm sure would be a big seller, massive hit.

[SPEAKER_02]: Then in theory, it could be used to attack people.

[SPEAKER_02]: Yeah.

[SPEAKER_02]: And the victim isn't going to have to click on a link on an instant message or inside an email or open an attachment to anything like that.

[SPEAKER_02]: They're just downloading something to their Kindle which looks entirely legitimate through the official Amazon store.

[SPEAKER_01]: I'm not sure how this applies to audio books, but there's a lot of AI-generated books that go into these art stores, there's other, I think there was something a while back about a book about how to cook wild mushrooms, and this AI-generated book, makes it if you follow that to the books instructions you'd probably be dead for meeting poisonous mushrooms, so [SPEAKER_01]: An ideal.

[SPEAKER_02]: There have been other vulnerabilities in the past with Kindles, perhaps it's not surprising Kindle runs on a version of Linux, as it's operating system, it's connected to the internet, as access to sense of information, as access of the speech, your payment details, and yet as I said, something I think many people have just thought of it as a gadget rather than potentially a security threat as well.

[SPEAKER_01]: Even though it's an IoT device, they're not really thinking about it as an IoT device.

[SPEAKER_01]: It's sort of just a library, I choose the books, they come in, a people aren't really considering how you are still accessing the entire internet through that little device in the palm of your hand.

[SPEAKER_02]: Before we go any further, I want to say a few words about one of our sponsors this week, threat locker.

[SPEAKER_02]: Most cyber attacks don't start with some genius hacker writing custom malware, they start with something much simpler, like a misconfigured setting, an exposed service, or a security policy that quickly drifted out of line.

[SPEAKER_02]: And in large complex IT environments, those misconfigurations are everywhere and almost impossible to track manually.

[SPEAKER_02]: And that's my threat locker built, defense against configurations or DAC.

[SPEAKER_02]: Threat locker DAC gives you a real-time view of configuration weaknesses across your entire environment.

[SPEAKER_02]: It runs deep checks across every endpoint, not just your threat locker policies, but your operating systems and application settings too.

[SPEAKER_02]: All of it appears in one clean dashboard, showing what's misconfigured, how risky it is, and exactly how to fix it.

[SPEAKER_02]: So no more discovering problems after the attackers do.

[SPEAKER_02]: With DAC, you see configuration drift as it happens.

[SPEAKER_02]: You can also check alignment with major security frameworks and see which endpoints don't make the grade.

[SPEAKER_02]: If you want to stop firefighting, harden your environment and catch hidden risks before they turn into breaches, you need DAC.

[SPEAKER_02]: Try for free the 30 days at ThreatLocker.com and find out what's misconfigured before it costs you.

[SPEAKER_01]: Danny, what are you going to talk to us about this week?

[SPEAKER_01]: Well, I'm sure you remember this, Graham.

[SPEAKER_01]: Do you remember the ransomware attack on the Irish healthcare executive back in 2021?

[SPEAKER_01]: Yes, HSC.

[SPEAKER_01]: Yes.

[SPEAKER_01]: Yes, it was quite big deal at the time.

[SPEAKER_01]: They've seen a lot of coverage.

[SPEAKER_01]: I covered it a lot back when I was working at Zedine.

[SPEAKER_01]: That was the summer we had the Colonial Pipeline attack.

[SPEAKER_01]: We had the bigger attack on the American meat processor.

[SPEAKER_01]: So it was sort of like the first one with a bit of a raise big summer of ransomware.

[SPEAKER_01]: But to sum up, in May 2021, the Irish health care service was hit by the county ransomware gang.

[SPEAKER_01]: And the attack caused significant disruption which lasted four weeks.

[SPEAKER_01]: And to reiterate, this is against a national health care service of islands.

[SPEAKER_01]: used by population of, I think, like, 4 million people, the ice population, so it's not an insignificant organization.

[SPEAKER_01]: It's obviously a state-backed entity as well, so it's part of the national infrastructure.

[SPEAKER_02]: Yeah, it's absolutely critical, isn't it?

[SPEAKER_02]: The health service of the country is obviously important.

[SPEAKER_02]: You don't want it getting hit by a ransomware gang, and the disruption and the very real impact that can have on people's lives.

[SPEAKER_01]: Yeah, and we've seen it so many times [SPEAKER_01]: issue would almost 10 years ago now and it's good thing we've all learned how to deal of ransomware since then.

