Tim McConnaughy: 0:00

I want to know who gets paid to come up with the names. Dude, that's the job. That's the job I need.

Chris Miles: 0:05

Just sit at a desk and say you know what Typhoon I'm going on break? That's right.

Tim McConnaughy: 0:09

That's right, give me my six-figure salary.

Chris Miles: 0:14

Yeah, Reminds me of that Mitch Hedberg joke. I don't know if you remember that one where he's talking to me. He's like I want to be the guy that just names kitchen appliances.

Tim McConnaughy: 0:41

Oh yeah, so good. Hello and welcome back to another episode of the Cables to Clouds Fortnightly News. With me, as always, is my co-host, chris Miles, at BGB Main on Blue Sky. Of course I'm at carpe-dmbpn on Blue Sky and, yeah, we're on LinkedIn and stuff too, so you can find us there. But before we get into the news this week and it's going to be a quick one Chris and I have a special announcement. Uh, chris, you actually have the physical artifact, so please take it away.

Chris Miles: 1:11

Yeah, so I actually have a physical copy of our book for the um AWS certified. I got such a mouthful AWS certified advanced networking specialty exam uh guide that we put out through PAC. So I have a physical copy here, which is very cool to actually see this come to fruition. But so I guess we're taking this opportunity to say the book is finally published. So if you order it, it will be, as far as I know, shipped directly to you rather than the pre-order like we've been plugging for the last month. So sorry for kind of drowning your ears with this stuff, but, um, we're really excited to get this out. So, um, we're really pleased with the final product. I don't want to speak for Tim specifically, but, uh, I think it came out really well. So, um, please check the show notes, um, and we'll uh, we'll put a link in there for the book. No-transcript, brother, none of us were. Well, we did this. Uh, it forces you to to get to that point very fast.

Tim McConnaughy: 2:38

So yeah, yeah, I mean we know what we know and we're both ans certified and all of that, but like it's just there's, you know, it is it's difference between knowing it, working with it, and then knowing it to the point where you can write a certification book about it, right. So, anyway, all right, let's uh, let's jump right into it. So, uh, in the news, um, this week, from data breach, today is an article, uh, entitled china's silk typhoon is tied to cloud service provider hacks. So Silk Typhoon is a different state-sponsored cyber what do they call it? Cyber espionage group in China. So we've been talking about Salt Typhoon. You've seen it all over the internet by this point, where Salt Typhoon is another group in China and their latest hack attack, if you will, is they were doing a compromise of service providers, so service provider routers, infrastructure and then basically harvesting data all right off the wire for with unencrypted traffic because they had access. Basically they were. They were essentially man in the middle type attacks. They could because they had access. Basically they were essentially man-in-the-middle type attacks. They could just pull data right off of those routers.

Tim McConnaughy: 3:47

So this is a follow-on to that. So there's this group. The Silk Typhoon group is actually essentially exploiting what was found, like exploiting the data that was harvested from Salt Typhoon to actually start invading people's's like cloud accounts. There's, you know, you take a look at this article, there's a. There's a bunch of of, basically, data that was compromised and taken and, you know, the the group is using it to to further compromise now enterprises.

Tim McConnaughy: 4:17

So a lot of people, a lot of enterprises, looked at salt typhoon and they said, eh, we don't. You know, that's, that's not us, right? We're not getting hacked, it's our service providers. Well, this is actually the, the follow on, if you will, the, the extension of that attack, which a lot of cybersecurity experts were warning was coming. You know, when somebody can steal your credentials, it's like being in a, it's like being in one of those. You get the email and it's hey, we got hacked and your data's gone. You know they sold your data. It may not be today, but at some point. If you don't change your passwords, you can pretty much guarantee that somebody is going to make use of that data, right? So this is it. We've been blowing this horn for a while ourselves on the podcast, but also, you know, at Aviatrix, talking about how encryption you know as as through the provider network is really important. Um, and this really kind of because the show that it's this is the reason, right, so anything to add there um, not much.

