Beruflich Dokumente
Kultur Dokumente
39
00:03:07,110 --> 00:03:10,590
I the the security team
40
00:03:10,590 --> 00:03:13,680
yes the threat busters
41
00:03:13,680 --> 00:03:18,690
so when i watch the movie at this
weekend
42
00:03:18,690 --> 00:03:24,480
I just reminded me a lot of why infosec
people are like the Ghostbusters so
43
00:03:24,480 --> 00:03:29,940
first I notice that they're super geeky
and nerdy they were in the school
44
00:03:29,940 --> 00:03:34,470
basement trying to figure out if ghosts
really exists and crew they have all
45
00:03:34,470 --> 00:03:41,790
sorts of cool technology just that they
they're working on and they're in the
46
00:03:41,790 --> 00:03:48,780
basement working really hard and infect
people are kind of the same and somewhat
47
00:03:48,780 --> 00:03:55,320
a few things I found online were that
their researchers creating a computer
48
00:03:55,320 --> 00:04:01,320
chips that self-destruct kind of like in
Mission Impossible on there are people
49
00:04:01,320 --> 00:04:08,459
creating ghost towns kind of like honey
- honey honey
50
00:04:09,810 --> 00:04:19,829
it's thank you I was a ghost and it just
was weird that i like that honey pots it
51
00:04:19,829 --> 00:04:21,239
that it
52
00:04:21,238 --> 00:04:31,169
it's designed to create fake fake ghost
towns and it if they kind of go there
53
00:04:31,169 --> 00:04:38,280
it alerts the business that an attack is
it might be underway on and and another
54
00:04:38,280 --> 00:04:39,270
thing
55
00:04:39,270 --> 00:04:45,210
- I don't know if this is possible but
there's a firm that thinks that you
56
00:04:45,210 --> 00:04:51,810
should encrypt everything all the data
and then except you can create certain
57
00:04:51,810 --> 00:04:57,60
attributes to control the decryption and
then set the axis controls
58
00:04:57,690 --> 00:05:03,719
what are some of your responses to just
all the hard work that info SEC people
59
00:05:03,720 --> 00:05:10,560
are doing or any of the new security
things that these researchers have found
60
00:05:11,190 --> 00:05:16,680
well I like the analogy that you know
network security people are like the
61
00:05:16,680 --> 00:05:21,150
ghostbusters III think there's still a
lot of nostalgia for the Ghostbusters
62
00:05:21,150 --> 00:05:24,989
because I came about at a time when
there weren't a lot of like popular
63
00:05:24,990 --> 00:05:31,710
heroes that were into you know like you
said like the technology and science
64
00:05:31,710 --> 00:05:36,60
aspects i would even in the sort of
fantastical way but i remember i can
65
00:05:36,60 --> 00:05:41,789
really clearly identify with them and in
the same way you are doing research into
66
00:05:41,789 --> 00:05:46,800
a lot of these you know areas where it's
difficult to tell like we're threats are
67
00:05:46,800 --> 00:05:49,590
coming from what's causing them
68
00:05:49,590 --> 00:05:54,690
so one of the things I i want to pull
out from what you mentioned was you know
69
00:05:54,690 --> 00:06:00,570
the honey pots the ghost towns of data
or different areas and I think that too
70
00:06:00,570 --> 00:06:05,310
often that's something that's confined
to a research role that
71
00:06:05,310 --> 00:06:08,910
hey you know where a big company we're
going to try to see if we can put out an
72
00:06:08,910 --> 00:06:15,30
unsecured server on the internet and
then see what attacks it but I I think
73
00:06:15,30 --> 00:06:18,479
of a new technique I've seen you in for
some of the ransomware
74
00:06:18,480 --> 00:06:26,370
mitigation is to put out you know I a
file share with a file and if no end
75
00:06:26,370 --> 00:06:32,640
with no one should be changing it hits a
honeypot file and if something does then
76
00:06:32,640 --> 00:06:37,530
oh it looks like we have a problem on
the network and that's a more practical
