Hang tight while we fetch the video data and transcripts. This only takes a moment.
Connecting to YouTube player…
Fetching transcript data…
We’ll display the transcript, summary, and all view options as soon as everything loads.
Next steps
Loading transcript tools…
Unexpected Frontlines: Environments You Didn’t Expect to Protect | Bitdefender Enterprise | YouTubeToText
YouTube Transcript: Unexpected Frontlines: Environments You Didn’t Expect to Protect
Skip watching entire videos - get the full transcript, search for keywords, and copy with one click.
Share:
Video Transcript
Video Summary
Summary
Core Theme
The core theme is understanding and managing an organization's "attack surface," which encompasses all potential entry points for attackers, including compute, human, and intellectual assets, as well as increasingly complex and often overlooked elements like IoT devices and AI systems.
Mind Map
Click to expand
Click to explore the full interactive mind map • Zoom, pan, and navigate
The attack surface is basically how
attackers see your organization, your
company. It's
>> more about thinking outside the box, at
least from the attacker perspective.
>> The unsuspecting devices on u usually on
the network obviously that are uh not
considered. What we see is that
attackers go for the weakest link,
>> which reminds me of uh of the houses
that have like a really nice metal door,
but uh there's a big terrace uh glass
wall on the back that's as accessible.
>> And that's an entry point for an
attacker. Think as an attacker would.
And the good news is attackers today,
they use commoditized tools.
>> We have the AI that's like a blend of
All right, welcome to a new episode of
Cyber Crime from the Front Line, the
only podcast where the experts come up
front. Uh, we're going to talk about
unexpected attack surfaces. Um, this is
Dan Berte, your host, and I have with me
here, Mihi, I have Jagos, and I have
Raf, and I'd like you guys to introduce yourselves.
yourselves.
>> Okay. Hi, Dan. Nice to see you. So, I'm
Mihi Leonte. My colleagues here call me
Makai. I'm the director of attack
surface analytics here at the Defender.
Hi, I'm Drago. I'm the vice president of
thread research here, you know,
defender. And
>> I'm Rafael Perry and I'm the director of
product management here at Bitf. It's
awesome because uh we keep saying about
we keep talking about this uh and this
kind of cues into what are the tax
surface is. But uh you know there's all
these layers between you guys uh who are
the actual experts doing the thing. Um,
and there's usually somebody else uh in
between you and uh and and and and the
outside world. Um um but uh this is one
of those beautiful occasions where we
can actually uh get information for the
latest type of uh changes in the attacks
from the actual experts doing the work.
So um I know it's a stupid question but
uh what's an attack surface?
>> So yeah, you could we could look at it
that way. The attack surface is
basically how attackers see your
organization, your company. If you want,
you can split it into three main
pillars, right? The first one would be
like your compute assets. Everything
that has uh CPU processing power that
something that can run code can be
exploited, right? So, this is a thing
that attackers might go after.
A second pillar would be your human
assets, the employees, the contractors,
everyone that represents the company
outside of it, right? And might be in
some way approached, attacked, maybe
convinced to click a fishing email and
so on and so forth, right? And the third
pillar is uh with the intellectual
assets of the company. You have your
documents, you have your patents, you
have the customer data stuff that you
hear about it in breaches. you hear
about the fact that customer data got
leaked uh in the case of X or Y right so
uh all of these
you might not realize it but for your
attack surface right and on on top of
that right now we have the AI that's
like a blend of all of these you have AI
that's considered compute because it
it's run on uh GPUs right it's run on
code we expect of it to act like humans
to do tasks, right? We were talking
about agents, but they also handle the
sensitive data, right? When you put that
AI to make humanike uh tasks, it needs
to handle sensitive data, right? And the
main idea would be uh for the viewers to
understand that it's complex to to look
at the attack surface, right? And you
need to understand that there might be
holes that you are not uh patching, you
are not looking into. Uh I'm going to
leave you with uh this analogy for
start. Imagine you have a house and you
make sure that you block you lock the
front door
>> but somewhere you leave a window open, right?
right?
>> Which reminds me of uh of the houses
that have like a really nice metal door,
but uh there's a big terrace uh glass
wall on the back that's as accessible.
I'm like, you know, I've always
wondered. I think it's just I mean I can
see it's layered. It it looks bad from
the bad from the front. It looks like
it's means business, but it deters
somewhat a potential uh uh intruder, but
at the same time, whoever is really
motivated, it's going to look and check
the back as well. And I think this is
kind of distills the philosophy of the
researcher and looking at the attack
surface, right?
