Imagine a team of brilliant detectives, each with their own quirks and talents. One might be a meticulous observer, another a whiz at puzzles, and the third a master of creative leaps. This diverse team is unstoppable, able to crack any case because their strengths complement each other. That's the power of show more ...
neurodiversity in cybersecurity! People with autism, ADHD, dyslexia, and other conditions bring fresh and valuable perspectives to the fight against cybercrime, enhancing the ability to address complex challenges in innovative ways. They excel at spotting patterns, focusing intensely, and thinking outside the box - exactly what defenders need to outsmart hackers. Neurodiversity in cybersecurity is a concept that has gained significant traction over the past decade. The term "neurodiversity" originated in the late 1990s and has since evolved to encompass a range of conditions, not as limitations, but as strengths. Within the industry, this movement gained momentum around the mid-2010s. It stemmed from a critical need for diverse problem-solving skills and innovative thinking. Cybersecurity challenges are complex puzzles, requiring a variety of approaches to detect, analyze, and mitigate threats. By embracing neurodiversity, the industry doesn't just improve its capabilities, it sets a standard for inclusivity. It taps into a pool of untapped talent that perceives and interacts with the world in ways that benefit everyone. To celebrate this diversity, The Cyber Express hosted the "Inclusive Cyber" webinar. The event brought together experts to discuss how neurodiversity, with its wide range of cognitive styles and personalities, significantly enhances the field of cybersecurity. It's a space where innovation and diverse perspectives are not just beneficial, but essential. Speakers' Insights on Neurodiversity in Cybersecurity The webinar featured renowned cybersecurity champion Holly Foxcraft, recognized as one of the most influential women in the field. Alongside her was security wiz and advocate Jennifer Cox, Director for Ireland at Women in Cyber Security (WiCyS) UK & Ireland and a Security Engineering Manager at Tenable. The session was moderated by Jo Mikleus, Senior Vice President at Cyble, who skillfully facilitated the discussion, highlighting the critical role of inclusive practices in cybersecurity. Both speakers shared their personal and professional experiences with neurodiversity, providing valuable insights into the integration of neurodivergent professionals in the tech industry. Holly Foxcraft initiated the discussion by defining neurodiversity and its societal implications. She highlighted how societal norms often fail to accommodate the diverse ways individuals process information, which can lead to misunderstandings and underutilization of potential. Foxcraft explained, "Neurodiversity means that just like physical traits, our cognitive differences are natural. Society, however, has established certain expectations about how individuals should behave and process information. Deviations from these norms are termed as neurodivergence, encompassing recognized conditions such as autism and ADHD, and broader, undefined behaviors that diverge from what is considered typical." Following Holly’s introduction, Jennifer Cox discussed the common misconceptions about neurodivergent individuals, especially those with ADHD. She expressed, "There’s a prevalent myth that individuals with ADHD have boundless energy, which is far from reality. Managing everyday conversations can be as draining for us as physical exertion, leading to rapid burnout." Cox also shared her personal journey with ADHD, diagnosed in her forties, underscoring the challenges and late realizations many neurodivergent individuals face. Challenges Faced by Neurodivergent Professionals Jennifer Cox further addressed the managerial misconceptions surrounding the support needs of neurodivergent employees. She clarified that contrary to popular belief, neurodivergent individuals do not necessarily require extensive managerial time. Instead, they benefit significantly from targeted adjustments and understanding. "Simple changes like providing information in bullet points or understanding that lack of eye contact might indicate deeper concentration can make a substantial difference. These minor adaptations can greatly enhance workplace inclusivity and productivity," Cox explained. Both speakers emphasized the importance of tailored management strategies to effectively support neurodivergent employees. Implementing clear communication, recognizing the need for sensory accommodations, and allowing flexible work arrangements were discussed as key strategies that can enhance productivity and workplace satisfaction for all employees. The Way Forward with Neurodiversity The "Inclusive Cyber" webinar concluded by highlighting the indispensable link between neurodiversity and cybersecurity. By embracing neurodivergent capabilities, the cybersecurity industry not only enriches its pool of problem-solving strategies but also fosters a more inclusive and dynamic workforce capable of tackling complex security challenges. As the cybersecurity field continues to evolve, the insights shared by Jennifer Cox and Holly Foxcraft provide invaluable guidance for building diverse teams ready to face future challenges. The thoughtful integration of neurodivergent professionals into cybersecurity roles not only enhances the effectiveness of security measures but also contributes to a more inclusive and innovative workplace culture. This approach not only prepares organizations to better tackle emerging threats but also sets a precedent for the broader tech industry to follow.