Chris Miles: 5:17

I mean, I will say this didn't come out as, like some, like newfound attack, necessarily. To me it seems like they were using pretty common, you know common methods like password spraying across publicly accessible devices and pretty much elevated that to getting access to cloud accounts, cloud management providers, et cetera, and you know, and then going in onto stealing API keys, which is, you know, obviously a big, a big, uh, bad thing actually. Yes, I should say um, but yeah, it's um. One thing I didn't learn, or I did learn from this that I didn't know about, was how the name silk typhoon came out of this. So like, typhoon is apparently the classification of just the threat actor. So that was just a little tidbit I didn't know. So you know, there was, there was a link to a Microsoft page where they're all classified and they each have unique names. Yeah, like Russia's blizzard, china's typhoon, iran is sandstorm and then's uh, even uh, kind of lower level uh classifications from there, which is, which is pretty cool I want to know who gets paid to come up with the names.

Tim McConnaughy: 6:30

Dude, that's the job. That's the job I need.

Chris Miles: 6:32

Yeah, just sit a sit a sit at a desk and say you know what typhoon I'm going on break? That's right.

Tim McConnaughy: 6:38

Well, that's right. Give me my six, six figure salary, yeah reminds me of that, uh, mitch hedberg joke.

Chris Miles: 6:43

I don't know if you remember that one where he's Give me my six-figure salary. Reminds me of that Mitch Hedberg joke. I don't know if you remember that one where he's talking about he's like I want to be the guy that just names kitchen appliances.

Tim McConnaughy: 6:53

Oh yeah, so good, yeah, excellent, yeah. So I mean, we're just going to have to keep an eye on this one. Right? This is in the wild, this is happening. It's a mix. It's a mix of previous exploits and, like Chris said, there's always just the tried and true. You know weak password encryption, weak password, brute forcing and whatnot. So it's happening. So keep your stuff encrypted.

Chris Miles: 7:23

Definitely All right. Next up, we have an article from NetworkWorldcom which is very interesting, titled the Sovereign European Cloud API Claims to Offer Interoperability Without Lock-in. So this article I'll be honest, I'd heard nothing about this prior to finding this, shortly before we recorded the show yeah same about this prior to finding this shortly before we recorded the show.

Chris Miles: 7:49

Yeah, same, but it's actually a very interesting concept in that Europe is kind of leading the charge on things like interoperability. I'm seeing this as somewhat as the iPhone going to USB-C type moment maybe for the cloud operators, going to USB-C type moment maybe for the cloud operators, but, in short, basically a collaboration between a couple of European cloud providers called Aruba and IONOS, and a cloud marketplace called Dynamo are basically in the process of creating something called the Sovereign European Cloud API or SECA, and it sounds like this API is pretty much a way for the large cloud providers and platforms to increase interoperability and kind of create a unified API that can be used for orchestrating infrastructure across hybrid cloud and multi-cloud environments hybrid cloud and multi-cloud environments and kind of you know, kind of you know, creating this unified mechanism so that customers can use, I guess, any cloud provider that they should want with the same API structure that they would use in any of the other ones. This was kind of a thing that at a at a very high level, it sounded cool to me. I was like, okay, that's, that sounds very interesting.

Chris Miles: 9:13

But like I couldn't help but start thinking about the lower layers of it and the technical pieces of it, and I'm like I don't know how the hell this would work with the major CSPs. They all have different services, they all interact very different ways. It's not just always, you know, carbon copy of column A, column B type thing. So I don't know exactly how this would work, but very interesting concept and you know, the EU does push a lot of regulations that force the hand of these tech giants sometimes, so I guess it could be a thing. How do you feel, tim?

Tim McConnaughy: 9:52

Yeah. So I think what you're going to run into here is either it's going to have to be compulsory, like the short answer is, the CSPs are not going to do it unless they absolutely have to do it to do business in the EU, probably. But I'm right there with you. I'm like the only way. There's only two ways this could technically function. I think I figure right.

