Hackers | 3


Do you? Remember, the movie hackers? It first came out in nineteen ninety-five and back, then the internet was still pretty unfamiliar, which is partly why movie buffs. Consider hackers to be ahead of its time. The godfather of Jarrah inspiring other movies and TV shows that explore this dark underworld of hackers and cyber warfare in the need the world. Is the world. They inhabit the movie stars young Angelina Jolie and Jonny Lee Miller, and it opens with millers character a teenager named Dade sparking a financial crisis from his bedroom by hacking and crashing fifteen hundred computers on Wall Street over the course of the film Dade and his friends also hack an oil company and a TV station. I'm taking over a TV network. And they end up in a cyber battle with the movie's villain of fellow hacker. Who's created this virus to capsize a bunch of oil tankers? Now, I'd never actually seen the movie myself. But Alexander far sky suggested I check it out. Thought the Bosnian raised. I met Alexander Moscow told me that many aspects of the movie are actually pretty realistic. And in fact, the film hackers was partly what inspired him to become one. This. Our just for fun. And at first it was just for fun to prove yourself to your friends in the hacking scene. Say about bellator the political game started in the cyber world entered a dangerous time. I'm Jeff simple. The Europe bureau chief for global news. And this is Russia rising on this episode will visit the frontlines of growing cyber war where hackers from Russia, Iran, China and other countries are now battling for everything from the password to your online Bank account to control of your cities hydro grid. Consumer report shows found millions of smart TV's from major manufacturers can be controlled by hackers. We've all heard the scary headlines. A new sixty minutes report reveals that may be much easier to hack into a personal cell phone than you might think. And that's not all there are a couple of hackers who've even been able to take over a car remotely while it's driving down the highway, but how concerned should we really be? What do we need to know to protect ourselves online? And why is it that we so often hear headlines and warnings about hackers? Specifically from Russia. US officials tell C N N the Russian hacks continue around the clock. Well, who better to ask than a guy who used to be one? Thank you. Alexander VAR sky is well known in Russia's hacking seen or at least he used to be. He's now retired. He says he agreed to meet me at his Moscow apartment and somewhat almonds. -ly? He told me to bring my laptop. So he could quote show me something. But before the demonstration, we sit down for an interview. Please. My name is Alexander and. Haikus nickname and see as she for the twenty two years. Why did you start doing? Needs to be as it was inevitable computer of Cyprus key. My parents ran a business importing and selling computers. And as a result, I was able to get online before nineteen ninety-five much earlier than my peers Alexander grew up in the ninety s and like a lot of Russians his cyber skills are rooted in history. Science and technology were hugely important to the Soviet Union. Dating back to the days of Lenin a century ago. Joseph Stalin launched poly Technic schools to train military engineers, then came the Cold War with the arms race and the space race man had his first great success in space. Russia's push demand across but after the Soviet Union collapsed, unemployment soared a recession worse than the great depression in the United States meant the jobs for workers with those prized technical skills were suddenly in short supply back. Then Alexander was a bright tech savvy kid. Times were tough says, but this was music to his ears. Us when computers I arrived. They offered a kind of freedom in those hard times for Alexander generation, the internet provided an escape a lifeline and before long a way to make money both legally and legally he says he met a group of friends online, and they used to hack companies for fun on Seca. Geico fifteen it's cool to hack into Microsoft or Vodafone and say, hi using your code. Learned computer programs and codes. And if they were codes with restrictions the challenge was to find a way to crack. Those restrictions. Just for fun. And at first it was just for fun because I to prove yourself to your friends in the hacker scene. But boom. Preserve, the then the internet became a marketplace. But we ever you could buy and sell things views them web money starting around two thousand two thousand three's Cup. A lot of us were pretty experienced some corporations and some of my friends went to work for corporation. That's on cyber security firms, though, threaten others hoops laid dark side on the Dirk side and the dark side of the cyber world can include using the internet to steal both money and personal information. So Alexander asks to borrow my laptop and shows he hasn't lost his, touch, and you can see here web chart for anonymous. He opens a chat forum from the famous hacktivists group anonymous and he pulls up an archive of chat from twenty sixteen oppressively anthem of anonymous members calling for cyber attacks on Hillary Clinton's presidential campaign. This is on this Friday morning. That hacker collective known as an honest anonymous did launch cyber. Attacks on both Clinton and Donald Trump's presidential campaigns. They have hacked into Donald Trump's personal information. They listed on line. One of his cell phone numbers social security number. Now. Those anonymous cyber attacks didn't really amount to much some of Trump's personal information was leaked and a pro Clinton campaign website was shut down. But the biggest cyber attack of that presidential campaign Russia, if you're listening was still to come. I hope you're able to find the thirty thousand emails that are missing this just into Russian hacker is managed to infiltrate the computer network at the Democratic National Committee, the cyber attack on the server of the DNC and Hillary Clinton's emails tops, a long list of recent high profile cyber attacks blamed on Russian hackers now the Kremlin has denied any involvement. But. In twenty nine page indictment submitted in the summer of twenty eighteen the US department of Justice detailed how Russian intelligence officers allegedly implanted hundreds