The latest OWASP Top 10 for LLMs reveals the biggest security risks in AI, from prompt injection and supply chain vulnerabilities to emerging threats like system prompt leakage. In this episode, Sandy Dunn and Rock Lambros break down the 2025 updates, explain why LLM security is unlike traditional software risks, and share actionable insights for protecting AI-driven systems—essential listening for anyone navigating the future of AI security.
⬥GUEST⬥
Jake Braun, Acting Principal Deputy National Cyber Director, The White House | On LinkedIn: https://www.linkedin.com/in/jake-braun-77372539/
⬥HOST⬥
Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber] | On ITSPmagazine: https://www.itspmagazine.com/sean-martin
⬥EPISODE NOTES⬥
Cybersecurity is often framed as a battle between attackers and defenders, but what happens when hackers take on a different role—one of informing policy, protecting critical infrastructure, and even saving lives? That’s the focus of the latest Redefining Cybersecurity podcast episode, where host Sean Martin speaks with Jake Braun, former Acting Principal Deputy National Cyber Director at the White House and current Executive Director of the Cyber Policy Initiative at the University of Chicago.
Braun discusses The Hackers’ Almanack, a project developed in partnership with DEF CON and the Franklin Project to document key cybersecurity findings that policymakers, industry leaders, and technologists should be aware of. This initiative captures some of the most pressing security challenges emerging from DEF CON’s research community and translates them into actionable insights that could drive meaningful policy change.
DEF CON, The Hackers’ Almanack, and the Franklin Project
DEF CON, one of the world’s largest hacker conferences, brings together tens of thousands of security researchers each year. While the event is known for its groundbreaking technical discoveries, Braun explains that too often, these findings fail to make their way into the hands of policymakers who need them most. That’s why The Hackers’ Almanack was created—to serve as a bridge between the security research community and decision-makers who shape regulations and national security strategies.
This effort is an extension of the Franklin Project, named after Benjamin Franklin, who embodied the intersection of science and civics. The initiative includes not only The Hackers’ Almanack but also a volunteer-driven cybersecurity support network for under-resourced water utilities, a critical infrastructure sector under increasing attack.
Ransomware: Hackers Filling the Gaps Where Governments Have Struggled
One of the most striking sections of The Hackers’ Almanack examines the state of ransomware. Despite significant government efforts to disrupt ransomware groups, attacks remain as damaging as ever. Braun highlights the work of security researcher Vangelis Stykas, who successfully infiltrated ransomware gangs—not to attack them, but to gather intelligence and warn potential victims before they were hit.
While governments have long opposed private-sector hacking in retaliation against cybercriminals, Braun raises an important question: Should independent security researchers be allowed to operate in this space if they can help prevent attacks? This isn’t just about hacktivism—it’s about whether traditional methods of law enforcement and national security are enough to combat the ransomware crisis.
AI Security: No Standards, No Rules, Just Chaos
Artificial intelligence is dominating conversations in cybersecurity, but according to Braun, the industry still hasn’t figured out how to secure AI effectively. DEF CON’s AI Village, which has been studying AI security for years, made a bold statement: AI red teaming, as it exists today, lacks clear definitions and standards. Companies are selling AI security assessments with no universally accepted benchmarks, leaving buyers to wonder what they’re really getting.
Braun argues that industry leaders, academia, and government must quickly come together to define what AI security actually means. Are we testing AI applications? The algorithms? The data sets? Without clarity, AI red teaming risks becoming little more than a marketing term, rather than a meaningful security practice.
Biohacking: The Blurry Line Between Innovation and Bioterrorism
Perhaps the most controversial section of The Hackers’ Almanack explores biohacking and its potential risks. Researchers at the Four Thieves Vinegar Collective demonstrated how AI and 3D printing could allow individuals to manufacture vaccines and medical devices at home—at a fraction of the cost of commercial options. While this raises exciting possibilities for healthcare accessibility, it also raises serious regulatory and ethical concerns.
Current laws classify unauthorized vaccine production as bioterrorism, but Braun questions whether that definition should evolve. If underserved communities have no access to life-saving treatments, should they be allowed to manufacture their own? And if so, how can regulators ensure safety without stifling innovation?
A Call to Action
The Hackers’ Almanack isn’t just a technical report—it’s a call for governments, industry leaders, and the security community to rethink how we approach cybersecurity, technology policy, and even healthcare. Braun and his team at the Franklin Project are actively recruiting volunteers, particularly those with cybersecurity expertise, to help protect vulnerable infrastructure like water utilities.
For policymakers, the message is clear: Pay attention to what the hacker community is discovering. These findings aren’t theoretical—they impact national security, public safety, and technological advancement in ways that require immediate action.