[SPEAKER_01]: Anyway, so it was reported at the time that the ransomware again initially asked for $20 million, the amount of money a state-backed service has just lying around, obviously.

[SPEAKER_01]: It doesn't, but you see, once they realise a hit a national healthcare service, the attackers had a change of hearts and provided the [SPEAKER_01]: Yes, yes.

[SPEAKER_02]: There was some morals in crime, I suppose.

[SPEAKER_02]: So they were still asking for money to prevent the release of data.

[SPEAKER_02]: Yes.

[SPEAKER_02]: But they were saying, but you can decrypt the files which we have scrambled.

[SPEAKER_02]: Here's our decryption tool.

[SPEAKER_01]: Yes.

[SPEAKER_02]: So hopefully you can get back up and run in quickly.

[SPEAKER_02]: It was their angle.

[SPEAKER_01]: Well, you say quickly, it didn't go that quickly because it was a party at the time the decryption software was not of the best quality.

[SPEAKER_02]: Are you daring to suggest Danny that this cyber-criminal gang weren't very good at code in their decryption tool and that that's all didn't work that well.

[SPEAKER_01]: It might be the case.

[SPEAKER_01]: They might have just been thinking of the payday rather than the actual products, which would never happen in a legitimate tech firm of course.

[SPEAKER_01]: But anyway, despite all this, it didn't work properly, and no hospitals and doctor surgeries, across island suffered ongoing issues for weeks, even months of the time.

[SPEAKER_01]: And I was reporting on this and I kept going back every sort of few weeks in the check-in help was going on.

[SPEAKER_01]: A appointments were cancelled, service-like blood tests and diagnostics were suffering from delays, and this being the spring and summer 2021, this was when the vaccine programs for COVID-19 were [SPEAKER_01]: Oh yes.

[SPEAKER_01]: Though services apparently weren't hit by this sort of thing, which is good, I suppose, maybe that's why the attackers might have had a change of heart, attacking a hospital's services during a global pandemic may have been seen as a step too far in this case.

[SPEAKER_01]: But yeah, it was a long-term issue.

[SPEAKER_01]: Services weren't fully restored until much later in the year.

[SPEAKER_01]: And then in the next year, 222 is reported that the total cost of the incident amounted to over $100 million, just because the restoration and the things that happen are systems being replaced.

[SPEAKER_01]: And in all of this as well, over 90,000 people had the data access as part of the attack, which we're all very sensitive about personal data, but obviously some of our health care data might be our very, very, you know, most sensitive, [SPEAKER_01]: data that you don't want being accessed and potentially have shoved out there on the dark or open web.

[SPEAKER_01]: So four and a half years on though from this attack, that data breach is still seemingly costing the Irish health care service money because this week it was reported that the Irish health care executive has offered victims who had their personal data stolen this attack at 750 euros each.

[SPEAKER_01]: And while that doesn't sound like loads of money, times out by a few thousand, even if just a few thousand take this up, that can add up and get expensive.

[SPEAKER_02]: Yeah, I'm actually quite impressed.

[SPEAKER_02]: 750 euros feels like quite a lot compared to the average.

[SPEAKER_02]: You know, there have been a couple of times when I found that I'm on a list or something, but there've been a couple of times when I have ended up ultimately getting an email of something, saying, we would like to compensate you and I say, oh yes, please.

[SPEAKER_02]: and it turns out that you're being given about £1.7.

[SPEAKER_02]: Yeah, it's £50 right there, thank you.

[SPEAKER_02]: Yes, when that is the norm, isn't it?

[SPEAKER_02]: It will be a very small amount, where £750 is actually quite generous.

[SPEAKER_02]: It doesn't really make up for having your personal information breached, obviously, and [SPEAKER_02]: all the potential for inconvenience and the harm which could have been caused by that or indeed identity theft and other problems like that and certainly I would consider those kind of things to be worse more than 750 years but I have to say it feels better than the average.

[SPEAKER_01]: Yeah I know you mean I'd probably rather have your day not exposed with the internet.

[SPEAKER_01]: You don't want some random cybercrimin over the picture of an x-ray of your ribs.

[SPEAKER_01]: Well that's sort of thing.

[SPEAKER_01]: I did some research early this year about that, this sort of thing.

