A Hacker Shares His Biggest Fears | Informer

[Music] when i was hacking if i wanted to gain access to a secure company i wouldn't go kick the front door down i would target people i know who have access who i know bring personal devices into a building or who do things that are adjacent to the sensitive stuff and i would then work my way up the kind of things that are vulnerable to ransomware attacks is literally everything that is connected to anything in the old days for a country to cause disruption to a country as big as the united states you'd need millions

and millions of dollars worth of investment to do something but today you just need a few thousand dollars in a laptop and a couple of smart hackers to write some code and send something out [Music] traditionally a black cat hacker is one who is not bound by any kind of ethical code willing to break the law and is in it for specifically his own purposes i at one time considered myself a black hat and changed to a white hat white hats tend to be hackers who are bound by an ethical code who try to do

things to improve the greater good um and who are bound by the law so i look for vulnerabilities in systems that haven't been scrutinized before that may represent significant risk but i also do things like hunt the criminals who are targeting hospitals or who are targeting the businesses that i'm looking out for so by looking at the attacks that take place by understanding the infrastructure that's used by the criminals i can work out where they're coming from the vast majority of hacking is staring at code and understanding how sites are put together and how things

work and then working out how you can subvert that process to take control of it so ransomware is an attack technique that's been around for decades modern ransomware is usually a piece of malware that gets on your system encrypts all of your data and then holds that hostage demanding that you contact the gangs that are operating it paying them in some form of currency before they'll give you the key that decrypts your data and gives it back to you the challenge is it's not a scenario where you want to say well why don't we stop

people from paying them because ultimately you have to protect the victims i've watched hospitals get encrypted and people are left with a choice do i pay to decrypt the data or do i risk lives over the last year we have definitely seen a significant acceleration in ransomware and i think that's because there's been a huge increase in the profitability back when it started ransomware was charging hundreds of dollars maybe thousands of dollars for individual targets the bigger payouts that we're talking about now are easily into the tens of million and this last most recent attack

they offered 70 million dollars for the campaign key which is the key that would have unlocked every single computer encrypted during that attack so we're talking high stakes games here you have nation state actors who are basically doing what they need to do because the nation state that they are employed by wants them to do it there are financially motivated criminals who are looking for whatever way that they can cash out there are some people who just want to see the world burn and those are destructive attackers who will go after systems just because they

wanted to cause disruption you see the usual names like russia and china being thrown around you see slightly smaller countries like iran and north korea being involved but the fact is every single country has some reason to weaponize these kinds of attacks and the less scrupulous countries are the ones who are using it right now because it's the perfect form of asymmetric warfare i've seen routine engagement from pretty much all of the major western governments in in coming to my community to seek help there is no one better equipped at dealing with these threats at

understanding these threats than the people who grew up in the community hackers i think one of the things that we have learned this year is that we're not very good at understanding which systems are the ones that are most painful when they get encrypted no one would have thought that a ransomware attack against someone like the colonial pipeline would large amounts of the united states but it did because the supply chain dependency on that fuel caused a cascade problem throughout the whole of the us recently we saw attack against a company that supplies a lot

of security providers and it happened because of a vulnerability that was in the process of being fixed it's challenging to deal with a situation where the bad guys are essentially moving faster than the good guys the nature of the problem is the advantage is always with the bad guy currently we are mostly reactive we wait until somebody makes a mistake and somebody creates enough noise for us to hear about it and react to it there's a new economic marketplace now called the initial access broker market these are people who sell compromised access to companies for

the purpose of somebody else going in and using it to monetize it this is only going to get bigger and i don't think we have to worry too much about our you know nuclear arsenal being taken over movie style and used against us but i do think we have to worry about things like major impacts to financial markets or potential impacts to things like electricity production facilities you