1 00:00:08,320 --> 00:00:08,840 Speaker 1: Joining us. 2 00:00:08,840 --> 00:00:12,879 Speaker 2: In the WIBC studios, we have former FBI special agent 3 00:00:13,600 --> 00:00:18,360 Speaker 2: Corey Grass. He spent twenty years in counterintelligence and counter terrorism. 4 00:00:18,720 --> 00:00:21,840 Speaker 2: It's Casey and Jim you're listening to on ninety three WIBC, 5 00:00:22,160 --> 00:00:26,080 Speaker 2: So Corey. Yesterday, Jim and I discussed this article spyware, 6 00:00:26,200 --> 00:00:30,760 Speaker 2: once used by governments, is now spreading to cyber criminals, 7 00:00:30,800 --> 00:00:33,280 Speaker 2: and I thought, well, we've got we've. 8 00:00:33,120 --> 00:00:33,560 Speaker 3: Got a guy. 9 00:00:33,720 --> 00:00:34,639 Speaker 4: Love it when we got a guy. 10 00:00:34,720 --> 00:00:36,520 Speaker 3: We got a guy, and here you are. 11 00:00:36,640 --> 00:00:39,879 Speaker 2: So how big of a problem is it when government 12 00:00:39,920 --> 00:00:43,960 Speaker 2: grade spyware tools leak into the hands of cyber criminals 13 00:00:44,320 --> 00:00:46,160 Speaker 2: or just regular criminals. 14 00:00:46,600 --> 00:00:48,080 Speaker 5: Well, first, I might say, thanks for having me. I'm 15 00:00:48,080 --> 00:00:50,400 Speaker 5: glad you think of criminals you think of me. I'm 16 00:00:50,400 --> 00:00:53,320 Speaker 5: not sure what that says about me, but I appreciate it. 17 00:00:53,440 --> 00:00:56,920 Speaker 5: That type of technology is so prevalent these days. It's crazy. 18 00:00:57,560 --> 00:01:00,000 Speaker 5: Like you said, it was a high level use previously 19 00:01:00,120 --> 00:01:02,960 Speaker 5: by higher powers that had access to it, and now 20 00:01:03,000 --> 00:01:05,200 Speaker 5: that it's worked this way down, I think it's kind 21 00:01:05,200 --> 00:01:06,600 Speaker 5: of foolish for any of us in the United States. 22 00:01:06,640 --> 00:01:08,679 Speaker 5: I think our stuff is safe in any capacity because 23 00:01:08,680 --> 00:01:11,840 Speaker 5: there's so many people in so many ways trying to 24 00:01:11,880 --> 00:01:14,080 Speaker 5: steal your information multi ways. 25 00:01:14,200 --> 00:01:15,800 Speaker 3: Let's talk about some of the ways. 26 00:01:16,000 --> 00:01:18,960 Speaker 2: Okay, some of the things that you're skeptical of or 27 00:01:19,000 --> 00:01:21,040 Speaker 2: you've seen or people need to be aware of. 28 00:01:21,840 --> 00:01:24,240 Speaker 5: I'll mention you guys previously, but QR codes are a 29 00:01:24,240 --> 00:01:27,119 Speaker 5: great way for people to steal your information as simple 30 00:01:27,160 --> 00:01:29,880 Speaker 5: as City of Indianapolis parking signs downtown. You go to 31 00:01:29,920 --> 00:01:32,040 Speaker 5: pay your parking meter. Now everything's automated, then which you 32 00:01:32,040 --> 00:01:34,240 Speaker 5: to click on the QR code send your money that way? 33 00:01:34,280 --> 00:01:36,520 Speaker 5: Will it cost me a dollar apiece for a sticker 34 00:01:36,840 --> 00:01:38,360 Speaker 5: to put on those signs? And then I have you 35 00:01:38,400 --> 00:01:40,720 Speaker 5: send you to my website or my corrupt way of 36 00:01:40,760 --> 00:01:42,920 Speaker 5: doing business, and now I have all your personal information 37 00:01:43,080 --> 00:01:44,480 Speaker 5: as simple as that a simple sticker. 38 00:01:44,560 --> 00:01:44,920 Speaker 4: Okay. 39 00:01:45,080 --> 00:01:48,560 Speaker 1: So what you're saying is, and you're right, those QR 40 00:01:48,600 --> 00:01:51,120 Speaker 1: codes are everywhere, especially with city parking. 41 00:01:51,160 --> 00:01:52,680 Speaker 4: So you go there and you park, and then you've 42 00:01:52,680 --> 00:01:54,440 Speaker 4: got to go to the little shi phone and you. 43 00:01:54,360 --> 00:01:55,760 Speaker 1: Got to scan it with your phone and then you 44 00:01:55,800 --> 00:01:57,840 Speaker 1: give them all your credit card information and your license 45 00:01:57,840 --> 00:01:59,960 Speaker 1: plate and that's how they charge you for your parking. 46 00:02:00,200 --> 00:02:02,840 Speaker 1: And what you're saying is somebody could easily just print 47 00:02:02,880 --> 00:02:05,280 Speaker 1: out a sticker of their own QR code that's the 48 00:02:05,320 --> 00:02:07,960 Speaker 1: same size as the QR code on the sign, and 49 00:02:08,080 --> 00:02:09,399 Speaker 1: just slap that sticker on there. 