PAUL DUCKLIN
A judge has sentenced a CISO to 8 consecutive hours on the RSA conference floor. His crime: failing to disclose a breach to the Securities and Exchange Commission.
Legal experts at the SEC are calling the penalty proportionate and corrective. Former RSA attendees are calling it ransomware.
Unknown
Smashing Security, episode 459. This clever scam nearly hijacked a tech CEO's Apple ID. With Graham Cluley and special guest Paul Ducklin.
Hello, hello, and welcome to Smashing Security, episode 459. My name's Graham Cluley.
PAUL DUCKLIN
And my name is Paul Ducklin.
GRAHAM CLULEY
Duck, great to have you back on the show once again. Thank you for joining us.
PAUL DUCKLIN
It's a great pleasure.
GRAHAM CLULEY
So what fun stuff have you been up to lately?
PAUL DUCKLIN
Well, as you know, Graham, for very many years I haven't owned a car because I kind of got into bicycling.
PAUL DUCKLIN
So when I need a car, which is only very occasionally, I hire one. And every time you seem to get a different model.
PAUL DUCKLIN
And the one thing you have to do, at least in Britain, when you hire a car, the rule is you get it full of fuel and you must return it full of fuel or they charge you some extortionate price to fill it back up.
PAUL DUCKLIN
And of course, because it's not your car, how do you know when you pull into the filling station which side the filler cap is on?
PAUL DUCKLIN
And although I've been doing this for years and years and years, I only very recently discovered that if you look at the fuel gauge, digital or not, underneath it there's a little petrol pump icon that says this is the fuel gauge.
PAUL DUCKLIN
And at the bottom of the little petrol pump icon, there's an arrow which is either on the left-hand side or the right-hand side. Guess what the arrow tells you?
GRAHAM CLULEY
I think bless you, Duck, for not knowing that.
GRAHAM CLULEY
Well, I knew that. In the cars I've driven, I've noticed that. But I didn't know all cars did that.
PAUL DUCKLIN
When I owned cars, I just knew which side it was on, because after the third time you've got it wrong, you kind of know. The green car, it's on the left.
The white car, it's on the right.
GRAHAM CLULEY
I have to look at the dashboard to remind myself sometimes.
PAUL DUCKLIN
So are you saying I've given the Smashing Security listeners a piece of advice that only I did not know?
GRAHAM CLULEY
Well, let's go on with the show. But before we kick off, let's thank this week's wonderful sponsors, Meta, Adaptive Security, and Vanta.
We'll be hearing more about them later on the podcast.
This week on Smashing Security, we won't be talking about how a Doge employee stole Social Security data and put it on a USB drive.
You'll hear no discussion of how a foreign hacker is said to have broken into the FBI in 2023 and compromised the Epstein files.
And we won't even mention how a new font rendering trick can cause AI assistants to not spot malicious commands hidden in seemingly harmless HTML.
So, Duck, what are you going to be talking about this week?
PAUL DUCKLIN
I'm going to be asking, where does nobly helping the community at large with medical data end, and protecting your personal data and privacy begin.
GRAHAM CLULEY
And I'm gonna be talking about the devious way hackers almost stole a famous techie's Apple account, and how you could fall for the same trick.
All this and much more coming up on this episode of Smashing Security. Graham.
JOE
Who's our sponsor this week?
GRAHAM CLULEY
Well, Adaptive Security is one of them.
GRAHAM CLULEY
They train your staff not to be idiots, Joe.
GRAHAM CLULEY
It is a bit. But you know when someone rings up the accounts department pretending to be the CEO and asks to be wired $50,000, and it turns out to be a bloke in a tracksuit?
That's what we're talking about.
JOE
I'm familiar with the genre.
GRAHAM CLULEY
Yeah, so Adaptive Security, they stop that from happening. Proper security awareness training, not death by PowerPoint.
JOE
Thank goodness. Yeah.
GRAHAM CLULEY
Real-world examples tailored to your company. Phishing simulations. Vishing. Smishing—
JOE
You're just making up words now.
GRAHAM CLULEY
I'm really not, Joe. Voice, email, SMS, video, even AI deepfake scams. And the simulations use the kind of information attackers could actually dig up about you and your staff.
GRAHAM CLULEY
Yeah, it's uncomfortably realistic. And now they've got an AI content creator that lets security teams instantly spin up custom training.
All you've got to do is paste in a news article. So it could be about a breaking threat or an internal policy update. It's all done. Multilingual, interactive in seconds.
JOE
Who's behind all this then?
GRAHAM CLULEY
Well, OpenAI, as it happens. Adaptive Security is the first cybersecurity company which is backed by OpenAI.
JOE
That sounds like a ringing endorsement.
GRAHAM CLULEY
So, if you'd rather your employees weren't the weakest link, head over to smashingsecurity.com/adaptive.
JOE
That's smashingsecurity.com/adaptive.
GRAHAM CLULEY
And thanks to Adaptive Security for supporting the show. Now, Duck, Matt Mullenweg. Are you familiar with Matt Mullenweg?
PAUL DUCKLIN
That's Automattic, isn't it?
GRAHAM CLULEY
That's right, which is the parent company of WordPress and some other things as well. And he's also the co-founder of WordPress, obviously. He's a big name in tech, isn't he?
I mean, he did do something extraordinary with WordPress.
He built something which is used by some astonishing statistic, the number of websites out there which are powered by WordPress, either WordPress.com or the open-source equivalent, something like 40% of the internet is using WordPress technology, I believe.
PAUL DUCKLIN
Is your site on WordPress, Graham?
GRAHAM CLULEY
It is, yes.
PAUL DUCKLIN
Yes, so is mine. So there you go. Two out of two.
GRAHAM CLULEY
That's 100%. In our survey, 100% of the internet is being run on WordPress. So he's done very well.