In today's cybersecurity world, the call for innovation and resilience has never been more urgent. Yet, amidst the pursuit of cutting-edge technologies and strategies, a critical aspect often overlooked is the power of neurodiversity. As organizations strive to cultivate inclusive environments and provide equal show more ...
opportunities for neurodivergent individuals, questions abound on how this diverse talent pool can contribute to cybersecurity. This article aims to explore these questions comprehensively, shedding light on why embracing neurodiversity isn't just a moral imperative but a strategic advantage in safeguarding digital assets. By delving into the significance of neurodivergent individuals in the cybersecurity field readers will gain valuable insights into the importance of fostering inclusivity and understanding neurodiversity's role in shaping the future of cybersecurity. What is Neurodiversity in Cybersecurity? Neurodiversity in cybersecurity refers to the recognition and inclusion of individuals with diverse cognitive profiles, including conditions such as autism, ADHD, dyslexia, and others, within cybersecurity teams. These individuals bring unique perspectives, skills, and talents to the table, enhancing the overall effectiveness of cybersecurity operations. Amidst approximately 3.5 million vacant positions in cybersecurity globally, with an estimated 750,000 in the United States alone, the industry faces unprecedented demand for skilled professionals. Compounded by projections from Gartner suggesting that talent shortages could lead to over half of significant cyberattacks by 2025, and findings from a recent World Economic Forum survey indicating an anticipated 86% increase in major cyber incidents within two years, it is clear that significant challenges lie ahead for the cybersecurity sector. Yet, addressing this shortfall requires a nuanced approach that acknowledges the diverse cognitive profiles and needs of professionals in the field. Approximately 38% of adults identify as neurodivergent (ND), each showcasing a range of strengths and challenges. Overlooking these unique abilities can mean missed opportunities in building resilient and effective cybersecurity teams. Holly Foxcroft, Head of Neurodiversity in Cyber Research and Consulting, emphasizes this perspective, stating, “It’s about addressing individuals who may be socially different or whose needs differ, rather than focusing on supporting specific conditions like autism or ADHD.” For instance, neurodivergent individuals often exhibit sustained focus and attention to detail, making them well-suited for tasks requiring meticulous analysis, such as threat detection. Their clarity in communication also enhances teamwork and problem-solving within cybersecurity environments. Tim Goldstein, Neurodiverse Communication Specialist, highlights the universal aspect of neurodiversity, stating, “Neurodiversity is a normal way that a human can process and think, much like diversity in other aspects of life.” By leveraging these strengths, organizations can not only bridge the cybersecurity skills gap but also bolster their defenses against cyber threats. Embracing neurodiversity in cybersecurity not only fosters inclusivity but also drives innovation and resilience in safeguarding digital assets How Neurodiversity Benefits in Cybersecurity Workplace Neurodiversity brings numerous advantages to the cybersecurity workplace by introducing unique skills and perspectives that significantly enhance security measures. “Seeking out neurodiverse teammates in hiring and recognizing and building around their strengths can be a vital asset to anticipating an adversary’s moves and uncovering potential solutions to problems before they arise,” said Gunnar Peterson, CISO at Forter. Neurodiverse individuals often exhibit exceptional logical and methodical thinking, attention to detail, and cognitive pattern recognition skills. For example, they can hyperfocus on tasks, giving complete attention to specific issues for prolonged periods, which is invaluable in identifying and mitigating security threats. Their ability to engage deeply in their work ensures that even the smallest anomalies are detected and addressed swiftly. Moreover, many neurodiverse individuals thrive on repetitive tasks and routines, finding comfort and even excitement in long, monotonous processes. This makes them well-suited for roles that involve continuous monitoring and analysis of security data. Their high levels of concentration and persistence allow them to stay on task until solutions are found, ensuring thorough and effective problem-solving. Creativity is another significant benefit that