WEBVTT - Manage My Health: What we know about hacker and ransom demand 0:00:05.320 --> 0:00:05.760 Kyoda. 0:00:05.840 --> 0:00:08.840 I'm Chelsea Daniels and this is the Front Page, a 0:00:08.920 --> 0:00:16.720 daily podcast presented by the New Zealand Herald. A major 0:00:16.880 --> 0:00:21.480 online security breach has raised questions about how safe our 0:00:21.560 --> 0:00:23.960 private information is online. 0:00:24.560 --> 0:00:26.560 Manage my Health's health. 0:00:26.320 --> 0:00:30.280 Portal systems were compromised over the new year, putting the 0:00:30.400 --> 0:00:35.520 data of over one hundred and twenty thousand users at risk. Later, 0:00:35.760 --> 0:00:40.120 we'll check in with internet security expert black Veils Adam Burns, 0:00:40.159 --> 0:00:44.520 who immediately identified flaws in the website, which isn't unusual 0:00:44.600 --> 0:00:46.000 for Kiwi domains. 0:00:46.240 --> 0:00:47.840 But first on the front. 0:00:47.520 --> 0:00:51.199 Page ends at Herald's senior reporter, David Fisher, has been 0:00:51.240 --> 0:00:54.640 following the breach and will break down what happened and 0:00:54.760 --> 0:00:56.000 who is behind it. 0:01:00.040 --> 0:01:01.800 So David, let's start at the beginning. 0:01:02.040 --> 0:01:06.600 What exactly happened in the Manage my Health breach and 0:01:06.080 --> 0:01:07.320 what even is it? 0:01:07.520 --> 0:01:13.560 To Manage my Health is a patient health information database 0:01:13.680 --> 0:01:19.600 connection point where health services can upload and put information 0:01:19.800 --> 0:01:24.520 specific to an individual's account. Of patient's account, I, for example, 0:01:24.600 --> 0:01:27.919 have a Managed my Health account. I get a regular 0:01:27.959 --> 0:01:30.840 blood test done and the lab results they get posted 0:01:31.040 --> 0:01:33.800 in the Manage my Health account for me to see 0:01:33.800 --> 0:01:35.720 them at the same time as the doctor does, right. 0:01:35.760 --> 0:01:37.520 And it's kind of one of those things where like 0:01:37.560 --> 0:01:40.640 if you need another prescription field or something, you just 0:01:40.760 --> 0:01:43.280 log in to Manage my Health and ask for another prescription. 0:01:43.400 --> 0:01:44.039 Stuff like that. 0:01:44.680 --> 0:01:46.920 The idea is that you automate everything. 0:01:46.959 --> 0:01:50.080 Yeah, and some parts of the country don't have quite 0:01:50.120 --> 0:01:53.480 so much technology wrapped around their health services. North And 0:01:53.520 --> 0:01:56.120 for example, I suspect it's been particularly hard hit because 0:01:56.120 --> 0:02:01.080 that's the case there. The idea is to collect all 0:02:01.120 --> 0:02:03.640 the information that a patient needs to know and that 0:02:03.680 --> 0:02:06.840 their medical professionals need to know in one place, and 0:02:06.880 --> 0:02:11.040 it's a widely used service too. Manage my Health on 0:02:11.400 --> 0:02:15.680 its landing page on its web page says it is 0:02:16.919 --> 0:02:20.600 trusted by one point eight million New Zealanders to look 0:02:20.639 --> 0:02:21.800 after their health records. 0:02:21.960 --> 0:02:24.440 Right, So this latest breach, tell me a little bit 0:02:24.480 --> 0:02:26.840 about it, How did it come about and how many 0:02:26.919 --> 0:02:29.120 people are potentially affected. 