Cyber Goodreads - Interview with Amazon's CSO
Honeypot networks and AI helping defenders
The Record has a great interview of Amazon’s Chief Security Office, titled “Amazon’s Schmidt talks China, cyber traps and the battle in the cloud”. It covers a lot of ground on several particularly current and relevant cybersecurity topics - and from the perspective of a person tasked with keeping one of the biggest of big tech companies cyber safe.
Here are a few of the questions / topics that captured my interest most:
From honeypots to ‘Madpot’
I wrote recently about what sort of cyber tool a honeypot is. Madpot is that on steroids and then some.
CLICK HERE: Can you talk a little bit about MadPot, what is it and how does it work?
STEVE SCHMIDT: MadPot is a honeypot network. A honeypot is a computer system that's been specifically built to be attacked. So it's designed to attract adversaries by presenting the image that it's a vulnerable computer system …
And here’s some numbers that catch the eye (emphasis mine below):
CH: How often do adversaries actually interact with these honeypots?
SS: It is absolutely constant. So to give you some relatively scary numbers, we operate some 10,000 of these things around the internet right now. It takes about 90 seconds for one of these honeypots to be probed by an adversary — from when it goes online, within three minutes adversaries are trying to exploit it.
What keeps him up at night
CH: So what keeps you up at night?
SS: Humans. They are the single thing that we have to think about the most. A lot of people look at my job and say, “Oh, computer security — you gotta be worried about tools and techniques and all that kind of stuff.” No. It's people.
That’s enough spoilers, There is also great stuff about how Amazon is using AI in their defensive stack and about Volt Typhoon, one of the of the most capable nation-state level adversary groups.
Check out the full interview HERE for a heck of cyber goodread.
I like his definition of Honeypots. Also Madpots?!!