Name: NAM + Europe | Warfare without borders: AI’s role in the new age of cyberwarfare - 2025 Armis Cyberwarfare Report
Uploaded: 2025-04-23T16:16:04.282Z
Duration: 1 h 8 s
Description: NAM + Europe | Warfare without borders: AI’s role in the new age of cyberwarfare - 2025 Armis Cyberwarfare Report

Transcript for "NAM + Europe | Warfare without borders: AI’s role in the new age of cyberwarfare - 2025 Armis Cyberwarfare Report": Hello, everyone. My name is Michael Rothschild from Armis. Happy to have you all on the call today. I have three very esteemed and distinguished members, for us to talk about, a little bit about the state of cyber warfare. As you may be familiar, we have just issued our third annual cyber warfare report, where we revisit the findings and analyze different attack methodologies that we've seen, and any kind of sentiment towards cyber warfare. The most important thing is to give you the information that we can help, the organizations that we work with as well as the greater security community ensure security of their devices, their assets, and their organization. This year, we had surveyed over 1,800 IT decision makers in over a thousand companies. And, to date, we had slightly over the three years, we have, talked to almost, 11,000 respondents. So we get a really good cross section, and we're here to share some of the reaction of the cyber war warfare report. Now if you haven't seen it already, you can download it on the ARMA site. But having said that, let's get into the meat of today's conversation. I'd like to introduce each of our panelists, starting with Nadir. Hi, everyone. I'm Nadir Israel. I'm the CTO and cofounder at Armis, and it's gonna be a great topic to discuss today. Great. Welcome, Nadir. And over to you, Andrew. Hey, Andrew Greeley. Part of the acquisition of Cyber Threat Cognitive Intelligence, with Armus. It's twenty, eight years, man more in cyber. So, yeah, great to be here. Andrew, thank you so much for joining. And over to Michael Freeman. Hello. Michael Freeman here, head of threat intelligence. Great. So you can see where we're getting a lot of our good information from, and these are just a a couple of the gentlemen, a couple of the folks in the pharmace that are collecting information, that are really working on the front lines every day to ensure that we do stay safe. So, gentlemen, I'd like to go into a little bit of detail, and and please feel free to answer if you see fit and make comments and everything else. But, you've read over the report. What are some of the most alarming trends that you've seen in this new report that we issued, the 2025, armed cyber warfare report? Yeah, Michael. I think this year's report was a huge shift in people concerned about cyber warfare. Right? We went from about a 54%, which to me is nothing to write home about about people worried about cyber warfare, to 87% of the IT decision makers. That means cyber warfare is front and center, and we've never seen this number that high. The other one there that really surprised me was 72 of people thinking this year or so is gonna be a full scale cyber war right across the world. And that that to me is a huge uplifting worry about cyber warfare. That wasn't even on the radar last year as as any sort of percentage. And even in the last month, we're seeing more and more uncertainty. Right? We've seen since the since the report, we've seen things at CISA, MITRE, CVEs and the rest in the last month. So there's more and more uncertainty in this world, and it's making cyber warfare more and more important to all organizations out there. It's true. Every year, we see, new things come out, but this year has been a particularly, interesting year in terms of cyber warfare, in terms of the things that are being targeted, in terms of the tactics, techniques, and procedures that are being used. I'm curious, in terms of, industries or sectors, are there any specific sectors, from this report that is getting hammered or targeted, by, cyber criminals or or or or cyber warriors as it may well be, more than others? Are there ones that we should keep an eye on? Yeah. I'm seeing definitely, very targeted attacks, especially towards the manufacturing, OT, as well as, any form of telecommunications is really being targeted at the moment. We're starting to see an uptick in health care attacks also, which is quite concerning and especially in the methodologies that, we're seeing. It's one of those things where we're starting to see it live, more live enough land type of attacks, and we're seeing more IoT, OT type of systems being targeted primarily because they're not as well managed and focused on, yeah, for the past twenty to thirty years. Yeah. I definitely can see how, the amount of attacks that are happening in critical infrastructure are especially concerning obviously, you know, we we're we're talking right now, and each of us have probably taught, touched or been influenced today by a bunch of different critical infrastructure elements. We brush our teeth in the morning, fresh water, we turn on our light, electricity, and even some things we don't think of. Maybe we stopped at the bank and