A highlight from Episode 267: Cyberattacks and our National Security

Newt's World


Who really underestimate the amount of criminal involvement in cyber because many companies. Just pay them off and stay quiet because they don't want the publicity that they can be penetrated is impression that there's probably actually more cybercrime than we know about because as a substantial pattern of not reporting if you have the ability to get onto a network whether it's a corporate backbone whether data or power grid to steal information you have the ability to cause damage so it's just a matter of intent to change from ceiling to destruction. I can take you all the way back to two thousand and four when i was investigating the intrusions around joint strike fighter which is the largest contract history of dod thousands of subcontractors it's being targeted all over the place and at that time there was no requirement for defense contractors to report to the government set their unclassified networks where compromise and so we had to change policy and federal acquisition requirements. And all kinds of things and that kind of shift hasn't happened in the rest of the sectors in america so the financial sector and those type of things not gonna have the same type of reporting requirements and i am personally familiar with a number of cases where corporations have been hit with. Ransomware have paid. The ransom have brought in professional cyber security firms to negotiate with the bad guys and pay it and then move on as if nothing has happened. Some of these are substantial ransoms. And so there's definitely no motivation for the bad guys to stop. American society is completely unaware. Just how bad the criminal elements are taking a lot of money from people if you had to guess what percent of this is criminal. Let percents government percent of his individuals jerking around as a hobby. There are different types of things happen when you see ransomware that's happening in organizations being blackmailed without going in there on creek all of their servers and basically you have to pay a bunch of bitcoin. Get your stuff done. That is in most part criminal enterprise but it can also brand in two state-sponsored enterprise. The north koreans are kind of considered for doing this to try to increase in revenue because of all the sanctions. I would suggest that any of the targeting. Us intellectual property. That's been happening over the last. You know five. Six seven years to the tune of some government reporting three hundred billion dollars a year loss of intellectual property that when you're going after a lockheed martin or northrop grumman or caterpillar. Those require substantial capability to defeat those organizations that is state sponsored. The criminals stuff is going after your money and the blackmail and then your individual in the basement can kinda weave in between there. There was a report of a teenager to compromise the director. Ci's home account that does happen. You do get some activist. Groups anonymous will do some things. Those maybe kind of politically motivated. And they're doing it more to you know. Put a message up on a website. Those types of things most of the lower level script kiddie if you will Defacing websites and that type of thing. The criminal enterprises are getting in and trying to go after money and doing blackmail and state sponsor organizations are stealing our trade secrets and in positioning themselves from an order of battle perspective to have that strategic surprise so knock out the lights. Can they shut down the faa. Can they hurt nasdaq and they do things that would cause a lot of turmoil for us. That's the way. I would kind of outline a cheering thing. So that in a sense this is the new cyber mafia and represents a totally different set of skills and a much higher profit margin then. The traditional crimes agree ten years ago. The moneymaker on the cyber side was you would still data. And then you've got to go find an information broker to sell the data to or you would create the actual exploits and sell those so a zero day right now can get you about a million dollars a good one like if you can get through windows or get on an iphone or something like that but if you're going to go hit a corporation and you're gonna hit in for for five million dollars in bitcoin and you can use that same tool that you use against him and hit five more companies and now you're at twenty five million dollars of somewhat untraceable way. This is being done because it goes through. Multiple iterations of different crypto currency providers and whatnot. It's a challenge for law enforcement. There have been the united states municipal city and state police departments that themselves have been hit with ransomware and paid the ransom. It's part of kind of cyber hygiene issue on our side but we're not backing things up as much as we should were not really preparing our communities and our organizations for the threat and then it's very very difficult once you've been hit with that stuff to get your data on locked. The interesting thing about this is for the most part the criminals. There is some honor there like once you do pay do get your stuff back very rarely does it. Not work out that way. Because within that criminal subculture if you get a reputation for not following through with releasing the holdings then they would expect that. They wouldn't be paid in the future. So they want to keep that faucet on by honoring. The bounty sony produced a movie that made fun of kim jong un and they promptly had a cyber attack on sony. I think everybody agrees was the koreans. But it's really hard to track down improve. It's the koreans. It is now one of the problems you can have these attacks and really not know precisely where they're coming for is definitely one of the challenges to some degree. There are elements with the intelligence community. That have better visibility and understanding than others and in some cases it's still on The other challenge with this if you're utilizing criminal elements or you're supporting them. Then you kinda give yourself that plausible deniability whether it's the russians the chinese for the or the trans or the iranians. If you can cause that doubt that distance between the actual organize wearing a uniform group you had an i think most people in the community would agree are still under the controller. Supported by the government is an issue but even more so from a political perspective. What happens when you actually do attributed to russian government of the chinese government or the north koreans the ability to dissuade them from doing something like that is also a challenge. Both from the political will to do it. And then what you actually do so. It's a problem across multiple elements of national response. After you even understand who did it which is still a problem far. Would you go and responding for example in response to sony. Should we have tried to take down the north korean system and even if we had given how little

Coming up next