Want to learn more? Listen to the full episode and explore The Hackers’ Almanack to see how cybersecurity research is shaping the future.
⬥SPONSORS⬥
LevelBlue: https://itspm.ag/attcybersecurity-3jdk3
ThreatLocker: https://itspm.ag/threatlocker-r974
⬥RESOURCES⬥
The DEF CON 32 Hackers' Almanack: https://thehackersalmanack.com/defcon32-hackers-almanack
DEF CON Franklin Project: https://defconfranklin.com/ | On LinkedIn: https://www.linkedin.com/company/def-con-franklin/
DEF CON: https://defcon.org/
Cyber Policy Initiative: https://harris.uchicago.edu/research-impact/initiatives-partnerships/cyber-policy-initiative
⬥ADDITIONAL INFORMATION⬥
✨ More Redefining CyberSecurity:
🎧 https://www.itspmagazine.com/redefining-cybersecurity-podcast
Redefining CyberSecurity Podcast on YouTube:
📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq
Interested in sponsoring this show with an ad placement in the podcast? Learn more:
Sean Martin: [00:00:00] And hello everybody. You're very welcome to a new Redefining Cybersecurity podcast. I am John Martin, your host, where if you listen to the show, you know, I get to talk to loads of cool people about cool topics. And one that's near and dear to me is the concept of the hacker. They generally get a bad rap in media.
And my co founder, Mark, and I have spent a long time hoping to reframe what a hacker is. They're, they're Generally, good people look to do good things, uh, in both public and private sectors. And the Defton crew and the Franklin Project and my guest today, Jake Braun, uh, put together, hello Jake, thanks for joining, put together the Hacker's Almanac.
And that's what the CK Almanac is for those searching. Of course, I'll put links into the, into the, uh, show notes [00:01:00] for the PDFs and people can reference this later. Hey, thanks for, thanks for joining me. Uh, thanks for putting this, uh, document together. I, I just wanted to call it a guy. Well, this is a domino, but, um.
Thrilled to have you on the show. I'm excited to dig into some of the topics in there and, uh, what it's all about. Perhaps a few moments from you, kind of sharing some of the things you've been up to, uh, working in government and private sector, uh, being part of DEF CON and, and knowing a lot of, a lot of other cool people, hoping to, uh, hoping to save us from ourselves.
Jake Braun: Sure. Thanks. Uh, thanks for having me, Sean. So first off, my name is Jake Braun. I was most recently the acting principal deputy national cyber director in the White House, which means essentially I was the COO of the new cyber office they set up in the White House. That was actually [00:02:00] created by an act of Congress during the Trump administration, the last Trump administration.
Uh, but the, they didn't, we didn't start hiring our first employees until Biden took office and we were about a hundred people when I. left over the summer. Now I run a small consulting firm called Cambridge Global Advisors. We do a lot of work in cyber and other national security areas. And then I'm the, uh, executive director of the Cyber Policy Initiative at the University of Chicago, uh, which is, uh, the entity.
Um, has partnered with DEF CON to do the Almanac and Project Franklin, um, et cetera, which I can go into the genesis of that and so on, uh, if you want me to.
Sean Martin: Yeah, absolutely. Um, yeah. Yeah, both the project and Maybe an overview of the program at the University.
Jake Braun: So, uh, it all kind of started, well really it all started back with the Voting Machine Hacking Village at DEF CON, uh, in 2017.
So, myself and a few other [00:03:00] folks, Hari Hirsty, Matt Blaze, um, these are some pretty famous hackers in the hacker world, um, uh, came together to After the 2016 election to set out to, uh, research how, uh, insecurities in, in, uh, voting systems and then publish reports that would, uh, that vendors, the government and others could use to secure, uh, better secure our voting systems.
And what was fascinating to us was that just the deep cord that it struck with, uh, the hacker community. I remember, so for those of you who don't know, DEF CON. Uh, happens in Las Vegas every year, not because the hackers like to go to Las Vegas. In fact, it's quite ironic because Vegas is a city built for people who don't understand math.
And, uh, these are some of the most brilliant mathematicians and technologists you'll ever meet in your life. The reason it's there is [00:04:00] out of tradition because it was Somebody's birthday party there 33 years ago, and they kind of just, just kept going, uh, meeting back in the same, in the same city, uh, after that.
But anyway, so it's this massive, uh, hacker conference, uh, about 30, 000 hackers show up in Vegas every year. And in, at the conference, there's hundreds of talks on key discoveries that the hackers have made over the years that they'll often save up. And then wait till DEF CON to, to release their, um, their finding from the last year.