50 00:02:09,440 --> 00:02:10,680 Speaker 4: And then so that when they. 51 00:02:10,639 --> 00:02:13,840 Speaker 1: Scan my QR code, the criminal that I've put on there, 52 00:02:14,000 --> 00:02:16,160 Speaker 1: it's going to take them to this website that's going 53 00:02:16,200 --> 00:02:19,880 Speaker 1: to download some malicious software onto their phone or whatever else. 54 00:02:20,080 --> 00:02:22,320 Speaker 5: Correct, and particularly if you're good enough, wow, to have 55 00:02:22,320 --> 00:02:24,200 Speaker 5: a website that it goes to me? How many times 56 00:02:24,200 --> 00:02:26,240 Speaker 5: do you click on a code, a link in your emails, 57 00:02:26,280 --> 00:02:27,880 Speaker 5: a text you get, you click on it and it 58 00:02:27,919 --> 00:02:29,760 Speaker 5: goes and says file not available. You know, some sort 59 00:02:29,760 --> 00:02:31,480 Speaker 5: of tech issue. But if you do it right and 60 00:02:31,520 --> 00:02:34,480 Speaker 5: you create a site that will collect that information even better, 61 00:02:34,639 --> 00:02:36,400 Speaker 5: would you notice the difference if it was a different 62 00:02:36,440 --> 00:02:40,320 Speaker 5: parking company name, if it then seaving Annapolis? Or It's 63 00:02:40,320 --> 00:02:42,280 Speaker 5: funny we discussed last couple of days, all of us 64 00:02:42,320 --> 00:02:44,239 Speaker 5: did what we're going to talk about today. Yesterday in 65 00:02:44,280 --> 00:02:47,120 Speaker 5: the mail, I got a letter from a unnamed company 66 00:02:47,360 --> 00:02:49,680 Speaker 5: from there, let's it called let me see their secure 67 00:02:49,720 --> 00:02:52,760 Speaker 5: processing center. Set of my information got stolen from an 68 00:02:52,840 --> 00:02:57,000 Speaker 5: unnamed vendor. It possibly included all of or some of 69 00:02:57,080 --> 00:03:00,280 Speaker 5: my first name, last name, address, email address, so security 70 00:03:00,320 --> 00:03:03,120 Speaker 5: number dat to birth. They sent me an email this 71 00:03:03,160 --> 00:03:06,079 Speaker 5: company who lost my information, a secure processing company lost 72 00:03:06,120 --> 00:03:09,120 Speaker 5: my information potentially. They sent me an email address and 73 00:03:09,160 --> 00:03:11,120 Speaker 5: a secret code to put in an access code, and 74 00:03:11,160 --> 00:03:13,160 Speaker 5: they want me to click out another link and submit 75 00:03:13,200 --> 00:03:15,440 Speaker 5: that information. I don't trust that company. They've already lost 76 00:03:15,440 --> 00:03:16,919 Speaker 5: my stuff and they're asked me to send it to 77 00:03:16,960 --> 00:03:17,360 Speaker 5: them again. 78 00:03:17,520 --> 00:03:19,760 Speaker 2: So do you think that it's a scammer actually wanting 79 00:03:19,760 --> 00:03:20,960 Speaker 2: you to enter reial information? 80 00:03:21,080 --> 00:03:23,919 Speaker 5: Probably legitimate, but this legitimate company has filt. 81 00:03:24,200 --> 00:03:24,720 Speaker 3: They can't do it. 82 00:03:24,720 --> 00:03:26,359 Speaker 5: They could secure it the first time, so they want 83 00:03:26,360 --> 00:03:27,880 Speaker 5: me to send my information to them again. I'm just 84 00:03:27,960 --> 00:03:28,520 Speaker 5: very skeptical. 85 00:03:28,639 --> 00:03:31,639 Speaker 1: Well, and they're asking you to do the types of things. 86 00:03:31,720 --> 00:03:34,480 Speaker 1: Let's assume this company is legitimate. What they're asking you 87 00:03:34,560 --> 00:03:37,200 Speaker 1: to do are the exact type of things that a 88 00:03:37,240 --> 00:03:39,000 Speaker 1: scammer would ask you to do. 89 00:03:39,320 --> 00:03:41,320 Speaker 4: Go to this website. 90 00:03:40,800 --> 00:03:43,000 Speaker 1: That you don't know from a hole in the wall 91 00:03:43,200 --> 00:03:45,880 Speaker 1: and put in this special secure code, and if it 92 00:03:45,920 --> 00:03:48,360 Speaker 1: turned out that it was not legitimate, then all of 93 00:03:48,400 --> 00:03:50,040 Speaker 1: a sudden, they could have access. 94 00:03:50,080 --> 00:03:52,160 Speaker 4: Part of what we talked about too, is that you. 95 00:03:52,120 --> 00:03:54,840 Speaker 1: Know, now it used to be that if you had 96 00:03:54,880 --> 00:03:59,200 Speaker 1: an iPhone that was you know, scam free and malware 97 00:03:59,240 --> 00:04:02,040 Speaker 1: free and virus and trojan horse and all of those 98 00:04:02,040 --> 00:04:05,640 Speaker 1: sorts of problems. But in these specific situations that we're 99 00:04:05,640 --> 00:04:07,680 Speaker 1: talking about, a lot of these things you would do 100 00:04:07,800 --> 00:04:10,600 Speaker 1: with your iPhone, like scanning a QR code at a 101 00:04:10,600 --> 00:04:13,320 Speaker 1: public parking garage and doing that that could