>> What we see is that attackers go for the
weakest link. They don't try to crack
the incredible code. they go for the the
asset that has I don't know you have a
computer exposed to the internet without
a password the easiest things not trying
to uh get into
>> right but you know and to your point
like I'm trying to think of the the you
know the optics of this the perceived uh
from from me as a let's say I'm the
organization the researchers right there
doing their own thing I'm thinking well
my data my valuable data is here so this
is what I'll direct all my uh focus on and
and
I why would I I mean that's it. I'll put
my all my effort in there. Not that I
don't care or I don't know. Just like I
won't think of the other avenues, but
the attacker or the researcher has that
curiosity and the
>> Yeah. Because to look for
>> because we're in a cyber age, the most
attacked asset is the compute one,
right? So we have a lot of uh
>> but you also need to understand that uh
in all of these scenarios it's more
about thinking outside the box at least
from the attacker perspective rather
than uh so uh you know if you're an
attacker and just like uh Makai said
you're not actually going to uh try to
you know break uh the thing that is the
most protected you're most likely search
for something different there are also
two clear distinctions
uh in this one is look for something
where the security solution doesn't have
visibility. That's pretty much the manage
manage
>> the easiest. Yeah. So, uh you know uh
just to take Makai's example, you have
like a house and you have cameras but uh
there isn't you know there is a blind
>> you know blind spot and that blind spot
leads to an open window. then that will
be your entry because this is where you
can go and you know that nobody's
looking there. So you you you have some
advantages. Now uh that's more like a
meta meta metaphorical uh example. In
reality uh this actually translates into
try to find something where there aren't
any sensors that can pick up some
information from a cyber security
perspective. So um okay let's try like a
completely different um example. Let's
say that uh you have a printer that is
exposed to the internet. Now obviously
you don't have a printer cyber security
solution or something like this. Uh but
from an attacker perspective this could
actually translate into something
different. It could be okay. So if I
find some potential bug, some things
that I can target on the printer, I know
for sure that nobody actually looked at
it. And that's actually a really uh I'm
going to say funny but interesting
story. Uh we've seen some
well there was a very interesting
exfiltration technique uh that actually
rely on targeting a printer. Now what's
what happened? Let's say that you're
printing something. Now whenever you're
printing something a printer has a
cache. So you're sending the document
that you're going to print to the
printer. the printer is going to keep it
in the cache and then it's going to you
know start printing a copy or multiple
copies of it. Now the cache is usually
quite large. So you know if multiple
people send things to the printer then
the cache will store this. Now uh there
is a vulnerability that uh some people
use to actually connect to the printer
and just download the cache. Now what do
you think it's most likely to find
there? Because you know a regular
program or something like it will not go
and start print a piece of code or
something there but legal team will do
this because they need some documents to
be printed out. So you might actually
get some interesting documents that you
can actually there accounting will might
do something like this. So if you can
actually connect from outside to that
printer and you can excfiltrate some
data from the cache of that printer.
Well, if you look at the organization,
nobody was on the endpoint, nobody was
on the cloud services, nothing happened,
but somehow the documents got out and
the only, you know, the main reason for
this is nobody was looking at the
printer. So, the lack of the sensors is
also something really important in this
uh I think another example that we have
on the printer is and this was found
during a a red teaming exercise. So a
red teaming exercise basically you pay
good hackers to break in, right? Um they
went they had physical access to the
printer. The printer was set up to be
able to scan and that means sending via
email what you scanned, >> right?
>> right?
>> That service was improperly configured
and so they were able to impersonate any
email address with the company domain.
If you're thinking about fishing, this
was gold. So uh in the end of the day
they sent an email to the CEO from the
CFO uh saying blah blah blah as the
proof that yes we have broken in right
and again that's a place you wouldn't
expect. You think you're so well
protected because nobody can impersonate
you today. We rely so much on like trust
of emails coming from the right people
and there are a lot of security layers
for that. But then you've got this one
little printer that nobody's thought of
that completely breaks that assumption apart.
apart.
>> Yeah. Yeah. The issue here is the trust, right?
right?
>> Yeah. Not the printer because it's not
the printer, it's something else.