In fact, the old TV show, Mr. Robot, um, referred to it as, uh, the Hacker Olympics, I think, in a, in an episode. Um, uh, but then there's also these rooms, and in each room, which they call a village, Uh, they hack a certain thing. So that thing could be anything from a car, to a satellite in outer space, to adult toys, to a voting machine.
So we set up the Voting Machine Hacking Village, uh, after the [00:05:00] 2016 election. And as we're walking down the hallway, me and Hari, which is about 200 yards long, it was at Caesar's Palace. We see this row of people, four people deep. Spanning 200 yards. So four people, shoulder to shoulder, 200 yards. And Hari and I are, are kind of lumbering along.
It was early in the morning for us in Vegas, which was about 11 AM. And, um, and this is not a crowd that wakes up early. And, uh. And we're walking along like, what the hell are all these people in line for? And Hari's like, Oh, I think the merch office is down here. I'm like, Hari, all these people aren't in line for merch at 11 o'clock in the morning.
And so we tap some guy on the shoulder and say, Hey, what are you in line for? And they're like, Oh, the voting village. And we're like, oh my God, like, um, and Jeff Moss, the founder of DEF CON will tell you. They had just never had a response like this to any, to any village before. And what we came to believe over time was that it wasn't [00:06:00] because hacking voting machines is particularly interesting.
In fact, they're pretty basic devices that if you wanted to hack something, uh, interesting, you would do something other than a voting machine. It was because what we were doing was, was really striking at the core of Of these key ideals that we, um, that are the foundation of our lives, democracy, uh, you know, human rights, individual rights, all, all these freedom, um, it's like if our voting processes is messed up, then so are all of these other things that are things we, we count on to live the modern lives we live in non authoritarian countries.
And so fast forward a few years. Um, about six months before I left the White House, I was talking to, to Jeff Moss, uh, the founder of DEF CON, I think I mentioned, at the Munich National Security Conference, uh, which is like the preeminent national security conference for all the, the senior most security people in the world, not just [00:07:00] cyber security, but all types of security.
So, Zelensky spoke there. Um, that year, uh, J. D. Vance spoke there this year, um, you get the, the senior of the senior most people. Um, and so Jeff and I are talking and he's like, hey, when you leave the White House, I want to do something like this again, build off what we did for the voting machine hacking village, but do it for all of DEF CON.
And I was like, well, you know, one of the most important things we did was. Uh, we did this report out of the voting village, uh, so that there was something to memorialize the findings. And I was like, we should do that for all of DEF CON. Um, because DEF CON's got some interesting information. I mean, the, the findings and so on that come out of DEF CON.
Are the types of things very few other organizations, conferences, whatever are, um, are producing in a year in any given year. And so we were like, well, if we would catalog these things, [00:08:00] identify the top findings that have real policy implications, then we can put out a report really for policymakers, uh, about the technical findings at DEF CON.
Uh, and with some analysis of the policy implications of those findings, so that policymakers around the world, um, can actually have. Some sort of technical foundations for, uh, the, the policies that they're making. And we tied this in many ways back to how we thought about the voting machine hacking village.
And frankly, these core concepts that come from, um, not to get too esoteric on you, but from, uh, the enlightenment and, uh, you know, folks like Galileo and, and, uh, and Hume and Kant and, uh, and Benjamin Franklin, who I'll come back to in a second. But, um, You know, it's interesting when you think about the Enlightenment, um, it was Galileo and these guys who first came up with these, these scientific findings and ideas about scientific method and, [00:09:00] and in his case, you know, uh, all the physics and everything else, that really was the basis for the more philosophical and political movements that came later.
And that's really how we kind of view our role here is, these folks at DEFCON are really at the cutting edge. Of some of the most important technical findings, um, in the security industry, uh, not just cyber, but national security, and we want to make sure those findings are accessible. Uh, to policymakers to help spur a greater, um, policy development and so on and so forth, just like Galileo did for Kant and Franklin and so on.
Um,
Sean Martin: and I just want to make one, one point, Jake, because on this point, the work being done all year, every year. Uh, culminating in, in DEF CON, which if you haven't been, uh, listeners, you must go at least once to experience it. It's beyond something you've ever, ever experienced. Uh, [00:10:00] Marko and I cover it quite often.
We love the villages. But the point I want to make is that.
The goal isn't to just find stuff that's bad and hope we fix it, it's to kind of reshape what we're doing with technology in the world and how it impacts us as a society. And I think if one thinks of technology and the risks involved and the impact it can have on the human, the easy path is to look at healthcare and technology.