and took some money out. All of these things are critical infrastructure. Even just taking a bus or train or other means of transportation to work, these are all critical infrastructure. So many organizations, or I should say, many criminal organizations, are targeting critical infrastructure because it does the most damage. So it's not surprising that we see that. Now, I'm just curious, in terms of blind spots, right, we all have blind spots when it comes to security, and obviously we try and minimize them as much as possible. Are there any particular blind spots that you're seeing as a common thread across these infrastructures that are being targeted? Some of the biggest blind spots that we're seeing right now are the lack of understanding of some of the the basics of the technologies that run our critical infrastructure. We saw things like Apache, Camel, and saw some critical vulnerabilities that we saw being compromised. Thing was very few people even knew that was a very critical piece of our infrastructure. That was not well known, And we're seeing more and more attacks on software libraries that are very critical to the net you know, the how we run our infrastructure that very few people even know about that are getting compromised through a a supply chain attacks. So, yeah, that's quite concerning. I just talked to an individual this past week that, confirmed to me that there's, an estimated close to 300 transformers in The United States that are being reviewed for possibly having a backdoor hardware backdoor that was implanted within the supply chain. So that's, you know, a big area of concern that we're reviewing and looking into. If I add to that, I think there's a there's a number of others too. Right? So you've got your pans, your VPNs, your firewalls. People never really monitor those as security tools being compromised. Right? That's changing because we've had quite a few vulnerabilities in that sort of space. The other one there is simple. Right? Chrome browsers, your browsers, the most common way to compromise an organization. Right? So they're surfing the web or they're getting emails. So if there's a use after free for crime that comes out, patch it there's two to four hours of threat actors are using that. The other part there is what we're seeing is that people are still patching today based on CVS scores, but not on the risk itself. Right? So you get better threat intelligence that way. And my other part there is, once again, like, it it comes back to basics a lot of times. Right? Which is, you know, we love the shiny new security tools, but it comes back to really understanding your threat landscape, understanding what threat actors are focusing on, and then managing that risk effectively. And if you have that whole pipeline, that makes things a lot easier to to focus on really what's important. Yeah. I think one of the the main things that we see in just so many companies that we work with is this backlog of stuff. Right? More often than not, there can be new vulnerabilities, new threats, new problems with code, or or or or problems with access control, and it just builds up because you don't know what to deal with first. Nadir, I'm curious from your perspective. You you literally have been here since we turned the lights on at Armas. I'm curious to hear, over time, what have you seen change from from day one since Armas started? Well, I think when Armus started way back then, the biggest challenge was actually visibility. No one knew what they had in their environment. So all of these ideas and concepts of I'm gonna proactively, you know, mitigate, this and that. I'm going to, prioritize my vulnerability list based on attack paths and what threat actors are doing. All of these are, almost, kind of a no go from the start if you don't really know what you even have in your environment, if you don't even know what's vulnerable in the first place or kind of where things are placed in your environment. So early on, that was the challenge. But I think as security programs matured, as things progressed, that challenge became, okay. Now what do I do with all of this, magnificent data? How do I actually do some of the great things that Andrew and Michael have just been referring to? I think the biggest shift we've seen is this shift from a very reactive stance to a much more proactive security program or at least an attempt to do so. I think that this is where, Armis and technologies like it come in. We can facilitate a much more reasonable proactive approach to risk management. I like to say that, it's almost like, for about a decade, the entire, security industry was obsessed with, reactive detection response. It's kinda like, you have a house. And instead of locking the doors and windows, you're obsessed with building all these sensors and everything to catch the intruder in the app and then go and beat them. When in reality, all you needed was to just lock your door. You know? Lock a couple of windows on the bottom floor. Now, obviously, the problem in reality, if I really had to equate it, is that, this, figurative house has millions and millions of rooms in it, and it's a very, very