Tim McConnaughy: 10:13

One is whatever this uh alliances or whatever that this api, this common api that they're building, would be like a third party abstraction layer, like a third-party abstraction layer like you send your API call to our formatted single-use API and then we figure out what to do on the back end to talk to the API and to the CSPs. Or somehow they're going to build the framework and tell the CSPs basically like hey, you need to build support for this into your platform so that people can send it straight to you, but we own the framework of the API, basically. So I don't see that one flying. But I mean, then again, if you want to cut out the entire European market, I guess maybe not even Microsoft was ready to do that right. So back in the 90s and the early, early two thousands when they were on trial for you know, antitrust stuff and whatnot. Yeah, that that's. That's the only way I see it working.

Chris Miles: 11:17

Yeah, I mean in that, in that scenario, like if I guess what? Like the European market is obviously too big to just kind of do away with, right for any of the major CSPs. So I mean, if one cloud provider chose not to adopt this, then that's going to be a major advantage for the other two to say like well, we'll do it, and that's going to be kind of a, you know, a very fruitful endeavor for them. I don't think that's how it'll shake down, but they kind of all have either they none of them have to participate or all of them have to participate type thing.

Tim McConnaughy: 11:53

Yeah, and that's why it's going to back. It has to go back to compulsory, because if you look at the csps, there's absolutely no reason for any of them to be first, you know, to jump on the board of that and be like, yeah, of course I'll, I'll do this right, that's the thing.

Chris Miles: 12:05

Jump on the board of that and be like yeah, of course I'll, I'll do this Right. That's the thing like kind of what I was getting at with the, the iPhone USB-C type thing, like if, if it gets forced in this market, there's no reason why it couldn't permeate to other markets as well. Um, so, you know that's it could be kind of a um, uh, a change in, uh or a shift in how we interact with the cloud altogether. Um, you know if this actually comes to fruition, but, um, very early days, so hard to tell. But yeah, it could be. Yeah, it could be quite a uh, quite a rift well, and this is a european initiative, right.

Tim McConnaughy: 12:39

So, it being a european initiative, does this work? Does this hold up in other countries? Would there be like an, an, an anz initiative, like? Like the, the, the. What I mean by that is like the, the framework, the api, the. Does this hold up in other countries? Would there be like an ANZ initiative? Like what I mean by that is like the framework, the API, the standard that they're trying to build right is being built in the EU. Would it be something where they would adopt it worldwide if it did permeate to other markets, or would everybody be building their own? Like? It wouldn't make any sense, right, that wouldn't make any sense.

Chris Miles: 13:06

Not necessarily that they'd all build their own, but that's the thing is like the cloud providers don't change from region to region, right? Right, exactly the way you interact with it in Europe is the same that you interact with it in Australia, except for China. Yeah, china being the obvious outlier. So I don't think we're ever going to see this in.

Tim McConnaughy: 13:23

China, yeah right.

Chris Miles: 13:24

But yeah, I mean, the way you interact with it is always the same. So I mean there's definitely a reason for this to make its way, like if one API structure gets adopted in Europe, then that forces company A or company. B that operates in Europe to have a different interaction mechanism in Europe than everywhere else. So there's going to be a market for someone else to put it in US, put it in Australia, wherever right it's going to happen.

