Spies, Lies, and Cybercrime: Insider Perspectives from a Former FBI Agent

CuCon London Conference and Cyber Attacks

• The CuCon London conference is returning on April 7-9, 2025, where attendees can learn from world-class leaders and senior software developers working on real-world projects across multiple domains (5s).
• Eric O'Neal is a public speaker, best-selling author, attorney, and expert in cybersecurity, who runs companies that provide cybersecurity advisory and investigative services (54s).
• Eric uses his background as an undercover investigator in the FBI to transfer knowledge of counterintelligence into making the world safe from cyber attacks (1m10s).
• Cyber attacks are coming hard and fast, and it doesn't seem like they can be stopped, with cyber espionage growing as spies adapt to accessing information online (1m35s).
• Cyber spies have evolved into launching cyber attacks, and they are the best in the business, with cyber criminals modeling and learning from them (1m59s).
• Cyber crime is the fastest-growing business on Earth, exceeding $12 trillion, with the dark web being a virtual country that would be the third-largest economy if it were a country (2m16s).
• The GDP of the dark web is predicted to grow to around $20 trillion by 2026, making it difficult to stop cyber crime due to the large and growing attack surface (2m45s).

Eric O'Neal's Experience and Cyber Espionage

• Eric shares stories of spies, lies, and cyber crime, including his experience as an undercover operative for the FBI, chasing spies and terrorists, and catching Robert Hansen, the most damaging spy in FBI history (3m39s).
• Many successful cyber attacks begin with deception, gaining someone's trust, and Eric learned about deceiving and being deceptive during his undercover work against Robert Hansen (4m14s).

AI-Powered Cybercrime and Business Email Compromise

• A finance manager in Hong Kong received an email that appeared to be from the CFO of his company, requesting him to join a virtual Zoom meeting to discuss a new deal. (4m19s)
• The email was actually sent by a group of attackers who had compromised the CFO's email address and created AI avatars of the CFO and other individuals to make the meeting seem legitimate. (5m11s)
• During the Zoom meeting, the finance manager was instructed to send payments to various bank accounts, which he did, totaling $25 million to five different bank accounts in Hong Kong. (6m21s)
• The bank accounts were controlled by the attackers, who had created an elaborate scheme to deceive the finance manager by learning about him through reconnaissance and social media. (6m35s)
• The attackers used AI avatars that were so realistic that the finance manager was fooled into believing they were real people, highlighting the growing threat of AI-powered cybercrime. (6m56s)
• This type of cybercrime, known as business email compromise, costs businesses $49 billion per year and is a growing concern, as it can be difficult to detect and prevent. (5m25s)
• The use of AI avatars and virtual meetings makes it increasingly difficult to trust the authenticity of online interactions, creating a new level of complexity in the fight against cybercrime. (7m16s)

Preventing Cybercrime and Bank Security

• Banks can do more to prevent cybercrime by investing in training their customers to be better with cybersecurity, enforcing better controls on their systems, and implementing measures to prevent call center attacks, which involve spoofing and resetting account information, often targeting individuals with a public profile (8m3s).
• To prevent such attacks, banks can implement better systems of controls, including encryption and two-factor authentication methods that are more secure than texting a code to a phone, such as authenticator apps that use different models of encryption (8m48s).
• Using a phone number for two-factor authentication is not secure, as phone numbers are controlled by third-party carriers and can be compromised, as seen in the case of Chinese spies accessing phone records of individuals in the Trump orbit (8m58s).

Acting Like a Spy Hunter and Data Protection

• To act like a "spy hunter" in an organization's technology department, one must focus on data, understanding what data the organization has, who has access to it, where it resides, and implementing systems of controls to protect it (9m58s).
• The key to catching a spy is to know the organization's data well enough to identify when an access point doesn't look right, such as an employee logging in at an unusual time or from an unusual location (10m43s).
• Cybersecurity systems can flag such unusual activity and cut off access, elevating the issue for human review to determine whether the individual is a trusted insider who has gone rogue or a spy (11m34s).
• A successful spear phishing attempt can compromise an individual's username and password, allowing an external attacker to gain access to an organization's system and steal data, creating a "virtual trust insider" (11m53s).
• Understanding an organization's data and normal user behavior can help identify potential breaches, turning cybersecurity into an early warning system that can detect and prevent catastrophic breaches (12m7s).

The Evolution of Espionage and "The Invisible Threat"

• The evolution of espionage has shifted from traditional methods like dead drops and signal sites to constant cyber attacks launched by intelligence officers from anywhere in the world (12m58s).
• A new book, "The Invisible Threat," explores the natural evolution of cybercrime from traditional espionage, detailing how cybercriminals use traditional espionage tactics to attack organizations (13m11s).
• The book is divided into two parts: the first part tells stories of cyber attacks, while the second part provides actionable advice on how to identify and stop attacks, and how to protect oneself from future attacks (14m0s).
• The book uses storytelling to put readers in the mind of a spy hunter and provides a narrative thread that follows an internal look at a major ransomware attack (14m32s).

The Rise of AI, Remote Work, and Espionage Risks

• The rise of AI and technology is changing the way we live and work, and it's essential to give this shift the detailed thought and attention it requires (14m57s).
• The COVID-19 pandemic accelerated the adoption of remote work, and many organizations are now "hybrid first" or "remote first," allowing employees to choose their work arrangement (15m16s).
• North Korean espionage cases have been reported where individuals were hired remotely by companies, only to be revealed as spies, highlighting the risks of remote hiring practices (15m30s).
• A company hired a computer engineer who seemed perfect on paper, with great references and a LinkedIn profile, but was later found to be a North Korean spy who stole terabytes of information and extorted the company for $250,000 (15m51s).
• The spy was able to log in to the company's systems and databases using his granted access as a computer engineer, and his true intentions were only discovered after he was fired (16m31s).

AI Avatars, VPNs, and Cheating with AI

• AI can create avatars that can change a person's appearance, voice, and writing style, making it easier for spies to disguise themselves (16m54s).
• Sophisticated VPNs can make it appear as though someone is working from a different location, which can be used for malicious purposes (17m9s).
• A college student was observed using ChatGPT to cheat on an online exam, copying and pasting questions and multiple-choice answers into the AI tool to get the correct answers (18m1s).
• The student was able to complete the entire test with 100% accuracy without doing any actual work or learning, highlighting the potential risks of AI-assisted cheating (18m47s).

The Future of AI and "No Blank Pages"

• The concern is that future generations may rely too heavily on AI, with a potential scenario where a graduate asks an AI to do their work for them, rather than doing it themselves, which is a worry expressed in a new book with a chapter called "No Blank Pages" (19m4s).
• The concept of "No Blank Pages" refers to a future where children start their work by asking an AI to do it for them, and then only edit the results, rather than creating original content from scratch (19m15s).
• This shift could lead to a loss of the magical and difficult process of creating original work, which is an essential part of learning to be an effective writer and creator (19m48s).
• The use of AI tools, such as ChatGBT, could make people more editors than writers, as they would be relying on the AI to generate the initial content (19m54s).
• There is a fear that this reliance on AI could lead to a day when there are no longer any creatives, as people would be relying too heavily on technology to generate their work (20m6s).

About the Author

• Eric O'Neal is the author of the book and can be found on his website, where he is an avid speaker and writer, and also corresponds through LinkedIn (20m21s).