difficult thing to understand this contraption and how what are all the ins and outs. But armists and tools like it are exactly what, would allow to not only effectively map all of this out, but then layer that in with some of the, amazing information and technology that you can use today to really get at, okay, what are the entry points into this figurative house that are the most common, the most used, the most relevant to protect and pursue that? And, yeah, to Andrew's point, it doesn't necessarily have to be a critical vulnerability. Threat actors are very wise to this game, and they will often use things that get overlooked in the in the regular process. So I think that to go back to your question, the big change I'm seeing is decided shift. CISOs by security programs to try and get proactive. Try and build a program that can actually manage risk ahead of time and achieve real security versus just trying to detect and respond and deflect all the time. I I think it's a great comment. You know, the the one, example that I always love using is if you were to buy a security system for your house, would you like to know, or be alerted when somebody's carrying your sofa out of your house, or would you rather know beforehand when somebody's actually, like, kinda peeking in the windows? And, it's really a complete, shift for for what we do. I love the idea of proactive, and I wanna get a little bit into the best practices, what our listeners can really glean from this report, and what steps should they take. So, you know, based on some of the findings on this report, maybe even going back to some of the other reports that we've done, over the past couple years, obviously organizations are asking, you know, great, what the heck do I do? So what are what are some of the steps, immediate steps that organizations can take to protect themselves? Some of the as Nadir was saying, the easiest step is to actually understand the assets you have. Once you understand the assets, understand the context of those assets. And I like to equate everything back to understand the what the actual business uses of those assets are. Because a lot of times you'll find, you know, you have infrastructure in place that is no longer needed. The business no longer needs it, and it's, you know, created a wide security app for you. So when you understand the business context, it gives you a much better understanding of what you should be protecting. Once you have that context, the next approach is that, you know, find prioritization that actually is based on your world risk, not a guess or some form of an algorithm trying to predict what could potentially happen because the whole goal here is to become proactive in nature. So having those steps and the next, piece I would add to it is a process to manage the eye behind the scenes. Once you understand, you know, you've got x amount of millions of vulnerabilities, you know how to prioritize that with some very good factual information instead of a prediction. How do you run and manage that process in the back end? And having a process to help deduplicate those findings and run that through identifying the correct owners of it, understand the business context of it helps you really figure out what you should be doing about it. And if I add on to that, it's the it's the to look at the problem in a slightly different way. Right? So if we look at a vulnerability today, most people go, oh, okay. Is there compensating controls for this vulnerability? Do I patch or not? And you need to think about the problem in a slightly different way. You need to say, this common weakness, the CWE that's associated with CVE. Right? So for example, is ESX servers. A lot of them are compromised by consoles. Right? It's a URL on a console. So if I put a wife in front of there and only allowed normal URLs to go there, not not funky ones that we haven't seen before, you end up stopping that threat from from that point onwards. And when you look at CVEs today, you can see time and time again, those CVEs are compromised by a new variant. Right? OpenSSL, you know, JBoss. Right? All those are very similar variants. So if you stop that one common weakness, that CWE that comes in, then you stop it from there that point going forward. And that's why we think about taking that proactive stance. Right? Understanding how the threat actor is exploiting that from a from that common weakness and then take away that common weakness. And we've seen this happen right in the cybersecurity industry, you know, many times in the last four or five years. For example, is username and passwords. Every organizations were getting account takeovers, ATOs. Right? Now they added two factor. They added, you know, SMS or authenticator apps. And now because of smishing SMS phishing, they're using, people moving back to authenticator apps like Google Authenticator. So once again, you take that threat away, and then the threat actor has to look at another threat. But look at the problem in a more holistic way to say, how do I stop this now and ongoing? Right? Instead of saying, oh, I'll have a detection for that. That. Yeah. We've always