0:02:29.880 --> 0:02:32.120 First sign of the breach was picked up by Managed 0:02:32.160 --> 0:02:36.600 my Health on December thirty and they realized or recognized 0:02:36.639 --> 0:02:42.440 that they had had unauthorized access to their platform. That 0:02:42.960 --> 0:02:47.760 suspicion became concrete the day after December thirty one, when 0:02:47.840 --> 0:02:53.760 Managed my Health received and email from somebody who had 0:02:53.880 --> 0:02:58.880 claimed they had a leak. They posted a sample of 0:02:58.919 --> 0:03:01.760 the documents that they claimed have been leaked to them 0:03:02.440 --> 0:03:06.160 on a site where these things are posted, and they said, 0:03:07.040 --> 0:03:10.680 we'll keep it quiet and the documents will never see 0:03:10.720 --> 0:03:13.519 the light of day if you give us sixty thousand 0:03:13.560 --> 0:03:14.560 dollars us What. 0:03:14.639 --> 0:03:17.079 Kind of information are we talking about here? 0:03:17.960 --> 0:03:24.960 So the sort of information is quite specific actually, and 0:03:25.520 --> 0:03:26.760 where you're going to manage my health. 0:03:26.800 --> 0:03:29.120 There's a range of different. 0:03:30.919 --> 0:03:33.040 Menus that you can click on, for example, the lab 0:03:33.120 --> 0:03:35.920 results one which I mentioned earlier for me, and prescriptions 0:03:35.960 --> 0:03:39.360 and so on. But there's also a part of the 0:03:39.360 --> 0:03:44.360 website which deals with clinical documents, and these documents that 0:03:44.880 --> 0:03:49.200 are scanned and then uploaded onto the site. So this 0:03:49.280 --> 0:03:52.400 is the part that was hit. Managed by Health says 0:03:52.560 --> 0:03:55.360 it's about six to seven percent of the users that 0:03:55.400 --> 0:03:59.400 were affected by this. That works out to be between 0:03:59.400 --> 0:04:02.800 one hundred many one hundred and thirty thousand people in 0:04:03.000 --> 0:04:05.960 court filings to get the injunction to suppress the information 0:04:06.920 --> 0:04:09.160 Manage my Health site at one hundred and twenty seven 0:04:09.240 --> 0:04:13.040 thousand people. So the type of information that gets scanned 0:04:13.280 --> 0:04:18.640 that you could find on there is clinical discharge summaries, 0:04:19.200 --> 0:04:24.960 referral notices to specialists. There could be historical referral records, 0:04:25.720 --> 0:04:31.000 information that patients have uploaded themselves that they want other 0:04:31.040 --> 0:04:38.320 medical specialists to see. It could also have diagnoses of 0:04:38.360 --> 0:04:42.720 your situation. It can have medical histories, there care plans, 0:04:42.960 --> 0:04:47.279 dates of birth addresses, other personal information. If it is 0:04:47.320 --> 0:04:49.680 the case as it is in the region of New 0:04:49.720 --> 0:04:53.280 Zealand that I live, and that your health services aren't 0:04:54.120 --> 0:04:58.120 particularly joined up. In a technical sentence, you're more likely 0:04:58.160 --> 0:05:03.440 to have uploads like that happened, where your medical professional 0:05:03.520 --> 0:05:06.000 will produce a letter that might be said to you 0:05:06.040 --> 0:05:07.880 in the post, but they will also scan it and 0:05:08.000 --> 0:05:09.880 upload it and to manage my health. 0:05:10.200 --> 0:05:12.560 That's the information that's been taken. 0:05:13.279 --> 0:05:16.760 Yeah, and you mentioned that Northlanders are particularly badly hit. 0:05:18.040 --> 0:05:18.680 Yeah, that's right. 0:05:19.240 --> 0:05:24.400 The thought is that it's about eighty five thousand I think, 0:05:24.440 --> 0:05:26.320 with a number of people in Northland that were said 0:05:26.360 --> 0:05:30.440 to be affected by this, that is a hugely disproportionate number. 0:05:30.560 --> 0:05:35.719 And I've not seen in explanation as to why that 0:05:35.839 --> 0:05:38.760 might be, but I do suspect that it is that 0:05:38.880 --> 0:05:48.160 gap in technology Northland healthcare. It's stretched, it's very stretched, 0:05:48.200 --> 0:05:51.960 and it has been for a very long time, and 0:05:52.279 --> 0:05:54.240 it is hard for GPS to make a go of 0:05:54.279 --> 0:05:57.200 a surgery up here. It's hard for surgeries to get 0:05:57.240 --> 0:06:01.080 GPS to work at them. A lot of the infrastructure 0:06:01.120 --> 0:06:04.279 is quite aged and quite dated. So to my mind, 0:06:04.320 --> 0:06:07.560 that would lend itself to a scenario where more information 0:06:07.720 --> 0:06:11.800 was produced in hard copy and then uploaded, sort of 0:06:12.080 --> 0:06:15.640 kind of like talking to your parents about how to 0:06:15.680 --> 0:06:21.280 do email stuff where they will write up a letter 0:06:21.279 --> 0:06:23.360 on a computer, print it out, scan it, and then 0:06:23.400 --> 0:06:25.000 attach it to an email and send it to you. 0:06:25.160 --> 0:06:28.279 Oh no, my mom takes photos of things and sends them. 0:06:28.120 --> 0:06:31.640 To me, exactly that kind of thing. 