>> So, so for for example, if we if we look
back and uh and you know ultimately we
also end up that it's a human mistake
somewhere. So um in 1999 was the year
where Microsoft introduced Microsoft
visual basis for application into all uh
office documents. Pretty much you can
add a piece of code which later on
translated in a lot a lot a lot of
attacks that were based on this. But at
that particular point there was a you
know let's say popular belief that if
you are to get uh you know a malware
attack or something it has to be an
executable nothing else could actually
be malicious. So whenever you're seeing
a document yeah it's just a document I
I'm relaxed there is no risk here. So
you you know people were opening them
before they understand and unfortunately
this is something that perpetuates. So
the same happened when the smartphones
appear. The the initial first couple of
years of the smartphones, people were
not thinking this is a computer with a
phone capabilities which is a little bit
different than a smartphone. People were
thinking this is a phone where I can
touch some things on the screen and
because it's a phone and you know
nothing could happen on the phone then
you know I can stay relaxed and nothing
could happen there. And the same thing
happened a couple of years ago when you
know the IoT era started to you know
well this is a fridge. It's not a
computer with a fridge uh support. It's
just a fridge. It's my fridge. I'm just
keeping some things there. You don't
actually know the entire thing that
happens in the back end because it's a
smart fridge but somebody can actually
use it and you're staying it's my
fridge. Nothing could uh could ever
happen there.
>> Well if it accesses your network if it
has access to the internet. Yeah. It's a
it's a
>> computer with access to your not not
only that I mean they've they've also um
obviously become more powerful over the
years as well and now they're um
>> they're comparable to a full-fledged uh
you know machine from years prior and
and it's the silliest thing that's
connected to the internet somewhere on
an environment and that can be perused
very potently
>> but it's a perceptual thing perception
is the same I mean especially since the
utility utility of this of the devices
This is minimal, you know. I mean,
weren't they have didn't they find the
latest generation Cortex Cortex chips in
uh vapes and stuff and those are
connected and
>> and they're probably smarter than I mean more
more
>> computer Apollo,
you know, missions to the moon
>> and and and
they're an afterthought. A lot of people
just don't look uh you know the they
don't consider them any threats. But
then if you contextualize them, there's
maybe a 100 million of those things that
are completely uh uh capable and connected.
connected.
>> You take over them, you can have like
very powerful bucknets. >> Exactly.
>> Exactly.
>> Right. With random devices that are
actually need to be PCs or servers and
they can do damage, right?
>> So the unsuspecting the unsuspecting
devices on um usually on the network
obviously that are uh
>> the same happens with the routers. So if
you think about it, everybody and I mean
like everybody has a router at home. >> Yeah.
>> Yeah.
>> And you know people it's just I just
bought a router. I need it. I put it
there. Then I start you know fortifying
my computer
that's a small computer everything but
the router you know they don't
necessarily think about it and that's an
entry point for an attacker because they
don't necessarily think it's just a
router I put it there. And you know, not
to mention that it's very likely that a
lot of people they just install it there
and you know, 5 years ago it's the same
router with the same for no updates.
>> Exactly. It's one of those default credentials.
credentials.
>> Default credential. Well, nobody
the routers are probably the most um um
long life devices in in environments
because uh every other device might have
features that are more tempting and you
kind of want to improve on them. But
with these devices, they're, you know,
they're doing their thing. there. I
mean, nobody loves printers, of course,
so you're not going to rush to get
another one. Uh, but yeah, so the
routers are one of those typical devices
that well exceed the average life cycle
expectancy for um, especially if we're
talking consumers, that's a router,
right, that's also directly connected to
the internet,
>> 100%. Uh, I mean, people don't even
consider a an IoT device.
>> Yeah. And if you couple it with the fact
that it has maybe a default password in
any or any other misconfiguration that
uh makes it easier to breach, you have
like this is this is the definition of
something that you wouldn't expect to be
an attack surface, but it's an easy pick
for an attacker, right? And also a lot
of people will have the router that they
that they get with their internet
service provider and those for ease of
use often have an administrative access
available from the ISP to be able to
configure it and reset and debug and
that's super convenient except that
basically means that you have left open
a door for the maintenance guy but the
hackers are aware and will use that. So
when you have your own router, you don't
have that. But whenever you're buying
the ISPs, if somebody can remotely
debug, the hacker can remotely debug.
>> Yeah. But actually, Raf, you're you're
getting into something interesting here.
So it's not just the hardware per se.
It's also the software that you're, you
know, using because you're, you know,
when you're saying that there is a
configuration there. Pretty much there
is a configuration in a software in the
router. But we can actually extend this
definition, right? So I can have a
software anywhere. I don't necessarily
fully understand what are the
connections, who can use it, how that
software can be used. Uh but I just use
it because you know it's
relax easy to use. I I'm just you know
um accustomed to that software. But that
software could actually be by itself an
attack surface. Somebody actually knows
differently. You could have
vulnerabilities in the software. Right?
