58 min

“Sure, I Can Hack Your Organization” – with Eric Escobar (Part 1 of 2‪)‬ SpyCast

    • History

Summary  
Eric Escobar (Twitter; LinkedIn) joins Andrew (Twitter; LinkedIn) to discuss compromising networks and information security. He has a coveted DEFCON Black Badge. 
 
What You’ll Learn 

Intelligence 

What keeps Eric up at night  

Thinking like an ethical hacker (aka a “penetration tester) 

Protecting your information (i.e., “Hardening the attack surface”) 

Plain English explanations of key cyber concepts like “Kill Chains” and “Zero Days” 

Reflections 

Having a cool job 

The information revolution and life in the modern world 

And much, much more… 


Episode Notes 
Eric Escobar commits several thousand felonies on any given day, if he didn’t have permission to do what he was doing. 
A Principal Security Consultant with SecureWorks, Eric has compromised pretty much everything out there: from healthcare and banking to technology and critical infrastructure, through to amusement parks and next generation military aircraft. 
“From my perspective, it’s the coolest job in the entire world.” 
His team consecutively won first place in the Wireless CTF category at DEF CON 23, 24, and 25, snagging a Black Badge along the way. He has a BS and MS in Civil Engineering.  
And… 
The links between computing, hacking and the 60’s counterculture are FASCINATING. Learn more by dipping your toes here and here, or dive deeper with What the Dormouse Said (2005) by John Markoff and From Counterculture to Cyberculture (2006) by Fred Turner.   
 
Quote of the Week 
"Watching any critical infrastructure get compromised is really the thing that keeps me up at night because lives are in the balance…and we do a lot of testing for critical infrastructure, and I've seen computers and machines that have been online and not been taken offline, longer than I've been alive…So really interesting to see those types of things because they interact with really big, expensive hardware…there's a catch 22 that happens where you can't really take the machine offline to do maintenance on it because it's critical infrastructure. So then how do you test it to make sure that a hacker can't take it offline, or maintenance can't be done on it? " – Eric Escobar.
 

Resources 

*Andrew’s Recommendation* 


Word Notes  

From beginner thru advanced, you’ll find some helpful definitions of things like “Web 3.0,” “NFT’s” and “Digital Transformation” on this Cyberwire audio glossary. 

*SpyCasts* 


Inside Microsoft’s Threat Intelligence Center (MSTIC) – with John Lambert and Cristin Goodwin (2021) 


The Cyber Zeitgeist – with Dave Bittner (2021) 


Securing Cyberspace – with Charlie Mitchell (2016) 

*Beginner Resources* 


What is Hacking? The Economic Times (n.d.) [web] 


Ethical Hacking in 8 Minutes, Simplilearn (2020) [8 min video] 


Cybersecurity in 7 minutes, Simplilearn (2020) [7 min video] 

Books 


The Cyberweapons Arms Race, N. Perloth (Bloomsbury, 2021) 


Cult of the Dead Cow, J. Menn (PublicAffairs, 2020) 


Breaking & Entering, J. Smith (Mariner Books, 2019) 


The Art of Invisibility, K. Mitnick (L, B & C, 2017) 


Ghost in the Wires, K. Mitnick (Back Bay Books, 2012) 


Kingpin, K. Poulson (Crown, 2012) 


The Cuckoo’s Egg, C. Stoll (Doubleday, 1989) 


Neuromancer, W. Gibson (Ace, 1984) 

Articles 


2022 State of the Threat: A Year in Review, Secureworks (2022) 


The Anthropology of Hackers, The Atlantic (2010) 


Timeline Since 2006: Significant Cyber Incidents, CSIS (n.d.) 

Documentary 

DEFCON, The Documentary Network (2013) 
Resources 

Government Hacking Bibliography, S. Quinlan, New America Foundation (2016) 
*Wildcard Resource* 

“The Aurora Shard” 

Come to the International Spy Museum to see an ugly chunk of metal. Why? Well, it speaks to a revolution in the relationship between the material world and the non-material world. Broken down? 30 lines of code blew up a 27-ton generator. Zeros and ones ca

Summary  
Eric Escobar (Twitter; LinkedIn) joins Andrew (Twitter; LinkedIn) to discuss compromising networks and information security. He has a coveted DEFCON Black Badge. 
 