[SPEAKER_01]: cybercriminals, they're stealing medical data.

[SPEAKER_01]: Who knows what they really wanted to do with it?

[SPEAKER_01]: They're sitting there, like brain scans and X-rays and that sort of thing.

[SPEAKER_01]: So there's the blackmail element, I suppose, of some cases, but as we know in this day and age, if it's data, it's valuable to someone in some way, that's the thing with reaches.

[SPEAKER_01]: Once the data is out there, it's out there permanently.

[SPEAKER_01]: You can't sort of put that genie back in the bottle, which is a big shame.

[SPEAKER_01]: It's just you and no breaches seem to keep happening.

[SPEAKER_02]: But my understanding is that the people who've been offered this 750 euros, they are people who appear to have already contacted solicitors.

[SPEAKER_02]: So they've already started some kind of legal process or some sort of demand or ready for compensation.

[SPEAKER_02]: So it isn't necessarily going to be the case that across the board, everyone is going to get 750 euros.

[SPEAKER_01]: That is the case.

[SPEAKER_01]: Obviously, it's not going out to 90,000 people at the moment.

[SPEAKER_01]: Right.

[SPEAKER_01]: I think it's probably a few thousand of that maybe sort of gone for this thing.

[SPEAKER_01]: But now the other people...

[SPEAKER_01]: people have heard about this.

[SPEAKER_01]: But actually, I don't even know, yeah, now it's out, but it just showcases how ransomware attacks can have such an ongoing impact.

[SPEAKER_01]: The Conti ransomware group has not existed for several years now, at least not in the current incarnation, as we know, ransomware gangs are quite fluid, and they also flow into being one on the other.

[SPEAKER_01]: Yes.

[SPEAKER_01]: They don't fully disappear.

[SPEAKER_01]: This dispersed into other new operations.

[SPEAKER_01]: According to recent media reports in Ireland, the HSE was hit by another anti-mortak earlier this year.

[SPEAKER_01]: Oh, they've been hit again.

[SPEAKER_01]: Yes, they were hit again, but since this one had much, much, much less impact, that doesn't seem to be any sort of stories about data coming out.

[SPEAKER_01]: This was also due to an attack against [SPEAKER_01]: It didn't have the massive impact on appointments and delays of things that last one happened, but it just goes to show that Bransonware is still such a huge, impactful threat.

[SPEAKER_01]: And we look at all the things happening this year.

[SPEAKER_01]: Even here in the UK, M&S, co-op, Jaguar Land Rover, which did it.

[SPEAKER_01]: That latter one has had an impact on the UK economy.

[SPEAKER_02]: astonishing, isn't it?

[SPEAKER_01]: Yeah, and it just keeps happening.

[SPEAKER_01]: I was touched upon it earlier that how, yeah, won a cry.

[SPEAKER_01]: That had a big impact.

[SPEAKER_01]: 10 years ago, and 10 years on, ransomware's still a massive issue.

[SPEAKER_01]: I remember before I first started back at ZDNA in 2016, one of my first stories were reported on was a ransomware attack against a local council in the north of England.

[SPEAKER_01]: Now I called them up to ask them what was going on.

[SPEAKER_01]: They graciously actually told me it was going on, which is actually [SPEAKER_01]: Bye, remember I think it was [SPEAKER_01]: Something like Lockhear Ants somewhere, so, you know, an old school one like that, and they wanted the grand total ransom demand of 500 pounds.

[SPEAKER_01]: 500?

[SPEAKER_01]: He had 500,000 pounds.

[SPEAKER_01]: Yeah, you'd be lucky now, days if the demand is 5 million pounds.

[SPEAKER_01]: And I guess, keep going to his ransomware, still a huge issue.

[SPEAKER_01]: And there's going to be plenty more of it next year, I expect.

[SPEAKER_01]: Yeah, I don't imagine that cybercrime is just retiring at the end of this year, unfortunately.

[SPEAKER_02]: And welcome back, and you join us on our favorite part of the show, the part of the show that we'd like to call pick of the week.

[SPEAKER_02]: Pick of the week.

[SPEAKER_02]: Pick the weakest above the show where everyone cheeses saying the like could be a funny story a book that they've read a TV show a movie a record a podcast or website or an app.

[SPEAKER_02]: Whatever they wish, it doesn't have to be security related necessarily.