He still managed to alienate almost everyone in the WordPress community over the years as well. He's a bit like Linus Torvalds. He can be a little bit prickly, I think sometimes.
He divides opinion. But he's a big cheese, isn't he? And turns out he uses Apple devices. So he's got an Apple Watch, he's got an iPhone, and he's got an Apple Mac.
And he also does something which not many people do with their Apple devices, which is that he has enabled lockdown mode.
That is an optional feature of Apple's operating systems, which means that you shouldn't laugh, Graham.
PAUL DUCKLIN
It sounds like if you want to show your buddies how important you think you are. So I've tried it. It's very good, but is it? You can't do an awful lot.
GRAHAM CLULEY
Well, that's the problem, right?
So lockdown mode, for anyone who doesn't know, it significantly restricts what your device can do, which is great news in terms of making it more secure, puts you at less risk, but it also makes your device really bloody difficult to actually use as a computing device.
So much so that Apple actually specifically does not recommend it.
They say, "This is designed for very few individuals." They would hate the vast majority of people to turn this feature on.
PAUL DUCKLIN
I don't think they have to worry about that happening.
GRAHAM CLULEY
So it is more if you're a politician or if you're a journalist— I mean, not if you're a journalist writing about snooker matches or something like that.
But if you are a journalist who's working on some geopolitical or if you've got super secret sources who are in countries where there are authoritarian regimes.
PAUL DUCKLIN
Well, there have been some very, very, very deep and important gambling corruption allegations over the years in snooker.
So don't knock snooker journalists for the risk that they may be under.
GRAHAM CLULEY
That's true.
PAUL DUCKLIN
So don't knock snooker journalists for the risk that they may be under.
GRAHAM CLULEY
All right. Okay, fair enough.
Anyway, despite having lockdown mode enabled, Matt Mullenweg was still almost completely conned by an attack recently, which he has written about on his blog.
So if you're sitting there thinking, well, this could never happen to me. I could never fall for a trick this. Just stay listening because maybe you could.
Here is what happened to Matt. So recently in an evening, there's Matt.
He says that suddenly his Apple Watch, his iPhone, and his Mac, they all lit up with a message prompting him to reset his Apple ID password.
Right, this is the thing built into the operating system. It's popping up saying, you need to reset your password. And he says it came out of nowhere.
So he hadn't done anything to trigger it. And he's thinking, well, why am I getting this notification telling me that there's some kind of problem with this?
And what was happening was that somebody was hammering Apple's own legitimate password reset process. And you can do this.
You can go to Apple and you can say, look, this is my Apple ID. This is effectively my email address. I can no longer access my account. Please reset it for me.
And if you do that, Apple will send this notification to your devices, basically saying, do you want to reset? If you do, this is the process which we want you to go through.
So he was being battered by somebody who was probably hoping that eventually he'd get frustrated by all these hundreds of messages and just tap allow.
And this is a technique which is called, well, some people call it MFA bombing. It relies upon MFA fatigue. You must have heard about cases of this kind of thing happening, Duck.
PAUL DUCKLIN
Yes. In general, notification fatigue, as I've heard it.
Yeah, the idea that you'll get a warning, you'll get a warning, you'll go, that's not me, that's not me, that's not me, that's not me.
And then eventually you'll be at a low moment or you'll think, oh, well, maybe it is me. Or maybe you'll go in and fiddle with something and think, well, that must be mine.
And you click allow and everything goes quiet.
GRAHAM CLULEY
Yes. It's a bit a denial of service attack in a way, because it stops you from doing your work or stops you from having fun with your device.
PAUL DUCKLIN
Once in a while, Graham, you've got to expect that these scammers who are probably doing this thousands or tens of thousands of times a day, they will coincide with a point at which someone thinks they really do or should reset their password and they'll fall in with their eyes wide shut, as it were.
GRAHAM CLULEY
Yeah, that's certainly possible. So eventually you can get fed up and you can do whatever the message is telling you to do because you're under such a barrage.
Or you think, well, maybe it is legitimate. I just want the problem to go away. I will press every button until I find the button which makes these things bloody well stop.
PAUL DUCKLIN
Or you've jabbed the thing 50 times already and you jab it one more time in frustration. And this last time, because you're so annoyed you miss. And you hit the other button instead.
PAUL DUCKLIN
And you hit the other button instead.
GRAHAM CLULEY
But Matt Mullenweg, he's a smart cookie. He's clearly savvy to the risks. But in his case, these guys didn't give up when he failed to fall for that particular trick.
Instead, they took things up a notch.
So it turns out that the people who were trying to trick him into giving them access to his account contacted Apple support themselves, pretending—
PAUL DUCKLIN
You have to grudgingly think that's quite clever.
GRAHAM CLULEY
Isn't it? So they pretended to be Matt Mullenweg, and they said, I've lost my phone. I need to give you a new phone number to attach to my device.
And because they were doing this all through Apple's actual real support channels, that interaction generated a real case ID number within Apple Support.
PAUL DUCKLIN
Yes. Which, even if it's a fraudulent approach, is quite correct. It means Apple has created a record that you can then know is false if you've got your wits about you.
GRAHAM CLULEY
Now, Apple, of course, they're not just going to hand over the keys to someone's account just because they appear to have said, oh, I've lost my phone.
They're going to send notification emails to the people whose email addresses they have associated with that account, right?
So they're going to send notification messages, and that's what happened. So real Apple notification emails arrived in Matt's inbox.
And all of those messages, of course, were not phishing emails. They were properly signed from Apple's actual email servers with Apple's domain.
These weren't spoof emails, they weren't blocked by spam or anything else.
They're completely legitimate emails to Matt about a completely fraudulent request from the hackers to gain access to his account.
PAUL DUCKLIN
And this is meant to be done so that you get a heads up if this kind of thing is happening.
GRAHAM CLULEY
Exactly. And it is at this point that Matt got a phone call.