played that game of cat and mouse, and it's amazing how, we're always trying to catch up and maybe even leapfrog, some of the tactics, techniques, and procedures. And and I'd like to really, turn the the discussion over to something we're all hearing about, and some of it, is is very sensationalist. But I I wanted to get your feeling. Obviously, there's a lot more about AI, artificial intelligence and machine learning that is being put into security stuff, and helping us to try and stop bad things from happening. I'm curious, what's your thought process? What do you think is the role that AI should play in terms of launching and defending against cyberware warfare attacks? I I think, I'll let, in a second, the the real experts here, speak to that. But I I do wanna say at kind of a broad stroke, the kinda way, at least, at a macro level, kinda completely zoom out. This looks like, playing out in the not just cyber warfare, but in role in offense and defense and cybersecurity. I think, first and foremost, we need to understand that the defense side is lagging compared to offense in use of AI. Hands down, this is always tends to be the case, but in the case of AI, that difference, is sadly significant. I think that, offense side is realizing just how, important and game changing this tool is in both scale as well as, the ability to create very sophisticated multilayered attacks, the likes of which Andrew started kinda touching on. Attacking both the human element as well as, the kind of physical or technological element at the same time, doing all kinds of things like, for instance, rattling the fence on one side, but then sending a well timed, kind of like multi factor authentication request or something to a professional that knows they're supposed to get that exact type of, alert at that time. These are all things that are far from science fiction at this point. They're very factual. Now the good news in this is I think that the defense side of things is waking up to it. It's difficult. It takes time. But the biggest advantage that a defense AI have compared to an offense AI is a home court advantage if the data is there. If the whole court advantage is that the defensive AI knows everything there is to know about all the ins and outs to that, figurative house that we talked about before, if it knows all of the asset landscape, if it understands the connections, the relate, the attack path, the vulnerabilities, all of these things, it can very successfully, defend against external threats because it knows that environment way better than any kind of offensive external AI. But we're not there. And I think that while Armus is very much, leading the charge, in that front, there's still a ways to go from where some of the threat landscape is. Yeah. I I I everything you say, Nadia, hundred percent. Right? So I'm I'm head of Armus Labs here at Armus and nicknamed the AI guy. And the good thing is we also reproduced a report on all the different AI attacks from China. It's you know, it takes 17 different attacks for AI. But as Nadir said, you know, AI like, it's the same as Internet. In the Internet security, when Intech came out, it was like two or three years to catch up. Right? So we're seeing that with AI. Right? AI is moving so quickly that it's hard in the in the current, world to defend as much as we can. So AI has been using all parts of attack. They've said understanding you, your social media, through to your environment, through to creating attacks, through automating living off the land, through to automating new vulnerabilities, through to working out the best plan of action and objectives for the threat actors. Nadir said the one, hey. Do this attack to set make people go this way. Why are you going that way? Right? And deception. In the future, it's it's gonna be AI versus AI. Right? And and as Nadir said, the best chance is understanding your environment. And I see this in a bigger world that with Armus customers that we get a bigger view of all the world of AI, and that comes together and can make better decisions for all all our companies, all the companies under the AI shield. Right? And that's what that's what Armus is focusing on on from a from a proactive defense point, in the AI world. Right? And when we talk about AI, you know, there's it's it's gonna get a lot worse before it gets better. Right? In the in the early days of Internet, we had really insecure protocols for SSL and those sort of things. Right? In AI, they're bringing out a thing called MCP, which is fantastic for value. Every AI agent can talk to other agents over a protocol, but you don't know, you know, really where you're talking to these MCP servers, and it's gonna be a security disaster in the short time. People will compromise that and compromise all organizations that are part of that and they don't know. Right? So so what we're looking at here at Armis and other parts to say, hey. What's the right way where organizations should help and do that as well? Right? So so but, yeah, AI it's gonna be an AI versus AI race. And as Nadir said, if you understand your risk and your threat landscape and what you have and take