Data Weaponization: How Cyber Attacks Impact the Vulnerable

Welcome to the ⁠Data Security Decoded⁠ podcast by Rubrik Zero Labs. In this episode, our host ⁠Caleb Tolin⁠ speaks with ⁠Pavlina Pavlova⁠, a researcher and cybersecurity advocate focusing on data weaponization and its disproportionate impact on vulnerable populations. Pavlina defines data weaponization as using data to manipulate, deceive, coerce, or attack someone to inflict harm. Her research investigates why cyber attacks and their impacts often have gendered dimensions, with certain populations experiencing more severe consequences. The conversation explores how attacks on critical infrastructure, particularly healthcare, create immediate impacts. While cyber attacks aren't becoming more sophisticated, they're growing more vicious. Ransomware attacks against healthcare facilities disproportionately affect women, who often serve as caregivers and rely more heavily on healthcare services. Pavlina examines the geopolitical dimensions of cybercrime, noting how certain nations harbor cybercriminals aligned with their foreign policy goals. These sanctuary jurisdictions make accountability difficult and contribute to attacks aimed at disrupting societal resilience. Join Caleb and Pavlina as they discuss policy frameworks addressing gender dimensions of data weaponization, explore international cooperation efforts, and share practical advice for under-resourced organizations to improve their cyber resilience despite limited funding. They also examine the critical role of responsible data collection and the importance of donors specifically allocating cybersecurity funding when supporting vulnerable organizations. Episode Highlights: [01:02] Defining Data Weaponization [04:11] Critical Infrastructure Targeting [09:29] Geopolitical Dimensions of Cybercrime [13:24] Policy Frameworks and International Cooperation [19:31] Resources for Under-resourced Organizations Episode Resources: Caleb Tolin on LinkedIn Pavlina Pavlova on LinkedIn New America report by Pavlina Pavlova Cyber Peace Institute United Nations Cybercrime Convention