you know, 102 00:04:13,480 --> 00:04:16,760 Speaker 1: the days of the iPhone being completely secure or long gone? 103 00:04:17,120 --> 00:04:21,080 Speaker 5: I thought of two things there. Yeah, technology use has 104 00:04:21,160 --> 00:04:23,640 Speaker 5: changed so much, and anything that's being used for business 105 00:04:23,640 --> 00:04:26,080 Speaker 5: in a very positive way to grow business, you know, 106 00:04:26,160 --> 00:04:28,840 Speaker 5: to continue transacting business, the criminals will find a way 107 00:04:28,880 --> 00:04:31,440 Speaker 5: exploit that. And that's kind of always been the game 108 00:04:31,440 --> 00:04:32,720 Speaker 5: of law enforce when you were trying to play catch 109 00:04:32,760 --> 00:04:34,359 Speaker 5: up with what the bad guys have gotten ahead of you. 110 00:04:34,400 --> 00:04:37,200 Speaker 5: On you mentioned iPhones being secure, I think it was 111 00:04:37,480 --> 00:04:39,599 Speaker 5: still during my time as an FBI agen. But there 112 00:04:39,640 --> 00:04:42,600 Speaker 5: was a terrorist attack in Ky San Berdano, California. There 113 00:04:42,600 --> 00:04:45,120 Speaker 5: were two phones recovered that the FBI could not get into, 114 00:04:45,160 --> 00:04:47,880 Speaker 5: and Apple refused to help. They said they could not help, 115 00:04:47,920 --> 00:04:50,120 Speaker 5: they didn't have the technology. They wanted their consumers to 116 00:04:50,120 --> 00:04:53,039 Speaker 5: know their phones were so secure. Your informational say they 117 00:04:53,080 --> 00:04:55,680 Speaker 5: couldn't help you. And then I recall somehow, some way, 118 00:04:55,720 --> 00:04:57,720 Speaker 5: the FBI was able to access those phones, and they 119 00:04:57,760 --> 00:04:59,240 Speaker 5: called the director back in the test fight in front 120 00:04:59,279 --> 00:05:01,960 Speaker 5: of Congress, and then Apple one was demanding to know 121 00:05:02,000 --> 00:05:04,560 Speaker 5: how we got into those phones, and the director had 122 00:05:04,600 --> 00:05:08,080 Speaker 5: some kolay funny comments about another private company had developed 123 00:05:08,080 --> 00:05:10,640 Speaker 5: the software and would not divulge a price, but it 124 00:05:10,680 --> 00:05:13,039 Speaker 5: was I believe he mentioned something along the lines with 125 00:05:13,040 --> 00:05:15,000 Speaker 5: ten times his salary, that a company had done that 126 00:05:15,040 --> 00:05:15,320 Speaker 5: for us. 127 00:05:15,400 --> 00:05:18,520 Speaker 2: But you just mentioned a private company developed that software 128 00:05:18,560 --> 00:05:21,040 Speaker 2: to break into the iPhone, and if a private company 129 00:05:21,040 --> 00:05:22,680 Speaker 2: can do it, then a criminal can do it. 130 00:05:23,279 --> 00:05:25,640 Speaker 5: And again, I'm no expert in technology, and I'm not 131 00:05:25,680 --> 00:05:28,400 Speaker 5: an expert in all things FBI. But to bring the 132 00:05:28,440 --> 00:05:31,560 Speaker 5: whole picture into focus, it was pretty widely accepted as 133 00:05:31,560 --> 00:05:33,679 Speaker 5: a foreign company as well that had developed that software. 134 00:05:33,760 --> 00:05:34,920 Speaker 3: Corey Grass is joining us. 135 00:05:34,920 --> 00:05:37,600 Speaker 2: He's a former FBI special agent, spent twenty years in 136 00:05:37,640 --> 00:05:41,799 Speaker 2: counterintelligence and counter terrorism. You had mentioned We've been talking 137 00:05:41,800 --> 00:05:44,720 Speaker 2: a lot about airports, a lot of people waiting in 138 00:05:44,760 --> 00:05:47,360 Speaker 2: long lines at airports, and there's something that you said 139 00:05:47,400 --> 00:05:49,839 Speaker 2: you will never do when you're at an airport, And I'm. 140 00:05:49,680 --> 00:05:51,880 Speaker 5: Not sure if I'm just paranoid and skeptical, but i'd 141 00:05:51,920 --> 00:05:54,400 Speaker 5: read previously. I heard stories that if you plug your 142 00:05:54,400 --> 00:05:57,080 Speaker 5: phone into a USB charger, which these days be different, 143 00:05:57,080 --> 00:05:59,280 Speaker 5: I guess a little different, that it could access your 144 00:05:59,360 --> 00:06:02,440 Speaker 5: information that as well. So I don't recall ever plugging 145 00:06:02,440 --> 00:06:04,680 Speaker 5: my phone into an unknown charging base that I don't 146 00:06:04,680 --> 00:06:06,760 Speaker 5: have control over or no who owns or has access to. 147 00:06:06,920 --> 00:06:08,640 Speaker 1: And see, that's something I wouldn't think of because when 148 00:06:08,680 --> 00:06:10,800 Speaker 1: we talked