77
00:06:37,530 --> 00:06:41,159
way of taking some of this theoretical
stuff you know
78
00:06:41,160 --> 00:06:44,430
- - the local sysadmin side of things
79
00:06:44,970 --> 00:06:49,530
so where where my mind goes to meet with
some of those stories is you know with
80
00:06:49,530 --> 00:06:54,90
the self destructing chip the first
thing that I think about is I like the
81
00:06:54,90 --> 00:06:58,619
idea is kind of interesting very sci-fi
Mission Impossible like Cindy mentioned
82
00:06:58,620 --> 00:07:01,740
but what are bad guys going to do with
it
83
00:07:02,430 --> 00:07:07,470
they're just gonna destroy your phone
denial of service attack right there so
84
00:07:07,470 --> 00:07:10,530
its security is always a double-edged
sword
85
00:07:10,530 --> 00:07:19,590
I'm trying to balance accessibility and
security and that that's kind of the the
86
00:07:19,590 --> 00:07:23,909
first thing that I thought about their
and with the encryption i like the idea
87
00:07:23,910 --> 00:07:28,920
of encrypting everything kind of but it
just makes the problem
88
151
00:12:05,400 --> 00:12:08,189
site that you're on or a fake porn site
or something
152
00:12:08,190 --> 00:12:15,240
and so they say oh well if you you know
in install this you know this little
153
00:12:15,240 --> 00:12:18,50
application or take these steps or
154
00:12:18,50 --> 00:12:22,399
you know in return well you know we
won't email this to your boss that you
155
00:12:22,399 --> 00:12:22,820
know
156
00:12:22,820 --> 00:12:27,290
IBM or whatever ooh that sounds scary
157
00:12:28,160 --> 00:12:36,170
you mention one of it just remove the
one before
158
00:12:37,160 --> 00:12:43,579
they're just to not trust them and i
remember a hospital paid the ransom and
159
00:12:43,579 --> 00:12:50,750
then they wanted more money for the rest
of the files so they're not exactly
160
00:12:50,750 --> 00:12:53,990
honorable people and they
161
00:12:53,990 --> 00:13:01,579
it was kind of part of their customer
service in in and just it's a business
162
00:13:02,149 --> 00:13:06,920
ransomware is a business I just wonder
how that conversation went like well the
163
00:13:06,920 --> 00:13:09,199
top half of the chest x-ray
164
00:13:09,200 --> 00:13:12,230
it came back fine but you know if you
really want to get the rest of this done
165
00:13:12,230 --> 00:13:19,220
we need another six bitcoins and I think
it was confirmed and or someone
166
00:13:19,220 --> 00:13:24,200
something was written about how a
ransomware is a HIPAA violation
167
00:13:24,200 --> 00:13:30,950
- so I be worried and concerned for the
hospitals
168
00:13:30,950 --> 00:13:37,640
- so another reason why infosec people
are like the Ghostbusters is because
169
00:13:37,640 --> 00:13:44,899
it's very hard sometimes for people to
take security threats like like ghosts
170
00:13:44,899 --> 00:13:50,839
seriously and in the movie there was a
Ghostbuster who is trying to get tenure
171
00:13:50,839 --> 00:13:55,940
and spoil alert she was caught on video
seeing that ghosts are real
172
00:13:56,959 --> 00:14:05,479
like on YouTube and then she didn't got
that get tenure and so I just it really
173
00:14:05,480 --> 00:14:14,209
i think doing infosec work security work
is very is is very challenging and I
174
00:14:14,209 --> 00:14:17,689
really liked the article that
175
00:14:17,690 --> 00:14:24,890
I think he was the vp of security or C
so and he wrote an article about how he
176
00:14:24,890 --> 00:14:33,350
managed last year's Republican National
Convention and he had a great master
177
00:14:33,350 --> 00:14:36,260
plan from the outside in and inside out
178
00:14:36,260 --> 00:14:42,110
and even if there was a goes he he
probably had a plan for that because he
179
00:14:42,110 --> 00:14:47,420
was planning for the unexpected and and