GRAHAM CLULEY
He gets a phone call from Apple support. And Alexander was a pretty good support guy. He was calm, he was methodical, he was reassuring.
He gave Matt some genuinely sound advice, like you should check your account, make sure nothing has changed, think about updating your password, have you got two-factor authentication enabled?
Unknown
There is a few things that you are able to check over. This is just to ensure that the malicious third party won't be able to access your account.
GRAHAM CLULEY
And it sounds like Alexander from Apple Support is saying that someone tried to change Matt's phone number, which turned out was what the hackers were trying to do, but that Apple intercepted the attempt.
PAUL DUCKLIN
And who else other than Apple would know that that had happened, I wonder? GRAHAM CLULEY. Right.
GRAHAM CLULEY
And so you think, well, this is really helpful. And he was so convincing, this support guy, that Matt actually thanked him.
PAUL DUCKLIN
So, the numbers are current.
GRAHAM CLULEY
The emails are good.
MATT MULLENWEG
The password is old, so maybe that was compromised. I do have two-factor on. Thank you so much.
MATT MULLENWEG
What was your name, by the way?
Unknown
My name is Alexander.
MATT MULLENWEG
Alexander, you are awesome. So thank you for being so— thank you very much.
GRAHAM CLULEY
Which is kind of funny when you obviously guess the way in which this is going.
PAUL DUCKLIN
It also seems to be the most obvious giveaway that this is a scam. Timely, helpful, joyful, continuous, real, useful support.
GRAHAM CLULEY
Yes. Matt Mullenweg, remember, he signed up for the lockdown mode. He thinks he's a tech VIP. Maybe he thinks he's getting the gold-plated support from Apple because of who he is.
And then Alexander says, "Look, okay, so what we're gonna do, clearly this was a bogus support request which came in." They said, "Clearly someone is trying to phish you." "So what we're gonna do is we're gonna clear this bogus support request which has come in.
We can cancel it.
What I'm gonna do," he said, "is I'm gonna text you a link and you can then confirm your identity and we will cancel the support request." So the link arrives via SMS.
Pointing to a URL at audit-apple.com.
PAUL DUCKLIN
That well-known Apple domain.
GRAHAM CLULEY
Exactly, 'cause it's not the real apple.com. It's got that bit on the front. So Matt went to the link. It looked just like Apple's website.
He put up some screenshots of it on his blog entry as well.
And it displayed the exact case ID, the number which he had had referred to in the real Apple emails which had been sent to his inbox.
There was even a fake chat transcript shown on the page, a record of the scammer's own conversation with Apple, presented back to Matt as evidence that someone was attacking his account.
Unknown
Ah, yes, the 832 number, it was sent as a text message.
This is just because we're reaching out to that mobile number as of right now, and we can confirm you are the person that does have access to this mobile.
GRAHAM CLULEY
So Matt arrives on this dodgy webpage, and at the bottom of the page, as Alexander points out, is a Sign In with Apple button.
Unknown
So in relation to that request there, Matthew, you should see at the bottom, it may state the verification required. This is just to go ahead and process that cancellation request.
As I stated, we've initiated the cancellation request, but for it to be processed, it does require an original account holder or a legacy—
GRAHAM CLULEY
Now he's pushing for Matt to do this because this is how you will clear the support request so we can close this whole thing down.
GRAHAM CLULEY
And it's at that point that thankfully Matt was feeling a little bit unsure. And so we entered a completely different made-up case ID.
And when he did that, he got exactly the same results. So nothing was being validated. The whole thing was a sham.
He saw the same kind of page and he thought, well, hang on, you could enter anything here. And so he actually called Alexander's bluff. This is impressive.
So this is obviously phishing, right?
MATT MULLENWEG
So, tell me a little bit about the scam.
GRAHAM CLULEY
The whole elaborate scheme, the password reset spam, the fake Apple support call, the real case ID, the authentic-looking emails, all of that was just for this one moment to steal those login details for Apple ID.
GRAHAM CLULEY
This is pretty sophisticated stuff, isn't it?
PAUL DUCKLIN
Well, it's also very simple because the pixel-perfect clone website, there are any number of open-source tools you can download from GitHub, no less, air quotes for research purposes only, that don't require any technical skill.
Yeah, I've done it with my own site as an experiment. 5 minutes later, I had a pixel-perfect, JavaScript-perfect clone of my own site. It was exactly the same code running.
And the only difference was when you filled in the form and clicked submit, it went somewhere else. And you could even set a believable decoy page to land on afterwards.
GRAHAM CLULEY
Well, when Matt called this guy's bluff, Alexander was gone. It was silence. Now, interestingly, the guys at WordPress, they think it may have been an AI voice.
It may have been an AI which was clever enough to actually have the entire conversation with Matt, because there are some demos which ElevenLabs, for instance, have put out where you can be chatting to a support chatbot, which is remarkably convincing.
And it wouldn't be a surprise, maybe.
PAUL DUCKLIN
Well, particularly if it's just talking you through a script.
PAUL DUCKLIN
I don't think that particularly requires artificial intelligence. It just requires a voice that sounds believable enough.
GRAHAM CLULEY
Well, yeah, but in this case, it was interacting with him as well.
GRAHAM CLULEY
When Matt thanked him, Alexander said, oh, thank you very much. So there was a bit of to and fro between them.
GRAHAM CLULEY
And it was answering the questions. Anyway, what can we learn from this? Where's the advice? Well, Apple is never going to call you first, right?
They're not going to call you out of the blue. Always check the URL.
PAUL DUCKLIN
And if you call them, you're not going to get through very quickly either. So both of those things should be red flags.
GRAHAM CLULEY
Don't click on links texted during a support call. Be suspicious of them as well. Go to whatever the business is, go there directly if you're concerned.
