63.

Tracers on the stage: Andy Greenberg, Michael Gronager and Tigran Gambaryan talk
cryptocurrency tracking

DINA TEMPLE-RASTON: Last week on Click Here, we talked to a Ph.D. candidate and her
thesis advisor who were doing this unusual thing.

SARAH MEIKLEJOHN: Stefan still has a lot of the physical artifacts.

STEFAN SAVAGE: I mean, I can show you. Do you wanna see some of them?

TEMPLE-RASTON: I’d love to.

TEMPLE-RASTON: That’s Sarah Meiklejohn and Stefan Savage from the University of
California San Diego. And about ten years ago, they started buying all kinds of random
things on the internet to prove a theory.

SAVAGE: So, like, we have a Guy Fawkes mask — very on brand for the time. Earrings, some
organic Colombian coffee beans…

TEMPLE-RASTON: They were shopping for things and paying for them with cryptocurrency
to see if they could trace the transactions.

SAVAGE: There was an assumption that because there were no names in Bitcoin, there was
no addresses, that it was really anonymous.

TEMPLE-RASTON: We told part of this story last week. And all of this was inspired by a new
book by WIRED senior writer Andy Greenberg. It’s called Tracers in the Dark and it is all about
how Sarah Meiklejohn figured out that cryptocurrency wasn’t shadowy and mysterious
because of the public digital ledger that keeps track of all the transactions, known as the
Blockchain. Which is of course public, transparent, and allows everyone to look at it.

MEIKLEJOHN: It's a little hard in retrospect to imagine thinking like, oh wow, that's, you
know, that's how I'm gonna hide all my criminal activity. Um, you know, again, in this, like,
immutable ledger.

TEMPLE-RASTON: A ledger on which you can follow the money to crimes it paid for and the
people behind them. But Sarah’s shopping spree was just the opening act in a much bigger

1
story that came to involve drug dealers, hackers, and crypto thieves. And now, we’ll go
behind the scenes with some of the people who helped bring them to justice.

[THEME MUSIC]

TEMPLE-RASTON: I'm Dina Temple-Raston, and this is Click Here, a podcast about all things
cyber and intelligence Today, a special live episode, on stage with three people who watched
— and helped — the cryptocurrency tracing industry grow. The session was a kind of master
class in financial cyberwarfare.

ANDY GREENBERG: I still thought, like if you, if you're careful, if you, like, go through a few
more obfuscating steps, like if you put your money through a few addresses before you do
the drug deal or something, you can stay a step ahead of these guys.

TEMPLE-RASTON: Stay with us.

[BREAK]

[APPLAUSE]

TEMPLE-RASTON (ON STAGE): Good morning and welcome to Links 2023….

TEMPLE-RASTON: Earlier this month, on a stage in New York City, I moderated a panel
discussing the early days of tracing crypto. Once a pie-in-the-sky idea from people like Sarah
Meiklejohn, it has evolved into a fully fledged industry. And one of the industry leaders is a
company called Chainalysis, a billion-dollar company, with clients in law enforcement,
intelligence agencies, even central banks.

TEMPLE-RASTON (ON STAGE): Fast Company called Chainalysis the $8 billion crypto unicorn
that crypto loves to hate.

TEMPLE-RASTON: The CEO of Chainalysis joined me on stage. His name is Michael Gronager.
We also talked to a crime-fighting IRS agent, Tigran Gambaryan.

2
TEMPLE-RASTON (ON STAGE): And he was a special agent for the IRS for a decade. So
basically an accountant who has actually had a gun, too. He was a point man in nearly every
major investigation.

TIGRAN: We love being called accountants with guns.

TEMPLE-RASTON (ON STAGE): Oh good, I'm glad we started out well then.

TEMPLE-RASTON: And, of course there was Andy Greenberg, who's been reporting in this
space for more than a decade.

TEMPLE-RASTON (ON STAGE): So please join me in welcoming them here today.

[APPLAUSE]

TEMPLE-RASTON: Andy kicked off the conversation, going back to the early days of
cryptocurrency, and what compelled him to write this book

ANDY GREENBERG: So, 2010 or so, I was working on a different book about the
cypherpunks, this movement of radical libertarians who believed that they could use
encryption tools like cryptographic anonymity tools to take power away from governments
and give it to individuals in really radical ways. Like, they wanted to empower people to have
untraceable black markets on the internet and have untraceable assassination markets,
even. I mean, they dreamt of this world of true crypto anonymity.