proactive measures, you're gonna be in a in a great position compared to us. Michael, you're you're involved in this every day in the real technical nuts and bolts of this. I'd love to get, your impressions and feelings about what you're seeing from an AI perspective, both from the threat actor perspective as well as from the security perspective. Michael Michael is holding one AI kind of a choke hold here, punching another AI, through it. That's how I'm imagining it. Yes. It's it's interesting. I just, helped a, a think tank that does a lot of work for the intelligence field, and a question arose from, our the clients on that side of things is, what was the skill set needed for an individual using AI to reach the capability of a nation state actor. Take a specific organization at a specific, agency and it needs a clear country and format those levels. And we were able to identify the tools that's needed. Are they open source? Would they need to be developed themselves? And what we actually realized is the tool sets are open source if available. You can use stolen credentials to gain access to some really high high speed computational, cloud computing that to be able to perform this. And if you have someone who is has a basic understanding of assembly and basic understanding of some of the operating system commands that would be needed and, a little bit of a, you know, someone who maybe have might have one or not one, but achieved offensive security cert would be able to perform in an agency state level at where they were three years ago. And so Right. The opposite of this side of things is what would it take for someone for us to defend against something like this using AI and understanding the right questions to ask. What Andrew like to say is you have to really understand the right types of questions to ask your AI system. And understanding that from a defender's perspective, we were able to identify, and how to mature an organization against AI driven type of attack using an AI, using the right types of questions, identify what your gaps truly are, the right type of data. We're able to identify where you could take a typical security operations that has a hundred plus people and go down to possibly four to five at that point with the AI in the right spots, using it the right way, and using asking the right questions even if you don't have all the proper tools in place. So it was a interesting program that we went through on that piece, but to ask what, you know, what are the attackers doing? They're becoming extremely innovative. They, you know, we we're seeing some, you know, LMS designed for ways that even I step back and go, okay. This is actually kinda scary and not much scares me on this side of things. So it's it's one of the the things I saw a product you're talking about recently where they love the fact that OpenAI is gonna remember everything that you do. Great. Perfect. Now let's let's compromise their account and ask the AI questions about that individual to be able to extract more information than their wife or, you know, husband would even potentially know about that. So that was, an interesting thing to see these threat actors say, hey. This is a great way to actually understand our targets and who they really are. Yeah. We really see the personification of, that old good old movie minority port report coming to life more and more. But in terms of, you know, looking to the future, you know, in terms of future outlook, you you all study this, you all see and talk to all kinds of folks. I'm curious, what technology or or innovations are most crucial to combating cyber warfare as we move forward? What do you think, is is promising? I I I think there's using AI, there's gonna be a few really key things, especially in the back end technology. It's it's the agent to agent. It is properly using MCP servers. It's gonna really help us gain the left on that side of things. When newer models come out that are more smaller and more refined, allow us to operate those at a more cost effective measure is gonna be a huge benefit for us. So that's that's the basis I see, you know, going forward. And then once you get that process down, you know, as Nadir was saying, utilizing the the technologies we have, especially at Armis, to actually understand the context of your environment, what you have, you know, what you don't have, what you possibly even need is gonna be next big steps too. I would add, I would add that one of the things that is a prerequisite, in my opinion, to combat AI and to really uplevel, everything we're talking about, including the proactive risk side, is to embrace an element of automation and, embrace ability to do enforcement and mitigation in a more human free workflow. This is a really tough pill to swallow, you know, in the twenty five years that this industry, has, pretty much existed. Well, actually, coming on 30, I'm dating myself here, in in the in the real sense. I think that the notion of system that automatically enforces or blocks is something that's still extremely rare in its organizations. We are so scared, and maybe for right reasons, but we're so scared to let