If you receive a password reset prompt that you didn't request, then that should be a huge red flag. So approve nothing. Go to your settings yourself. Log in yourself.
Multifactor authentication, it definitely can help.
But of course, there are these sort of man-in-the-middle attacks, aren't there, where you can actually have the multifactor authentication token taken from you, and instantly the bad guys can use that token that you've entered to try and access your account.
GRAHAM CLULEY
Although it's a lot better to have that kind of protection in place, it is not a 100% guarantee that your accounts are going to be safe.
PAUL DUCKLIN
And never ever read out that two-factor authentication code to anyone else.
PAUL DUCKLIN
Like a PIN, personal identification number. It's for you only.
GRAHAM CLULEY
Yeah, that's absolutely right.
Just in the last week or so, the guys at Signal, which is the encrypted messaging app, they've put out a warning that there are messages going around claiming to come from the Signal security support chatbot.
And it says, we've noticed suspicious activity on your device.
PAUL DUCKLIN
Oh boy, they've even justified the fact that you're going to have a chat with an AI up front.
GRAHAM CLULEY
Yes. These messages say, to prevent you losing access to your account, you have to pass verification. We are about to send you a verification code.
Don't tell it to anyone, it says, not even Signal employees. Just send it to this number when you receive it.
PAUL DUCKLIN
Don't tell it to anyone except this person.
PAUL DUCKLIN
If in doubt, Graham, don't give it out. Simple as that.
GRAHAM CLULEY
Well, that's a good little motto. You should stick that on the front of your t-shirt.
PAUL DUCKLIN
Maybe I'll do that.
GRAHAM CLULEY
Okey-dokey. A little bit of time now to talk about Meta, who are one of our sponsors this week.
JOE
What does this one do?
GRAHAM CLULEY
They set up your office network so you don't have to.
GRAHAM CLULEY
Yeah, well, pretty much. Yeah, that's it. You know when you move into a new office and suddenly you're juggling ISPs and floor plans and hardware and configuration?
It basically becomes a second job, doesn't it?
JOE
Yes, I know this one. It's when the contractor turns up on the wrong day or at the wrong address and tries to install the wrong thing.
GRAHAM CLULEY
That's the one, yeah. Well, meet us in tyre pitches. What if that just wasn't your problem?
GRAHAM CLULEY
So you hand them a physical address and a floor plan and they sort out the ISP, they design the network, they show up on site, they rack their own hardware.
JOE
Their own hardware? Not reselling someone else's kit.
GRAHAM CLULEY
Yep, their own hardware, and they get the whole thing up and running.
JOE
Hmm. But what if I like being put on hold for 45 minutes to listen to pan flute music?
GRAHAM CLULEY
Well, tough luck, Joe. Tough luck. And once you're up and running, you get one dashboard. Monitoring, management, security, VLANs, firewall, DNS security, SD-WAN, the whole caboodle.
JOE
So full visibility with none of the legwork.
GRAHAM CLULEY
Yep, that's exactly it. And it's sold through a subscription model, so there's no nasty surprises.
There's even a hardware buyback program if you've already got kit from another vendor.
JOE
Ah, that's rather civilised.
GRAHAM CLULEY
Isn't it just? So head over to meter.com/smashing to find out more. That's meter.com/smashing.
JOE
And thanks to Meter for supporting the show.
GRAHAM CLULEY
Duck, what's your story for us this week?
PAUL DUCKLIN
Well, my story goes around an exclusive story that was published on British news site The Guardian over the weekend.
PAUL DUCKLIN
And it has to do with a UK biomedical research enabling organisation called UK Biobank.
PAUL DUCKLIN
Now, you may have heard of UK Biobank. They're a charity, which for our North American listeners, that would be not-for-profit.
Although they have a CEO, and that is Professor Sir Rory Collins. We'll come back to him in a moment. They're associated with the academic medical research ecosystem.
And to be quite fair, the idea is that this is not something that you just get forced into.
You volunteer to hand over via this group all your medical data throughout your life, as much as you choose, up to and including everything.
So that they can anonymise it or de-identify it, as they call it, right?
And collect it together and make it available under apparently controlled circumstances to medical researchers who want to do long-term research.
GRAHAM CLULEY
And my understanding is quite a lot of people have volunteered to participate in this. I mean, because people think that doing this will help medical research.
They think, well, there's no privacy problem as far as I'm concerned, because you're going to be careful.
PAUL DUCKLIN
Yeah, it's de-identified.
GRAHAM CLULEY
Yeah, because people won't be able to identify who I am.
But if this helps medical science, something like half a million people have volunteered to help this study of diseases and things.
PAUL DUCKLIN
And this is UK only, so that's half a million people out of what is our population, around 70 million.
PAUL DUCKLIN
So it's a very significant number of people who genuinely think they're doing the right thing.
Or maybe some of them are young enough that they haven't thought about how specific some of the conditions they might have in the future will be to them.
PAUL DUCKLIN
You know, maybe they've just had things that tend to happen to everybody so far, so they don't think that reidentifying them afterwards would be terribly hard.
PAUL DUCKLIN
And you can also imagine why people would think, you know what, I was in a desperate situation, the National Health Service intervened and they basically saved my life.
You kind of feel maybe I should give something back. I absolutely understand that. And you'll remember that time I had that automotive accident.
GRAHAM CLULEY
Horrendous.
PAUL DUCKLIN
And I wound up in hospital and then for 4 months I couldn't walk, but after 4 months I could walk again unaided.
And to this day, all I have to show for it is some scars where the operations were done.
GRAHAM CLULEY
Yeah, it was pretty bad. And as I recall, Duck, as long as you remember now what side the filling cap is on your car, you should be safe going forward.
PAUL DUCKLIN
Well, it was a motorcycle.
GRAHAM CLULEY
The filling cap was in the middle. It was a motorcycle. It was a motorcycle.