And so, yeah, when I came upon it, I was like — being the kind of reporter I am, who covers
this dark side of the internet — this is gonna be a new world of cyber crime, like money
laundering, online drug deals, terrorist financing, God knows what. And all that came to pass.

I mean, it really did seem like Bitcoin was this thing where you could put unmarked bills in a
briefcase and send it across the internet to anyone in the world without revealing your
identity. And it was working on things like Silk Road — you know, the first dark web drug
market. But I’m embarrassed to say this in front of these guys because if you flash forward
to 2020 or so, that's when I began to see that I was not just, like, a little bit wrong about
this. I was fully 180 degrees incorrect about my notion of Bitcoin's privacy properties. And I
began to see that no, actually, not only is Bitcoin traceable, but that actually you can follow
the money on the blockchain even more than in traditional finance.

3
Tigran and Michael specifically had used this to take down burglars behind the biggest heist
in cryptocurrency in the time and take down the biggest dark web market in history and the
biggest dark web child sexual abuse network as well. So, it looked to me like this was a
book-shaped story worthy of spending years writing.

TEMPLE-RASTON: Michael, could you explain how you came to this epiphany of how you can
trace a transaction in the blockchain?

MICHAEL GRONAGER: So first of all, I read Satoshi’s white paper back in the day. And he
kind of uses this word of pseudonymity, and he doesn't use the word of anonymity, and he
does that on purpose. So he basically says, this is not anonymous money. And I think there's
one sentence that basically says that there's some ways you can maybe do this one day.

TEMPLE-RASTON: Let me just stop you for a second. So you're talking about the white paper
that actually kind birthed…

GRONAGER: That was the creation, the real innovation of Bitcoin. Like that's back in 2009, I
think it was. Then after that I read an article by Sarah, Meiklejohn. She kind of tried out
some of the early things or ideas from Satoshi around, like, how can you actually do this in
practice? So she managed to do that at scale and show this is doable. And then I started to
tell regulators and others in the year of 2014 that this can actually be done. And they're all
like, Yeah, you say so, but that's not really happening. And I take that as a call to action and be
like, I’ll show it can be done.

TEMPLE-RASTON: And Andy, you write about this in your book. When he explained this to
you, was it sort of an epiphany to you that you thought, Hmm, I thought this was anonymous,
and it's really clear it's not.

GREENBERG: Well, I did have that epiphany. But, as Michael credited, Sarah Meiklejohn was
the one to put those first cracks in this myth of anonymity. She was the one who came up
with this bag of tricks. So she was the one for instance, who showed that you could create
clusters of addresses — basically, like, the one person or a service is responsible for
thousands — or millions sometimes — of addresses.

And then she was the one, as you said, who did the undercover transactions to start to label
those clusters. Almost like a narcotics cop doing a buy-and-bust. I bought marijuana from
the Silk Road. I feel weird saying that. There’s federal agents on this stage.

4
TEMPLE-RASTON: There’s a collective gasp that went through the room.

GREENBERG: [To Tigran Gambaryan] You’re not a federal agency anymore.

TEMPLE-RASTON: As long as you paid taxes on it, it's fine.

GREENBERG: Yeah. And so I asked Sarah, like, can you trace my transactions? And she did.
Immediately she showed that I had done basically an illegal drug deal in public view. And I
didn’t go to prison.

TIGRAN GAMBARYAN: Did you get the drugs?

GREENBERG: Oh yeah. A gram from Silk Road. Two other…yeah, we'll talk about it later.

TEMPLE-RASTON: The investigation into Silk Road was one of the first tests in tracing crypto.
Tigran Gambaryan, that former IRS agent with a gun, had been investigating other
members of law enforcement — tracing payments between known criminals and, it turns
out, federal agents.

GAMBARYAN: The investigation was [into] Carl Force and Sean Bridges, DEA and secret
service agents, that were working on the original Silk Road investigations out of Baltimore.
And then through the course of their investigation, they had stolen tens of thousands of
Bitcoin. And also caused a couple of murders-for-hire to be placed on Silk Road.

But the point of it is that to me, that was kind of the proof of concept for companies like
Chainalysis. That was kind of what showed that it can be done in the court, you know, in the
court of law that you can use blockchain evidence to support criminal charges. Prosecutors
are very hesitant to do anything new that hasn't been tried. And I had an opportunity and
the pleasure in working with prosecutors that were crazy enough to do that. So we kind of
set a precedent for everybody else to kind of replicate. It's amazing, and it's still being used
to this day. In retrospect, it was a very simple case. When you use Chainalysis now you can
just go in and…

GRONAGER: It's easy.