[SPEAKER_02]: Well, my pick this week is not security related earlier this week.

[SPEAKER_02]: We saw the horrific news break that legendary film director Rob Reiner had been killed alongside his wife at his home in Los Angeles and it's utterly ghastly news.

[SPEAKER_02]: the director of some fantastic movies like the Princess Brighton stand by me in a few good men and misery.

[SPEAKER_02]: I know that Rhinus movies meant a lot to many people and the news of his death will have shaken some people a fair bit and so I wanted to especially as this is our last episode before the Christmas break.

[SPEAKER_02]: Don't worry folks, we will be back in the new year.

[SPEAKER_02]: I wanted to leave you with something beautiful as a pick of the week.

[SPEAKER_02]: So my pick the week this week is a movie from 1989 that Rob Reiner directed.

[SPEAKER_02]: It's clever.

[SPEAKER_02]: It's still genuinely funny decades later.

[SPEAKER_02]: And on the surface it's a rom-com about two people who keep bumping into each other over the years, but under the surface it's a really rather lovely study of friendship and the many ways humans managed to overthink each other.

[SPEAKER_02]: It is of course when Harry met Sally, but maybe haven't seen [SPEAKER_02]: Maybe it's one to watch this Christmas Danny.

[SPEAKER_02]: Have you ever watched when Harry met Sally?

[SPEAKER_01]: You know what?

[SPEAKER_01]: I believe it's one of those films that I've not seen, I guess maybe.

[SPEAKER_01]: Maybe.

[SPEAKER_01]: My defense, I was five years old and it came out.

[SPEAKER_01]: So it probably wasn't the audience.

[SPEAKER_01]: Just a child.

[SPEAKER_01]: Now, have you seen Spinal Tat in recent cases?

[SPEAKER_01]: That's very enjoyable movie.

[SPEAKER_01]: But yeah, there's so many classic well-loved movies.

[SPEAKER_01]: So yes, that's sad news.

[SPEAKER_02]: But there was a sequel to Spinal Tat, which was a really recently, wasn't there, which I think he directed as well.

[SPEAKER_02]: Yeah, yeah.

[SPEAKER_02]: Well, if you haven't seen when Harry Metcelli is Billy Crystal and Meg Ryan, they absolutely sparkle their way through and exquisite script written by Nora Efron, and it's a romantic movie, but it doesn't get covered in schmolts.

[SPEAKER_02]: So it's the right kind of romance.

[SPEAKER_02]: It's warm, it's witty, it's smart, and that's what Rob Reiner was to, so that is my pick of the week.

[SPEAKER_02]: Don't give it a watch.

[SPEAKER_02]: Danny, what's your pick of the week?

[SPEAKER_01]: Well, I'll be thinking about this, so I'll say what I'm doing recently, and I've been playing a video game that came out technically last year, technically 30 years ago.

[SPEAKER_01]: I've been playing the remaster of Tomb Raider, the original Tomb Raider from the 1990s.

[SPEAKER_01]: No, it's a massive nostalgia fiction me because no, when I saved up my pocket money to get a Playstation.

[SPEAKER_01]: Yes?

[SPEAKER_01]: Again, it would have been two or three years after it came out, so this would have been sort of some point in the late 90s.

[SPEAKER_01]: The original Tomb Raider was already an old inverted commerce game then, and yeah, it was obviously just the introduction to 3D gaming, I suppose, before that it had been sort of Sega Mega Drive Master System 2D platform as that sort of thing.

[SPEAKER_01]: And it's just been really interesting in fun going back and also the thing is well, I never finished it back in the day because there was some sort of issue with I think my disc or the game itself where there was a bit where you went between two levels.

[SPEAKER_01]: and it just faded to black and it turned out this was a part of the game.

[SPEAKER_01]: This was some sort of issue with it.

[SPEAKER_01]: Yeah, it's been really interesting.

[SPEAKER_02]: It was famous for its graphics when it first came out as I remember.

[SPEAKER_02]: Yeah, at least two teenage boys.

[SPEAKER_02]: Many people were remembered.

[SPEAKER_02]: So they've updated these infamous graphics.

[SPEAKER_02]: Have they?

[SPEAKER_01]: Everything looks a lot better.

[SPEAKER_01]: Just seem like the backgrounds that go to the character models are probably gone all on point.