0:06:32.920 --> 0:06:35.440 What do we know about this group or the people 0:06:35.800 --> 0:06:38.560 that are responsible for this hack or say that they're 0:06:38.560 --> 0:06:39.680 responsible for this hack? 0:06:40.520 --> 0:06:41.600 So the person that. 0:06:43.160 --> 0:06:47.719 Individual that has claimed responsibility is an individual called Kazoo 0:06:48.560 --> 0:06:49.640 ka Zu. 0:06:50.279 --> 0:06:53.800 That's a handle rather than a name. They say that 0:06:54.200 --> 0:06:56.360 they are an individual rather than a. 0:06:56.320 --> 0:07:00.800 Group in that that handle is relatively it's only been 0:07:01.040 --> 0:07:06.200 in existence for the last six months. And I contacted 0:07:06.600 --> 0:07:10.760 the person claiming to be that hacker, interviewed them via 0:07:11.080 --> 0:07:17.239 a telegram the social messaging app, and they had said 0:07:17.320 --> 0:07:20.440 that they had gone out on their own. Prior to that, 0:07:20.920 --> 0:07:25.320 they operated by a different handle, and by inference we're 0:07:25.440 --> 0:07:28.120 more a part of a collective back then. We do 0:07:28.240 --> 0:07:33.720 know that they have been involved in other hacks or 0:07:33.760 --> 0:07:36.240 that they have been the recipient of hacked information in 0:07:36.280 --> 0:07:36.720 the past. 0:07:38.320 --> 0:07:39.760 They've said to me that. 0:07:41.720 --> 0:07:46.720 They have received payments for that and that it is 0:07:46.800 --> 0:07:51.080 a viable business model for them, that they look for 0:07:51.440 --> 0:07:54.120 health information as a particular thing that they do seek out, 0:07:54.200 --> 0:07:59.240 and having sought that out, they say that it's not 0:07:59.360 --> 0:08:03.400 unusual to their extract money as a result of having 0:08:03.440 --> 0:08:04.320 obtained that information. 0:08:04.760 --> 0:08:06.880 Yeah, and when it comes to the money, do we 0:08:06.920 --> 0:08:10.080 have any idea if that sixty thousand US has been 0:08:10.080 --> 0:08:10.840 paid out or not. 0:08:12.360 --> 0:08:12.960 We don't know. 0:08:14.240 --> 0:08:18.840 We do know that Kazoo claimed to be in negotiations 0:08:18.960 --> 0:08:24.720 last week. I suspect that the time that was brought 0:08:24.720 --> 0:08:29.360 for negotiations was probably more managed by Health's favor for 0:08:30.840 --> 0:08:35.760 cybersecurity people to try and track down Kazoo, perhaps even 0:08:35.760 --> 0:08:36.520 our GCSB. 0:08:36.679 --> 0:08:37.160 Who knows. 0:08:38.320 --> 0:08:42.520 But it's very often left unknown whether or not these 0:08:43.080 --> 0:08:48.760 payments are made, and there have been places in the past, 0:08:49.840 --> 0:08:54.160 not necessarily New Zealand, who have denied making payments and 0:08:54.160 --> 0:08:58.280 then evidence has emerged later that they have done these 0:08:58.280 --> 0:09:01.960 places are in a terror bind. One of the things 0:09:01.960 --> 0:09:05.400 that was puzzling about the Kazoo hack was that the 0:09:05.440 --> 0:09:09.280 amount of money was seen as very small for the 0:09:09.320 --> 0:09:13.680 sort of information that was available. I'd talk to Kazoo 0:09:13.720 --> 0:09:18.160 about that, and what was relayed back to me was 0:09:18.160 --> 0:09:20.560 that that's part of the model. Don't make it too painful, 0:09:21.320 --> 0:09:26.200 make it easy. And as that said to me, they're 0:09:26.240 --> 0:09:28.680 only in it to make money. They don't want to 0:09:28.679 --> 0:09:32.360 create obstacles with barriers that are going to get between 0:09:32.400 --> 0:09:33.800 them and the cash that they're after. 