GAMBARYAN: Super easy, yeah.

5
TEMPLE-RASTON: But for Michael, this wasn't about drug busts and Bitcoin. This was bigger
than that. This was about cryptocurrency itself. And ground zero to test whether crypto
tracing could actually scale was Japan, where, nine years ago, you may remember, the
world's largest crypto exchange at the time — Mt. Gox — went belly up. Hundreds of
thousands of bitcoins, nearly half a billion dollars' worth, just disappeared.

And no one knew for sure if incompetence, mismanagement or good old fashioned theft
was to blame. Michael was sure he could get to the bottom of it.

GRONAGER: Mt. Gox was the biggest exchange in the crypto space for many, many years,
starting from 2010 and 2011 and 2012, getting into 2013. And in 2013, they announced
they're going bankrupt. The Bitcoin price had just that year went from a hundred dollars to
a thousand dollars or so in the course of, like, six months or so. Everyone is super excited in
the crypto space.

Now people can't take their money out of the Mt. Gox exchange and they go bankrupt, and
the entire 2014 goes by and everyone expects to get their money back. And nothing really
happens. We are basically in talks with the bankruptcy and with regulators in Japan because
we want the industry to not go down because of Mt. Gox, and we want to help the creditors
in that case as well. So having different conversations with the bankruptcy trustee, and one
of the ideas that kind of emerged pretty fast — because there's a lot of confusion on Reddit
and everywhere else, basically people discussing, did Mark steal the money?

He was the CEO of the exchange. What actually happened? So there’s a lot of speculation
and I felt that if we dove into it, and I looked at the database, we could probably figure it
out. So that was kind of the idea. And then they wanted to meet us, so I went to Japan, and
we basically started the conversation. They wanted to understand, like, How can this be done?
What are you planning to do? What are the ideas around it? And at that time, I'm basically, like,
Yeah, I think I can do this, right? And then we'd take it from there.

TEMPLE-RASTON: Were you before 30 lawyers in Tokyo, sort of explaining the very basics of
Bitcoin or did they get it?

GRONAGER: So they got some of the basic things around Bitcoin, I would say that. But I
would say the real challenge, in their case, was [that] in normal bankruptcy, there's no
criminal element. It's just, like, money got lost because of bad business behavior. That's
what happens, like, every day.

6
But in that situation, it’s like, What should we actually trust here? Because a lot of people on
Reddit says that there's a problem with the management, and now these people come to us
and tell us that maybe there is, and they want to help investigate it. So they want to build
some trust with us and figure out is it right.

TEMPLE-RASTON: So you get access to the Mt. Gox database, and you see there are some
transactions. And then you look at the blockchain and then you can work back from that to
figure out what's missing, right?

GRONAGER: Yes, so basically I can take a wallet that's described in a database, and the
database tells me all the transactions that wallet has done that's initiated by someone on
Mt Gox. And then I look at those, and I can see that that sums up to a certain amount. Then
I can look at the blockchain and I can see — what did that wallet actually do? And it turns out
that it actually sent another 600,000 to 800,000 Bitcoins more than the wallet in the
database, but it's the same wallet and it's on the blockchain. So it meant that apparently
someone has had access to that wallet in another way. So it had been breached. And that
was a time where that became crystal clear.

[MUSIC]

TEMPLE-RASTON: When we come back, we explain how being able to confirm cryptocurrency
transactions completely changed the landscape of cybercrime. Stay with us.

[BREAK]

TEMPLE-RASTON: Last week, we told the story of Mt. Gox and its crash, led in part by a
massive crypto heist carried out years before. The perpetrator — or, one of them, at least —
turned out to be running another exchange in order to launder the money. It was called
BTC-e.

The investigator who dug into all of this was our IRS agent with a gun, Tigran Gambaryan.
And I asked him about that

TEMPLE-RASTON: And Tigran, how do you sort of fit in with this?

GAMBARYAN: So this was around the time when I was working the BTC-e investigation.

7
TEMPLE-RASTON: Can you explain what BTC-e was?

GAMBARYAN: BTC-e was kind of this unknown exchange. People made assumptions about it.
People said it was based in Europe. Some people said it was based in Asia. Nobody knew
who the owner was, but it was a fairly large exchange. And I think, at the time I was
investigating it…

TEMPLE-RASTON: You're with the IRS at this point?