But what you're describing is bigger, right? It's very societal and I think People don't like, uh, laws and rules, but, uh, policy can help guide us, and policy needs to be informed by tech. And I, I remember walking through, um, I forget which one, which year it was. But, uh, there was a whole contingent of policy makers and people from, from Capitol Hill looking at each of the villages.
We spent a lot of time with them in the [00:11:00] aerospace village and the maritime village and a lot of the ICS oriented type villages. It was impressive to see that community meeting with the hacker community to understand the technology, the risks, so they could be, to your point, be informed on policy. So we can get ahead of the curve, not just like catch up here.
So I wanted to highlight that for folks because it's not just a bunch of hackers releasing volumes that they found and zero days that they finally got disclosed, hopefully fixed. Right? Right. Not just to catch news, but to actually do some good.
Jake Braun: Yeah, exactly. And, and so that's, you know, with this whole kind of frame that I just laid out, that's why we decided to call the project Project Franklin because, you know, Benjamin Franklin, as we know, was, um, In some ways, the pinnacle of the Enlightenment, but also more importantly, embodies this idea of, of science and civics, you know, all of his research on electricity and, you know, creating bifocals and, and all these things, [00:12:00] um, along with his work with the Constitutional Congress and, and poor Richard's Almanac.
So, um, that's where the name from this came from is, is Benjamin Franklin, as you remember from high school civics, um, created poor Richard's Almanac, which for his time was, you know, an annual report. that catalogued some key scientific findings relevant for folks. In this case, a lot of it was around weather and farming and so on, which was important to folks back then.
I guess it still is today. Um, and then also some political commentary. He was much funnier than we are. We tried to be funny a few times in the thing. I think he was far more successful. Um, and so on. So we put out, uh, Uh, so that's how we decided to call this the Hacker's Almanac and why we spelt it with the old English spelling ending with the CK as opposed to the modern spelling with no K.
Um, and then separately, by the way, I do want to mention that, uh, the Project Franklin has two pieces. One is the annual, well, that's redundant, the Almanac, Almanac's our annual. Um, secondly, Franklin also, Uh, created the [00:13:00] first volunteer fire department in the United States. Um, it was in Philly, which is where he lived, um, in the late 1700s.
And, uh, by the way, that, we didn't have a paid fire department in the United States for another century. And so, uh, we've also created, as the other part of Franklin, a volunteer, uh, group of folks that we recruit largely, but not exclusively from DEF CON, who we provide to local water utilities, uh, because they're under such, you know, not just increasing attack, but dramatic attack from, um, groups like nation states, uh, and others in particular China.
We can talk about that later, but, um, so we have this, we've already recruited over 350. Folks, we have a pilot with six different utilities where we've deployed volunteers out to help them, uh, improve their cybersecurity and, and hoping to add, add a bunch more. So that's kind of what Project Franklin has become.
In the last eight, nine months, since we [00:14:00] launched it at DEF CON last year, it's the, uh, the, the hackers almanac annually, and then this volunteer group of folks to support for now, um, under resourced water utilities. But, you know, we plan to expand other under resource critical infrastructure.
Sean Martin: Super cool. I didn't even, didn't even connect that to, uh, to what we're going to talk about today.
Maybe we, maybe we have another chat on, uh, that whole project. Um, in the meantime, you can share a link and we can. We can, uh, include that for folks so they can learn about it.
Jake Braun: We'll do that. Particularly any listeners who work in water, we would love them to reach out to us
and
let us know if they want volunteers.
Sean Martin: Absolutely. So let's, let's talk a bit more about the, the almanac. So, uh, I think you described the, uh, the, the why and kind of the, the, how it came together, um, which is, I guess, ultimately it's one to capture what happened to, to share that with others. [00:15:00] Hopefully we can learn from it. What do you hope people do with it?
Is there, is there some outcome you expect? I think you said that it was written for policymakers, but from a broader perspective, what do you hope comes from this resource?
Jake Braun: Yeah. While the, the kind of macro intent is that policymakers have actual. technical grist to go behind their, their policymaking. We think that the content in here is, should be at the very least interesting, um, if not, um, quite applicable to what a whole host of anybody who works in this field does.
So, for example, we, we touch on some of the, the key issues in our field right now. So AI security is one, which we can, I presume you want to go into more detail there. Um, at some point here, um, to ransomware attacks, uh, is another one that we, we [00:16:00] spend a good amount of time on three is, uh, cyber securities impacts on the biomedical industry, which, of course, is something we all care about.
And then we have a host of, of smaller, uh, findings or topics that we cover, but by smaller, um, I sometime, you know, sometimes even those are massive. Um, aspects of of industry and so on. Like, for example, the cyber security of our electronic vehicle infrastructure that were that were across the country right now.