PAUL DUCKLIN
Yes.
I could imagine, given the fact that I was in dire straits in the middle of nowhere and a helicopter descended from the sky and whisked me off to one of the premier teaching hospitals in the country and basically restored me to pretty much as good as new.
If somebody said, you know what, in your operation we use stainless steel screws to fit all the broken bits back together.
Sometimes we use titanium screws, but they're much more expensive. What we want to do is see what is the sort of risk-reward of that.
I would probably go, you know what, that would be really helpful.
I wouldn't want to begrudge the person, but I'd like to think that I would think twice, thrice, or even four times about saying, okay, I'll sign up for this thing so that you can use what happened to me way back then when I had the crash, but also all the other medical data that applies to me for every doctor surgery visit, every hospital visit, every surgery, every bit of medical treatment, possibly even including mental health treatment that I have for the rest of my natural life.
That to me would feel like I was probably letting myself in for something for which nobody had really thought through the possible consequences fully.
And that, sadly, is what seems to have happened in this case.
GRAHAM CLULEY
Right. So we've got all these volunteers. This data has been given to UK Biobank. So what has happened? What's gone wrong?
PAUL DUCKLIN
Well, they require researchers to sign up and they vet them in some way.
And I don't think they vet that they're great programmers or that they have experience in software engineering or that they have experience in cybersecurity or how to use GitHub properly, etc., etc.
And also, people who've signed up for this, some of them might be surprised to know that these elite special group of trusted researchers already apparently number 20,000 people all around the globe.
PAUL DUCKLIN
Who get access to some, much, or all of this data for whatever research it is they want to do.
PAUL DUCKLIN
And of course, as you and I know all too well, it's not enough just to trust those people.
You have to trust their computers as well, that they haven't got data scraping malware on them. You have to trust the network they're on.
You have to trust the employer or the owner or the influencer of the institution where they study. Which might be quite hard to determine.
So what happened is that for good academic reasons, it was decided that anyone who's using this data and who's done their research, obviously they'll write software code which will process it and manipulate it.
And it's very important in scientific research of this sort, medical or otherwise, that other people can repeat your experiments if they're given access to the data.
To see whether you cheated or made a mistake with the results.
PAUL DUCKLIN
So they're required to publish their code.
PAUL DUCKLIN
But of course they can't publish the data because anyone who wants to check the results has to go and persuade UK Biobank that they're cool as well.
GRAHAM CLULEY
Well, that seems sensible to me.
PAUL DUCKLIN
Now, I suspect that at least some of this code that was written would have been done, A, by people who weren't skilled software engineers to start with, or perhaps B, by some kind of vibe-coding AI.
GRAHAM CLULEY
Yes, very much so. Yes.
PAUL DUCKLIN
How can I put it? And you can imagine what happened when they went to publish, because you can imagine you're a researcher, you're so excited. Oh, I've got this fantastic result.
And you tell the AI, grab all my code and upload it, and then upload the PDFs and publish the report and put out the press release.
And so, as you can imagine, in numerous cases, the code and at least some of the data with it, because it was in the same directory, got scooped up and uploaded to GitHub where anybody could download it.
GRAHAM CLULEY
Ah, okay. Well, obviously that's an oversight, but Duck, don't worry because that code has been de-identified, hasn't it? There's no way of working out it's Mrs.
Miggins, you know, from 13 Trellis Avenue. That's not going to happen, is it? So that's all right.
PAUL DUCKLIN
Yes, that's sort of where the aforementioned Professor Sir Rory Collins, Chief Executive and Principal Investigator of UK Biobank, started his, I have to say, sort of semi-rebuttal of what The Guardian had done.
GRAHAM CLULEY
What did The Guardian do?
PAUL DUCKLIN
So, The Guardian found someone who had volunteered with UK Biobank.
PAUL DUCKLIN
And went to her and said, look, we'd like to see just how well this is de-identified. Will you give us some of your medical data?
Just some snippets of your history, just enough critical information, and we'll see how little of it we need until we do a search and bang, we get one record.
And as soon as you get down to one record, then you know the magic anonymized ID that ties that record to all the others, which is the whole purpose of this project, right, that you can tie this surgery to that treatment, this counseling to that behavioral change, etc., but without knowing who it is.
And with this particular volunteer, they had the month and year in which she was born, which I think for most people in the UK, given the number of breaches so far, we should consider a matter of public record.
PAUL DUCKLIN
And they had the fact that she had a specific type of operation. I believe it was a hysterectomy in a particular month and year, and I think she was 71 years old.
So she had a lot of medical history in there. Oh, with just that information, let's say the date of birth. Let's consider that free of charge.
Let's just assume to a first approximation everyone in the UK has a public date of birth.
GRAHAM CLULEY
So let's call her Alice. And now, just with those two pieces of information—
PAUL DUCKLIN
One operation in one month that they knew, yeah, bingo, de-anonymised. That's just one person, done.
GRAHAM CLULEY
And now, whoever it was is able to find out everything else about all the other treatments that they've had.
PAUL DUCKLIN
Yes, because you find that one record and it says, we're not telling you this is Alice from Trellis Avenue. This is, you know, 10538.
PAUL DUCKLIN
And so you just go and say, well, what other things has 10538 had? Well, 3 years ago this, 5 years ago that, 7 years ago the other. In other words, you've de-anonymized that person.
You've re-identified them. You can then go through the database and replace their magic number 10538 or whatever it is with the text Alice of Trellis Avenue. Done.
GRAHAM CLULEY
Thank goodness this person agreed to be a guinea pig for The Guardian so that they were able to prove that this was possible.
So the boss of UK Biobank, that CEO, what's he had to say about this?
PAUL DUCKLIN
Well, he has reacted in a way that I think is very old-fashioned and suggests that he's not familiar with where we are in, you might call, de-anonymisation skills and abilities.
