Odd Lots

Legendary Hacker Matt Suiche on Cyberwar in the Age of AI

March 12, 2026

Key Takeaways Copied to clipboard!

  • Kinetic warfare, such as drone strikes on data centers, can be more immediately destructive and cost-effective than traditional cyberattacks in a conflict scenario, as demonstrated by recent events in the Middle East. 
  • The proliferation of AI is rapidly lowering the cost of software development, leading to the prediction that data will become the only truly durable and valuable asset in the emerging AI economy. 
  • The security paradigm for AI agents requires built-in safety from the start, as granting agents excessive permissions upfront creates an environment where 'Murphy's Law' dictates that any possible bad outcome will occur. 

Segments

Sponsor Readout: PipeDrive CRM
Copied to clipboard!
(00:00:00)
  • Key Takeaway: PipeDrive offers a simple CRM solution for SMBs centered around a visual sales pipeline dashboard.
  • Summary: Traditional CRMs are often overly complicated with unused features, causing teams to waste time finding basic information. PipeDrive consolidates sales processes and customer data into one clear dashboard to help teams control sales and close deals faster. Users can start with a 30-day free trial without needing a credit card.
Introduction to Cyberwar and AI
Copied to clipboard!
(00:01:00)
  • Key Takeaway: The hosts introduce the episode’s focus on Iran’s cyber capabilities, digital warfare, and AI’s impact on hacking.
  • Summary: The hosts, Stephen Carroll and Caroline Hepke of Bloomberg Daybreak Europe, introduce the context of blurring lines between physical and digital warfare, referencing recent drone strikes and cyberattacks. They set the stage for the main interview concerning Iran’s cyber capabilities and the rapid transformation of hacking due to new AI technology.
Prepper Concerns and Cyber Threats
Copied to clipboard!
(00:02:18)
  • Key Takeaway: Public anxiety regarding potential large-scale cyberattacks on US financial infrastructure, often fueled by geopolitical tensions like those involving Iran, drives interest in physical preparedness.
  • Summary: Hosts Tracy Alloway and Joe Weisenthal discuss the phenomenon of ‘prepper’ tendencies manifesting as concerns over financial infrastructure collapse due to expected Iranian cyberattacks. They pivot to the core topic, noting the relevance of discussing Iran’s cyber skills and the role of AI in modern hacking.
Guest Introduction and Context
Copied to clipboard!
(00:06:00)
  • Key Takeaway: Matt Suiche, founder of OnDB, is introduced as a legendary French hacker with two decades of enterprise cybersecurity experience.
  • Summary: Matt Suiche returns to the podcast, having last appeared four years prior, around the time of Russia’s invasion of Ukraine. His expertise spans enterprise software, cybersecurity, and analysis of major leaks and attacks, making him the ideal guest to discuss cyber espionage and AI’s role in warfare.
Cyber Warfare vs. Kinetic Impact
Copied to clipboard!
(00:07:18)
  • Key Takeaway: In kinetic warfare, cyber operations often revert to intelligence gathering and disruption rather than direct destruction, as physical attacks using cheap drones prove more chaotic.
  • Summary: Suiche notes that when missiles are deployed, cyber elements become less relevant for destruction, serving primarily for intelligence gathering or creating confusion beforehand. He contrasts this with the high impact of inexpensive drones, which can cause more chaos than sophisticated exploits.
Recent Cyber and Kinetic Actions
Copied to clipboard!
(00:10:40)
  • Key Takeaway: Recent cyber operations have focused on creating confusion (e.g., hijacking prayer apps) and reconnaissance (e.g., hacking traffic lights), while kinetic strikes on data centers caused significant, measurable disruption.
  • Summary: Observed actions include Israeli operations like hijacking a prayer app and manipulating traffic lights for reconnaissance, which are not significantly destructive. However, drone strikes on Amazon data centers caused multi-day outages across multiple zones, proving that kinetic attacks on centralized cloud infrastructure are highly effective.
Government Cyber Capability Development
Copied to clipboard!
(00:17:34)
  • Key Takeaway: Governmental cyber capability development remains heavily reliant on exploiting insider vulnerabilities, despite massive investment, while the incorporation of AI into decision-making is the primary new differentiator.
  • Summary: Despite large investments since the Snowden leaks, governments continue to be compromised by insiders selling zero-day exploits, highlighting the importance of internal coercion controls. The main shift in strategy involves integrating AI, though current models like Claude are not yet trusted for fully autonomous decisions due to hallucination risks.
AI in Exploit Development and SaaS
Copied to clipboard!
(00:21:13)
  • Key Takeaway: AI tools are proving effective for bug discovery, particularly in areas like smart contract auditing, but the collapsing cost of software development challenges the traditional security auditing budget model.
  • Summary: AI is being leveraged for bug discovery, with tools like Claude finding vulnerabilities in smart contracts automatically. As the cost of building software approaches zero, it becomes difficult to justify high budgets for post-development security auditing, signaling a market shift.
Defining and Securing AI Agents
Copied to clipboard!
(00:26:21)
  • Key Takeaway: An AI agent is fundamentally a piece of software executing calls in a loop, and its autonomous capability to act is intrinsically linked to its potential for accidental destruction.
  • Summary: An AI agent is defined as code that calls LLMs (like OpenAI) and external tools in a loop to make decisions. The primary security risk is that granting full permissions upfront to these autonomous systems ensures that any potential failure will manifest destructively, mirroring the dual nature of hallucination.
Career Trajectory and Data Value
Copied to clipboard!
(00:30:14)
  • Key Takeaway: Public concern over privacy has waned significantly since the Snowden era, and the future economy will value data as the sole timeless asset as software creation costs approach zero.
  • Summary: Suiche observes that public sentiment has shifted from caring deeply about privacy post-Snowden to a current state where few object to surveillance programs. Because AI is driving software costs down, his company, OnDB, focuses on data infrastructure, anticipating that high-quality, verifiable data will be essential for agentic feedback loops.
Agentic Workflow and Data Access
Copied to clipboard!
(00:35:05)
  • Key Takeaway: The future of agentic workflows requires programmatic, microtransaction-based access to private, high-value data sources (like Bloomberg) to eliminate the friction of manual API key management.
  • Summary: The current need for humans to manually handle API keys and subscriptions interrupts the desired autonomous workflow of agents. The vision is a programmatic API marketplace, potentially using stablecoins, allowing agents to access valuable, private data directly without human intervention, moving beyond simple web searches.
AI Code Quality and Iteration
Copied to clipboard!
(00:40:26)
  • Key Takeaway: AI-generated code quality is generally good and improves significantly when developers provide explicit negative feedback, treating the process as a reward/punishment loop.
  • Summary: Humans are moving toward using natural language (markdown) as the primary programming interface, while machines communicate via encoding protocols that can be reverse-engineered. Being explicit and firm with negative feedback (‘This code is garbage’) yields better results than being merely polite, as it functions as a strong negative reward signal for the model.
Future Monitoring and Asymmetric War
Copied to clipboard!
(00:46:03)
  • Key Takeaway: The most interesting digital development to watch is any connection between current events and leaked data (like the Epstein files), while the rising cost of tokens due to geopolitical disruption threatens the economic viability of AI-driven warfare.
  • Summary: Suiche is watching for digital revelations linking current events to sensitive data, suggesting a connection to the Epstein files. He notes that while AI promises lower inference costs, geopolitical actions that increase the cost of data center components or disrupt energy could raise token costs, creating an asymmetric warfare dynamic where the enemy can simply increase the operational expense of using AI.