GAMBARYAN: When I was a special agent with the IRS, you know, we were continuously
talking. I mean, I kind of make fun of Michael telling him that I need some shares in
Chainalysis because I was probably their best salesman at the time. But we were working
quite well together, and we were involved in quite a few cases.

It wasn't just BTC-e. It was a weird time where everything was kind of happening at the
same time. And once we figured out that, you know, cryptocurrency was traceable, it kind of
opened up a whole new world, right? It wasn't something special, right? Like, there's
nothing special about me or any of the work that I did. It was just [that] we were there first,
and it was just the realization that this is actually doable.

TEMPLE-RASTON: So you're sitting at home and Michael's writing code. I assume you're not
writing code, so you're sitting at home and doing what?

GAMBARYAN: I was doing accounting with a gun.

[Laughter]

TEMPLE-RASTON: Well, so the gun's on the table and you're looking at your computer
screen, and you're trying to figure out patterns. And Michael is doing it in a sort of coding
way?

GAMBARYAN: So, I didn't even know about Michael when I started looking at cryptocurrency.
This case came up and everybody's like, Oh yeah, Bitcoin’s traceable. We can totally do this. I'm
like, has anybody actually done this? No, but it's all there. And so I had to actually go there
and I'm like, is there something wrong with me? Am I not getting this? Like, I don't think
this has been done. And every single time where this has kind of been brought up, there's

8
no actual evidence of somebody using or tracing cryptocurrency to identify specific illicit
transactions and specific uses of illicit transactions.

TEMPLE-RASTON: What I'm trying to explain here is the evolution of things, right? So we
start out with Sarah Meiklejohn at UCSD, who's buying simple things like a Boston CD. And
then it expands even further to what Michael did at Mt. Gox. So did you approach it
differently because you were looking at things as a single person, whereas Michael was
looking at something with wallets and clusters? Or did you guys come in and be able to put
both your lenses on this in a way that strengthened it?

GAMBARYAN: I think I was looking at a completely different investigation. And then we kind
of met in the middle.

GRONAGER: Mm-hmm. I think so.

GAMBARYAN: Yeah, so he was working in the Mt. Gox angle of it, and I was working kind of
the BTC-e angle of it. And the crosspoint became evident, like, Wait, did somebody just create
an exchange to launder all the money they stole from Mt. Gox? And I think that that's essentially
what happened is that, I mean, if I had stolen 800,000 Bitcoin, I'd probably create an
exchange to launder it. It's more efficient — save on some fees.

TEMPLE-RASTON: Now you guys figure out how to trace blockchains. So I'm wondering now,
as we sort of kick this forward, how are we seeing criminals evolve in response to this? And
how are you preparing for that?

GREENBERG: Oh, there's absolutely been an evolution of the game. I mean, there's been an
evolution on the cat side and the mouse side of this game. The cat side is, like, in this room.
I mean, Chainalysis is part of a huge industry. There is competition for the smartest minds
to find new ways of tracing cryptocurrency. That is not something that I would've imagined a
decade ago. But yeah, the mice are responding and they are adopting more and more
privacy technologies like Monero, which is a newer coin that kind of tangles up everybody's
transactions on the blockchain and integrates mixing and obfuscation in every transaction.

And Zcash, which uses this newfangled technology called zero knowledge proofs to
essentially encrypt the entire blockchain. So there is, in theory, no foothold or fingerprints of
any kind for a Chainalysis — or a Tigran, for that matter — to exploit. It feels weird to say
this on stage, but I’ve seen a leaked Chainalysis document that suggests that Chainalysis is

9
not unable to trace Monero in a lot of cases. I don't know about Zcash. Zcash looks like it's
truly untraceable. I’m looking at Michael as I say this…

TEMPLE-RASTON: Yeah. Michael, do you wanna give us an idea?

GRONAGER: I'm putting on my poker face. No, I'm saying basically, I think one of the main
premises as you described early on was basically: Is crypto here to help the cypherpunk
movement? Is that really the core value proposition — the strive towards true anonymity in
this world? And I've always been of the opinion that it's actually not the case. It's here to
create, like, financial freedom. It's basically here because value wants to go to the
blockchain because it's more optimal to be there. And I think that's the reason why we have
the growth in the crypto space. And then I got the same question, like, Can the mice run
faster? What's going to be the next thing? And I got that from investors, from everyone.