0:09:33.960 --> 0:09:35.760 It is a real catch twenty two, isn't it? Like 0:09:35.800 --> 0:09:38.920 the whole thing? Do not negotiate with terrorists. So that's 0:09:38.920 --> 0:09:42.679 probably a pretty good reason as to why we don't 0:09:43.160 --> 0:09:45.720 say if we've paid or not, because then others around 0:09:45.760 --> 0:09:48.120 the world would be like, hang on, New Zealand's a 0:09:48.160 --> 0:09:50.120 place where they pay out pretty easily. 0:09:50.679 --> 0:09:55.240 That's exactly right, and you become a target for further problems, 0:09:55.440 --> 0:09:58.480 and that's not the kind of attention that we want. 0:10:04.880 --> 0:10:08.320 Nothing is one hundred percent secure. We are secure to 0:10:08.400 --> 0:10:11.040 the best of our knowledge, and we do all the 0:10:11.040 --> 0:10:17.440 professional test which any industry assessment will make independently that 0:10:17.520 --> 0:10:20.959 we were a secure software. I'm a victim of the hack. 0:10:22.480 --> 0:10:27.040 My personal record is out there right, and so's lots 0:10:27.080 --> 0:10:31.840 of my friends and families. I am deeply distressed that 0:10:31.960 --> 0:10:35.560 this is out there and this has happened on software there. 0:10:36.480 --> 0:10:39.599 Our company has worked pretty hard to serve deeple. 0:10:42.200 --> 0:10:44.480 In terms of Manage my Health. 0:10:44.520 --> 0:10:47.920 Manage my Health has described itself as a victim of 0:10:48.080 --> 0:10:51.640 crime while also admitting that it did drop the ball. 0:10:52.160 --> 0:10:53.160 Where do you see. 0:10:52.960 --> 0:10:56.760 The line between being a victim and being responsible. 0:10:57.040 --> 0:11:00.480 Well, the victims here are managed by Health's clients patients. 0:11:00.520 --> 0:11:05.439 The one that the information belonged to Managed my Health 0:11:05.840 --> 0:11:10.440 has in my view, created a situation where they have 0:11:10.520 --> 0:11:14.599 been whacked. The Privacy Actor is pretty clear on this. 0:11:14.920 --> 0:11:18.760 If you look after people's information, you are responsible for 0:11:18.840 --> 0:11:21.280 creating an environment in which that information is going to 0:11:21.320 --> 0:11:24.440 be safe. So that is your job, and that was 0:11:24.480 --> 0:11:27.439 managed by Health's job. They should have created an environment 0:11:27.520 --> 0:11:31.880 in which no hacker could get to that information. So look, 0:11:32.080 --> 0:11:35.480 I'm very sad and sorry for Manage my Health. But 0:11:35.880 --> 0:11:40.480 if Managed my Health was able to produce evidence that 0:11:41.520 --> 0:11:46.120 they had a Fort Knox like security around patient information, 0:11:46.320 --> 0:11:48.920 then that sympathy that I have might be a little 0:11:48.920 --> 0:11:53.240 bit more than fleeting by sympathies with the patients. It's 0:11:53.280 --> 0:11:56.680 with those people whose information has been obtained by others. 0:11:57.240 --> 0:11:59.880 And I've spoken to people who have lost day believe 0:12:00.480 --> 0:12:06.959 incredibly incredibly personal information and really are having trouble getting 0:12:07.000 --> 0:12:09.360 through the day and sleeping at night as a result 0:12:09.400 --> 0:12:10.280 of it being out there. 