Project Franklin Wants You

Our critical infrastructure is vulnerable and under attack by nation state actors, either for profit or perhaps even to establish a beachhead for future cyber conflict. During the pandemic, many of our core systems were automated and connected to the internet for remote administration, but this just created a larger attack surface. The federal government hasn't done nearly enough to protect these systems. Groups like DEF CON Franklin are working to find cyber volunteers to bring our national critical utilities above the 'cyber poverty line'. Today we'll explore the problems and solutions with Franklin co-founder Jake Braun, including what we can all do to help. Interview Notes DEF CON Franklin: https://defconfranklin.com/  For more info or help, email “defconfranklin” at gmail.com. Volt Typhoon: https://en.wikipedia.org/wiki/Volt_Typhoon  Initial Franklin trials: https://harris.uchicago.edu/news-events/news/first-water-utilities-take-volunteer-cyber-help  Franklin Almanac: https://defconfranklin.com/almanack.html  Franklin launch (DEF CON 32): https://www.youtube.com/watch?v=0TdY9JUaybc  DEF CON 33 Franklin update: https://defconfranklin.com/water_cybersec.html  Jake’s books: https://www.amazon.com/s?i=digital-text&rh=p_27%3AJake%2BBraun  More help: https://www.cybervolunteers.us/en  Further Info My book: https://fdsd.me/book  My newsletter: https://fdsd.me/newsletter  Support the mission: https://fdsd.me/support  Give the gift of privacy and security: https://fdsd.me/coupons  Get your Firewalls Don’t Stop Dragons Merch! https://fdsd.me/merch  Table of Contents 0:00:00: Intro 0:03:19: Why did you start the DEF CON Franklin project? 0:07:58: Why did you focus on protecting water systems? 0:12:41: Why target our water systems? 0:17:10: How do protect 50,000+ water facilities? 0:22:01: What are key takeaways from your first trials? 0:24:53: What are some of challenges you've faced? 0:29:13: Why did we ever put critical infrastructure on the internet? 0:31:05: Are there third parties involved in facility security, too? 0:32:45: How do you coordinate your efforts with other, similar orgs? 0:36:32: How do you know when your job is finished? 0:39:14: Are you getting support from the US government? 0:41:31: What's next for Franklin? How can we help? 0:43:38: What's the long term roadmap for Franklin? 0:45:00: Interview wrap-up 0:46:54: Patron podcast preview 0:47:52: Looking ahead 0:49:11: My other stuff