This transcription is provided by artificial intelligence. We believe in technology but understand that even the smartest robots can sometimes get speech recognition wrong.

 Hey everyone. I'm Drex, and this is the two minute drill where I cover some of the hottest security stories twice a week. All part of the 2 29 project. Cyber and Risk community here at this week. Health. It's great seeing everyone today. Here's some stuff you might want to know about. Yesterday, the US Secret Service dismantled a covert communication network scattered across greater New York City, 300 plus SIM servers, over a hundred thousand SIM cards tucked away in empty apartments.

Think of it as a warehouse of fake cell phones. Cell phones that are able to blast out millions of texts per minute or mask the identity of whoever's communicating on and from that network. This so-called. Fake telephone warehouse. Think of it like this. Instead of one person holding a cell phone and one sim card, it's one person with a communication rack full of hardware that allows that one person to act like tens of thousands of cell phones at once.

And so with the push of a button, they can send thousands of text messages or flood the local area with robocalls that can essentially. Take down the cell network, what you might hear referred to as a denial of service attack. In a nutshell, the system had the potential to overwhelm cell service, taking it offline, disrupting 9 1 1 calls or flooding the network with texts.

That could be filled with this information. Reports say these networks were housed in vacant apartments in and around New York City, and the timing and the location turns out to be really important. Too much of this network was all positioned just a few blocks from the UN General Assembly when heads of state and their security details are actually in town.

The forensics are still underway. We don't know who ran it or what the end game was, but it's another reminder of how commodity hardware, because all this stuff anyone could purchase commercially. When commodity hardware is purchased in large volumes and the purchaser has bad intentions, I feel like there may be more of this kind of stuff in our future.

So if your resilience plan assumes. Only the internet goes down, you're missing the fact that cellular itself can be a single point of failure too. Here's a couple of things to think about today for your own local cell network. While all this breaking news is being sorted out first, confirm your carriers know how to notify you and, and that it's important that they notify you when there are network anomalies and talk to them about their ability to establish escalation paths.

Should there be a problem and how they, or you might wanna switch to alternate providers in an emergency and how you'll do that. Second, I know landlines are kind of old school, but consider keeping landline capability in key facilities like your command centers and consider keeping at least non cellular channels, including things like SAT phones or starlink, um, on hand, just in case you need them for fallback.

Third test how 9 1 1 work. Should cell services fail? You may need to work with your local officials on that, but it may be a good exercise just to see what kind of plans are in place or not. And finally, encourage employees to report strange messaging patterns like bursts of odd texts or robocalls, and I already alluded to this, but add cellular disruption scenarios to your incident response playbooks.

Okay. That's it for now. Hopefully this kind of insight is helpful, and if it is, sign up. I'll keep you posted on all the latest news and webinars and podcast and insider info from this week Health and the 2 29 project. You can sign up by going to this week, health.com/subscribe and share this podcast with your team and your friends.

And thanks again for being here. That's it for today's two minute drill. Stay a little paranoid and I will see you around campus.