0:12:11.160 --> 0:12:13.280 So where do we go from here? 0:12:13.760 --> 0:12:17.800 There's a government investigation under way, as ordered by a 0:12:17.880 --> 0:12:21.520 Ministry of Health Sibby and Brown, and there's also a 0:12:22.559 --> 0:12:25.360 Officer of the Privacy Commissioner investigation under the way as 0:12:25.360 --> 0:12:27.760 well that we'll be looking as to whether Manage my 0:12:27.840 --> 0:12:32.319 Health met its responsibilities under the Privacy Act. In terms 0:12:32.360 --> 0:12:35.720 of the investigation order by Simmy and Brown, I would 0:12:35.760 --> 0:12:39.600 have thought that the Ministry of Health would have required 0:12:41.360 --> 0:12:45.400 Managed my Health to meet some pretty stringent security standards 0:12:45.960 --> 0:12:48.040 to be able to set up and run the business 0:12:48.080 --> 0:12:51.360 that they have set up and run. If those weren't 0:12:51.480 --> 0:12:54.960 part of the baseline expectation, and if there wasn't auditing 0:12:55.000 --> 0:12:57.679 around that, then I think that question does come back 0:12:57.720 --> 0:12:58.400 to the Ministry of. 0:12:58.400 --> 0:12:59.040 Health as well. 0:13:00.120 --> 0:13:03.320 You know, if we're going to allow a situation where 0:13:03.360 --> 0:13:07.600 private providers can step in and take hold of what 0:13:07.800 --> 0:13:12.719 has traditionally been a state job. Then they've got to 0:13:12.760 --> 0:13:15.680 be held to really, really high standards, and we're going 0:13:15.720 --> 0:13:18.520 to make sure that they're audited to ensure that they 0:13:18.559 --> 0:13:22.400 stay at those high standards. So this business will have 0:13:22.480 --> 0:13:26.040 quite a way to run in terms of accountability. In 0:13:26.160 --> 0:13:30.640 terms of tracking down Kazoo, I think probably the same 0:13:30.760 --> 0:13:33.400 chance as a snowball on any of the days that 0:13:33.400 --> 0:13:36.840 we're having now. And for the patients and their private information. 0:13:38.400 --> 0:13:41.960 Who knows Kazoo has said that if the money gets paid, 0:13:42.000 --> 0:13:46.000 then that information will never be seen again. They do 0:13:46.120 --> 0:13:49.040 have a track record of that, but that record is 0:13:49.080 --> 0:13:51.640 only six months long. The other thing about it, too, 0:13:51.760 --> 0:13:55.640 is that there's so much useful information in there to 0:13:55.840 --> 0:14:01.160 other people of Kazoo's ilk, other people who will dates 0:14:01.160 --> 0:14:07.360 of birth or travel information, passport information, address information, all 0:14:07.400 --> 0:14:12.280 those personal indicators that they're incredibly, incredibly valuable because they 0:14:12.320 --> 0:14:16.000 can be used to leverage other exploits that can earn 0:14:16.120 --> 0:14:21.320 other people like Kazoo more money. So for those people 0:14:21.520 --> 0:14:26.560 a very uncertain future in an ideal situation, not that 0:14:26.680 --> 0:14:29.600 it is ideal. Perhaps manage my health paid the money. 0:14:29.960 --> 0:14:32.800 Perhaps Kazu did what Kazoo said they would do and 0:14:32.840 --> 0:14:35.560 deleted all the information and that's the end of it. 0:14:36.560 --> 0:14:40.600 But those people that have been affected will not know that, 0:14:41.720 --> 0:14:44.200 and they can never really be sure, and that's a deeply, 0:14:44.320 --> 0:14:47.480 deeply unsettling thing for them. 0:14:47.720 --> 0:14:48.680 Thanks for joining us. 0:14:48.680 --> 0:14:51.120 David, Thank you Chelsea. 0:14:58.200 --> 0:15:01.920 After the breach, Adam Burns of security company black Veil 0:15:02.080 --> 0:15:07.000 voluntarily tested the website and app and found flaws in both. 0:15:07.440 --> 0:15:10.160 He joins US now to break down what happened and 0:15:10.240 --> 0:15:13.400 what companies can do better to protect themselves. 0:15:13.640 --> 0:15:17.520 And you, So. 0:15:17.560 --> 0:15:21.960 Adam, were there any warning signs or security gaps from 0:15:22.000 --> 0:15:24.440 your point of view when it comes to manage my health? 0:15:25.200 --> 0:15:28.680 From the research that I did and posted in the blog, Yes, 0:15:28.840 --> 0:15:32.720 there were some big gaps that should have been plugged 0:15:32.920 --> 0:15:38.160 a long time ago. These are basic fundamental DNS domain issues. 