Show Notes
This episode of the Hacker Valley Studio podcast features Jon DiMaggio, a Senior Threat Intelligence Analyst at Symantec. Jon is a researcher and longtime bad guy chaser, and Ron and Chris fill this installment of Hacker Valley Blue with Jon’s thoughts on ransomware, threat research, attribution, and more!
Jon introduces himself to listeners who may not yet know much about him, explaining that he started his career as an engineer and that his work for the government in the early 2000s forced him to focus a lot on defending against nation-state attacks. He developed into an expert in the field, and transitioned about 13-14 years ago into his current line of work. He now teaches alongside his work as an analyst, and he moved from a government position to Symantec in 2014. Jon’s specialty is still nation-state, but he has also ventured into enterprise ransomware. He shares about these areas of specialization with Ron and Chris, detailing what a nation-state is and how to combat it within the context of threat intelligence, and addressing the economics of ransomware.
As the conversation continues, Ron and Chris raise a variety of other topics for Jon to address. Jon considers the threat of a future major worm attack, and provides listeners with insight on how to become established in his line of work. There are a lot of available resources that people can use to develop their own skills and increase their visibility. However, becoming a government hacker, and so having an offensive rather than a defensive role, is much more challenging. Moving toward the conclusion of the conversation, Jon offers tips on navigating attribution and bias (such as being sure to have evidence before making public claims!), explains how he mentally organizes and recalls information, and speaks to the nature of strong communication.
1:41 - Listeners are introduced to Jon DiMaggio and the episode before Jon explains his background..
5:04 - The first major topic Jon shares about is that of nation-states, specifically speaking to the work of combating nation-state attackers.
12:57 - The conversation turns to the economics of ransomware.
18:39 - What are Jon’s thoughts on the possibility of another major worm attack?
20:26 - Jon is asked about how people can enter his field or that of hacking.
24:54 - How should listeners approach attribution and bias, and how has Jon navigated bias in his own life?
31:31 - The group considers Jon’s mental organization, his recall of information, and the topic of communication.
Links:
Learn more about Hacker Valley Studio
Support Hacker Valley Studio on Patreon
Follow Hacker Valley Studio on Twitter
Follow Ronald Eddings on Twitter
Follow Chris Cochran on Twitter
Access the recent work and research on Symantec’s threat intelligence feed
Recent Episodes
Turning AI Into Your Super Tool with Ron Eddings
AI is neither friend nor foe, it’s both. The way we choose to use it determines whether it helps or harms. In this solo episode, Ron Eddings shares lessons from his first job at a grocery store, ...
Mentorship to Mastery: AI and Community Lessons with Ron Eddings
AI might analyze your logs in seconds, but only the community can put you in the room that changes your career. In this solo episode, Ron Eddings discusses the powerful balance between human ...
From MCP Risks to AI Jailbreaks with Marco Figueroa
When AI agents move faster than security teams, the game changes, and the risks multiply. Ron welcomes back Marco “Mystic Marc” Figueroa, Program Manager at Mozilla’s 0DIN Program, to continue ...
Debt vs. Risk: What the SharePoint Breach Taught Us with Ron ...
The riskiest move in cybersecurity? Playing it too safe. In this solo episode, Ron Eddings redefines the way we think about technical debt, risk, and missed opportunities, in security and in ...
The Future of Cyber Talent Is African with Confidence Staveley
The world’s youngest continent is also its most untapped resource. Confidence Staveley, Founder of CyberSafe, makes a powerful case for why Africa’s youth are the answer to global cybersecurity ...
Compliance Isn’t the Enemy with Jeff Man
Is compliance just a checkbox, or the backbone of real security? Returning to the show with decades of hard-earned insight, Jeff Man makes the case that compliance, especially PCI-DSS, isn't ...
What Makes a Great CISO? A Playbook from Gary Hayslip
What separates a great CISO from a great one? In this powerhouse conversation, Ron invites friend and cybersecurity leader Gary Hayslip, CISO at SoftBank Investment Advisers, back on the mic to ...
Confidence, Coaching, and the S-Word with Mel Reyes
Want to stand out as a leader? According to our guest Mel Reyes, you need to dress like you mean it and speak like you’ve got nothing to prove. In this episode, Mel shares how he built ...
Purple Teaming Is the New Job Security with Maril Vernon
Cybersecurity isn’t just red or blue anymore... it’s purple, white, and deeply human. Maril Vernon, award-winning ethical hacker and Senior Solutions Architect at NetSPI, returns to the Hacker ...
The AI Gold Rush in Cybersecurity with Chris Cochran
The new cybersecurity pioneers aren’t chasing alerts, they’re building with AI. But what happens when tools meant to assist begin making decisions for us? And what skills do we lose when ...
WORK WITH US
PODCASTS + SPEAKING + EVENTS
Are you the best kept secret in cybersecurity? Let's change that by partnering together for podcast ads, social campaigns, and your next event or keynote. Send us your details to get started.
Thank you!
We will be in touch soon and reach out to you at