So we know that there are disclosure
programs where uh the affected software
uh gets announced right you get uh a
scale of the vulnerability you have the
CVCC score right to 10 being the maximum
with complete uh takeover uh and you
also have uh fixes that appear right
like patches that you can install but it
depends from the type of software to the
type of software for example uh it's
easier for me to update Chrome right on
my laptop then for me to update my
router firmware. I can do both of them
but there's an accessibility issue. This
is why it's it's important to know that
both of them need to be done and what
the criticality is. So you need you
would need to prioritize one over the
other. So what what you're saying for
example we have let's say the router or
any other connected device that we're
familiar with um we we look at it and we
see the physical form of it and that's
in our perception that's a connected
device that that's how it works but then
in the background where you're saying
there's a hardware component which might
be from different vendors with different
drivers and then a cloud component
potentially another third party uh that
there's no control of and then an app. Yeah.
Yeah.
>> So unless all of these are taken into account
account
>> and it's a good thing that you said the
third party introduces the supply chain
risk. So even if I keep my software
updated the software that I have might
depend on something downstream, right?
And uh that also needs to be properly
secured. Okay. This reminds me, sorry,
this reminds me of a research we've done
on um some consumer cameras on on IoT
and um turned out there was a bon about
about 100 million devices that were
ultimately totally um uh uh easily
compromisable because of the threats and
the all of these cameras from very
reputable different manufacturers relied
on a cloud provider that was um just one
reli one cloud provider for all of these manufacturers.
manufacturers.
And but the fact that they had different
SLAs's and different contracts with them
um meant that so some of these
manufacturers could patch the
vulnerabilities at a different date with
the priority compared to the others and now
now
>> the researcher couldn't disclose the
vulnerability until everybody else
patched the vulnerability which opened
up more risk or so it was just it it
turned out to be a more complex
situation than it had to be because of a
third party that relied on uh uh some
some libraries that wouldn't updated and
and and these you know manufacturers uh
all suffered around the same time and
impacted 100 million devices.
>> This is why it's important to to have
visibility right. So the whole idea is
to understand your attack surface. Maybe
you won't be able uh all at all times to
have endpoint protection on on
everything that's hardware or server or
in the cloud, right? But you should at
least know, hey, I have this uh this
computer here under my desk, it's
connected to my network, it doesn't have
protection, but it's part of my network,
right? If someone uses it, gets on the
internet and uh infects the computer, my
network is at risk. So, I need to treat
this differently. I need to be aware of
it. So, visibility is key
>> and and awareness. I think like a great
way of thinking about it is
think as an attacker would. And the good
news is attackers today they use
commoditized tools yeah that are
available on the internet to anyone and
you can use those same tools and there
are a whole bunch of services around it.
There's things like external attack
surface management which is basically
saying tell me what an attacker sees
when they look for Raphael Pere and then
you get all of that and you're like
why is this thing there that I didn't
know about and all of a sudden now you
know like okay is there something I
should do about this or not? But you're
aware of what attackers would find first.
first.
>> Yeah, your digital footprint is most
likely available. Who wants to find it?
>> Just the digital footprint. So if we're
thinking about an organization, maybe a
large organization,
uh there are a lot of changes during the
time of an organization. So you might
have an IT team right now at this moment
and in 3 years you might have a
different IT team and so on. Now a
couple of things that are possible is
that this IT team creates some sort of
configuration. Maybe some devices are
you know visible on the internet then
you know something changes in terms of
policy maybe some device leaves maybe
some other we've seen a lot of scenarios
where people forget about some settings
that were left out there and then not
knowing for the new you know the new IT
team about this is actually the problem
because from an attacker perspective he
just sees you know there is an opening
there I don't know why they don't know
about it they created it but they don't know
know
>> I'll use it
>> I'll use it. Why not if it's there?
>> So, um you know having this kind of uh
of awareness and again uh just as M Raf
said not necessarily uh you know at at
the human level or at the hardware level
but also the entire organization level
and understanding a lot of things um
it's also important. There's also
another thing you're uh pointing out the
at the organization level. So there's
not like uh one uh vulnerability or one
risk that will bring your collapse. But
if you have like a chain of
vulnerabilities that an an attacker
could exploit
from the entry point to your crown
jewel, whatever crown jewel means for
you, you could have a database, you
could have the important documents,
customer data, it doesn't matter, right?