So, um, so yeah, so it touches on, on all those things and more.
Sean Martin: So let's, um, let's start with the one that struck me. IAI is everywhere. So we can come back to that one. Ransomware is the thing that never goes away. We can come back to that one. What, what struck me is the, the. Biohacking. And what struck me about it is the title.
Um, it kind of, it [00:17:00] was reversed. Bioterrorism Today and Personalized Medicine Tomorrow. And I, I would think that the advancements in technology would be mostly about providing better patient care. And oh by the way, we have some risks that uh, might put people in harm's way, uh, groups of people in harm's way.
The title leads with bioterrorism. So tell us a little bit about what, what that finding was and, and, uh, perhaps why that title was written that way.
Jake Braun: Sure. So it was kind of, it was written for a couple of findings that we kind of mashed together, um, in that section. The, the main one being that, uh, the, the researchers.
At four vinegars collective, I think is what they're called. Uh, had figured out with AI and some other, uh, capabilities, the [00:18:00] recipe for lack for a very dumbed down version of what they did, uh, for different. Uh, vaccines in this case, hepatitis C was the main one they highlighted, uh, but there were others and they figured out how to make a hep C vaccine for, I think a whole battery of medications for 400 bucks when normally it would cost 82, 000.
Uh, to get the same level of, of, uh, uh, vaccine, uh, vaccines. And the interesting thing was not only that they were able to do this, because you know, entities, people who know what they're doing in this space could make knockoff vaccines. Uh, they've been able to do that for, for years. That's, that's not surprising, but what these folks were able to do.
Was do it in such a [00:19:00] simplified way that they could teach a non technologist, uh, maybe not completely non technical, but somebody who's not a PhD in cyber security or, or whatever, uh, to make these vaccines themselves. And then they coupled that with another section in the, in the report, which is using 3D printing to make.
Biomedical devices, uh, particularly in areas where, you know, they don't have enough money or it's too hard to get these devices to. And so the question becomes, you know, for, for years, there's been a lot of reasons why they prohibited, uh, you know, going generic or doing really reduced price or free vaccines, um, when there's patents in place and so on and so forth.
Uh, you know, in the developing world or for deeply impoverished, um, communities. However, now, if, if you can kind of [00:20:00] teach somebody who has some quasi level of expertise in, in technology. to start making these vaccines not for profit, but just to give out at cost or for free. Um, and they can build their own or print their own devices to help make those medicines.
Well, that's something quite different than what we've discussed until now. And by the way, According to researchers, a lot of this may fall under the umbrella of what's considered bioterrorism today. Um, you know, making your own, uh, vaccines and so on and so forth and distributing them to people or letting people make them themselves.
Uh, folks could definitely interpret that as, as bioterrorism. And, and in fact, I think it has been interpreted as such to date. Um, but they're saying. Well, so be it, uh, if this is going to help save lives, then we should just do it and let the chips fall where they may in terms of, of, uh, enforcement and so on.
And so, one of the things [00:21:00] we call for is, should we be bringing in, uh, a group of NGOs that are helping people in, in, uh, very impoverished parts of the world and teach them how to do these things, because otherwise, they would have no vaccines, and maybe this is not the best option, but maybe it's better than, No option at all.
Uh, and so, so anyway, that was the, the overview of the, of what was discussed.
Sean Martin: Yeah, I love that. Let's talk about the, um, the, the policy bit of this for a moment. Um, Yeah, so there's the patent piece. We can leave that to the side, but from a safety perspective, the FDA exists for a reason, right? And, and products go through lengthy tests and many years sometimes.
Um, vaccine is the same. So I'm wondering what the, what the policymakers view of this particular finding is with respect to [00:22:00] basically having I don't know. Do they put policy around this? Do they regulate it somehow? Or is it a, or does it become a free for all because somebody can make vaccines for their little community and it's off the grid, so to speak?
I don't know. What are the thoughts there?
Jake Braun: Right. Well, I mean, remember the term snake oil salesman comes from somebody selling fake medicine, um, which usually had booze or opium in it, you know, uh, you know, decades or not even centuries, maybe a century ago. And so the FDA exists for very good reason. Uh, and these, these companies like Pfizer and others are held to incredibly high standards for very good reasons.
And, uh, you know, we've generally accepted that for, for decades now because we don't want, uh, because we, we want high standards for our medications. That being said, there is still portions of the world where they can't get any of these medications. FDA or not. [00:23:00] And so in the area, in areas where it's the choice between no hep C vaccine, because it's too expensive or whatever, or one that by all estimates, uh, these folks say, you know, we'll, we'll work.