about this before, when we were off the 149 00:06:10,839 --> 00:06:13,520 Speaker 1: air I thought about the traditional credit card skimmers, and 150 00:06:13,560 --> 00:06:15,680 Speaker 1: you've heard those stories for a long time, either at 151 00:06:15,680 --> 00:06:18,400 Speaker 1: the ATM or at the gas station and the criminals 152 00:06:18,400 --> 00:06:20,279 Speaker 1: put some sort of device and it looks just like 153 00:06:20,360 --> 00:06:22,599 Speaker 1: it's the you know, the gas pump, but you put 154 00:06:22,600 --> 00:06:25,560 Speaker 1: your credit card in they're stealing your information. But now 155 00:06:26,680 --> 00:06:30,040 Speaker 1: that could potentially apply to just USB charging ports at 156 00:06:30,040 --> 00:06:32,359 Speaker 1: public location, So this is not only at the airport, 157 00:06:32,400 --> 00:06:35,039 Speaker 1: it's any place that you might go to charge your phone. 158 00:06:35,600 --> 00:06:38,240 Speaker 1: It could be very It could be something similar to 159 00:06:38,279 --> 00:06:40,240 Speaker 1: what we've seen with these credit card skimmers, where they 160 00:06:40,279 --> 00:06:42,320 Speaker 1: just install something in front of it or it looks 161 00:06:42,360 --> 00:06:45,920 Speaker 1: like an attachment, but to the average consumer, it wouldn't 162 00:06:45,960 --> 00:06:47,839 Speaker 1: raise alarm bells at all. And then you plug in 163 00:06:47,880 --> 00:06:50,320 Speaker 1: your USB phone, your USB port into your phone, and 164 00:06:50,320 --> 00:06:52,360 Speaker 1: all of a sudden, they've had access to your information. 165 00:06:52,720 --> 00:06:54,520 Speaker 5: It's a new way of doing business for criminals. It's 166 00:06:54,680 --> 00:06:57,479 Speaker 5: it's more subtle. Again, even in naked, I can sometimes 167 00:06:57,480 --> 00:06:59,240 Speaker 5: see those skimmers look weird on a gas pump. Something 168 00:06:59,279 --> 00:07:01,080 Speaker 5: will catch your attention falling off that don't look right, 169 00:07:01,160 --> 00:07:04,640 Speaker 5: something's abnormal. Technology use doesn't Isn't that that clear to 170 00:07:04,680 --> 00:07:07,280 Speaker 5: the plane eye to see? And it's on a whole 171 00:07:07,320 --> 00:07:09,120 Speaker 5: new level now they're way to get access. It used 172 00:07:09,160 --> 00:07:10,680 Speaker 5: to be you had to as a victim, You had 173 00:07:10,720 --> 00:07:12,880 Speaker 5: to take a proactive step to fall for their trick. 174 00:07:12,920 --> 00:07:16,160 Speaker 5: They was in a link, you know, some sort of 175 00:07:16,360 --> 00:07:17,400 Speaker 5: something that was proactive. 176 00:07:17,400 --> 00:07:18,840 Speaker 4: You had to do it. 177 00:07:18,960 --> 00:07:21,240 Speaker 5: Sure seems to be now that they can access your 178 00:07:21,240 --> 00:07:24,160 Speaker 5: information without you doing something to help them, they can 179 00:07:24,200 --> 00:07:26,880 Speaker 5: just do it themselves. The article we talked about yesterday 180 00:07:26,880 --> 00:07:29,440 Speaker 5: a love real fast. They seem to think of this 181 00:07:29,600 --> 00:07:33,520 Speaker 5: MSN article that these bad guys or other entities can 182 00:07:33,640 --> 00:07:35,600 Speaker 5: access your information while you clicking on a series of 183 00:07:35,640 --> 00:07:37,559 Speaker 5: web different websites they could direct you to and things. 184 00:07:37,720 --> 00:07:40,120 Speaker 5: So again it seems very normal a victim to just 185 00:07:40,200 --> 00:07:42,560 Speaker 5: click a different websites you're being led to, especially if 186 00:07:42,560 --> 00:07:44,760 Speaker 5: they entice you to go certain ways with certain topics, 187 00:07:45,080 --> 00:07:47,080 Speaker 5: and then once you do that combination, then they've got 188 00:07:47,080 --> 00:07:47,520 Speaker 5: your stuff. 189 00:07:47,800 --> 00:07:50,160 Speaker 2: How how does a tool like that that was once 190 00:07:50,320 --> 00:07:53,640 Speaker 2: used by state or intelligence services end up in the 191 00:07:53,680 --> 00:07:57,120 Speaker 2: hands of criminals? Is it internal leaks, is it black 192 00:07:57,160 --> 00:07:59,920 Speaker 2: market sales or is it just like reverse engineering? 