of malware files on the Democrats computer systems to steal information. Well, another US indictment that fall accused Russian agents of hacking anti-doping agencies, including in Canada, Russian intelligence officers are also accused of launching cyber plots in the Netherlands against the world's chemical weapons watchdog more than twenty of the FBI's most wanted cybercriminals are from Russia. The most of any nationality followed closely by Iran, certainly Russian-speaking, cybercriminals are very talented group of people. That's Canadian nNcholas Palmer. He lives in Moscow and his day job is hunting Russian hacker. There's we cover many mainly financially. Motivated attack groups mainly Russian-speaking groups Palmer is originally from Nova Scotia and is now the director of international business at group IB a private cybersecurity firm based in Russia. Palmer has spent his career preventing and responding to cyber attacks on internet users and businesses around the world, but he says Russian cybercriminals represent his greatest challenge. We've seen them, you know, very easily enter Vang networks move laterally to different sensitive systems within the banks and conduct very highly skilled attacks against theoretically. Well, protected networks Plummer gives me a tour of his company's office. There are rows of computers with mostly young adults in their twenties and thirties furiously typing and clicking away. So actually, you're standing in our cert room. So this is our. Computer, emergency response team on the far wall. There's a large projector screen dubbed, the I which shows cyber attacks happening in real time. It's basically a collection of web pages. Many of them fakes trying to get users to click on a link or enter their personal information. And I noticed one website on the screen that looks familiar whether we looking at right here. So this is actually a fishing page. So it's a page trying to make people believe it's a Royal Bank of Canada page, and actually it's a page that suburb criminals developed try and steal the username password for Royal Bank of Canada customers. Palmer says the Canadians are sent emails that look like they're from the Bank. But instead contain this fake but convincing our BC website and others like it, which problem to enter their online banking password. And unfortunately, detect thousands of these that are hosted in Russia. In the Ukraine or other such countries and this team here. Search be actually works to take down these pages. So that Canadian customers don't lose their credentials and money cybercrime costs the Canadian economy nearly five billion dollars a year, including ransoms that are paid by ordinary Canadians to cybercriminals often in exchange for their stolen personal information. If you look at the the tools that are developed and used by different offensive groups that are trying to do so for for evil. If you will a lot of them are developed by Russian speaking individuals. I've actually thought about this a lot, you know, why is it that the Russian speaking cybercriminals is is so much more talented. You know, I think it probably goes back to the history of of Soviet Union and really investing a lot into, you know, the education of the individuals here, especially within the engineering space, and there's. Like, I said a lot of very talented people within the programming space. And unfortunately, sometimes there there's not always enough viably economic positions legal economic positions that they they can acquire here in Russia. So unfortunately, young individuals that have high programming skills with no job opportunities may choose the path of of quick success for for dollars. But unlike the painful post Soviet years these days Russia's unemployment rate is that historic lows and the IT industry actually has shortage of specialists Palmer's company works with local universities to try and recruit taxamnesty Russian youth to show them that there's a lot of really cool opportunities within the security space to to do and use your skills for good. And he also works to educate regular internet users who he says often seriously underestimate the potential for cyber attacks. Being cyber vigilant is incredibly important working in this industry has taught me to always be. Concerned about what I'm putting online where I'm putting it. What types of passwords? Do I use to use the same password on more than one site? You know, where do I store this information? How's it getting out there, you know, Canadian should be should be vigilant about what they do, you know when they access their their Bank accounts. Ensure that it's as GPS, you know, understanding if it's legitimate webpage or or not, you know, potentially a fishing page trying steal banking credentials using him in password. You know, understanding these types of things can can ensure that their information doesn't get doesn't get taken and used for for malicious purposes and financial cybercrime is only part of that question. Hi, Jeff to get a sense of the bigger picture. I connected via Skype with Mortiz Callan or cabbie for short. He's a leading expert in cybersecurity whose advised the Canadian government among many others on how to protect against cyber attacks. When we talk about the threats that are facing Canadians in the cyber world. What generally do you see as being the biggest one one of the things that we need to dive into just before we go into the question of what the biggest threat is kinda define what the cyber threat. Looks like cabbie divides, those cyber threats into three key categories or BA three buckets as he likes to call them. The reason that I'd like to do that is then the threats to whether that to everyday Canadians, whether they're to businesses whether the government they are they kind of shake out of the three buckets cyberthreat bucket number one is cyber theft. Hairless go get the money instead of an old fashioned Bank heist. The are now using key strokes instead of guns to steal money. Like, we just discussed with nNcholas Palmer and to steal personal data intellectual property even state secrets remember the time. The US government was busted for ease dropping on its allies documents leaked by Edward Snowden show that the NSA may have been spying on Chancellor Angela Merkel. The Canadian government has also been attacked by cyber thieves the government's