0:15:38.720 --> 0:15:41.680 So yeah, there was a number of gaps that I 0:15:41.720 --> 0:15:45.840 would consider them to be required for any organization, but 0:15:46.000 --> 0:15:50.920 especially a health organization dealing with patient records and such. 0:15:51.160 --> 0:15:53.480 And what kind of gaps? So you mentioned DNS. 0:15:54.840 --> 0:15:58.760 Yeah, DNS stands for Domain Name system, So I'll just 0:15:58.800 --> 0:16:01.360 explain real quick what that is. When you visit a 0:16:01.360 --> 0:16:05.520 website on the Internet, you type a name like inzidherold 0:16:05.560 --> 0:16:09.920 dot cot inz DNS. Server takes that name and converts 0:16:09.920 --> 0:16:12.600 it into an IP address, so that's where the server 0:16:12.720 --> 0:16:18.600 actually is. And yeah, DNS essentially without DNS, the Internet 0:16:18.680 --> 0:16:21.440 does not work, so you can see how important it is. 0:16:22.720 --> 0:16:27.560 And DNS also controls where how traffic is directed to 0:16:27.600 --> 0:16:31.840 your website, how emails get to you, how users log in, 0:16:32.240 --> 0:16:34.960 log out, all of those sorts of things. So the 0:16:35.000 --> 0:16:39.400 gaps that I found are talking about email mostly email 0:16:39.440 --> 0:16:45.400 security issues, and domain and website security issues, so pretty 0:16:45.480 --> 0:16:49.080 key things to plug when you've got users logging into 0:16:49.400 --> 0:16:50.280 a health portal. 0:16:51.280 --> 0:16:51.560 Yeah. 0:16:51.640 --> 0:16:54.600 And is that quite a common mistake or gap, I 0:16:54.640 --> 0:16:56.960 suppose for websites in New Zealand. 0:16:58.520 --> 0:17:01.000 Yeah, so I've done I did a lot of research 0:17:01.040 --> 0:17:03.760 on this last year. I built a little app and 0:17:03.840 --> 0:17:08.320 stuck it on the dot nz tldtld sands for top 0:17:08.400 --> 0:17:12.119 level domain. I ran it for about six weeks, collected 0:17:12.359 --> 0:17:15.760 only maybe two and a half thousand domains worth of information, 0:17:15.960 --> 0:17:19.480 but over half of those domains had these exact problems, 0:17:19.480 --> 0:17:23.320 so it's not it's not an uncommon issue. That is 0:17:23.359 --> 0:17:26.680 super common, and it is not just a New Zealand 0:17:26.720 --> 0:17:29.840 problem either. I've extended my research beyond that too. 0:17:30.600 --> 0:17:30.760 Well. 0:17:30.800 --> 0:17:34.840 I've actually covered fifty one countries now with the agent 0:17:34.880 --> 0:17:38.960 that I built. So yeah, it's a global problem. Have 0:17:39.080 --> 0:17:44.320 you heard Instagram got hacked today or yesterday? N No, Okay, 0:17:44.400 --> 0:17:47.600 Instagram was hacked and seven I think it was seven 0:17:47.680 --> 0:17:51.040 million user accounts were leaked onto the Internet like not 0:17:51.160 --> 0:17:54.520 the dark web, they were just leaked onto a forum. 0:17:55.040 --> 0:17:56.560 So I actually scanned them. 0:17:56.600 --> 0:17:58.960 I did the exact same scan on Instagram that I 0:17:59.000 --> 0:18:05.320 did on Manage my Health. Yeah, similar stories Instagram with 0:18:05.480 --> 0:18:06.880 billions of users. 0:18:06.720 --> 0:18:10.200 Similar story and same security gaps. 0:18:10.680 --> 0:18:10.960 Yeah. 0:18:11.000 --> 0:18:15.440 These these problems extend beyond small business into the five 0:18:15.560 --> 0:18:17.920 hundred you know, fortune five hundred realm. 0:18:18.119 --> 0:18:22.680 Yeah. Yeah, and so how can companies kind of rectify 0:18:22.800 --> 0:18:25.840 or you know, do better in that respect? 