neurodiverse individuals bring to cybersecurity. Their unique, nonlinear thinking enables them to approach problems from different angles and develop innovative solutions. This creativity is crucial for devising new methods to counteract evolving cyber threats. For instance, a neurodivergent team member might come up with an unconventional but highly effective way to secure a network that others might overlook. Furthermore, neurodiverse individuals often possess strong reasoning skills and keen awareness, contributing valuable insights into cybersecurity strategies. Their ability to think outside the box allows them to anticipate potential issues that others might miss, enhancing the overall security posture of an organization. In terms of teamwork, neurodiverse individuals respond well to inclusive environments. A diverse team, comprising various cognitive profiles, tends to react better to challenges and fosters a more innovative and productive atmosphere. When neurodivergent individuals are included and valued, team morale improves, leading to higher overall performance and productivity. Challenges Faced by Neurodiverse Individuals in Cybersecurity Neurodiverse individuals face several challenges in the workplace that can impact their ability to thrive, despite their unique strengths. For example, sensory sensitivities common in conditions like autism can make traditional office environments overwhelming due to bright lights, loud noises, or crowded spaces. This can lead to increased stress and decreased productivity. Communication barriers are another significant challenge, as some neurodivergent individuals may struggle with social cues and norms, making it difficult for them to participate effectively in team meetings or collaborative projects. For instance, someone with ADHD might find it challenging to maintain focus during long meetings, potentially missing critical information. Additionally, rigid workplace structures and a lack of flexibility can hinder neurodiverse employees, who may require different accommodations, such as varied working hours or remote work options, to perform optimally. These challenges highlight the need for inclusive workplace practices that recognize and support the diverse needs of neurodiverse individuals, enabling them to contribute their valuable skills more effectively. How to Create Neurodiverse-Friendly Work Environments Creating a neurodiverse-friendly work environment involves considering several key factors to support and accommodate the unique needs of neurodivergent individuals. Here are the steps to create such an environment: Sensory: Addressing the sensory environment is crucial. This means ensuring that the workplace is comfortable regarding lighting, noise, and overall ambiance. For example, providing noise-canceling headphones, adjustable lighting, or quiet workspaces can help neurodivergent employees focus better and reduce sensory overload. Timely: A timely environment means allowing sufficient time for tasks and avoiding unrealistic deadlines. Clearly communicating timeframes and allowing flexibility can reduce stress. For instance, giving employees enough time to complete tasks without last-minute rushes can improve their productivity and job satisfaction. Explicit: Communication should be clear and explicit. This involves providing detailed instructions and avoiding ambiguous language. For example, instead of saying, "Get this done soon," specify, "Please complete this task by 3 PM tomorrow." This clarity helps neurodivergent individuals understand expectations and reduces anxiety. Predictable: Creating a predictable environment can help reduce anxiety and improve focus. This includes having regular schedules and clear procedures. For instance, if meetings are scheduled at consistent times and agendas are shared in advance, neurodivergent employees can prepare better and feel more secure. Social: Fostering a supportive social environment means recognizing that not everyone may be comfortable with the same level of social interaction. Offering structured social activities and respecting individual preferences can create a more inclusive workplace. For example, providing clear invitations to social events with detailed information about what to expect can help neurodivergent employees feel more comfortable. Additionally, implementing a "traffic-light" system with colored cards or post-it notes (green for willing to interact, yellow for maybe, and red for needing to focus) can help manage social interactions effectively and respect individual boundaries. By incorporating these STEPS, organizations can create an inclusive and supportive work environment that leverages