PAUL DUCKLIN
He just said, "We take your privacy extremely seriously." Oh!
GRAHAM CLULEY
Red flag number one. That's a novel line. Yes. Not heard that one before.
PAUL DUCKLIN
I am also a UK Biobank participant, so I know how much this matters.
GRAHAM CLULEY
Oh, how do we know his month and year of birth? I bet we could find that out, probably from Companies House.
PAUL DUCKLIN
Yes. Or you could just look at a photo of him, roughly guess his age. That gives you the year, and then you've got 12 months to play with. So it's not that hard, right?
PAUL DUCKLIN
He said, we know that the possibility of your data being identified can never be completely removed.
But it would require someone to have specific matching information from another source. That is what The Guardian has done.
The participant featured chose to give specific personal health information. The Guardian then cross-referenced this.
This is not a failure of our approach to data confidentiality because the participant shared the information to identify themselves.
GRAHAM CLULEY
Right, so we've already agreed that date of birth is basically public knowledge now, right?
GRAHAM CLULEY
Because we've all had so many breaches.
GRAHAM CLULEY
Okay, so yes, they would have had to have known when she'd had her hysterectomy operation, for instance.
I mean, it would be difficult, wouldn't it, finding out when someone else has had an operation? I mean, unless you handed it over?
PAUL DUCKLIN
Unless you happened to be able to reconstruct that data as an attacker.
Maybe a cybercriminal who's made millions off ransomware and has got plenty of money and time to burn, or a state-sponsored attacker who's funded to do this as a job.
I would imagine that there are very, very, very many people in every country of the world, including the UK, who, when they have been in hospital for some serious specific operation, have received get-well-soon messages on social media from their chums.
Wouldn't you think that?
PAUL DUCKLIN
So that gives you the month and year of the operation. And even if it doesn't actually say what they're in for, many people will give it away.
Or you might notice if there's a picture in the ward, you might be able to reconstruct what it is. But here's an even easier way to do it.
PAUL DUCKLIN
Apparently, and this doesn't just disproportionately affect women, this only affects women.
PAUL DUCKLIN
Approximately 40% of births in the UK these days are by caesarean section, which requires an operation, surgery.
PAUL DUCKLIN
The date of the operation unavoidably coincides with the date of birth of the child born during that operation, doesn't it?
GRAHAM CLULEY
It kind of does, doesn't it?
PAUL DUCKLIN
You can imagine if it's 1 minute to midnight, then depending on when the midwife writes it down, you might get it wrong by 1 day. But you only need month and year.
So if you start by going, okay, let's focus on month, year, C-section, right?
You also have the issue that I believe there are something like 100,000 operations in the UK each year for hernia. That's the most common operation, apparently.
So suddenly the fact that this sounds like a very unlikely coincidence that an attacker could ever guess is not true.
But imagine if they actually had data that they had bought off the darkweb from an earlier breach from a healthcare institution that had been hit by ransomware.
Data had been stolen, the ransom wasn't paid, and the crooks decided to sell it on. Just imagine that on its own.
You would think that's quite annoying for those individuals who everyone now knows they had trouble with their throat in such a month year.
That would be bad enough, but that alone could now be enough to de-anonymize all of those people. And that's something like up to 50,000 people a year in the UK.
So Professor Srivouri's disclaimer, I don't think he's being disingenuous.
I think he may just genuinely not realize how easy it is to stitch together little bits of data from lots of sources.
GRAHAM CLULEY
That's probably not the kind of stitching which he was done which earned him his professorship and knighthood, I suspect.
PAUL DUCKLIN
Yes.
I mean, Graham, if you think that we now have enough processing power around the world and enough data storage to build statistical inferencing models— some people call them LLMs or AIs— such that you can essentially reconstruct the full text of all the Harry Potter novels by steering this thing in the right way to guess what comes next.
If that's possible, then piecing together this guy had a tonsillectomy in March 1985 and also had a hernia operation in July 2006 and was born in March 1963.
The idea that you can't use that with this data to de-anonymize the person seems to be a bit of a forlorn hope.
GRAHAM CLULEY
Okay, now just to be devil's advocate for a moment, couldn't you argue that The Guardian has been a bit sensationalist here?
Because nobody's actually been identified against their will so far, have they?
PAUL DUCKLIN
No, I don't know that they're being too sensationalist. I think that the article they published, which we'll put in the show notes, does give a reasonably balanced view.
They were saying, well, we went to a volunteer and we happened to have one piece of information that they volunteered.
Because obviously, they didn't want to go on the darkweb and say, hey, let's see if we can buy illegal data and do it that way. Which I kind of suspect they could have done.
And I kind of suspect they wouldn't have got Alice from Trellis Avenue's data. They might have got 10, 20, 30, 50, 100 people's data.
So I think the problem here is not that people were forced to hand over data that then got abused by cybercriminals.
I just think that Professor Sirore may have underestimated the extent to which the de-identification of the data is reversible.
GRAHAM CLULEY
Yeah, it sounds like he's made an assumption about probability that probably doesn't actually hold very much water.
The fact that nobody's been caught doing this yet, it is not the same as it can't be done.
And we have to worry about this because, of course, the Health Service more and more wants to use our data, and it wants to give it to some companies who are promising to do remarkable things, which they say will help make our Health Service more efficient.
And I think there are understandable concerns about how well that data is going to be looked after. It sounds like it wasn't done well enough in this case.
PAUL DUCKLIN
Yes, particularly if one of those companies is an American startup that claims by taking a tiny drop of blood from your thumb, it can diagnose 7 trillion diseases and save the planet.
PAUL DUCKLIN
See, former CEO now serving 11 years in a federal prison.
PAUL DUCKLIN
So there isn't clear and obvious advice for this. So I don't want to say to people, do not sign up for these programs.