a system decide, that something could be blocked, that something needs to be pushed out. We almost always, default to having an alert and then a human respond to something. That is a weak point in this current situation we're describing. And, trust automation, we need to have good data. We need to have good decision making. But we also need to get over that hump and realize that sometimes, stuff is gonna break. Sometimes we're gonna block the wrong person. Sometimes we're gonna do something that we shouldn't do. But, trade off there is that to combat something of the scale, speed, and intelligence of AI or an artificial attack system like that requires getting over that and being able to embrace that as part of your defense mechanism and mitigation mechanism. Excellent. Yeah. I think that's that's a great point because if you can never automate it, if you see it and don't take action, right, you don't protect anything. It's the same as knowing abundantly to exist and don't patch it, and then you're still vulnerable and get compromised. Right? So so I think, you know, today, you know, we're we're we're in the golden age of AI. Right? And the the parts of that is that, you know, it's getting, you know, this is this is this exponential path. Right? So my thing there is AI is gonna move faster than we think it's going to. Right? So for example is before we had to build models that had tens of millions of rows to move a little white enough for it to do something. Right? Now now we can build a model on the fly with 10,000 entries to have the equal reasoning of OpenAI o one. Right? So that means we're gonna create thousands of models that are gonna work we're gonna work together to understand different parts of organizations' business, different parts of network, different parts of devices. And that will be far superior than we've ever done before with machine learning and deep learning and all that sort of area. So we're gonna make all those things happen, and that's gonna be in a great position. But if we can't, as Nadia said, if we can't automate that, we can actually take that last that last hop to do the protection, then you're not gonna be in a great position. The other part there is we're seeing from an AI compromise point of view, I'll I'll I'll I'm expecting to see OpenAI and others put a bigger defense for their security. Because like I saw, you know, the other week, I saw that OpenAI was gonna make a social network with 800,000,000 users. And think of someone compromising that with 800,000,000 users, like Michael said, all that context. And then, you know, without the secure MCP, I'm gonna see from a technology point of view. I'm gonna I will have to see you know, I'm looking forward to seeing a MCP company that comes out with, formal based methods that understands intention and makes sure that you're protected against that because that's gonna be easy way to compromise. Because whether whether they like it or not, nearly every product out there today is using AI, and you don't know what's using AI. Right? So so every product's using the back end, and that's the sort of one that people don't see that, hey. I've got Atlassian in the back end, and it's doing all this AI. I don't know what it's doing. Right? But you're still going to Atlassian. And, you know, it's confidence makes sense. Other parts make sense, summarization. But then how are those hops and those things done? And once people for that, this work out that way and how they're doing not not secure, then we're gonna see other ways compromised. So so it's definitely gonna be an interesting road ahead. But, yeah, as as Nadir said, if we if organizations take a earlier path, not just automation, but start working together to say, hey. I see this. You see this. You know? And sharing that information and becoming a bigger protection space. And that's a great thing we're armed with our customers today. You know? We're seeing 6,000,000,000 devices today. And that visibility that you have, the more visibility you have, the better your AI can be and and protect against those things. So we're we're almost at time, but I'd be remiss in not asking this question with the brain trust that's on this call. You know, we're five years down the road, which is about, like, seven Internet lifetimes or something like that. What are your predictions for cyber warfare five years down the road? And we won't hold you to it. I think that, kinda deriving really from first principles of some of the things we mentioned here, I think it's, pretty clear to me that it's gonna get, worse before it gets better. I think that, the main thing is that despite it all, you're still underestimating just how compromised systems are and how difficult it would be to wage cyber warfare against a a a world superpower currently, what the effect of that would be when something like that is actually unleashed. So not to sound too ominous, but my my personal prediction is gonna get worse before it gets better if there is a true geopolitical conflict that starts with me, to, who Kubernetes. The second thing, in in my opinion, is that we will start seeing players in this space that we