193 00:08:01,080 --> 00:08:02,800 Speaker 5: Probably a little bit of everything. But the weakest link 194 00:08:02,840 --> 00:08:05,120 Speaker 5: is always going to be human beings. When I did investigation, 195 00:08:05,160 --> 00:08:08,120 Speaker 5: you always start with that who worked the company, who 196 00:08:08,200 --> 00:08:10,880 Speaker 5: left under bad terms, who suddenly had affluence that didn't 197 00:08:10,880 --> 00:08:13,240 Speaker 5: have it before. Again, espionage case, it's very similar to that. 198 00:08:13,800 --> 00:08:16,480 Speaker 5: So usually it's going to be the human being being 199 00:08:16,480 --> 00:08:18,440 Speaker 5: the weak link, either selling it or giving away out 200 00:08:18,480 --> 00:08:21,680 Speaker 5: of anger or spite or whatever, but also just accidentally 201 00:08:21,720 --> 00:08:23,840 Speaker 5: not knowing that they didn't protect it through their coding 202 00:08:23,920 --> 00:08:25,600 Speaker 5: or whatever it was. That's going to be the biggest 203 00:08:25,600 --> 00:08:26,440 Speaker 5: issue probably. 204 00:08:26,200 --> 00:08:27,640 Speaker 4: You know, I think that's really interesting what you talk 205 00:08:27,680 --> 00:08:28,400 Speaker 4: about about. 206 00:08:28,160 --> 00:08:30,560 Speaker 1: The human being being the week weakest link, because we 207 00:08:30,600 --> 00:08:33,440 Speaker 1: saw these stories where you know, big corporations spent billions 208 00:08:33,480 --> 00:08:36,760 Speaker 1: and billions of dollars building up this incredible IT infrastructure 209 00:08:36,840 --> 00:08:40,840 Speaker 1: and IT security associated with it. And now what is 210 00:08:41,360 --> 00:08:43,720 Speaker 1: becoming one of the most successful ways to break into 211 00:08:44,280 --> 00:08:47,400 Speaker 1: a company's IT structure is a phishing scam. Okay, great, 212 00:08:47,400 --> 00:08:50,000 Speaker 1: you've got all this wonderful IT security keeping all the 213 00:08:50,000 --> 00:08:50,720 Speaker 1: bad guys out. 214 00:08:50,840 --> 00:08:53,440 Speaker 4: But if I can just send an employee an email 215 00:08:53,679 --> 00:08:54,199 Speaker 4: that has a. 216 00:08:54,160 --> 00:08:56,480 Speaker 1: Link on it that they click on, then all of 217 00:08:56,520 --> 00:08:58,720 Speaker 1: a sudden, I've got the same access to that internal 218 00:08:58,760 --> 00:09:00,680 Speaker 1: IT system that employee you had. 219 00:09:01,200 --> 00:09:03,880 Speaker 5: And there's so many ways to gain your information and 220 00:09:03,880 --> 00:09:05,960 Speaker 5: the way you can secure it. I mean, as you 221 00:09:05,960 --> 00:09:07,360 Speaker 5: took me back to the FBI training this now, this 222 00:09:07,400 --> 00:09:09,120 Speaker 5: is some of the most basic online training we take 223 00:09:09,360 --> 00:09:12,040 Speaker 5: as reminders every year. Is wearing your name badge when 224 00:09:12,040 --> 00:09:13,839 Speaker 5: I work in the State House up here. I always 225 00:09:13,840 --> 00:09:16,400 Speaker 5: took my name badge when I left because it's not 226 00:09:16,440 --> 00:09:17,960 Speaker 5: important for people on the street to know who I am, 227 00:09:18,000 --> 00:09:20,040 Speaker 5: where I work my name. And again, same thing with 228 00:09:20,040 --> 00:09:22,560 Speaker 5: big corporation up at Indianapolis. You know, Lily, it comings 229 00:09:22,960 --> 00:09:26,199 Speaker 5: these people. We don't want foreign companies or foreign agencies 230 00:09:26,240 --> 00:09:28,280 Speaker 5: to know be able to target you based on where 231 00:09:28,320 --> 00:09:30,080 Speaker 5: you work. All it takes is again it's a very 232 00:09:30,120 --> 00:09:32,440 Speaker 5: simple scam. A lot of times they see you come out, 233 00:09:32,640 --> 00:09:34,800 Speaker 5: pick up your patterns, pick up if you're married or not, 234 00:09:34,800 --> 00:09:36,720 Speaker 5: do you have kids? Are you a drinker? Do you 235 00:09:36,760 --> 00:09:38,839 Speaker 5: live in downtown Indy? Do you live somewhere else? They 236 00:09:38,840 --> 00:09:40,520 Speaker 5: follow you, they pick up those patterns, and then they 237 00:09:40,559 --> 00:09:42,720 Speaker 5: find a way to social engineer it that they will 238 00:09:42,840 --> 00:09:44,240 Speaker 5: connect with you and get what they want. 239 00:09:44,960 --> 00:09:46,000 Speaker 3: How is it? 240 00:09:46,000 --> 00:09:50,280 Speaker 2: What's a realistic way that can you tell if can 241 00:09:50,320 --> 00:09:52,839 Speaker 2: you tell if your computer or your phone has been compromised? 