0:18:26.600 --> 0:18:30.000 The first thing I would be doing is asking your 0:18:30.040 --> 0:18:34.520 I provider, what what are my current security gaps and 0:18:34.600 --> 0:18:38.000 how can we best plug those. I have done my 0:18:38.080 --> 0:18:41.440 best to make that information as accessible as I can 0:18:41.560 --> 0:18:44.760 to people on my website, so people can go and 0:18:44.800 --> 0:18:46.920 scan their domains if they want to, and it will 0:18:46.920 --> 0:18:50.480 actually tell them exactly what I found would manage my health, 0:18:51.000 --> 0:18:54.600 the gaps, how to fix them, and the impact of 0:18:54.800 --> 0:18:57.560 not fixing them, like what is the what is the 0:18:57.560 --> 0:19:01.280 main reason I should fix this? Plot this whole The 0:19:01.359 --> 0:19:03.800 scanner and the results will actually tell you that. And 0:19:03.880 --> 0:19:06.919 if you still still need more help, I'm here, or 0:19:06.920 --> 0:19:09.400 you can speak to the agent buck on our website 0:19:09.440 --> 0:19:15.320 that also provides human that humanizes cybersecurity and technical speak 0:19:15.560 --> 0:19:16.320 in terms of. 0:19:16.240 --> 0:19:18.840 What happened with manage my health and the kind of 0:19:18.880 --> 0:19:23.399 glaringly obvious it seems gaps in many websites in New 0:19:23.520 --> 0:19:28.720 Zealand's security systems. Do you think that hackers worldwide who 0:19:28.960 --> 0:19:32.199 do do this for monetary gain is are looking at 0:19:32.240 --> 0:19:35.359 New Zealand at the minute being like, well there's your 0:19:35.440 --> 0:19:36.040 cash grab. 0:19:37.160 --> 0:19:37.400 Yeah. 0:19:37.480 --> 0:19:40.280 I mean this time of year, New Zealand becomes a 0:19:40.320 --> 0:19:43.520 target just because of the great key we shut down. 0:19:43.600 --> 0:19:46.399 So I don't think we are much of a target 0:19:46.480 --> 0:19:50.240 until this time of year, and I've actually got data 0:19:50.280 --> 0:19:55.199 to prove that. So yeah, we're definitely. The attacks on 0:19:55.240 --> 0:19:58.960 New Zealand and Australia ramp up from November to January, 0:20:00.080 --> 0:20:03.440 and now with this news breaking, I would say will 0:20:03.480 --> 0:20:04.560 be even more of a target. 0:20:04.600 --> 0:20:07.120 Now, how do you make sure if you do have 0:20:07.240 --> 0:20:11.120 your own personal information on the internet with a website, 0:20:11.640 --> 0:20:13.879 are there any ways to make sure that your information 0:20:14.000 --> 0:20:14.919 is actually safe? 0:20:15.480 --> 0:20:17.560 The best thing that you can do to protect yourself 0:20:17.760 --> 0:20:21.720 is make sure that you've got multi factor authentication on everything, 0:20:21.840 --> 0:20:23.920 So enter a password, then. 0:20:23.720 --> 0:20:25.160 It we'll ask you for a code as well. 0:20:26.040 --> 0:20:28.919 Without the code, obviously a hacker can't get into your account. 0:20:28.960 --> 0:20:31.840 They need the physical device that sends you those codes. 0:20:31.920 --> 0:20:35.880 So that is a good way to protect yourself. Other 0:20:35.920 --> 0:20:39.320 than that, you're at the mercy of the people's platform 0:20:39.359 --> 0:20:41.880 that you're using. So the best thing to do there 0:20:41.960 --> 0:20:44.399 is actually ask them, what are you doing to protect 0:20:44.400 --> 0:20:49.280 my information? What controls and regulations have you got in 0:20:49.320 --> 0:20:53.240 place that protect us? And what happens if there's a breach? 0:20:53.600 --> 0:20:56.280 How do you notify as how quickly can you clean 0:20:56.320 --> 0:20:59.240 it up? All those sorts of things are things that 0:20:59.280 --> 0:21:04.840 people really be thinking about when using such critical platforms 0:21:05.240 --> 0:21:08.000 or any platform that you log into. 0:21:08.600 --> 0:21:12.840 In terms of this breach, I'm wondering because obviously we 0:21:12.960 --> 0:21:15.440 hear about breaches every now and again, you know, whether 0:21:15.480 --> 0:21:19.119 it's a banking app or a government app or something 0:21:19.200 --> 0:21:21.800 like that. Those are the ones that we hear about. 0:21:21.840 --> 0:21:23.639 Are those just the tip of the iceberg? 