Uh but if there are small
vulnerabilities that can be chained and
attackers are patient, right? In most
cases, we don't see like in the in the
movies where hackers like in 30 seconds
hack you from start to finish. They stay
weeks, they stay months and make sure
that they have the access and they can
get in. So, making sure you like close
all the small doors. Like for example,
the easiest thing you could do, you make
sure that the crown jewel are in a
separate network with limited access. Then
Then
>> it sounds like such a common sense
thing. Does it always apply?
>> We see it. We see it. we see companies
that don't do this and >> uh
>> uh
>> uh let me let me go back real quick to
the visibility um is there a major
difference between how usually
organizations have visib visibility into
their networks and let's say consumers
so because I remember having a
conversation um about the consumer space
where they would ask consumers how many
connected devices they thought they had
and the answer was always half of the
reality so they assume it's 20 10 but
they 20 so In in case of you know like
you said visibility is is is key. You
know how many devices are connected then
you understand the dimension and you and
they need to act on them. If they're not
visible to you you probably won't make
an informed decision.
>> Think I'm kind of looking into this from
a different angle. So uh you know a
consumer doesn't necessarily have the
knowhow about this. So no you know I
might be a doctor. Uh you ask me how
many connected device I can ask you
what's this? What do you mean it's not
my job? Well, if you're going to a
company, they do have to have some IT
department, some infoc
at least it should be or at least they
should have. So, those guys should know
this kind of stuff. So, so there is a
difference they should be aware of while
in case of a consumer you know that and
it's difficult. I think like
>> it is difficult. We shouldn't we
shouldn't blame these IT teams because
it we there used to be a world where
everything went through it to do with uh
you know it today like a lot of the
purchases and a lot of the the
procurement of IT solutions doesn't ever
go through IT it goes directly to the
business units there we there was this
talk of shadow IT for a very long time
now there's shadow AI and so
organizations and security teams need to
find ways to get visibility from without
inserting themselves in the process
because they're not there anymore. I
mean like cloud has been the same. They
they're just playing catch-up. Teams are
using cloud and now security is is
trying to look like hey wait can I have
a look here and see if everything's
secure. So we need to make sure that
this visibility comes
>> so without requirements
>> cloud and other services are also a
thing. So right you might have a lot of
uh cloud apps that you use and you don't
know that there are separate services
with separate attack surface right you
might use communication software you
might use ticket management software or
any other service that it's not hosted
uh on your infrastructure but it's it's
somewhere uh where it's exposed and it's
a complete attack surface on its own
right and it might bring you some risk
if you don't use it properly.
uh the first thing in my opinion would
be here to understand that we need
visibility. So first of all, in order to
to be able to do something, you need to
to understand if you have shadow IT,
okay, what are the unmanaged assets that
I see that are not protected in my what
bring yourselves devices employees have
that uh bring your own devices, sorry,
that they use and they use it to to do
their job and to access company data.
Okay, I need to understand this in order
to put policies in place, in order to react.
react.
I think one of the things that that
people often think that comes with
visibility is the need to control
everything and to protect everything and
no and given that the teams are just
stretched too thin like we need to help
them to say well no no you need
visibility on everything because without
visibility you can't do anything and
then you need to be pragmatic you you
won't be able to protect everything to
the level of standard of the department
of defense with your two person team no however
however
Now that you have visibility, you can
make sure that the that the basic
hygiene is done because what we're
saying is it's the weakest link. It's
that door that was open and we saw this
in the cloud a lot that the biggest
issue in cloud for a very long time was
just unprotected you know storage
buckets. It's like it's really it's like
stupid mistakes. So if we can just close
that gap first once you have the
visibility you don't necessarily need to
harden everything
and which is which is an insurmountable
task right you can be much more
pragmatic but with your eyes open
>> but I would also add um like a a
different nuance to what said so yeah um
my point of view here is that visibility
sometimes mean means you can prioritize
so yeah um obviously you can do some
tingle some tingle uh simple things
first that's also a form of
prioritization but you know um going
back to what Makai says about the crown
jewel uh you can also you know design
your the way your uh let's say security
hygiene works in a different way so you
can think what is the worst thing that
could happen well is if they have access
to this database then okay let me try to
see what I can do so that the worst h
thing that could happen will not happen
and that itself itself is an improvement
improvement of the security hygiene.
Maybe I'll not, you know, fix some other
things, but maybe I can, you know, start
uh analyzing potential, you know,
attacks that could go into that crown
jewel and fix some of the risk that I
have along the way. In all of this, it's
still visibility. It's just a different
way of prioritizing what I'm going to do first.
first.