as you know security people you have to
180
00:14:47,420 --> 00:14:51,79
write be right every single time and the
bad guys only once
181
00:14:51,620 --> 00:14:55,850
what are some common problems you see
that make it hard for people
182
00:14:55,850 --> 00:15:03,50
infosec people to get their jobs done or
just to get an initiative executed
183
00:15:03,50 --> 00:15:08,930
so I i think a great . you brought up
again and probably the Ghostbusters is
184
00:15:08,930 --> 00:15:12,199
people don't believe in things they
can't see
185
00:15:12,200 --> 00:15:16,790
so we often get in a mindset or non
security people get in the mindset light
186
00:15:16,790 --> 00:15:21,800
like we've never had this problem before
so why would we have it now and you know
187
00:15:21,800 --> 00:15:29,660
and and i think that's that's very it
can be very detrimental because the the
188
238
00:19:20,450 --> 00:19:24,440
I think we're getting better at it
though I'm in terms of working with
239
00:19:24,440 --> 00:19:29,540
others because there's this cyber
security alliance where we have
240
00:19:29,540 --> 00:19:35,720
different organizations from like Palo
Alto network and spunk and other
241
00:19:35,720 --> 00:19:39,530
organizations that are working together
and say hey we really need to come
242
00:19:39,530 --> 00:19:45,49
together share what we know in order to
combat the bad guys
243
00:19:45,49 --> 00:19:53,330
so I'm wondering what are some info SEC
people you recommend as following or
244
00:19:53,330 --> 00:19:59,449
checking or a tool that we should check
out so that someone who's kind of like
245
00:19:59,450 --> 00:20:04,850
the underdog really get like the
recognition that they're helping people
246
00:20:04,850 --> 00:20:09,168
before we get there I want to go back to
a point you touched on
247
00:20:09,169 --> 00:20:11,929
so think about the Ghostbusters movies
you know you mentioned that the mayor
248
00:20:11,929 --> 00:20:15,559
finally recognizing that there is the
problem but think about the preceding
249
00:20:15,559 --> 00:20:21,49
seen at least in the original where they
shut off the the grid that held the
250
00:20:21,49 --> 00:20:22,129
coast and containment
251
00:20:22,130 --> 00:20:26,210
it wasn't until you know it blew up and
the ghost started running a muck and
252
00:20:26,210 --> 00:20:29,390
destroying the city that they finally go
wait a minute there is a problem like
253
00:20:29,390 --> 00:20:31,40
this is a real issue
254
00:20:31,40 --> 00:20:35,300
so they think kind of the thing to think
about our I'd like to pose is have we
255
00:20:35,300 --> 00:20:39,559
reached that point in cyber security is
there enough of these incidents in the
256
00:20:39,559 --> 00:20:40,190
news kind
257
00:20:40,190 --> 00:20:43,580
running a muck where someone's gonna go
like we'll wait a minute
258
00:20:43,580 --> 00:20:46,789
like this is real this is something
serious to consider
259
00:20:47,509 --> 00:20:50,600
I don't know if you guys have an opinion
on it
260
00:20:50,600 --> 00:20:55,668
the size of the Twinkie of it and so so
so we're talking about that one big
261
00:20:55,669 --> 00:20:57,710
twinkie can get 20
262
00:20:57,710 --> 00:21:03,620
yeah I what I was gonna say the same
275
00:21:59,419 --> 00:22:03,379
mongering that you are actually serious
about this this isn't a real threat
276
00:22:03,379 --> 00:22:05,959
while simultaneously
277
00:22:05,960 --> 00:22:09,620
you know having all these stories of
like oath thank God we have yourself
278
00:22:09,620 --> 00:22:11,239
with helped us so much
279
00:22:11,240 --> 00:22:17,240
um so I i think the message is not
getting through at least not enough
280
00:22:17,899 --> 00:22:22,459
I think it's getting better and i think
as it gets more popular
281
00:22:23,360 --> 00:22:29,600
I'm in the mainstream that it is that it