the unique strengths of neurodivergent employees, ultimately enhancing overall productivity and innovation. Training Programs: Providing specialized training and development programs can help neurodivergent individuals thrive in cybersecurity roles. This includes offering tailored training sessions that address their unique learning styles and strengths. For example, using visual aids and hands-on activities can enhance understanding and retention. Mentorship programs where experienced employees guide neurodivergent staff can also be beneficial, offering personalized support and career development advice. Moreover, continuous learning opportunities, such as workshops on the latest cybersecurity trends and technologies, can keep neurodivergent employees engaged and up-to-date with industry advancements. Read Ahead “Once we start to remove what those barriers are, the way that we do things, our culture of understanding and our bias of conditions, then we can start to be more inclusive and welcome a more diverse workforce,” said Foxcroft. By harnessing the unique strengths of neurodivergent individuals, organizations can unlock a wellspring of creativity, focus, and unconventional problem-solving. It's a future where cybersecurity teams aren't just well-equipped, but exceptionally prepared – a future where "thinking differently" becomes the key to defending against the unthinkable. So, what steps will you take to create a more inclusive cybersecurity workforce? The answers may well determine the future security of our digital world.
A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider, a cybercrime group suspected of hacking into Twilio, LastPass, DoorDash, Mailchimp, and nearly 130 other organizations over the past two years. The Spanish daily Murcia Today reports the suspect was show more ...
wanted by the FBI and arrested in Palma de Mallorca as he tried to board a flight to Italy. A still frame from a video released by the Spanish national police shows Tylerb in custody at the airport. “He stands accused of hacking into corporate accounts and stealing critical information, which allegedly enabled the group to access multi-million-dollar funds,” Murcia Today wrote. “According to Palma police, at one point he controlled Bitcoins worth $27 million.” The cybercrime-focused Twitter/X account vx-underground said the U.K. man arrested was a SIM-swapper who went by the alias “Tyler.” In a SIM-swapping attack, crooks transfer the target’s phone number to a device they control and intercept any text messages or phone calls sent to the victim — including one-time passcodes for authentication, or password reset links sent via SMS. “He is a known SIM-swapper and is allegedly involved with the infamous Scattered Spider group,” vx-underground wrote on June 15, referring to a prolific gang implicated in costly data ransom attacks at MGM and Caesars casinos in Las Vegas last year. Sources familiar with the investigation told KrebsOnSecurity the accused is a 22-year-old from Dundee, Scotland named Tyler Buchanan, also allegedly known as “tylerb” on Telegram chat channels centered around SIM-swapping. In January 2024, U.S. authorities arrested another alleged Scattered Spider member — 19-year-old Noah Michael Urban of Palm Coast, Fla. — and charged him with stealing at least $800,000 from five victims between August 2022 and March 2023. Urban allegedly went by the nicknames “Sosa” and “King Bob,” and is believed to be part of the same crew that hacked Twilio and a slew of other companies in 2022. Investigators say Scattered Spider members are part of a more diffuse cybercriminal community online known as “The Com,” wherein hackers from different cliques boast loudly about high-profile cyber thefts that almost invariably begin with social engineering — tricking people over the phone, email or SMS into giving away credentials that allow remote access to corporate internal networks. One of the more popular SIM-swapping channels on Telegram maintains a frequently updated leaderboard of the most accomplished SIM-swappers, indexed by their supposed conquests in stealing cryptocurrency. That leaderboard currently lists Sosa as #24 (out of 100), and Tylerb at #65. 