242 00:09:52,880 --> 00:09:55,079 Speaker 3: Like, can you tell if somebody's spying on you? Is 243 00:09:55,080 --> 00:09:56,079 Speaker 3: there a way to pick that up? 244 00:09:56,200 --> 00:09:59,120 Speaker 5: I believe there's no. In my experience, I don't think there's. 245 00:09:58,960 --> 00:10:00,760 Speaker 3: Anything with without taking I'll be happening to you and 246 00:10:00,800 --> 00:10:01,400 Speaker 3: you don't even know. 247 00:10:01,480 --> 00:10:02,959 Speaker 5: I would get that occasionally when I was still in 248 00:10:02,960 --> 00:10:04,559 Speaker 5: the FBI, people would call me and say they think 249 00:10:04,559 --> 00:10:06,440 Speaker 5: their phones were tapped because they could hear the clicking 250 00:10:06,480 --> 00:10:06,920 Speaker 5: or hear whatever. 251 00:10:07,000 --> 00:10:07,760 Speaker 4: It doesn't work that way. 252 00:10:07,800 --> 00:10:09,360 Speaker 5: I would always tell them if even if your phone 253 00:10:09,440 --> 00:10:12,840 Speaker 5: was being listened to by an agency, there's no there's 254 00:10:12,880 --> 00:10:15,160 Speaker 5: no signs that gives off any of emissions or anything. 255 00:10:16,240 --> 00:10:18,240 Speaker 3: So there's no way to defend it like you don't know. 256 00:10:18,640 --> 00:10:20,240 Speaker 5: I mean, I think probably the first sign as you 257 00:10:20,280 --> 00:10:22,520 Speaker 5: realize either your credit or something is wrong, your just 258 00:10:22,520 --> 00:10:24,320 Speaker 5: thing is maybe your computer is slowing down more or 259 00:10:24,320 --> 00:10:26,600 Speaker 5: things like that, your cell phone's not working right. Possibly, 260 00:10:26,679 --> 00:10:28,920 Speaker 5: but again that happens so often anyway. Software updates and 261 00:10:28,960 --> 00:10:29,439 Speaker 5: things like that. 262 00:10:29,480 --> 00:10:32,000 Speaker 2: Well, and I have to imagine that like the spy 263 00:10:32,080 --> 00:10:35,480 Speaker 2: where on computers has gotten so much more advanced over 264 00:10:35,520 --> 00:10:35,920 Speaker 2: the years. 265 00:10:36,360 --> 00:10:37,640 Speaker 3: It's just gotten better and better. 266 00:10:37,720 --> 00:10:41,000 Speaker 5: Yeah, again, it's it's a race waray who can get 267 00:10:41,080 --> 00:10:43,640 Speaker 5: farther ahead. They developed something to get your information. Law 268 00:10:43,679 --> 00:10:46,080 Speaker 5: enforcement'll catch up to it eventually. Another country will develop 269 00:10:46,160 --> 00:10:48,200 Speaker 5: a program they want to target a certain thing. We 270 00:10:48,280 --> 00:10:50,120 Speaker 5: hear about or figure it out eventually and react to that. 271 00:10:50,160 --> 00:10:51,720 Speaker 5: It's always reacting. It's hard to get ahead of that. 272 00:10:52,280 --> 00:10:54,280 Speaker 1: We talked again off the air about a story that 273 00:10:54,320 --> 00:10:56,199 Speaker 1: I want you to tell again too, because I used 274 00:10:56,200 --> 00:10:57,480 Speaker 1: to do with my job. Used to go to a 275 00:10:57,520 --> 00:10:59,480 Speaker 1: lot of trade shows, used to fly all over the country, 276 00:10:59,600 --> 00:11:01,080 Speaker 1: go to life of trade shows. You meet a lot 277 00:11:01,120 --> 00:11:03,560 Speaker 1: of strangers that give you their business card. Talk to 278 00:11:03,600 --> 00:11:07,320 Speaker 1: me about trade shows and business cards and how there's weaknesses. 279 00:11:06,760 --> 00:11:10,280 Speaker 5: There they know Again, that they need you to click 280 00:11:10,320 --> 00:11:12,960 Speaker 5: on something or access their information to get what they 281 00:11:12,960 --> 00:11:16,200 Speaker 5: want out of yours. So QR codes on a business 282 00:11:16,200 --> 00:11:17,959 Speaker 5: card again, I work in real estate now I'm a 283 00:11:17,960 --> 00:11:21,280 Speaker 5: realtra full time. QR codes my open house flyers. There's 284 00:11:21,320 --> 00:11:23,560 Speaker 5: QR codes on your links on your website for people 285 00:11:23,559 --> 00:11:25,240 Speaker 5: to click on. There's QR cards in your business card. 286 00:11:25,360 --> 00:11:27,360 Speaker 5: I have a QR code on my phone. That's one's 287 00:11:27,400 --> 00:11:28,839 Speaker 5: my business card reales that I can show my phone, 288 00:11:28,880 --> 00:11:31,560 Speaker 5: they take a picture of them. Goes other thing. A 289 00:11:31,640 --> 00:11:35,840 Speaker 5: legitimate business or even a foreign agency conducting business under 290 00:11:35,880 --> 00:11:38,520 Speaker 5: the cover of darkness can use those same tricks to 291 00:11:38,520 --> 00:11:41,319 Speaker 5: get you to click on their site either no business name, 292 00:11:41,360 --> 00:11:43,960 Speaker 5: a confusing business name, or something a logo, and you 293 00:11:44,080 --> 00:11:46,080 Speaker 5: go back to your office wherever that might be, whether 294 00:11:46,080 --> 00:11:47,840 Speaker 5: it's the government or a private industry, and you click 295 00:11:47,840 --> 00:11:50,040 Speaker 5: on that QR code trying to go to their site 296 00:11:50,040 --> 00:11:51,720 Speaker 5: to see if they can help you with your technology 297 00:11:51,720 --> 00:11:54,440 Speaker 5: for your company, and then they infiltrate that with your 298 00:11:54,480 --> 00:11:55,920 Speaker 5: private stuff right to the company. 