gets better because so much of those
282
00:22:29,600 --> 00:22:32,689
decisions aren't driven by the IT group
283
00:22:32,690 --> 00:22:38,600
I think I like I used to do a lot of
work in hospitals they're just run by
284
00:22:38,600 --> 00:22:39,350
the doctors
285
00:22:39,350 --> 00:22:43,189
I mean the you know the head of
radiology says I can't take two more
286
00:22:43,190 --> 00:22:47,000
clicks - to get through something it has
to just be I sit down and immediately it
287
00:22:47,000 --> 00:22:47,879
starts working
288
00:22:47,879 --> 00:22:53,309
and you know I leave and it magically
takes care of everything and you know
289
00:22:53,309 --> 00:23:01,319
that the security of it is not is not a
concern it's the productivity but is as
290
00:23:01,319 --> 00:23:05,639
you know HIPAA has gone about as more
and more security concerns a combat more
291
00:23:05,639 --> 00:23:07,258
and more incidents
292
00:23:07,259 --> 00:23:12,479
there's I i see those things getting
better but still a long way to go
293
00:23:12,479 --> 00:23:18,179
I don't think these I think your point
Mike I think we are starting to see that
294
00:23:18,179 --> 00:23:22,859
change that these you know productivity
is the main concern stopping business
295
00:23:22,859 --> 00:23:24,299
and you know losing money there
296
00:23:24,299 --> 00:23:27,690
but these incidents are starting to
affect that productivity so I think
297
00:23:27,690 --> 00:23:31,229
there's a valid case to make that you
know Francine rock blocks your medical
298
00:23:31,229 --> 00:23:36,719
records it doesn't matter how great your
MRI machine is it doesn't matter i still
299
00:23:36,719 --> 00:23:41,759
can't do what you need to do and I think
they're starting to see that i know i'm
300
313
00:24:51,329 --> 00:24:55,168
like give me that you know 10 million
dollars for my security
314
00:24:55,169 --> 00:24:57,270
I don't think it works that way
315
00:24:57,270 --> 00:25:03,120
she mentioned and she brings up a good
point that financial services
316
00:25:04,200 --> 00:25:10,650
there they come together and they're
drinking and they're socializing look
317
00:25:10,650 --> 00:25:17,70
when it comes to their work and and
because they go out and they hang out
318
00:25:17,70 --> 00:25:19,710
and so maybe we need to hate
319
00:25:19,710 --> 00:25:23,490
well I don't know if CEOs and board
members have time to hang out
320
00:25:24,300 --> 00:25:32,760
so I mean I think there are
organizations and and you know I've been
321
00:25:32,760 --> 00:25:36,510
to some some confidence myself that the
goal is to get the you know the C so C
322
00:25:36,510 --> 00:25:41,940
is the executives together to talk about
these issues and I know
323
00:25:41,940 --> 00:25:47,700
black hat does one I was at last year at
executive kind of briefing think there's
324
00:25:47,700 --> 00:25:51,210
two days where where they brought all
these executives together just to talk
325
00:25:51,210 --> 00:25:54,510
362
00:29:07,809 --> 00:29:09,639
the printer on Tuesdays
363
00:29:09,639 --> 00:29:13,689
it doesn't it doesn't print as often as
fast as it does on mondays
364
00:29:13,690 --> 00:29:16,989
how do you like click this button
because it even comes with like a little
365
00:29:16,989 --> 00:29:19,479
i have an intimate just you can see in
the video
366
00:29:19,479 --> 00:29:23,379
it's got like a little keychain thing to
even just like press it and then with
367
00:29:23,379 --> 00:29:26,379
the text your phone like an emergency
code
368
00:29:26,379 --> 00:29:31,178
just like what oh sorry gotta go get our
emergency so so who you going to call
369
00:29:31,179 --> 00:29:32,229
them Mike
370
00:29:32,229 --> 00:29:36,70
I don't I wouldn't i'm going to call
anyone i press this button to come on
371
00:29:36,70 --> 00:29:45,519