And I always met that with one, with one answer and say like, try to look at numbers. If
Zcash and Monero are going to be the biggest cryptocurrencies of 2023, yes, then I was
wrong. And then I probably will never be able to do this. But the fact is that that's not what
people do. They buy Ethereum in big amounts. They go into Solana. They use Bitcoin, still.
And that means the volume of, I would say, legitimate cryptocurrency or easy-to-trace
cryptocurrency is huge today. And Monero and Zcash has stayed a pretty niche problem.
And in the world of anonymity and understanding different things there, if the anonymity
set is small, it takes very few mistakes to actually be able to identify someone, right? If the
anonymity set is huge — like millions and billions of people — yes, then it becomes way
harder and like it's much more costly to do, right?

TEMPLE-RASTON: What are you seeing, Tigran?

GAMBARYAN: So I don't think Satoshi created the Bitcoin whitepaper to hide his marijuana
purchases, right? I don't think this was his goal, right? When did Bitcoin go live? It was two
months after Lehman Brothers collapsed. His goal is to empower people and kind of limit
the impact that a bank collapse could have on users — basically, putting power in control of
the people so they can use money and not have to worry about a bank collapsing, right?

So I guess privacy is an element of it. But the public-facing blockchain, being able to
confirm transactions, being able to not have to have a third party involved in a transaction
— I think that was the goal. I can actually go in and, using tools like Chainalysis, confirm
first, this money came from a dark net marketplace. Whereas a bank is only gonna make
assumptions. To me, blockchain is kind of the best of the both worlds. It empowers people,

10
but at the same time, it allows exchanges and law enforcement to actually be able to
identify these transactions.

TEMPLE-RASTON: So what I'm hoping is that our last half hour conversation gave you a little
taste of what's in Andy's book, Tracers in the Dark. And I hope you'll read it and learn more
about this, and I hope we whetted your appetite. Thank you very much for being here this
morning. Thank you.

[APPLAUSE]

[MUSIC]

[B SEGMENT MUSIC]

TEMPLE-RASTON: North Korea is a bit money obsessed. For years, it was known for making
the world’s most perfect counterfeit hundred dollar bill. And they’ve been behind some
infamous heists.

In 2016, North Korean hackers were on track to steal some $1 billion from Bangladesh's
national bank. They made off with $81 million by the time they were discovered. Now North
Korea is all about crypto. Authorities say they were behind last year’s $100 million heist at a
crypto transfer company called Harmony. And they appear to have come up with a new
ingenious way to launder their ill-gotten gains.

Click Here’s Sarah Wyman explains.

SARAH WYMAN: Joe Dobson has been following North Korean hacking groups for years now
and he tracks them from behind his computer screen.

JOE DOBSON: You can see a robbery happen in real time. You see where the funds are
moving, you see what the getaway vehicle looks like. That's what it's like day to day.
Watching that happen in real time is, is fascinating

WYMAN: And, recently, Joe and his colleagues at the cyber threat intelligence group
Mandiant have spotted a new example of their inventiveness. For the first time, they’ve
documented North Korean hackers doing something called crypto washing.

DOBSON: So the way I like to describe it is I like to use a bank robbery analogy.

11
WYMAN: We love a bank robbery analogy.

DOBSON: Everyone can relate to a bank robbery, right?

[MUSIC]

WYMAN: When you steal cash, you’ve got paper bills. Maybe they’re marked in some way,
Their serial numbers might be tracked. And in the same way when someone steals
cryptocurrency there are ways to trace it: With help from the giant digital ledger known as
the Blockchain.

SARAH MEIKLEJOHN: It's completely transparent. You know, anyone who wants can just
download it and, and look at every transaction that's happening.

WYMAN: That’s Sarah Meiklejohn. She’s the researcher who proved that the faceless users
behind those bitcoin transactions aren't really anonymous.

MEIKLEJOHN: I mean, we could trace things quite easily ourselves just by accessing the
blockchain.

WYMAN: This discovery was game-changing. It meant analysts and law enforcement could
find stolen or “dirty” crypto.

DOBSON: So if someone, if, if they were to steal crypto from me, And then go spend it
somewhere. I can go to that vendor and say, Hey, look, you're, you're taking stolen
cryptocurrency. And alert them.

WYMAN: But if you can launder that dirty crypto, and trade it out somehow for untainted
cash, well, then you can spend that Bitcoin or Etherum without anyone knowing where it
came from.

Back in 2016, the North Koreans did an analogue version of this after they stole millions of
dollars from Bangladesh’s national bank. And it was quite the project.

DOBSON: they spent, what, a month laundering the funds that they got out of that bank
heist.

12
WYMAN: The whole thing involved a casino, some actors. They even swapped millions of
dollars in stolen money for poker chips. Like I said, it was complicated and expensive.