Um, however, you don't have the same, uh,
regulatory regime around again, it's, it's worth considering whether these NGOs should be talking to folks in these populations that they're serving. and decide whether this is something they want to think about, um, endeavoring into, you know, you kind of go back and forth. Well, you know, some of it going to be unsafe, maybe, but.
If not, if nothing or a lot of these people are going to die no matter what because of these diseases, you know, the answer is yes. So, you know, it, it, it's not an easy decision. It's a real, it's, you know, it's, it's very unfortunate that you even have to have a [00:24:00] conversation like this, but it is reality. And so if this is an option, it's, it's worth considering.
And again, I think this is where, you know, there's a broader question here of. Is there going to be kind of a monopoly on health, um, that we have today on kind of major corporations that oversee, you know, most aspects, most aspects of our health, not just our medicine, but, you know, other types of care and so on that we get, um, and layered on top of that as insurance and everything else, or if technology allows it, are we going to allow a more personalized, you know, patient driven, um, approach.
And I think that's what these findings are really trying to get at. Like, should we should probably be having this conversation now. Uh, about this more patient driven approach versus the kind of, uh, industry monopoly approach that we've got now and again, that monopolies in place [00:25:00] for some pretty good reasons because those folks are held to really high standards and standards.
We want them held to, but there's other options that. You know, I think are viable and worth discussing.
Sean Martin: I love it. Let's, um, I'm tempted to go to AI, but I want to shift to ransomware because I think it has, has had and continues to have pretty, a pretty big impact on society. Um, what, what's that section about some of the findings there?
Uh, I mean, it's really all about hackers stepping up where others haven't, right? So what's going on there?
Jake Braun: I know that the headline I had written before was, um, Government has failed. So hackers don cape and mask, you know, as if they're superheroes charging into the, um, into the fight. Um, but a bunch of other people said, no, that's too cute.
Um, anyway, [00:26:00] so I was overridden. Um, uh, yeah, I think this is actually my favorite one out of all of them. Because, uh, you know, first off when I was in the White House and before that, when I was at Homeland Security, I mean, I sat in hundreds of hours of government meetings about ransomware. Um, you know, everything from, uh, meetings with our, our tech folks to meetings in the situation room to meetings and, you know, uh, with everybody you can imagine about what are we going to do about this?
How do we get after these guys? Uh, et cetera. And, you know, look, the government does a lot of stuff around ransomware. They, they, uh, take down these folks infrastructure. Sometimes if it's high profile enough, they'll yank back payments. Um, they, you know, indict these people. They rarely can arrest them because they're in countries like Russia that won't allow us to.
Um, but, uh, but it does do, it's doing a lot. However. [00:27:00] A lot isn't changing the outcome. Uh, where ransomware is, is as bad or worse today than it's ever been, uh, despite all this effort. And so it seems like we need at least a different approach or more approaches, right, a plurality of, or a multiplicity of approaches, not just the government option.
So, uh, what this guy. Uh, did whose name I can never pronounce. Um, so I'll find it and hear it at some point. Anyway, um, Brilliant Hacker.
Sean Martin: Vangelis.
Jake Braun: Vangelis. There you go. Thank you, Vangelis. uh, Vangelis, Vangelis. Anyway, brilliant hacker. Um, he, uh, he infiltrated a ransomware group, uh, and, and hindered some of their activity.
Now, let me preface this by saying we've had a policy in the federal government, I think most governments have this, not just the U. S., against what we call hack back. The private sector for years has wanted to be able to [00:28:00] go use their cyber ninjas that are defending their systems. And use those ninjas to go attack, uh, the, uh, you know, folks who are, who are, um, attacking their systems.
And of course, the National Security Establishment, the Foreign Policy Establishment has said absolutely not. There's no way you're allowed to do that. You know, we have people who train their whole lives, uh, to prevent World War III. And, uh, make sure that we live in a relatively peaceful world, which, you know, we can complain all we want about how things are going right now, but we're not in World War III, so that's a positive.
And so, the idea that we're just going to allow a bunch of random companies, um, to go attack these foreign adversaries who may or may not be attached to a foreign government. And that government may or may not believe that the U. S. government sanctioned these attacks. And then all of a sudden this spirals us into, you know, World War III.
There's very good reasons we don't allow hackback. Um, however, that's not what Vangelis did. What [00:29:00] Vangelis did is he kind of threw a bunch of very clever, um, uh, attacks. No, I won't say attacks. Um, tactics. Um, kind of got his way into a few kind of the preeminent ransomware groups. And, uh, Uh, once he was in, he didn't like go burn down their infrastructure or anything.