0KTAPUS In August 2022, KrebsOnSecurity wrote about peering inside the data harvested in a months-long cybercrime campaign by Scattered Spider involving countless SMS-based phishing attacks against employees at major corporations. The security firm Group-IB called the gang by a different name — 0ktapus, a nod to how the criminal group phished employees for credentials. The missives asked users to click a link and log in at a phishing page that mimicked their employer’s Okta authentication page. Those who submitted credentials were then prompted to provide the one-time password needed for multi-factor authentication. These phishing attacks used newly-registered domains that often included the name of the targeted company, and sent text messages urging employees to click on links to these domains to view information about a pending change in their work schedule. The phishing sites also featured a hidden Telegram instant message bot to forward any submitted credentials in real-time, allowing the attackers to use the phished username, password and one-time code to log in as that employee at the real employer website. One of Scattered Spider’s first big victims in its 2022 SMS phishing spree was Twilio, a company that provides services for making and receiving text messages and phone calls. The group then pivoted, using their access to Twilio to attack at least 163 of its customers. A Scattered Spider phishing lure sent to Twilio employees. Among those was the encrypted messaging app Signal, which said the breach could have let attackers re-register the phone number on another device for about 1,900 users. Also in August 2022, several employees at email delivery firm Mailchimp provided their remote access credentials to this phishing group. According to Mailchimp, the attackers used their access to Mailchimp employee accounts to steal data from 214 customers involved in cryptocurrency and finance. On August 25, 2022, the password manager service LastPass disclosed a breach in which attackers stole some source code and proprietary LastPass technical information, and weeks later LastPass said an investigation revealed no customer data or password vaults were accessed. However, on November 30, 2022 LastPass disclosed a far more serious breach that the company said leveraged data stolen in the August breach. LastPass said criminal hackers had stolen encrypted copies of some password vaults, as well as other personal information. In February 2023, LastPass disclosed that the intrusion involved a highly complex, targeted attack against an engineer who was one of only four LastPass employees with access to the corporate vault. In that incident, the attackers exploited a security vulnerability in a Plex media server that the employee was running on his home network, and succeeded in installing malicious software that stole passwords and other authentication credentials. The vulnerability exploited by the intruders was patched back in 2020, but the employee never updated his Plex software. Plex announced its own data breach one day before LastPass disclosed its initial August intrusion. On August 24, 2022, Plex’s security team urged users to reset their passwords, saying an intruder had accessed customer emails, usernames and encrypted passwords. TURF WARS Sosa and Tylerb were both subjected to physical attacks from rival SIM-swapping gangs. These communities have been known to settle scores by turning to so-called “violence-as-a-service” offerings on cybercrime channels, wherein people can be hired to perform a variety geographically-specific “in real life” jobs, such as bricking windows, slashing car tires, or even home invasions. In 2022, a video surfaced on a popular cybercrime channel purporting to show attackers hurling a brick through a window at an address that matches the spacious and upscale home of Urban’s parents in Sanford, Fl. January’s story on Sosa noted that a junior member of his crew named “Foreshadow” was kidnapped, beaten and held for ransom in September 2022. Foreshadow’s captors held guns to his bloodied head while forcing him to record a video message pleading with his crew to fork over a $200,000 ransom in exchange for his life (Foreshadow escaped further harm in that incident). According to several SIM-swapping channels on Telegram where Tylerb was known to frequent, rival SIM-swappers hired thugs to invade his home in February 2023. Those accounts state that the intruders assaulted Tylerb’s mother in the home invasion, and that they threatened to burn him with a blowtorch if he didn’t give up the keys to his cryptocurrency wallets. Tylerb was reputed to have fled the United Kingdom after that assault. KrebsOnSecurity sought comment from Mr. Buchanan, and will update this story in the event he responds.
Law enforcement authorities have allegedly arrested a key member of the notorious cybercrime group called Scattered Spider. The individual, a 22-year-old man from the United Kingdom, was arrested this week in the Spanish city of Palma de Mallorca as he attempted to board a flight to Italy. The move is said to be a joint effort between the U.S. Federal Bureau of Investigation (FBI) and the