299 00:11:55,960 --> 00:11:57,400 Speaker 2: We only have a couple of minutes left here with 300 00:11:57,440 --> 00:12:01,760 Speaker 2: Corey Grass, former FBI special agent, couple last questions, how 301 00:12:01,840 --> 00:12:05,160 Speaker 2: big of a risk or a trend. Do these cyber 302 00:12:05,480 --> 00:12:09,920 Speaker 2: criminals posed to not only personal security but United States 303 00:12:10,080 --> 00:12:11,040 Speaker 2: national security? 304 00:12:11,679 --> 00:12:12,199 Speaker 4: It's huge. 305 00:12:12,200 --> 00:12:15,720 Speaker 5: I mean it's a constant barrage. I work counter intelligence 306 00:12:15,720 --> 00:12:18,480 Speaker 5: for many years and there's multiple countries that it is 307 00:12:18,679 --> 00:12:22,240 Speaker 5: constant their ability to try. They will try and steal anything. 308 00:12:22,280 --> 00:12:24,880 Speaker 5: And I would deal with universities and sometimes have different 309 00:12:24,920 --> 00:12:27,280 Speaker 5: backgrounds of political opinions on how it works. 310 00:12:27,320 --> 00:12:28,040 Speaker 4: I lived it one way. 311 00:12:28,040 --> 00:12:30,200 Speaker 5: They lived a different way with different perspectives, but it 312 00:12:30,280 --> 00:12:33,839 Speaker 5: is relentless in their pursuit of I mean, the FBI 313 00:12:33,840 --> 00:12:35,600 Speaker 5: and Indiana had a seed corn in case years ago 314 00:12:35,640 --> 00:12:37,680 Speaker 5: when I was here, and I forget that the value was. 315 00:12:37,720 --> 00:12:38,640 Speaker 4: It started with a b. 316 00:12:38,440 --> 00:12:41,719 Speaker 5: Billions or billion billion dollar loss a seed core coming in. 317 00:12:41,760 --> 00:12:44,240 Speaker 5: Any that developed a product that a Chinese national had 318 00:12:44,280 --> 00:12:46,720 Speaker 5: stolen is sent back to their country. And the implications 319 00:12:46,720 --> 00:12:48,920 Speaker 5: from that are insane because not only did this company 320 00:12:48,920 --> 00:12:50,800 Speaker 5: spend R and D money for years to develop this 321 00:12:50,840 --> 00:12:53,439 Speaker 5: product to help feed Americans, but also sell to other 322 00:12:53,480 --> 00:12:56,800 Speaker 5: countries when they stole that technology. Not only did we 323 00:12:56,880 --> 00:12:59,319 Speaker 5: not our farmers lost out on selling that product, list 324 00:12:59,400 --> 00:13:02,080 Speaker 5: all that research time and money, and then that country 325 00:13:02,080 --> 00:13:03,920 Speaker 5: can then sell the product to other people and steal 326 00:13:03,920 --> 00:13:04,360 Speaker 5: our profits. 327 00:13:04,360 --> 00:13:06,600 Speaker 3: That way, they took it back to seed corn. 328 00:13:06,640 --> 00:13:08,520 Speaker 5: People think seed corn is it's seed corn. Yeah, it's 329 00:13:08,559 --> 00:13:11,160 Speaker 5: seed corn, unless unless it build up another country's military 330 00:13:11,160 --> 00:13:14,160 Speaker 5: with that money, unless ithearts our tax base and our military. 331 00:13:14,559 --> 00:13:16,880 Speaker 5: It's far reaching, and that seedcorn is one little example. 332 00:13:17,000 --> 00:13:19,680 Speaker 5: It's everything. There's a lot of examples to an under 333 00:13:19,720 --> 00:13:23,400 Speaker 5: counterintelligence where they noticed a trend of like this certain 334 00:13:23,440 --> 00:13:25,160 Speaker 5: company buying up I'm going to make an example like 335 00:13:25,160 --> 00:13:27,920 Speaker 5: a rubber band factory. It sounds like rubber bands are, 336 00:13:28,400 --> 00:13:29,840 Speaker 5: but what they do is they buy up the entire 337 00:13:29,880 --> 00:13:31,640 Speaker 5: market and then jack the prices up on it and 338 00:13:31,679 --> 00:13:33,520 Speaker 5: then take take over everything they want, and that way 339 00:13:33,520 --> 00:13:35,400 Speaker 5: they shut down. That way they can elevate the whole 340 00:13:35,400 --> 00:13:37,160 Speaker 5: market to what they want and then shut it down. 341 00:13:37,160 --> 00:13:38,880 Speaker 5: They just have the one provider within that product. 