He just sat there and watched what they were doing. And over time he would identi he was able to identify who they were gonna attack next, and they would call up the, um, the potential victim and say, Hey, you guys are in the crosshairs. You better back up your stuff. Or, or, um, you know, improve your defenses or, or whatever.
And, um, you know, by his accounts. Uh, was able to to stop multiple attacks. And so the question becomes like, well, look, he wasn't, he wasn't Burning down these guys infrastructure. He wasn't, you know, putting all their passwords online, uh, or whatever. [00:30:00] He, this was more like espionage. You know, he was sitting there, he was like a, you know, a night watchman or something, you know, or, or those guys, um.
You know, in the 80s who used to patrol the streets, they were like regular citizens. Well, that was in New York, I think, right?
Sean Martin: Yeah, exactly.
Jake Braun: Yeah. Um, so he's kind of more like one of those. And so, which by the way, there's a long history of this in the United States. You know, we used to, we used to deputize commercial shipping vessels to help deal with pirates.
Um, in the Caribbean and, and, and so on and so forth. Uh, and so like, it's, it's not like this is totally uncharted territory for us. And so the question we're asking is like, look, do we need to employ tactics like this to, uh, help, you know, empower the civil society? Um, and in particular, this, the hacker community to go, uh, monitor, uh, infiltrate, um, and do notices or, or make [00:31:00] folks aware of what these, uh, ransomware groups are doing, uh, because the government just doesn't seem to, to be able to, to, to deal with the threat.
And you know, I, I would argue, yes, uh, I, I don't think what Vangelis did. Uh, or really any variation of what he did is going to start World War 3 and your ransomware is not getting any better. So why not, you know,
Sean Martin: I didn't, and I certainly don't want to oversimplify what, what he did. Um, but it seems very connected to threat intelligence to me.
So gathering information, analyzing it, using it to. I mean, we see it with the ice owls and the ice axe too, right? We see signs that this particular industry, or these particular entities in an industry are being targeted, and here are the bad actors tactics and [00:32:00] techniques, here's how we can better shore ourselves up.
So being inside maybe is what crosses the line, but what's coming out seems very much like traditional CTIs, as I'm aware anyway.
Jake Braun: Absolutely, it's, yeah, the difference is that he was sitting inside of it, uh, and he was giving away the information for free. Um, you know, to, to specific entities that, that were being targeted.
Uh, but yeah, I mean, the, the concept is not novel in, in any way. The vantage point is what's novel, I guess.
Sean Martin: Yeah, exactly. Yeah. The, the, the, the vantage point. Well, let's, um, we, we have a couple of minutes left. I know you have a hard stop. I want to talk, can't, we can't skip it. We need to talk about AI. I remember AI village.
I don't know, maybe it was 10 years ago. It's something that DEF CON has been. Looking maybe nine years. I don't know. Something DEF CON's been looking at for a while. Um, tell me about this particular section of the almanac and [00:33:00] what we can expect.
Jake Braun: Yeah, so I think, particularly for the folks who watch this, this might be the most, uh, relevant part of, of what was, what we, what we put out.
Um, although that being said, I would, I really encourage everybody to look through the whole thing. And by the way, it's a 20 some page report, but we wrote it. We wrote it for busy people to be able to skim. And if you find something interesting, you can read further. But it's not 20 pages of block text.
There's a lot of, you know, headlines and bullets and bolds and so on. So you can easily pick out what you're interested in and what you're not. Um, So obviously, you know, AI is everywhere and, and, um, you know, people are trying to figure out how to use it for their industry and so on. And the, you know, security is always a laggard.
Uh, and, and that's no different here. Interestingly though, what the, the AI village folks came out to [00:34:00] say, it comes from three years of trying to do AI red teaming. In fact, I think they changed their. The village's name in the last few years to be the AI red teaming village, I think is what it's called, but they can correct me on that.
I'm sure they will in the comments if I'm wrong. Um, and after three years of trying to red team AI, uh, the main guy, Sven, who's really this brilliant, uh, brilliant guy who's been running the village for years, uh, Basically said we don't even know how to define what AI red teaming is we don't even know what harm we're trying to Mitigate by by red teaming AI And and so then I was actually the one who came up with the headline that says AI red teaming is bullshit because really You know, there's a whole host of security companies that are out there many of whom I'm sure listen to your show and they should Because it's a great show but You know, we're all kind of just making it up.
There's no industry standard for this. Uh, folks who are buying AI red [00:35:00] teaming. You know, I should know that whatever they're buying may or may not be useful. And there's really nobody out there saying like, Oh yeah, this group has benchmarked their red team again, red teaming tactics against industry standard.