largest research organization. The National Research Council was hacked back in twenty fourteen and had some of its works stolen, allegedly by the Chinese costing Ottawa hundreds of millions of dollars. There are a number of nation states, which interested in what we do secrets that. We have the information around our economy, those sorts of areas cabbies cyberthreat bucket number two is this information like. Those Russian internet trolls accused of meddling in election campaigns, for example, some referred to it as fake news. But the use of a variety of digital channels particularly social media to if you like poison democratic system opposing some of the conversations and drive wedges in society and cabbies third and final cyberthreat bucket is probably the scariest one cyber warfare. It involves the kind of doomsday scenarios, we often seed dramatized in Hollywood movies. I'm doing America favor. Like die hard four, for example, where hackers try to shut down America's entire computer infrastructure. Just issued a critical the entire network down. Crashing just hit the entire financial sector. Now. Obviously, we haven't seen anything on that scale, which is fortunate since Bruce Willis isn't as young as he used to be but these cyber warfare attacks do happen. The damage is very real and one recent example, sent a chill around the world the life went out for hundreds of thousands of people right before Christmas, a cyber attack on the power grid in Ukraine caused widespread. Blackouts Russia appears to figured out how to crash power grid. With a click cabbie says that attack traced back to computers in Russia was a wakeup call to officials in Canada. I suddenly know that within the Canadian electric association, for example. This is a group umbrella group represents many of the electric providers in in Canada or the industry as a whole they have very concerned with this area. They have cyber security operating groups many of those involved in power and utilities do take the cybersecurity threats seriously. So they do take meshes, and they try to put these measures in place to prevent those sorts of scenarios from volving, but the biggest cyber attack of them all went far beyond a single country. I major so called ransomware attack is underway worldwide. The wannacry virus was a ransomware cyber attack in twenty seventeen that infected and shutdown hundreds of thousands of computers across one hundred and fifty countries security experts say this is one of the worst and most widespread pieces of now where they've ever seen causing billions of dollars in damage knocking banks oil companies, even hospitals. Fourth in hospitals across the UK to turn away patients American Canadian and British authorities blamed North Korea for that one a cry cyber attack, but perhaps the most important detail of that story, isn't who was responsible or even the extent of the damage. It's that the biggest ransomware attack in history started with a single Email. It arrived on a Friday morning in the inbox of some unsuspecting computer user somewhere in Europe. The Email contained an attachment a compressed zip file and in a split-second decision. They opened it. I will say this. The biggest problem with cyber security is the fact that we've got, you know, big firewalls and everything in place in those get breached all the time even with those in place what they rely on if someone cl-. Picking someone clicking a link someone actually bringing the payload in someone actually letting them get into the system of all the cyber attacks reported last year more than ninety percent were avoidable the wannacry virus like the cyber attack on Hillary Clinton's Email server, and so many others caused widespread damage all because someone received a suspicious, Email and clicked on it. Anyway. So the first thing I would take away from that is we tend to think about of security and the need cybersecurity as by mall firewalls, but Mobilink shiny things in place in we'll be safe. And actual fact the human component of it the social engineering component of it is just as if not more important. I would say that it is far easier to get into a break into a system and inject Melwood. Do whatever else you wish by compromising human be than by direct. Attacking that system. Okay. Spoiler alert at the end of the movie hackers. Remember, the film are Russian friend Alexsandr recommended. There's a massive cyber battle the goodguys Dade and his teenage hacker friends finally defeat the villain preventing him from capsizing, those oil tankers and causing mass destruction. And of course, Dade gets the girl. I can't believe they decided you won guys felt that the only way I'd get a date. But experts say that in the real cyber war, the heroes aren't hackers. But ordinary computer users that it's up to people like you and me to educate ourselves about the risks online. And to think before you click. For curious cast and global news. This is Russia rising an investigative series from me Jeff simple to unravel the mystery of today's Russia if you liked what you heard you can help spread the word by rating reviewing end subscribing for free now at apple podcasts. Spotify Google podcasts and every other act where you get your streaming audio. We can also be found a curious cast dot CA next time will investigate the case of Sergei scribble. The former Russian spy who was poisoned with a deadly nerve agent in Salisbury England. This girl or near Russian secret. I would never do that with a personal authors ation from Putin man, where they just berate in in very very unprofessional way. And we see it everywhere. The British government was quick to accuse the Kremlin and a slew of western countries, including Canada responded with sanctions and by kicking out. Russian diplomats will cut out the noise and examined the evidence, including what it reveals about Russia's secret intelligence operations. That's next time on Russia rising. If you have a question or want to know more follow me on Twitter at Jeff simple GM or Email me at Russia rising at curious cast dot CA and be sure to check out the show notes. For more information about what you heard today. Russia rising. Written and hosted by me, Jeff simple deliver. As is our story producer and sound design is by rob Johnston. Thanks for listening and join us next time for Russia rising.

Coming up next