>> Yeah, but I do agree with Ruff. um
infoscurity teams and CISO teams are
usually smaller have a few guys they
don't have the you know manpower to
actually do everything
>> but they do need the visibility but they
do need the visibility
>> which is sometimes difficult to to get
across because some people you know
they'll focus on what they know and and
we see this a lot is like you know the
the I know the the locksmith is going to
make sure that the lock is like so
hardened and then they forget the window
because they don't really know Windows
and it's not really their thing. And so
we see this with with cloud like people
are focusing so much on like the
security that they used to be doing on
premise in the cloud whereas actually
attackers aren't going to use that
because it's just too difficult and you
left the window open. And so because
it's a new domain I think there's
a discomfort. It's like I don't really
know this so I'm just going to stick to
what I know because it's easier. it's
comfortable and we need to break that
like you need to look at these new
attack surfaces and these novel things
and I know nothing about printers but
like let's try to ring fence it a little
bit or I mean it sounds to me like um of
course you a good professional would pay
exactly the same attention and uh and
attention to detail and and give the
same level of importance to the printer
as to the all uh all the other assets
because uh there are equal um breach
avenues. So why would you disrespect it?
But I to your point, yeah, you know,
we're used to
>> necessarily, you know, like it's
>> Yeah, we're used to, you know, we're
used to securing this stuff. So that
stuff's kind of like at the edge of
that. We don't care about it that much.
But, you know, you you added and I think
I want to go back there. Uh because
there's there's another wrench in in in
in the whole in the whole picture, which
is obviously AI, right? We we we're
talking about the infrastructure, then
we're talking about um we're talking
about the cloud, then we're talking
about the software and applications, but
then boom, there's another component
that's usually
>> so yeah, Drago and Raf mentioned
earlier, we saw IoT adoption, it
improved our lives. You have smart light
bulbs. Yeah. Uh smartes, we have cloud
adoption, right? Uh all of the sudden
you don't need to host your server in
your kitchen. You can do it in the
cloud. You can scale up however you
want. It's the same with AI. So it helps
us do things better, smarter, right? It
it it makes us more productive. It helps
us learn new stuff, keeps us company.
But we need to understand that that it
brings a new attack surface on its own.
Right? We already saw researchers
bringing out the fact that uh large
language models can be convinced to leak
out sensitive information given access.
Uh I'm I think they they might be used
to access databases, right?
>> Yeah. If you're using an MCP server, that's
that's
>> pretty easy in this case. But uh you
know to Mahai's point, um I I try to
think about this uh let's say in a in a
different way and I I do believe this is
important. So if we are to look right
now at AI and the concept of AI
adoption, well AI adoption doesn't
necessarily start within a company from
the info security team. It's going to
start from the developing team. So you
know people are going to say hey you're
doing this in one week. Can you use AI
to do it faster? So the people that are
going to drive this are going to be you
know the developers the test.
>> They might not not have a target for
security. They have a target for
business. Yeah.
>> Yeah. they will have like a target for
business and you know suddenly they are
going to install and let's get to the
MCP server example. So I'm trying to do
something faster. I'm going to install
you know um system. I'm going to create
some MCP servers. I'm going to touch
base on on them immediately and then I
have something that work faster but I
don't actually realize that by doing
this I'm also inserting a security hole
within the organization. You know, just
to clarify, an MCP server is an, you
know, a server that allows an AI to
perform some actions that I program.
Now, those action in most cases implies
I'm going to provide a database where,
you know, they can actually perform, add
some information, query some information
and so on. But it could be anything that
I, you know, deem necessary for the task
that I'm automating. Now the the risk
that uh that is here is that you know
the moment you're connected to the
databases pretty much any other
component any other uh you know
including an attacker could also have
access there. So you know like a very
simplistic thing assuming I have like a
large databases with multiple tables.
Now I'm trying to automate you know uh
let's see I'm going to take some Jira
task from there and you know perform
them and insert something there but the
same databases I have access to the fi
you know to the financial data of the
company. Well, you know, yeah, my my
flow, my automation doesn't necessarily
require this, but through the MCP
server, I can actually, you know, if I'm
asking the right question, maybe have
access previous
just uh provide me this.