342 00:13:39,040 --> 00:13:41,120 Speaker 3: I wanted to ask you before you go. 343 00:13:41,400 --> 00:13:45,319 Speaker 2: You served in the FBI during the time of Robert 344 00:13:45,400 --> 00:13:47,760 Speaker 2: Mueller and he had just passed away at the age 345 00:13:47,760 --> 00:13:53,960 Speaker 2: of eighty one, and the director changed while you were there, 346 00:13:54,040 --> 00:13:56,960 Speaker 2: So it was partly Mueller and partly Ray. 347 00:13:57,840 --> 00:14:00,640 Speaker 3: Did you notice a did you ever meet mule Reeler? 348 00:14:00,720 --> 00:14:02,280 Speaker 5: I did not. It was early in my career now, but. 349 00:14:02,280 --> 00:14:03,480 Speaker 3: You met Ray often. 350 00:14:03,559 --> 00:14:08,400 Speaker 2: Yeah, did you notice a difference in the administration or 351 00:14:08,440 --> 00:14:10,439 Speaker 2: the way things were run in the FBI under the 352 00:14:10,440 --> 00:14:11,319 Speaker 2: different leadership. 353 00:14:12,040 --> 00:14:14,160 Speaker 5: I was always a special agent, that was my goal 354 00:14:14,200 --> 00:14:15,960 Speaker 5: all along. I never put in to be promoted or 355 00:14:16,120 --> 00:14:18,760 Speaker 5: I did some specialty things. I was a host negotiator. 356 00:14:19,840 --> 00:14:22,360 Speaker 5: I was the Agent Association RED for Indiana for many 357 00:14:22,440 --> 00:14:24,320 Speaker 5: years and on the national board for several years at 358 00:14:24,320 --> 00:14:28,720 Speaker 5: the end. So you didn't really notice. As the street 359 00:14:28,760 --> 00:14:30,560 Speaker 5: level cop I call it. You know, when you get 360 00:14:30,560 --> 00:14:33,640 Speaker 5: a new chief, it doesn't affect morale maybe a little bit, 361 00:14:33,640 --> 00:14:35,960 Speaker 5: but it doesn't really check affect the day to day activities. 362 00:14:36,000 --> 00:14:37,920 Speaker 5: They'll they'll change the priorities and say we're going to 363 00:14:37,920 --> 00:14:40,080 Speaker 5: be more focus on whatever it is, counter terrors and 364 00:14:40,120 --> 00:14:42,120 Speaker 5: counter intelligence, go back to violent crime if there's a 365 00:14:42,120 --> 00:14:44,480 Speaker 5: surge in that. But typically once you get down to 366 00:14:44,520 --> 00:14:46,120 Speaker 5: the street level where people are working in the cases, 367 00:14:46,080 --> 00:14:47,760 Speaker 5: it doesn't affect your world all that much. 368 00:14:47,840 --> 00:14:48,920 Speaker 3: You just going in and doing this. 369 00:14:49,280 --> 00:14:51,280 Speaker 5: I do remember people talking to him, obviously the respect 370 00:14:51,280 --> 00:14:53,520 Speaker 5: that he people had for him based on his military 371 00:14:53,560 --> 00:14:56,480 Speaker 5: service prior, but also I got hired just after nine 372 00:14:56,480 --> 00:14:58,120 Speaker 5: to eleven. He got hired before I did, but he 373 00:14:58,160 --> 00:15:00,200 Speaker 5: took over to that weird transition time where pe we're 374 00:15:00,200 --> 00:15:02,000 Speaker 5: trying to split the FBI and half for an I 375 00:15:02,080 --> 00:15:04,120 Speaker 5: five I six type model, and he was able to 376 00:15:04,160 --> 00:15:07,800 Speaker 5: keep it together as one intelligence and criminal organization same time. 377 00:15:07,880 --> 00:15:10,320 Speaker 5: That was kind of that was my memory of what 378 00:15:10,360 --> 00:15:11,400 Speaker 5: he did during our time. 379 00:15:11,680 --> 00:15:13,680 Speaker 3: Well, we appreciate you coming in. You're going to be 380 00:15:13,680 --> 00:15:14,520 Speaker 3: here next week. 381 00:15:14,360 --> 00:15:15,040 Speaker 5: April fool Day. 382 00:15:15,040 --> 00:15:19,120 Speaker 2: Wouldn' miss it, Corey Grass, former FBI special agent. 383 00:15:19,160 --> 00:15:21,560 Speaker 3: We appreciate you and everything that you've done. Before we 384 00:15:21,640 --> 00:15:22,000 Speaker 3: let you go. 385 00:15:22,080 --> 00:15:23,960 Speaker 2: We have to tell everybody where they can find you 386 00:15:24,080 --> 00:15:25,200 Speaker 2: more information about you. 387 00:15:25,480 --> 00:15:27,360 Speaker 5: The easiest way to find is on Facebook. I'm just 388 00:15:27,440 --> 00:15:30,640 Speaker 5: Corey Grass. Co Ry Grass, like you moo or. I 389 00:15:30,640 --> 00:15:32,560 Speaker 5: do have a partnership with the company I work with 390 00:15:32,600 --> 00:15:34,400 Speaker 5: that does a consulting for active shooter and a lot 391 00:15:34,440 --> 00:15:37,680 Speaker 5: of security issues. It's APEX Defend dot. 392 00:15:37,440 --> 00:15:41,080 Speaker 2: Com, Apex Defend dot Com. Corey Grass, all right, thank you. 393 00:15:41,080 --> 00:15:43,200 Speaker 2: You're listening to ninety three WIBC