Tim McConnaughy: 13:56

I think, if this works out, yeah, we'll just have to keep an eye on it, see if it gets traction and, like I said, I think it'll end up having to be compulsory to get the real traction and there'll be a huge fight against it. But hey, let's hope Interoperability is good for everybody ultimately. All right, we got one more, and this one is from our own company. This week, aviatrix launched the Kubernetes Cloud Firewall and this is a new capability. You'll find the link in the show notes. By the way, it's on our. Oh, actually, the one I put in there is actually from cloudnativenowcom. So we didn't use our own press release. We used the Cloud Native Now, which is reporting on the launch of the Kubernetes Firewall. So the big thing about the Kubernetes Firewall is it's really just an extension of our own Cloud Firewall product. It's a new capability with new use cases for Kubernetes. I don't want to get into a. You know, it's not like. Maybe we'll do a product demo at some time just to show everybody what that looks like, but this just in terms of the news itself. The news is, of course, that we've launched this feature and it's going to provide, you know, relief from, say, overlapping IPs. We have a pretty advanced snap capabilities. So it's got you know all of the distributed cloud firewall stuff that we already do. You can basically leverage that, but also use Kubernetes attributes. You can onboard your clusters and then the clusters we basically would read a cloud asset inventory, which is reading the cube API for reconciliation of workloads, of pods, namespaces, all of that, so you can build security policy based on Kubernetes attributes, which is pretty cool.

Tim McConnaughy: 15:46

Now a lot of people are asking what we do inside the cluster, and actually we very specifically chose not to build a product that goes inside the Kubernetes cluster, and there's a couple of reasons for that. One, of course, is that the product just isn't built to go to do that we're not a CNI right. And the more important one is that the product just isn't built to go to do that we're not a CNI right. And the more important one is that, truthfully, I mean you look at Cilium Calico, you look at Istio Linkerd, like that's covered right, like there's not really a reason to build a product to go inside the Kubernetes clusters and start offering security policy in there. Yeah, why build a product that already exists and does its job really well? So we chose to focus instead on the idea of okay.

Tim McConnaughy: 16:30

Well, what about when you're leaving the cluster? What does that look like? Right? What about when you're integrating with legacy workloads? Because I don't know of any company maybe a couple Greenfield startups or something that are fully Kubernetes, like their entire application stack is microservices. Most people have some kind of legacy, whether it be on-prem, whether it be in the cloud, whether it be PaaS services like RDS for databases. We're still not putting a lot of static or rather stateful services in Kubernetes. You know there's a lot of need for egress as well to the internet. Um, you know being able to do web proxy and do a security for that as well. So, uh, that's kind of where we're thinking about playing. Um, anything to add to that? Chris? I missed.

Chris Miles: 17:15

No, I think I think you covered it. I mean, obviously this is a press release, but you and I obviously know a little bit more behind the covers about the press release. So, um, the yeah, I think that, like you said, tim, is like there's, there's, there's a lot of products out there that solve the intra cluster um security problem in in in very good ways, right, um, but it's kind of harder to kind of take that like higher level view and look at the entire network as a um, uh, as an entire system, entire system, and be able to ingest native things about the clusters using APIs or, you're sorry, using the cube API, and use that in security policy for interacting either with other clusters or other resources on the network. So that's kind of the view that we took and, yeah, we're seeing a lot of traction with this, so it's a really cool product. So, yeah, I think that's about it Cool.

Tim McConnaughy: 18:10

Cool and yeah, maybe in a future show we'll show it off, not as like a sponsored by thing, but just we think it's a pretty cool product. It's brand new and a lot of people haven't seen it and we get a lot of questions about it. So, yeah, um, okay, and that will close us out for uh this week, I think. So go ahead and uh, download us, listen to us, watch us, um, do all the normal things listening.

Chris Miles: 18:36

You've probably already downloaded this, but that's a good point, yeah, so download the rest of them.

Tim McConnaughy: 18:40

Download the rest of the episodes, episodes, or download the episode that comes out a week after this one.

Chris Miles: 18:46

Yeah, that would be good as well. That's the most important thing.

Tim McConnaughy: 18:48

Yeah, good call, but yeah, no. Thanks for hanging out with us and we'll see you next time on the news. Hi everyone, it's Tim and this has been the Cables to Clouds podcast. Thanks for tuning in today. If you enjoyed our show, please subscribe to us in your favorite podcast catcher, as well as subscribe and turn on notifications for our YouTube channel to be notified of all our new episodes. Follow us on socials at Cables to Clouds. You can also visit our website for all the show notes at cables2cloudscom. Thanks again for listening and see you next time.