Because you may feel so strongly about the value that you got from something like the National Health Service that you feel it is actually worth cybercriminals getting at your stuff potentially in the future, that you're prepared to take that risk because the benefits to other people from learning from what went right and wrong in your treatment, that it just could all work out.
But don't be seduced by the fact that, hey, this is absolutely fantastic. The de-identification or the anonymization of the data is bound to be enough.
And don't forget that data breaches are very sadly in the healthcare industry much more common than you might like.
GRAHAM CLULEY
Well, we've got time right now to chat about one of our sponsors this week, Vanta.
JOE
Oh yes, my favorites. What do they do again?
GRAHAM CLULEY
They stop you running your entire security program out of a spreadsheet, Joe.
JOE
That seems aimed at me personally, Graham.
GRAHAM CLULEY
Well, it is a little bit, yes. But you know how most companies have to prove they're secure to customers or auditors and regulators?
And the whole thing involves chasing down evidence, filling in questionnaires and forms, updating the same spreadsheet cells over and over again.
JOE
Over and over again. It sounds utterly soul-destroying.
GRAHAM CLULEY
Well, Vanta automates all of that.
GRAHAM CLULEY
Well, their trust management platform keeps a continuous eye on your systems. It pulls everything into one place and keeps you audit ready around the clock.
So no more staring at the ceiling at 2 AM wondering whether you've got the right controls in place or whether one of your suppliers has been breached.
JOE
The stuff of nightmares.
GRAHAM CLULEY
Yeah, it would be, wouldn't it?
But this Vanta solution uses AI as well, and it's the useful kind, flagging risks, collecting evidence, slotting into the tools your team already uses so you move faster, scale without the headaches, and perhaps actually get some sleep.
Go to vanta.com/smashing to find out more.
JOE
That's vanta.com/smashing. And thanks to Vanta for supporting the show.
GRAHAM CLULEY
And welcome back. And you join us at our favorite part of the show, the part of the show that we like to call Pick of the Week.
PAUL DUCKLIN
Pick of the Week.
GRAHAM CLULEY
Pick of the Week is the part of the show where everyone chooses something they like.
Could be a funny story, a book that they've read, a TV show, movie, a record, a podcast, a website, or an app. Whatever they wish. It doesn't have to be security related necessarily.
Well, my Pick of the Week this week is not security related. My Pick of the Week this week is a website which tickled me. Everyone's gone mad about AI.
Everyone's using AI left, right, and center. Are you bored with AI or are you horrified with AI, duck?
PAUL DUCKLIN
Sorry, what was that, Graham? When I heard AI, I thought, oh golly, more slop.
GRAHAM CLULEY
Well, this is a bit of fun. This is a website called youraislopbores.me. Link in the show notes.
PAUL DUCKLIN
I'm going there.
GRAHAM CLULEY
I want you to go there. So this presents itself as being a bit like an AI chatbot where you can type in a question.
And as is the case often with these AI chatbots, it's not going to give itself away for free, right?
And it's on this particular site, you earn some credits before you can ask questions.
And the way in which you earn credits on youraislopbores.me is you can answer questions other people have posted to the AI.
PAUL DUCKLIN
Oh, it's an MITM attack.
GRAHAM CLULEY
So you can effectively become the machine.
I've been playing with this, Duck, so I've actually had great fun pretending to be an AI, answering other people's questions that they've been put into what they may assume is an AI.
So for instance, someone asked me, can you draw a strawberry? And I thought, well, yes, I can draw a strawberry.
So I did a sort of rough sort of Microsoft Paint style picture of a strawberry. And then I wrote the word strawberry, albeit I put about 15 Rs in it.
And sent that off to them and they were happy.
PAUL DUCKLIN
It's not 15, it's 12. AI always gets that wrong.
GRAHAM CLULEY
Someone else said, can you draw some fried chicken? So I drew a little cartoon chicken and put it in a frying pan.
Someone else said, oh, I'm thinking of going to Japan this year before World War III ruins everything. Am I safe to go?
And I said, well, you don't say where you're going to Japan from. That would be a useful and relevant detail.
So I was able to answer all these questions and I was earning credit so that I could then myself ask questions of the AI.
I have to say, I find it really addictive pretending to be an AI answering questions.
PAUL DUCKLIN
Now, I'm actually on that site right now, Graham. So help me along here.
PAUL DUCKLIN
It says I've got 1 token and I asked a question. I said, how long is a yard?
PAUL DUCKLIN
And hasn't used up my tokens, so I haven't been asked to solve anything yet.
GRAHAM CLULEY
Oh, go and click on the tab which says LARP as AI.
GRAHAM CLULEY
And if you go there and you click on start LARPing, you should receive a question.
PAUL DUCKLIN
Oh, it says someone has asked, stop looking at me. Not a real question. Submit and earn token.
GRAHAM CLULEY
There you are.
PAUL DUCKLIN
Oh, that's it.
GRAHAM CLULEY
That's all you got to do. You see?
PAUL DUCKLIN
Am I even real? No, of course not. Break up text blaming alignment of stars and high credit score. Oh, that's good. So I have to tell this person what they can tell to their SO.
I'm going to put, uh, Pisces, dollar, dollar, dollar, excess error 404. I see what you mean.
GRAHAM CLULEY
It's quite addictive.
PAUL DUCKLIN
So you can literally put anything and you earn the tokens.
GRAHAM CLULEY
Now, it is possible for the person receiving your answer to say that it was spam or, you know, offensive or something like that.
Then maybe you won't get a token, but I imagine you're just bashing the keyboard now, aren't you?
PAUL DUCKLIN
Oh, now I've asked a question that I actually don't know the answer to. Can I skip?
GRAHAM CLULEY
You can skip.
PAUL DUCKLIN
I'm just gonna put dunno. That'll do. I've got 6 tokens already. Explain to cat why is legally obligated to cuddle right now. Let's put meow exclamation point. That's important.
