Your router may not be your router. It could be a Russian surveillance device. In Episode 5 of The GIST of Govt IT, Brian and Sean unpack a stunning two weeks in cybersecurity: the FBI's court-authorized takedown of a Russian GRU operation that silently hijacked thousands of TP-Link routers across 23 American states, an Iranian-linked APT group actively disrupting U.S. water and energy systems through Allen-Bradley PLCs, and Anthropic's release of Claude Mythos — a frontier model so capable at finding zero-day vulnerabilities that the company chose not to release it publicly. They break down what Project Glasswing means for industry, how AI is becoming both the most dangerous offensive weapon and the most powerful defensive tool a CISO has ever had, why "vibe hacking" is democratizing cyber attacks (one low-skill actor compromised 600 FortiGate firewalls across 55 countries), and why the old playbook for SOC operations needs to be blown up entirely. What the unresolved tension between Anthropic and the DoD over supply chain risk designation means for federal agencies trying to defend critical infrastructure while CISA operates at 38% capacity. Plus Sean shares his hacker name (maybe) if he wasn't a CTO and instead worked in a windowless office in Pyongyang.

----------
RESOURCES MENTIONED IN THIS EPISODE

The Russian GRU Router Operation

- DOJ announcement: Operation Masquerade — court-authorized disruption of DNS hijacking network
- FBI Public Service Announcement on GRU exploitation of TP-Link routers

- NSA statement on Russian GRU router threats
- CVE-2023-50224 (the TP-Link vulnerability exploited)

Iranian-Linked Attacks on U.S. Critical Infrastructure

- CISA Joint Advisory AA26-097A — Iranian-Affiliated Cyber Actors Exploit PLCs Across US Critical Infrastructure
- Rockwell Automation security guidance

Anthropic, Claude Mythos & Project Glasswing

- Anthropic on Project Glasswing
- Anthropic's statement on the DoD supply chain risk designation
- Cloud Security Alliance whitepaper on Mythos vulnerability discovery

Recommended Consumer Protections
- Cloudflare's free 1.1.1.1 DNS resolver
- Cloudflare DNS family options (malware and adult content filtering)

Cybersecurity Frameworks & Government Resources
- CISA Edge Device Security
- CISA Cross-Sector Cybersecurity Performance Goals (CPGs 2.0)
- MITRE ATT&CK Framework
- CISA Industrial Control Systems advisories

Related Episodes
- Episode 2: Fighting Fire with Fire: Federal AI Security - Securing Agentic AI with Elad Schulman, CEO of Lasso Security
- Episode 3: Chaos, Change, and Opportunity in Federal IT - $50B in Q4 federal IT contracting, Golden Dome, and the Anthropic supply chain risk designation

The Hosts & Show

- Swish
- GIST360

CONNECT WITH US

Got an idea for a future episode? Want to be a guest? Let us know.

Brian Lake - blake@swishdata.com

Sean Applegate - sapplegate@swishdata.com

Subscribe wherever you get your podcasts: Apple Podcasts, Spotify, or gist360.com.