>> The big challenge with AI compared to
other to other types of technology is
that for AI to work, it needs broad
access. It needs broad access to all of
your data to be able to train. which
means that if you can pull data out and
you can manipulate it, you have access
to the it needs broad access to be able
to act now with agents and MCP servers
and so you need to connect it to
everything and then you tell it but
please don't go there you know the
access control isn't mature like it is
for other things and it's not like a
network you
>> I think they're also a little bit of a a
black box as well and I think there
since they're a developing system a lot
of the functionality a lot of the
feature and the capabilities and the
possibilities for exploit exploit
itation are still not completely
>> it's also the you know maybe the not
knowing so okay how many how many AI
services do we actually know about right now
now
>> 200 plus and the list is growing right
>> 200 plus
>> and we have chat apps we have uh audio
and voice burning we have platforms for
automation the AI is not just chat GPT
right so you have
>> usage that is widely adopted in a lot of
uh domains
>> and those are the AI services. But now
today so many software vendors use it
under the hood without even you know
it's like supply chain in your supply
chain supply chain you know you've got
AI in Salesforce you've got AI and all
of these other tools that you use well
Jira for example is Atlasian and so you
can't even turn it off but but think
about it in a different way so what do
you think happens like right now if I go
to a you know regular company and I
start asking them. Hey, what do you
think, you know, large language models
are or uh how many services? And you
know, I I bet that we're going to hear
something, you know, like Chad GPT,
Gemini or something a couple of times,
which are like three, four, five
examples, more than 200 right now. So,
think about this gap. How many things
are, you know, out there people are
using? Maybe they don't even know that
they are, you know, they have some AI in
the back. Yeah, this is uh circling back
a visibility problem and yeah, you are
so correct. This is a visibility problem.
problem.
>> So when I'm thinking about some of these
things, we're talking about AI and
talking about these these unexpected
attack surfaces, I think back to some of
the attacks that we that we've heard,
you know, um over the last year where
the the way that people got in was slightly
slightly
well, let's say less usual. And and so
one typical example is it was u social
engineering. They called the support desk.
desk.
>> Yeah. You know, of a contractor and
saying like, "Oh, I need to reset. Could
you please reset my password because I
forgot it and I need to work?" And and
there was no hacking involved.
>> There was I think there was human hacking.
hacking.
>> Yeah. It but it was human.
>> So the attackers exploited the fact that
the humans involved weren't trained
enough. They didn't
>> Yeah. were the weakest link. They didn't
have support. So the humans were not to
blame but they didn't get the support
from the organization to be prepared in
such cases.
>> I mean philosophically the unsuspecting
printer is also a a human to blame
before the printer because they let the
printer exit.
>> But then there are some reports that
state that you know 95% of all of the
attacks to some point rely on a human
mistake. So there are very few where you
know there is a vulnerability so
powerful that no matter what you done
there they can yeah because you go for
the weakest link you go for the easiest
thing to hack. I mean and uh just going
on a limb and maybe you correct me about
that but it sounds like in an AI world
that will sh potentially change and
finally the human is not going to be the
uh uh change potential right now we if
we're thinking so let's go back to that
you know that example with 200 services
it's not that there are 200 AI services
is that there are human in a company
that are using those 200 services
>> yeah one It's 200 but in your company
people use like 2030 maybe.
>> So I have a question for you on this
exact point. Um of course organizations
are not very excited to
allow models and services to tap into
the private data which if I was running
a model I'd like I would love to have
access to that because I already scraped
up the public internet. I know all the
available public and stuff, but if I
want to train my inference models and
all the stuff and get beyond the
capabilities kind of want to get to that
private information and to the private
data of the companies and um of course
that would benefit the company itself
because I can, you know, obviously use
the model to process that information,
give the company an edge and make the um
and I'm not making the assumption that
models are inherently looking for this
private data to exfiltrate it. But uh I
can see the uh allure. So is this
something that is ex one of those things
where the attack surface isn't there yet
because we're looking at uh models that
are deployed uh securely on prem but
could eventually some one way or another
become an extended extension.