What You’ll Learn 

Intelligence 

What keeps Eric up at night  

Thinking like an ethical hacker (aka a “penetration tester) 

Protecting your information (i.e., “Hardening the attack surface”) 

Plain English explanations of key cyber concepts like “Kill Chains” and “Zero Days” 

Reflections 

Having a cool job 

The information revolution and life in the modern world 

And much, much more… 


Episode Notes 
Eric Escobar commits several thousand felonies on any given day, if he didn’t have permission to do what he was doing. 
A Principal Security Consultant with SecureWorks, Eric has compromised pretty much everything out there: from healthcare and banking to technology and critical infrastructure, through to amusement parks and next generation military aircraft. 
“From my perspective, it’s the coolest job in the entire world.” 
His team consecutively won first place in the Wireless CTF category at DEF CON 23, 24, and 25, snagging a Black Badge along the way. He has a BS and MS in Civil Engineering.  
And… 
The links between computing, hacking and the 60’s counterculture are FASCINATING. Learn more by dipping your toes here and here, or dive deeper with What the Dormouse Said (2005) by John Markoff and From Counterculture to Cyberculture (2006) by Fred Turner.   
 
Quote of the Week 
"Watching any critical infrastructure get compromised is really the thing that keeps me up at night because lives are in the balance…and we do a lot of testing for critical infrastructure, and I've seen computers and machines that have been online and not been taken offline, longer than I've been alive…So really interesting to see those types of things because they interact with really big, expensive hardware…there's a catch 22 that happens where you can't really take the machine offline to do maintenance on it because it's critical infrastructure. So then how do you test it to make sure that a hacker can't take it offline, or maintenance can't be done on it? " – Eric Escobar.
 

Resources 

*Andrew’s Recommendation* 


Word Notes  

From beginner thru advanced, you’ll find some helpful definitions of things like “Web 3.0,” “NFT’s” and “Digital Transformation” on this Cyberwire audio glossary. 

*SpyCasts* 


Inside Microsoft’s Threat Intelligence Center (MSTIC) – with John Lambert and Cristin Goodwin (2021) 


The Cyber Zeitgeist – with Dave Bittner (2021) 


Securing Cyberspace – with Charlie Mitchell (2016) 

*Beginner Resources* 


What is Hacking? The Economic Times (n.d.) [web] 


Ethical Hacking in 8 Minutes, Simplilearn (2020) [8 min video] 


Cybersecurity in 7 minutes, Simplilearn (2020) [7 min video] 

Books 


The Cyberweapons Arms Race, N. Perloth (Bloomsbury, 2021) 


Cult of the Dead Cow, J. Menn (PublicAffairs, 2020) 


Breaking & Entering, J. Smith (Mariner Books, 2019) 


The Art of Invisibility, K. Mitnick (L, B & C, 2017) 


Ghost in the Wires, K. Mitnick (Back Bay Books, 2012) 


Kingpin, K. Poulson (Crown, 2012) 


The Cuckoo’s Egg, C. Stoll (Doubleday, 1989) 


Neuromancer, W. Gibson (Ace, 1984) 

Articles 


2022 State of the Threat: A Year in Review, Secureworks (2022) 


The Anthropology of Hackers, The Atlantic (2010) 


Timeline Since 2006: Significant Cyber Incidents, CSIS (n.d.) 

Documentary 

DEFCON, The Documentary Network (2013) 
Resources 

Government Hacking Bibliography, S. Quinlan, New America Foundation (2016) 
*Wildcard Resource* 

“The Aurora Shard” 

Come to the International Spy Museum to see an ugly chunk of metal. Why? Well, it speaks to a revolution in the relationship between the material world and the non-material world. Broken down? 30 lines of code blew up a 27-ton generator. Zeros and ones ca

58 min

Top Podcasts In History

Historier Som Endret Verden
Gjenklang & Acast
Historier Som Endret Norge
Gjenklang & Acast
The Rest Is History
Goalhanger Podcasts
Gamle greier
Nasjonalbiblioteket
Med egne øyne
Bauer Media
Historiepodden
Moderne Media og Untold

More by International Spy Museum