have ever seen before because AI will lower the bar of entry to nation states of the world. There are countries out there that probably most folks can't position on a map who might slowly pop up, on our radar, and that's a prediction I'm willing to be held to. Some country is suddenly gonna become much more powerful than it should punch way above their weight, because AI lowers the bar significantly on what the expertise needed to wage, a successful attack out there. And, general, I think that eventually, things will curve back and technology, will be used in a way that would, beneficially and kind of effectively protect. But it's gonna get I believe before it gets Michael, Andrew, same question to you. I agree. Yeah. I we I'm I I you know, to add to the deer, I I've seen two countries out of Africa that have been quite surprising over the past six months of the stuff coming out of there. You know, the Nigerian scams have gotten, no longer as important to them anymore. We're, you know, trying to figure out how to do ransomware and, you know, Bitcoin. That's so it's actually quite impressive some of the, areas I'm seeing. I I I I agree that we're gonna see a lot worse before it gets better. I do think that we are gonna have a bit of a standpoint from nation state to nation state where we're gonna have a bit of a well, you know, would be akin to the old eighties and nineties, mutated shared destruction. You know? If you take a look at the report that came out last week where trying to pretty much admit it to US Officials, underhandedly that, yeah, we're responsible for, you know, these attacks on your talk communication. And if you look at the responses, quite telling is, like, well, you're supposed to do hands off on anything that's impacting the citizens, and you didn't do that. And then you look at, where China came out this past week where they said, well, look, these three NSA people supposedly did some stuff against our people instead of the actual what should be designated as our target statement towards each other. But you throw into the mix where you have individuals who are quite capable and, using AI, it's gonna throw some chaos into that. You know, that's it's make predictions really hard from that standpoint, and it's something that, nation states actually are aware of. I am you know, I'm partnering with a a nation state out of Southeast Asia that are looking at the individuals and mapping them out who they've been certain to identify, who have no allegiance to any country. They're not pro prolific, you know, malware writers, but they are capable and are now starting to use AI to leverage their capabilities. And so it's it's becoming quite a big concern for a lot of countries now. Yeah. And I add to to Michael. I was gonna use a four one nine scam as an example. Instead of them going after the the, you know, the prince's needs 14 millions transferred, they go straight for the bank and get the transfer. Right? Like, there's the AI systems now and just just let me put it in this perspective. You know, like, SWIFT protocol is not known by everyone. Right? And some SWIFT documents are sort of secret documents and that stuff. But there's enough SWIFT documents that that AI knows that I can get the SWIFT API. I can do that. I can do transaction. And they say, oh, it used they most banks use IntelliSelect. These ones don't because I look at their customers. The the threat act looks to the customers. It doesn't do that proper reconciliation. They then go through the path, work out the path into the bank, and then do that transaction, you know, on a hundred and 50,000,000. Right? So so that could be that stuff could be real because people put, confidential documents up in a up, and they get part of a training set, and they have that. And it's easy to work out where to get that document, go to find it. Right? And with all the deep research tools today, you can find all the things you couldn't find before. Right? So so, the the older days was you didn't have the knowledge of that. The current days are give me the knowledge and tell me what to do, right, and automate that. And that's that's a huge difference of what a threat actor, a person, you know, that that was doing the four one nine scams to now do something on taking on a big bank. Right? So so that's the reality. Lots of scary stuff out there and stuff that we should be very aware of going forward. Yeah. With that, we're out of time, but I would love to just, state again that we have this great new 2025 serverware report. There's just so much information in it. If you go to the armist.com website, you can download it, free of charge. We want people to be armed. We want people to, be aware. And most importantly, we want, the security community to collaborate together because once we collaborate together, we raise the tide of the security community. So with that, I'd like to thank, my panel for joining today, Nadir Israel, Andrew Greeley, Michael Freeman. Thanks for joining. Always learn so much from you guys. Appreciate the time and appreciate our listeners as well. Looking forward to seeing you on a future webcast. Thank you so much for joining.