[SPEAKER_01]: You look at the [SPEAKER_01]: But what's a cool bit about it as well, is that you push your button on the controller and just switch between the modern graphics and the old graphics.

[SPEAKER_02]: Oh, that's wonderful.

[SPEAKER_01]: It's interesting.

[SPEAKER_01]: I found some times easier to do things with the old graphics because the new graphics, the light things a bit more realistic.

[SPEAKER_01]: So sometimes it's too dark to see things.

[SPEAKER_01]: Yes.

[SPEAKER_01]: Modern games now give you a bit of help, you know, if you're trying to make a jump, it'll sort of, you know, assume you're going there and like, it'll sort of like, no, but you're on your way there.

[SPEAKER_01]: I'd thought if he seemed Lara fall to a death multiple times.

[SPEAKER_01]: I'm not sure how I did this when I was 12 years old because it's really hard.

[SPEAKER_01]: Kids today don't know that they're born, do they?

[SPEAKER_01]: But though, I've almost finished 2x1 in this, not probably gone play 2x2 and this and maybe 2x3 again.

[SPEAKER_01]: But now it's been really quite fun nostalgia trip and also you're trying not to think too hard about how I'm playing a game I first played 30 years ago, but you know, this one it is.

[SPEAKER_02]: It's a great pick of the week, so that is Tomb Raider remastered.

[SPEAKER_02]: Well that just about wraps up the show for this week and for smashing security this year, do not fear folks we will be back in January so remain subscribed and we'll have plenty of fun episodes during 2020-26 and thank you Danny for joining us today.

[SPEAKER_02]: I'm sure lots of our listeners would love to find out what you're up to and follow you online.

[SPEAKER_02]: What's the best way for them to do that?

[SPEAKER_01]: The best way is probably like a lot of people these days and my LinkedIn is it was where I post most of my stuff for less professional postings there is my blue sky account, which is such a name you'll find me and I've got this also my website as well which I now realise I haven't actually updated for a little while so I probably that's probably a task for me over Christmas [SPEAKER_02]: And of course, smash and security is on social media as well.

[SPEAKER_02]: You can find me grand clearly on LinkedIn or follow smash and security on Blue Sky or Reddit and don't forget to ensure you never miss another episode for the smash and security in your favorite podcast app.

[SPEAKER_02]: Such as Apple podcasts, Spotify and Pocketcasts for episode show notes, sponsored by FOGISLISTS and the entire back catalog of 448 episodes check out smash and security.com.

[SPEAKER_02]: So, until next year, Cheerio, bye-bye.

[SPEAKER_02]: Goodbye.

[SPEAKER_02]: You've been listening to Smash and Security of me, Grand Clearly, thanks so much to Danny for joining us this week, and of course to this week's Sponsors Threat Locker and Vanta, and all of those chums out there who've signed up for Smash and Security Plus.

[SPEAKER_02]: They include John Morris, Jack and the Earth, Roy Tate, Dan H, Marvin 71.

[SPEAKER_02]: Alexander Hugo Huis, David Ellison, asked Leo Elbow, Mark Lachston, Richard Van Lieson, Jason B, Alvin, Robert Martin, John W.

Steve Lapton, and Bravo Whiskey, amongst others.

[SPEAKER_02]: Now, do you ever listen to this little bit at the end of the thing, I wish my name were up there, what all you have to do is join, smashing security plus, for the cost of a cup of coffee once a month.

[SPEAKER_02]: You can become part of our married little troupe and get early access [SPEAKER_02]: just head over to smashinscurity.com slash plus for all of the details.

[SPEAKER_02]: Now I realise it's Christmas, money might be tight, and you've probably got better things to spend your money on to be perfectly frank, in which case don't worry about becoming a member of smashing security plus.

[SPEAKER_02]: Instead, you can do me another favour, which is you could leave a lovely review up on Apple podcast or something like that, or you could just tell some of your friends about smashing security.

[SPEAKER_02]: We will be back in the new year with more episodes and more fabulous guests, I hope you will tune in.

[SPEAKER_02]: have a lovely Christmas, enjoy your new year, look after yourself and each other, stay safe, wrap up warm, unless you're somewhere that's already hot in which case, open the fridge door, and enjoy the cold.

[SPEAKER_02]: Whatever it is, let's hope that 2026 is a good one.

[SPEAKER_02]: All right, Cheerio then, bye-bye.