like 20 16 in your snapchat no I'm Carol
too buddy
372
00:29:46,210 --> 00:29:49,899
what's your parting gift Killian
373
00:29:51,219 --> 00:29:58,450
I'm gonna part with some paranoia i was
reading an article it was earlier this
374
00:29:58,450 --> 00:30:04,269
week about the the attackers now they're
400
00:31:42,10 --> 00:31:45,280
doesn't stuff where they try to detect
you know every code update but there's
401
00:31:45,280 --> 00:31:51,399
so much dynamics stuff that's loaded and
it's really difficult or then for npm of
402
00:31:51,400 --> 00:31:54,910
the node package manager where there was
a whole namespace issue or someone took
403
00:31:54,910 --> 00:32:01,30
out a bunch of their packages and it
blew up a bunch of stuff but during the
404
00:32:01,30 --> 00:32:01,780
interim
405
00:32:01,780 --> 00:32:05,260
it was possible that you know someone
could maliciously upload their own
406
00:32:05,260 --> 00:32:08,110
package that had a name of something
that was removed
407
00:32:08,110 --> 00:32:13,780
mhm and could have compromised all those
different sites and things and as we
408
00:32:13,780 --> 00:32:18,639
have larger and larger ecosystems of all
these sorts of tools and I think we'll
409
00:32:18,640 --> 00:32:20,500
see that more and more as a threat
410
00:32:20,500 --> 00:32:22,70
so
411
00:32:22,70 --> 00:32:25,669
it just reminds me of what you said
earlier Michael about customer service
412
00:32:25,670 --> 00:32:27,440
to like
413
00:32:27,440 --> 00:32:31,250
hi let me help you and then
414
00:32:31,250 --> 00:32:36,320
no not really that's a trick or don't
have to work
415
00:32:36,320 --> 00:32:42,290
donate to our charity so we can decrypt
all your all your files help these
416
00:32:42,290 --> 00:32:47,810
people on that makes me think that would
be an awesome attack
417
00:32:47,810 --> 00:32:53,780
so I could I could get a chrome
extension have it request access on all
418
00:32:53,780 --> 00:32:57,470
websites because a lot of the extensions
do that like the ad blocking extensions
419
00:32:57,470 --> 00:33:02,150
and then on banking sites because I
would know the URL of the banking sites
420
00:33:02,150 --> 00:33:05,990
i could have the chrome extension pop up
like a live chat window and be like hi
421
00:33:05,990 --> 00:33:09,260
I'm Mike I'm here to help you today this
is your interactive chat for your
422
00:33:09,260 --> 00:33:14,000
banking just type in your bank number
and your password to me and i will log
423
00:33:14,000 --> 00:33:14,600
you in
424
00:33:14,600 --> 00:33:20,870
would you like to know your balance you
know you're very creative you're giving
425
00:33:20,870 --> 00:33:22,159
them ideas
426
00:33:22,160 --> 00:33:26,900
so you will get our viewership up if we
can get a lot of like malicious horrible
427
00:33:26,900 --> 00:33:34,400
people to cast any anything to get more
than one viewer
428
00:33:35,480 --> 00:33:39,650
we do have more than one viewer it's
just not not live so they can't
429
00:33:40,220 --> 00:33:45,80
after the last show we talked about you
to be less formal so I started wearing
430
00:33:45,80 --> 00:33:48,980
t-shirts instead of like the color
shirts to our podcast recording is
431
00:33:48,980 --> 00:33:53,660
either of its helping if it comes
through in the audio but Killian got a
432
00:33:53,660 --> 00:33:59,570
different memo look at him and his
button-up shirt sure
433
00:33:59,570 --> 00:34:02,899
yeah he does this he and heat
434
00:34:02,900 --> 00:34:07,940
he's so nice he came on the show when
he's not feeling so well and you're so
435
00:34:07,940 --> 00:34:13,520
good with just look like are you okay
Killian when you first signed on my out
436
00:34:13,520 --> 00:34:16,250
that compassionate and nice if you
437
00:34:16,250 --> 00:34:21,949
we might get lucky or to fight you over