And therefore, if you company are buying this, then you're getting. You know something that measures matches to that. It's not true. Everybody's just making it up. Um, and and it's fun
Sean Martin: Snake oil,
Jake Braun: uh Yes, um, I don't want to disparage my colleagues out there, but they're just making it up. Um And, uh, and look, I mean, in the environment we're in, that's kind of all you can do is make it up.
But, but, you know, folks buying this stuff should know that everybody's just making it up at this point. So the main, uh, point that we make out of this is, is first off, you know, acknowledging the problem. Nobody really knows what this is. And then saying to both industry leaders and. Uh, government and academic leaders look, folks need to come together [00:36:00] quickly and, uh, derive industry standards, uh, for this, because right now, I mean, let me ask you, like, if you say you're red teaming AI, are you red teaming the chat?
GPT app on my phone? Are you red teaming like the software at open AI that it runs on? Are you red teaming the servers that it runs on? Or are you red teaming the algorithm and And the day or the data set, the algorithm, no one can answer that question. I think what we generally mean is we're red teaming the outputs of the algorithm and thus the algorithm.
Because in theory, open AI and meta and these guys should be red teaming their own software and they should be red teaming their own hardware. And they've got lots of money to do that. So I don't think that's what we're talking about. Some but some industry government academic consortium needs to come out and actually say that's not what we're talking about And then we need to [00:37:00] get after defining.
Okay. What is red teaming an algorithm mean, you know? I think there's a lot of people who have some very good ideas on what this means like, you know Garbage in garbage out what data do they use to make the model, you know are the Um, are the, uh, waiting, uh, measurements and so on they're using for the model?
Do they remain consistent over time? Have they changed? Uh, You know, do the values within the data that's come in, if those change, which could then alter the, the information that comes out. Blah, blah, blah. There's a million different things to look at, but we don't know.
Sean Martin: Poison, data been poisoned. Yeah. All that type of stuff.
Endless list of stuff.
Jake Braun: There is. Well, actually, so that's an interesting point. I don't know if it's an endless list, you know, and I think we probably need to think through, there must be some finite list of at least categories, you know, and so why don't we start to enumerate those first. You know, like in typical red teaming, what are you gonna look [00:38:00] at?
Like what assets are on the network? You know, what software is running or trying to run on the network? Are there secure configurations, you know, basic controls, blah, blah. Okay. So what are those for AI and, and, uh, or AI algorithms? And, uh, we haven't even as a, as an industry started to define those yet, but we need to quickly so that the folks who want their stuff to be secure, which I believe is everyone, um, can, can bring in, uh, uh, groups that can, uh, That can know what they mean when they say, I want my AI to be secure.
Sean Martin: Absolutely. I have a gazillion thoughts on this. We're out of time. I'm going to give a quick shout out to the OWASP organization. They're doing a lot of work in this space of AI. And, um, I think they give that list that you're speaking to, at least from an application development perspective. And I've had a few chats with that team, so I encourage everybody to listen to those and form your own opinion, look at your own resources, but there's a good set from them.
[00:39:00] Jake, I know you have to run. Um, any, any final words on this? Of course, I'm going to put links to the, to the almanac. I encourage everybody to read it. To your point, it's very, very easy read. A lot of cool information in there. Um, good stuff with Franklin Project. Maybe you'll join me again. Any chat about that?
Any other, uh, final thoughts from you?
Jake Braun: Well, first off, we're going to do one this coming year, uh, we'd love people's thoughts on, uh, you know, what we should be looking at topics or particular talks, you know, we're going to happen at DEF CON or, or anything that you want us to, to look at, uh, for, for next year's Almanac.
So we'd love folks thoughts on that. Um, you can message us or whatever. Um, that's thing one. Thing too, uh, I'd strongly encourage folks to sign up to volunteer on, uh, at Def Con Franklin's website, which it sounds like I'm going to put in the link. Uh, we're always looking for more volunteers, particularly for these underserved water, uh, utilities.
Uh, and, uh, yeah, look forward to, uh, To [00:40:00] joining you, uh, when the next almanac comes out or maybe before.
Sean Martin: Yep, absolutely. Both are true. Jake. Thanks a million. Uh, thanks for putting that together. Thanks for the team that supported you the researchers that found the findings in the first place and shared them with us and uh To everybody listening and watching.
Thanks for joining me, please do uh Share with your friends and enemies subscribe Share your thoughts with jake and I and uh, we'll see you all on the next one. Thanks everybody
Jake Braun: Thanks so much. Thanks for having me, Sean.