I've got 8 tokens already. Why do eyes exist? I can't hear you. Motivational quote for people whose only goal today is not crying. This is getting a bit weird.
GRAHAM CLULEY
There are some which are a bit weird, but you've now earned, you see, some credits so you can ask questions.
PAUL DUCKLIN
I've got 9 tokens now, Graham.
GRAHAM CLULEY
You're doing very well, Duck. Well done.
PAUL DUCKLIN
Is that good?
GRAHAM CLULEY
Well, I think so.
PAUL DUCKLIN
So now I can go back and spend those, can I? I won't do it now. I'm going to save it up for later.
GRAHAM CLULEY
I think this is the future of AI. If we had human-powered AI, I personally find this quite— I particularly enjoyed the drawing tasks. I think this is quite a good answer to things.
Use AI rather than all these computers to do things.
PAUL DUCKLIN
Well, we seem to have fallen into it headlong.
GRAHAM CLULEY
Folks, you can try this out for yourself. Go to youraislopbores.me, and who knows, you could be answering a question from Duck when he uses up some of his credits.
Duck, what's your pick of the week?
PAUL DUCKLIN
Graham, my pick of the week is something that I read on LinkedIn, which delighted me because as far as I can see, it's a real post replying to an article where the post is not AI, which is surprisingly rare on LinkedIn these days.
And it's a chap by the name of Vaughn Shanks.
PAUL DUCKLIN
Who is responding to a satirical news story on a website called The Exploit.
PAUL DUCKLIN
I think it tries to be a little bit serious, but this is more of an Onion thing.
The headline on the site is: A judge has sentenced a CISO to 8 consecutive hours on the RSA Conference Expo floor.
His crime: failing to disclose a breach to the Securities and Exchange Commission of the USA within the mandated 4-day window.
Legal experts at the SEC are calling the penalty proportionate and corrective. Former RSA attendees are calling it barbaric.
GRAHAM CLULEY
It is barbaric. I've been there. Have you been to the RSA Expo floor?
GRAHAM CLULEY
Working on a booth?
PAUL DUCKLIN
I have. Oh, I think that was back in the days when it was— it wasn't quite as pay-to-play as it's become.
Anyway, the bit that Vaughn Shanks added is an explanation of what the RSA conference expo floor is, because people may not know, right? And his definition of it is fantastic.
He says the expo floor, for the uninitiated, is 50,000 square meters of vendors who all do the same thing, none of whom can quite explain what that thing is, and every single one of whom has as of 18 months ago, always been an AI company.
The defendant is said to be in good spirits.
GRAHAM CLULEY
Well, it's good timing because I think RSA is on next week, isn't it?
PAUL DUCKLIN
Yeah, something like that. It's fun to go, but 8 consecutive hours?
GRAHAM CLULEY
Oh, it's rough.
PAUL DUCKLIN
It's going to be hard. As Vaughn Shanks points out, he says, his joke is, the defendant is said to be in good spirits.
But sources close to the case warn that will change about 40 minutes in, somewhere between the third autonomous threat detection platform and the man offering to scan his badge just to send some resources over.
The sentence is believed to be the harshest handed down to a security executive since the SolarWinds incident.
GRAHAM CLULEY
Brilliant. I love it. Very funny. Thank you so much, Duck, for joining us this week. I'm sure lots of our listeners would love to find out what you're up to and follow you online.
What's the best way to do that?
PAUL DUCKLIN
You can just visit my website. It is paulducklin.com/about and find out about me.
And if you think I can create some fantastic content for you, whether it's written, spoken, or visual, please get in touch.
GRAHAM CLULEY
Fantastic. And of course, I'm on social media as well. You can find me on LinkedIn, or you can follow Smashing Security on Reddit, Bluesky, and Mastodon.
And don't forget to ensure you never miss another episode.
Follow Smashing Security in your favorite podcast app, such as Apple Podcasts, Spotify, and Pocket Casts for episodes, show notes, sponsorship info, guest lists, and the entire back catalog of around about 459 episodes.
Check out smashingsecurity.com. Until next time, cheerio. Bye-bye.
GRAHAM CLULEY
You've been listening to Smashing Security with me, Graham Cluley, and I'm grateful to Duck for joining us this week, as well as this episode's sponsors, Adaptive Security, Vanta, and Meta, and to all those chums who've signed up for Smashing Security Plus via Patreon.
As members of Smashing Security Plus, they not only get episodes of the pod earlier than the great unwashed public, and ad-free episodes at that.
But they also get the chance to be pulled out of the hat and to be thanked here at the tail end of the show. So let's pick some of them out of the metaphorical hat right now.
First up, Marvin71, which suggests there are at least 70 other Marvins that they feel they need to distinguish themselves from. Frankly, I respect that.
A big hello to Elbow, which could be a name, it could be a joint. Could be a command you shout at someone who's hogging their armrest in the cinema. Not sure.
Watcher to MJ Lee and Lewis, who's decided one name is quite enough. Thank you.
Cheers to Travis West and to Heisenberg, who we are legally required to say we don't know and have never met.
A special welcome to one patron who's entered their name entirely in kanji characters and thus unpronounceable by this ignorant Englishman, but thank you anyway.
And finally, thank you to Karen Reynolds, as well as Alex Tasker and Richard Mortner, two names that sound like they belong in a very good detective novel.
If you'd like to join Smashing Security Plus and support the show, as well as get all of those benefits, just head over to smashingsecurity.com/plus for all of the details.
And I understand that not everyone can support the podcast in that way. And if that is true for you, do not fear.
You can still leave us a review or like the podcast, or best of all, tell your friends that you enjoy Smashing Security. Go on, encourage them to subscribe as well.
Well, that just about rounds off the show for this week. I hope you've enjoyed it.
This transcript was generated automatically, probably contains mistakes, and has not been manually verified.