>> Yeah, definitely. So the first thing
that comes to mind uh you might have a
problem if you misconfigure how you use
AI. So uh all major AI providers when it
comes to training on your data offer you
an option to opt out. The bare minimum
that that you can do if you care about
not having your data leaked is to make
sure that that setting or that that
range of settings is properly config
configured according to your needs. Now
the discussion can go deeper because
depending on your need you might go to
to a solution where you self-host the
model and make sure that uh you're fully
paranoid and nothing leaves the house
but this is there is a bare minimum that
you can do to make sure that from your
perspective the attack surface you know
about it and you try to contain it right um
um
>> well I mean for the model to progress um
the developer of the model will want to
add more functionality that's going to
have to be built on
>> that's going to but but you know
>> you know from exactly taking your point
here if I build a model yeah I need to
provide this kind of functionality so to
not learn from the data uh for a
business but my let's say initial
requirement will be to actually be able
to learn from the data so um I'm not
saying that uh you know uh from a legal
standpoint of view this will not be set
up but the default will most like never
be like I'm not going to learn from the
data until you as a human is going to
check something there say yeah you can
learn from my data it's going to be the
opposite I'm always going to learn from
data and you know for everybody that's
using GP there is an option there and by
default check that you can use the data
>> there there are the uh the large lang
models pro developers also have other
ways for example you could like say I
like the answer right yeah it's you
don't get my data but I like the answer
so they can like try to tune in this way
so there are solution for both uh for
both uh scenarios yeah
>> so um
looking at the the looking at the attack
surface evolving uh what are the options
what are we uh what's the solution
moving forward from the perspective of
um you know hardening and the
perspective of visibility uh and such so
what what what are
the closest recommendations that can be
made today on on looking at
>> so I would start with encouraging
everyone to make sure they have
visibility in all the aspects of the
attack surface right if there's a
problem with sensors that you don't have
make sure you implement them if it's a
problem with shadow IT make sure you
know that shadow AI again make sure you
have visibility into this the first step
is to have visibility
I would also add to be open-minded here.
Um, don't just say, "Hey, I have this
this this is where I need to look. I'm
not going to think about something else
because that's so No, you need to be
open-minded." Uh, I also have another
dimension here. So, obviously having
visibility is the first step. Um,
the second one is to be able to harden
as much as you can there. uh one let's
say key aspect here is that the more
things are evolving uh the less likely
it is that there is going to be a
hardening solution that will be perfect
for everybody there's going to be too
much variety there so that you know one
solution will be perfect uh so you need
you you again need to think a little bit
outside the box and try to see are there
any way I can customize tailor the way
I'm going to protect uh my organization
to prevent some things. So this is also
something you you need to take into into consideration.
consideration.
>> I'll add
before that make sure that you have your
basic hygiene because what we saw again
the cloud for me is the best example. Um
and if you think about what the cloud is
well it's computers that or someone else
owns and manages. It's the most basic
model of that that people think of is
that. And the good news is that when
you're putting your your infrastructure
in the the top cloud providers, you've
got the top security teams in the world
because they are protecting, you know,
hundreds of thousands of businesses.
They have top talent and they're doing
that really, really well. Guess what?
That's not the where the attackers are
are attacking. They're attacking the
fact that because you're so focused on
this, you forgot to configure it so that
it was closed. And so that basic hygiene
is still today what is biting most
organizations uh in the backside whether
it's unmanaged devices, whether it's
just a mistake, you left the door open,
you left the default access that happens
to be etc.
>> So that's actually why the compliance
started to appear. It's who appointed
some form of basic hygiene to be
compliant. Force everybody have to force
everybody to at least this house should be.
be. >> Yeah.
>> Yeah.
>> So visibility hygiene and obviously hardening
hardening >> already
>> already
>> but smart hardenings. So I think like
the key we've always wanted to do
hardening but in this world of of AI in particular
particular
you can't just block everything because
that's never going to fly from the
business. So it's like saying you can't
say no to AI use today. No business
>> or else they're not allowed to say no.
>> You also don't have the resources most
likely to fix everything. You need to
prioritize what you fix. >> Yeah.
>> Yeah.
>> So you need to find the right, you know,
and that's why we can use AI to protect
and to make sure that you're hardening
just what just what makes sense, right?
To to allow the business to move forward
uh while blocking the attackers and the
stuff that you don't actually need, that
unused door or window. So for this very
um dynamic and evolving uh space
obviously uh the attack surface is um
the first line of interest for attackers
uh obviously uh and what piques their
curiosity and is always that game of of
cat and mouse where our eternal
curiosity to match the curiosity of the
attacker um
still will be at the forefront. I'm I'm
I'm thankful that we talked about the
new tools and the new ways the attack
surface has changed over the last years
and months. Um and I'd like if you
wouldn't mind to revisit this at a
future time. Uh but for this I really
thank you for bringing me the
intelligences and knowledge and uh and
the examples for for this conversation
and being here. So thank you very much.
>> Thank you.
>> Thank you everybody. See you on the next one.
Click on any text or timestamp to jump to that moment in the video
Share:
Most transcripts ready in under 5 seconds
One-Click Copy125+ LanguagesSearch ContentJump to Timestamps
Paste YouTube URL
Enter any YouTube video link to get the full transcript
Transcript Extraction Form
Most transcripts ready in under 5 seconds
Get Our Chrome Extension
Get transcripts instantly without leaving YouTube. Install our Chrome extension for one-click access to any video's transcript directly on the watch page.