0:21:24.920 --> 0:21:27.240 Yes, that is definitely just the tip of the iceberg. 0:21:27.280 --> 0:21:31.080 A lot of it goes unreported. Some of them are 0:21:31.160 --> 0:21:33.440 so small they're not worth mentioning in the news. But 0:21:33.600 --> 0:21:35.720 a small hack too the news might still be a 0:21:35.720 --> 0:21:38.920 big hack to a small business, for example. So yeah, 0:21:39.200 --> 0:21:42.440 there's plenty of hacks that we are not told about. Yeah, 0:21:42.480 --> 0:21:46.840 it's the wild West. The Internet was built, you know, 0:21:46.920 --> 0:21:49.679 in the nineties on trust and if you look at 0:21:49.680 --> 0:21:52.000 the Internet now, it's no longer a trustworthy place. 0:21:52.119 --> 0:21:56.720 So yeah, it's best to assume. 0:21:56.359 --> 0:21:58.399 That your data is not safe and make sure that 0:21:58.480 --> 0:22:02.479 it is, especially with the intro action of AI. You know, 0:22:02.560 --> 0:22:05.600 if you think about the infrastructure that AI is currently 0:22:05.680 --> 0:22:09.920 running on was built thirty years ago, it's like trying 0:22:09.960 --> 0:22:12.080 to race a Ferrari around a go kart track. 0:22:12.760 --> 0:22:15.920 That's how I would describe it. So yeah, I. 0:22:15.880 --> 0:22:18.080 Almost feel like we need an Internet two point zero. 0:22:18.119 --> 0:22:22.560 But making that happen is virtually impossible or a very 0:22:22.720 --> 0:22:26.240 very slow process because you'd have to do it. Yeah, 0:22:26.320 --> 0:22:28.920 I don't even know how you would achieve that. It 0:22:28.960 --> 0:22:30.080 would be very difficult. 0:22:30.200 --> 0:22:32.520 It's not impossible, but it would be very slow and 0:22:32.640 --> 0:22:33.399 very difficult. 0:22:33.800 --> 0:22:36.040 Well, it seems like the horses bolted and in a lot 0:22:36.119 --> 0:22:38.280 of ways. Hey, I mean, I can imagine. You know, 0:22:38.359 --> 0:22:40.879 back in the nineties, what we would refer to as 0:22:40.920 --> 0:22:44.920 hackers were individuals going in and doing it one by one, 0:22:44.960 --> 0:22:49.040 whereas now they can make quite sophisticated systems that do like, 0:22:49.200 --> 0:22:51.760 you know, a thousand things at once or something. 0:22:52.160 --> 0:22:53.520 That's probably an understatement. 0:22:54.520 --> 0:22:56.679 Yeah, I mean, even just in the last twelve months, 0:22:56.720 --> 0:23:01.560 hacking has become a thousand times easier for people. If 0:23:01.600 --> 0:23:04.159 you think about how easy it is for someone to 0:23:04.200 --> 0:23:08.120 install chat GPT and fill out an essay, for example, 0:23:08.359 --> 0:23:12.400 you can do the same with hacking. There's apps exactly 0:23:12.520 --> 0:23:18.640 like chat GPT for launching spoofing and phishing campaigns. So 0:23:18.720 --> 0:23:21.920 what they actually can do is like a full reconnaissance 0:23:21.920 --> 0:23:24.800 mission on a business, so they can figure out who's 0:23:24.840 --> 0:23:27.479 the CFO, who's the CEO, who's the CTO. Have they 0:23:27.560 --> 0:23:30.360 been mentioned in the news recently, what time of year 0:23:30.440 --> 0:23:32.080 is it? Have they mentioned the going up a seat, 0:23:32.119 --> 0:23:34.480 those sorts of things. They do a full recon and 0:23:34.520 --> 0:23:38.600 it's fully automated now, so it takes a lot of 0:23:38.600 --> 0:23:41.439 that manual effort away from the hackers. A lot of 0:23:41.480 --> 0:23:44.160 it used to be manual. Now it's all automated. 0:23:45.080 --> 0:23:46.919 So where do we go to next. 0:23:47.080 --> 0:23:49.440 Is it just safe to have none of your personal 0:23:49.480 --> 0:23:52.200 information on the Internet or is that completely unavoidable. 0:23:53.720 --> 0:23:56.959 It's pretty much unavoidable, right. We kind of reliant on 0:23:57.040 --> 0:24:01.520 technology and the internet without you. Imagine if the Internet 0:24:01.640 --> 0:24:04.480