Notes from Dark Web Fighting Cybercrime Full Hacking Documentary (dated April 2021) found on YouTube:
- technology can do a lot of things for us, but greater vulnerability is also built in our everyday lives
- the bad guys have to get it right just once. We have to get it right all the time
- it’s up to the attacker how deep they get into and how they decide to use your information
- your devices can be turned into weapons (aka zombies) without you knowing it
- the possibilities of types of cyber crime (or cybercrime) are endless
- there are those who have been hacked and know it, and there are those who have been hacked but don’t know it yet (08:15)
- 556 million people already fall victim of cyber crime each year
- in 2020, 50 times more info is stored online, which means 50 times more opportunities for cybercriminals
- law enforcement is difficult to stay apace since the technologies are advancing so quickly
- when it comes to cybercrime, you need to make decisions quickly
History of the Internet
- technology can do a lot of things for us, but greater vulnerability is also built in our everyday lives
- the bad guys have to get it right just once. We have to get it right all the time
- the internet was born in America in the late 1960s. It was called ARPANET, a small network of government computers sharing information from opposite sides of the country
- the internet became popular in the early 1980s
The first cyber crime
- the first hackers were interested in exposing flaws
- 1988 was the first time the internet was hacked by a college student named Robert Morris
- Morris Worm: a human made coding error that allowed the worm to replicate itself causing computers globally to be unusable
- by accident, the worm brought down 10% of the computers connected to the internet and cost $98 million to clean up
- then cyber crime started to become a thing for it was almost risk free compared to robbing a branch of a bank or even an entire bank at once
- in 2002, it was already significant when they had 12 victims of identify theft or 25 credit cards that were stolen with $70,000 of loss
- in 2014, cyber crime cost the global economy $450 billion. That number skyrocketed to #3 trillion just one year later (03:28)
- ransomeware attacks: hackers (04:27)
Modern cyber crime (04:01)
- hackers work in well-funded and highly organized groups to steal information and sell it to make money
- 2017: criminals stole social security numbers, birth dates and more of 143 million Americans from just one major credit reporting agency
- ransomeware attacks: hackers take and encrypt data on a computer, then require the user to pay a ransom to unlock it (04:30)
- Wannacry ransomware: asking businesses in 150 countries to pay $300 worth of Bitcoin within 3 days or the ransom will go up. After 7 days the data will be completely destroyed
- the companies were no longer able to do business coz everything was encrypted
- can be life threatening when hospitals have to turn patients away
- in 2016, there were 4,000+ ransomware attacks on businesses in the U.S. every single day, which is 3x more than 2015 according to the FBI (35:00)
Internet of things (05:50)
- your phone, door lock and even your fridge can go online. It gives an opportunity for hackers to get in
- in 2015, there were 15 billion connected devices worldwide, i.e. 2 devices per person on the planet
- the number is expected to go up to 80 billion in 2025
- every company is rushing to get their products to the market first and security is not their priority
- cars that are internet enabled can be stopped on the highway
- webcams can be turned on for spying purposes
- baby monitors allow criminals to speak to the children in their rooms
- an internet enabled toilet in Japan has been hacked before
Zombie computers (07:10)
- internet enabled devices in the U.S. that are taken over under a default password
- use devices that are connected to the internet globally to inject a significant flow of traffic to pull down websites or block networks
The dark web
- 3 layers of the Internet:
- clear web: anything you can find in the search engines
- deep web: anything behind usernames and passwords
- dark web: needs specialized software to access
- in the dark web, everything is sold in Bitcoin or other cryptocurrencies that secures the transaction so the transaction itself, the buyers and the sellers can all stay anonymous
- drug selling (09:48)
- counterfeit money selling (10:03)
- fake IDs (10:10)
- for bad guys to get services from other bad guys
- there are ratings and products (10:40)
- pastebin: a website to find people’s emails and passwords so you can find their social media presence for instance (11:50)
- e.g. sending a dog mom a pet shop coupon and when she clicks on a link she will get infected with malware
- even an unfunded and unmotivated attacker can do that in 5 minutes
Hacking tools (13:00)
- business of selling these tools are booming
- there are people for hire to do the job so you don’t need to know it to do it
- they are successful because partner with each other
Tools to fight cyber crime
- Artificial intelligence (AI) or cognitive computing: the ability of a computer or a machine to think and learn independently
- e.g. IBM’s Watson for cybersecurity can get pieces of the puzzle laid out (20:30 – 23:00)
- Watson can read 700,000 blog articles and share what its learned as a user enters his search term (25:50)
- when Google gives you 8.6 million results of a search term, AI gives only 25
- Watson is an assistant to help process a large amount of digital information. It doesn’t replace human. Man and machine need to work together
- it requires human interventions to set rules to teach it meanings of terms in cybersecurity context
- e.g. honeypot doesn’t really mean honeypot
- when the word ransomware appears, it should be associated with malware
- humans are teaching computers to be better
- it’s still up to the analyst to look at those pieces and see where they fit, how they fit, and whether they are a part of the same puzzle
- they need to decide quickly whether it’s something they should focus on – is it a real threat or a false positive?
Hackers are highly organized (13:50)
- not people sitting in a dark room in a hoodie
- they work 9-5 and take the weekends off
- they launch most of their attacks on Friday evenings before they had home for the weekend
- it’s a business, an industry
- by estimate it’s a trillion of dollar a year business and rising
- sometimes they have payrolls and employee benefits
- but they don’t know each other in the organization
- an attacker in the Middle East can make it look like they are in Europe – he may have hacked into a computer in Europe and there may be multiple hops in between so it’s difficult to track
How to win a cyber war (11:37)
- OODA loop (a miltary theory): observe, orient, decide, act
- if you can do your OODA loop faster than your component, you have an enormous advantage
- when you are being attacked, figure out what is going on quickly and respond accurately
How to tell if an account has been hacked
Seeing these 3 things together is almost a guarantee that you, your device or your account has been compromised:
- movement of your phone (logging in from London then China within 2 hours)
- unusual access attempts on your account
- odd access to data, e.g. searching for data 4,000 times/day when you usually do only 40 times/day/day
Live stimulation
- practice and rehearse and build your muscle memory so you know what to do when a cybersecurity incident actually happens
- response to the breach is causing more damage than the breach did itself
- people with military experience response incredibly well, then there are those with emergency medical experience
- they are trained to make decisions quickly with limited information
Job opportunities
- 2 million open unfilled cybersecurity jobs globally by 2020
- the skillsets you need to learn by doing
- some may not require a college degree at all
- one of their best analyst is a mechanic who has a passion of fixing things and figuring out how things work (36:20)
- not blue collar vs white collar, it is a new collar
How to protect your own data
- update all of your software
- change password regularly
- use complicated passwords
- use different passwords for bank and social media
- ensure your antivirus software is working properly
- if your computer is slowing down, you need to check it out
- use two-factor authentication to add another layer of security
- basic things can protect you from 90% of the threats
- 10%: do not click on suspect links
- the weakest link is always the human