Welcome to Episode 18 of the Digital Guardian Podcast! On this episode our hosts Will Gragido and Chris Brook chat with Christopher "Tophs" Elisan, Principal Malware Scientist at RSA about his introduction to information security, including stints at Trend Micro, Damballa, and F-Secure before landing at RSA. Tophs describes a few trends he's seen adopted by malware authors as of late, including using commercial solutions as threat infrastructure. Tophs, Will, and Chris also briefly discuss breaches, the concept of "malware factories," and the dangers of attribution around Olympic Destroyer, the malware that hit the Olympic Games earlier this month. As always, you can listen and subscribe to our podcast via SoundCloud, iTunes, or Google Play to keep up with new episodes every month.

Highlights from this episode include:

• 02:18 - Tophs describes how he got his start in infosec
• 13:57 - Tophs on the origin of the term "watering hole attack"
• 16:01 - Tophs explains how malware is still able to excite him after all these years
• 17:16 - "What type of malware really impresses you?"
• 21:10 - How has the concept of the "malware factory" evolved over time?
• 27:41 - The difference between intent-drive breaches and opportunistic breaches
• 33:45 - Looking ahead to 2018 and 2019, will Equifax be the high water mark when it comes to breaches?
• 35:11 Will open source technology continue to be an attack vector?
• 40:00 - Tophs on Olympic Destroyer and the dangers of attribution

Intro/outro music: "Groovy Baby" by Jason Shaw, licensed under CC BY 3.0 US

Previously on the Digital Guardian Podcast

• Episode 17: Ron Gula on the Evolution of the Security Industry
• Episode 16: End of the Year Extravaganza Gabfest
• Episode 15: Talking Data Breaches and Getting Pwned with Troy Hunt
• More