DOBSON: And even then they had to pay all kinds of middlemen and other folks to help with
that laundering process.

WYMAN: So, not surprisingly, now that they have billions of dollars of stolen crypto burning
a hole in their pockets, they need a way to wash the dirty trail away. And what they came up
with is having people essentially print new money for them. Which, when you are talking
about crypto, means they mined some nice, new, clean Bitcoin. And they paid for that effort
with the stolen crypto.

DOBSON: When we saw it, it was very much a duh moment of, Oh my gosh, like why didn't I
think of that before? It really does make so much sense. Like, once you really sit down, you
think about it, you think about the laundering process. How can I take dirty crypto, turn it into
clean crypto in a way where folks can't track it easily but you still get most of the funds back?

WYMAN: Are you surprised that this is the first time you've seen someone washing stolen
crypto this way?

DOBSON: I'm sure that North Korea is not the first one to use stolen cryptocurrency in this
kind of laundering mining process. But to see a nation-state actor do it, I think that's
notable.

WYMAN: Now, Joe and his colleagues are on the lookout for others to start doing this, too.
It’s a way of avoiding the traditional banking system.

DOBSON: Look at how sanctioned Iran is. Look at all the sanctions that were levied against
Russia after the invasion of Ukraine. We would be fools not to think that they don't take
notice of how successful North Korea has been. If North Korea's doing this, how long until
another nation is doing this? And how long until a non-trivial portion of that mining process
is run by nation states?

WYMAN: And all their billions in ill-gotten gains could just vanish.

I’m Sarah Wyman, and this is Click Here.

[B SEGMENT MUSIC]

13
[HEADLINES MUSIC]

TEMPLE-RASTON: Here are some of the week’s top cyber and intelligence stories.

A cyberattack on a hospital in Ontario, Canada, is causing delays to scheduled and

non-urgent care. Cornwall Community Hospital, a healthcare facility in Eastern Ontario, said
it discovered the attack last week and said it had hired cybersecurity experts to respond to
the issue.

Administrators said the Electronic Health Record system had not been affected, but there
were some delays to scheduling. The hospital has 175 beds and a staff of 1,200 employees,
including 180 physicians. The attack is important because it follows a week in which Canada
appears to have been in hacker crosshairs. The website for the prime minister’s office was
hit with several distributed denial-of-service attacks, as was the website for a state-owned
electricity provider, Hydro-Quebec. The attacks come just days after Canada’s Prime Minister
Justin Trudeau met with Ukraine’s Prime Minister..

—-

German automotive and arms manufacturer Rheinmetall suffered a cyberattack late last
week. The company’s industrial arm — which produces, among other things, auto parts —
was targeted. The company said in an email to Recorded Future News that its defense
division, which produces military vehicles, weapons, and ammunition, was still operating
reliably. Although it is unclear who is behind the attack, the Russian hacktivist group Killnet
posted a message on their Telegram channel last month urging its followers to launch a
distributed denial-of-service attack against Rheinmetall. The company is in talks to build a
new tank factory in Ukraine.

And finally, Google and a coalition of cybersecurity companies and organizations unveiled
several new initiatives intended to encourage ethical hackers to discover and disclose
vulnerabilities, and to protect them from legal trouble when they do so.

The companies have established a legal defense fund and an advocacy group called the
Hacking Policy Council, which will lobby for legislation and regulations to protect good faith

14
actors who find vulnerabilities and report them. This is a trend. The Justice Department
recently amended its charging policy to explicitly discourage going after ethical security
researchers.

[THEME MUSIC]

TEMPLE-RASTON: I’m Dina Temple-Raston. I’m the executive producer and host of the show.
Sean Powers is our senior producer and marketing director. Will Jarvis is our producer.
Sarah Wyman is our writer/reporter.

And this show was mastered by Gabriela Glueck.

Our editing team is led by Karen Duffin and Lu Olkowski. Darren Ankrom does our fact
checking. And our theme and original music compositions are by Ben Levingston. We also
use music from Blue Dot Sessions.

Special thanks to Andy Greenberg for his book ‘Tracers in the Dark’ which explains the
evolution of financial cyberware.

And we’d love to hear from you. Please leave us a review and rating wherever you get your
podcasts or send us an email at Click Here at Recorded Future dot com.
Check out our website with details about our shows and our whole show catalog at
ClickHereShow dot com.

That’s a wrap for this week. I’m Dina Temple-Raston, we’ll be back on Tuesday.

15