Cyber Insecurity: Why You Are The Vulnerability | John LaCour | TEDxCharleston

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

we received a letter like this one maybe from your insurance company or from the government or maybe from a retailer that you do business with telling you that your information has been compromised well there's two types of people in this room those that have been hacked and know it and those that just don't know it yet I know about hackers because I used to be one instead of going to class in college I spent all my time connected to the University Network I taught myself how the internet worked I learned new operating systems I didn't always have permission to access those systems but I was stimulated by intellectual curiosity learning new things seeing if I could rise to the challenge but times have changed now hackers are in it for the money and cybercrime is a huge problem you know there's a big problem when there's an entire magazine dedicated to it anybody here subscribed to data breach today so somebody who reads this apparently cybercrime is expected to cost the global economy over five hundred billion dollars this year so just to put that in perspective if it were a corporation it would have the third largest market cap right behind Apple and Google and guess what it's only getting worse cybercrime is projected to costs two point five trillion dollars a year by 2020 now you may be sitting there thinking that is a ridiculous number can that possibly be true let's look at just one incident last year the US Office of Personnel Management was hacked by nation-state hackers that were stealing information about employees of the US government our government spent three hundred million dollars on just that one in and that's your money that's a tax that we all pay that's money that's not going to improve our roads to improve education or to benefit us in any way and it's not just the government every time you use your credit card every time you buy something online virtually any business transaction that you perform you're paying a tax for cyber crime who are these bad guys that are targeting us is it the proverbial techno wizard that lives on a 50-story glass building makes the Stingers go like this and compromising the Internet is it the hoodie wearing teenager living in their parents basement that maybe needs to take some extra vitamin D or something I don't know maybe really there's three types of cyber crime hackers out there at the bottom the least sophisticated they have what I like to call the ankle biters these are the guys that maybe hang out an internet cafe and just send out email after email hoping something sticks if you ever were surprised to find out you have family that's royalty and wants to leave you millions of dollars that's from these guys right then we have the professional cyber criminals they wake up in the morning they go to work sitting from their computer and try to steal from you it's a little bit like the Mafia and in fact there's a whole cybercrime ecosystem out there that these guys are part of oftentimes they'll specialize in spamming and creating malicious software or viruses they might specialize in money laundering they even have online forums where all the cyber criminals hang out and they advertise their services to each other some even often 24/7 technical support it's kind of ridiculous at the top of the heap are a smaller group but really the most sophisticated attackers out there these are the nation-state hackers they're working on their direction of governments sometimes they're wearing military uniforms and sitting in a government building but many times they're not and they're also out there hacking a lot of times for political purposes but some governments are also hacking to steal intellectual property as well well where does this stuff happen so the internet is a little bit like an iceberg we've got what we can see above the surface and that's the public web that's everything that Google indexes and can return in search results and then we have the Deep Web that's the stuff that's hidden but still connected to the Internet think of your Amazon purchasing history or private message board on Facebook that you belong to not everybody can see it but it's out there and then we have the dark web the mysterious elusive dark web the media loves to talk about the dark web nobody really knows what the dark web is well it's just another set of web servers that are hidden behind layers of encryption it's meant to be difficult to find and it's meant to be able to protect from people stumbling across it there's a lot of bad stuff that happens on the dark web but it's just a small piece of the overall internet but cybercrime is everywhere evil is everywhere you can't get away from it and why are the cyber criminals successful why are they able to steal our money take a look in the mirror it's because of you it's your fault you are the vulnerability that's being exploited in fact 91% of the time successful targeted attacks start with attacking people and not technology let's look at a few examples in 2011 an email like this one was sent to an employee of an IT security company you'll see there's a spreadsheet attached the employee clicked on the attachment that launched some malicious software that let the bad guys into that computer system the attackers were then able to steal the intellectual property of that company in another prolific attack these days called business email compromised cyber criminals spoof emails to appear as if they're being sent from the CEO of a company those emails are directed towards the CFO or financial manager and they're instructed to wire in some cases millions of dollars to some foreign account many times under the guise of a secret project or acquisition or something like that you might think well who's gonna fall for that that's that's silly yet the FBI has put out statements saying that US businesses have lost over two billion dollars to this exact like this scam then we have something that all of us could potentially experience hopefully none of you have another scourge that the cyber criminals have unleashed recently it's called ransomware and this is a specific type of malware that when it infects your computer and encrypts or scrambles all of your files and then holds them for ransom if you have important documents and that's the only place they live you're not going to get the back unless you pay the bad guys hundreds of dollars the thing that's in common about all of these attacks is that they don't work unless you help the bad guys it required someone to click on that attachment click that link respond to an email if the victim did help the bad guys these attacks are not successful so you may think well if I have firewall installed or security software installed I'm safe right well no it's not a silver bullet technology alone can't save you it's more like your seatbelt if you're driving down the interstate you got your seatbelt on but you've gone 100 miles an hour trying to act like Dukes of Hazzard seatbelts not going to save you the same thing is true on the Internet so to really understand why technology can't protect us you really need to understand how the internet works so here's a diagram but guess what nobody knows how the internet works and that's part of the problem it's too complex there's too many pieces it's changing all the time and we just can't secure with technology what we don't understand so I didn't come here today to try to scare you or have you go home and throw your computer out the window later I came here to share with you some good news and some bad news and so the bad news is that you are the vulnerability being exploited but the good news is that means that you have the power to fight back against cyber criminals so I want to leave you with three simple steps that you can take today to fight back step one if you don't need it don't use it you probably get emails or pop-up ads or friends telling you install this program install that check that out go to this website don't do it if you have sensitive files on your hard drive copy them off to a separate USB Drive some someplace where they're not plugged into the internet all the time step 2 fasten your seat belt for the information superhighway use antivirus software choose good passwords don't put them on a sticky note on your monitor we've all heard all these things that we need to do to stay safe yet who can say they do them and do them consistently you got to do them step 3 be a little paranoid the bad guys are exploiting our desire to be helpful so stop and think be a little paranoid call the person that sent you that email and ask if they really sent it to you you know I get calls from family all the time hey Jon can you help me with this computer problem most the time I say well press the power switch on they're good to go but occasionally I have to help them make sense of an email and figure out if it's legitimate or not take a look in the mirror you are the vulnerability but you also have the power to fight back thank you very much

Info

Channel: TEDx Talks

Views: 40,979

Rating: undefined out of 5

Keywords: TEDxTalks, English, United States, Technology, Big problems, Computer Virus, Computers, Corruption, Crime, Cyber, Global issues, Identity, Internet, Privacy, Security, Smartphone, Terrorism

Id: CWCKlAcxESA

Channel Id: undefined

Length: 10min 26sec (626 seconds)

Published: Tue Nov 15 2016