1 00:00:00,320 --> 00:00:02,880 Speaker 1: Brought to you by the reinvented two thousand twelve camera. 2 00:00:03,200 --> 00:00:09,040 Speaker 1: It's ready. Are you get in touch with technology? With 3 00:00:09,119 --> 00:00:17,960 Speaker 1: tech Stuff from how stuff works dot com. Hello there, everybody, 4 00:00:17,960 --> 00:00:20,840 Speaker 1: and welcome to tech stuff. My name is Chris Poulette, 5 00:00:20,840 --> 00:00:23,560 Speaker 1: and I'm an editor here at how stuff works dot com. 6 00:00:23,600 --> 00:00:26,920 Speaker 1: Sitting next to me, as usual, with a sunny disposition, 7 00:00:27,120 --> 00:00:32,400 Speaker 1: is senior writer Jonathan Strickland. Hey there, and today, unfortunately, 8 00:00:32,920 --> 00:00:35,360 Speaker 1: we have some serious things to talk about. Actually, we 9 00:00:35,400 --> 00:00:37,440 Speaker 1: have some pretty scary stuff to talk about. This this 10 00:00:37,560 --> 00:00:40,440 Speaker 1: I think is even scarier than our zombie computers and 11 00:00:40,520 --> 00:00:45,919 Speaker 1: Halloween shows combined. Really, yeah, I think so. Okay, so 12 00:00:45,920 --> 00:00:52,040 Speaker 1: we're gonna talk today about cyber war. Are It's not 13 00:00:52,200 --> 00:00:58,040 Speaker 1: pirate war, cyber war cyber war, so we're all we're 14 00:00:58,080 --> 00:01:01,600 Speaker 1: not talking about tron here um, nor are we talking 15 00:01:01,600 --> 00:01:05,039 Speaker 1: about war games, both of which are awesome movies, so 16 00:01:05,200 --> 00:01:08,080 Speaker 1: put them to the top of your Netflix que um. No, 17 00:01:08,240 --> 00:01:13,640 Speaker 1: we're talking about using computers to either spy upon, or 18 00:01:13,760 --> 00:01:20,560 Speaker 1: sabotage or otherwise inflict some sort of harm upon a nation. Um. 19 00:01:20,640 --> 00:01:24,520 Speaker 1: And this can be done by one of a dozen 20 00:01:24,560 --> 00:01:26,880 Speaker 1: different entities. That's the that's one of the scary things 21 00:01:26,880 --> 00:01:30,800 Speaker 1: about cyber war? Is that all? Right? So in classic warfare, 22 00:01:31,200 --> 00:01:33,639 Speaker 1: you know, usually you you would talk about two different 23 00:01:33,760 --> 00:01:37,920 Speaker 1: nations or perhaps two different factions within a nation fighting 24 00:01:37,920 --> 00:01:44,800 Speaker 1: one another. Pretty easy to identify who the parties involved are, right, normally, Yeah, 25 00:01:44,959 --> 00:01:47,520 Speaker 1: because guys shooting at you, right, and normally they have, 26 00:01:47,840 --> 00:01:50,400 Speaker 1: you know, uniforms of some kind on you know, not 27 00:01:50,480 --> 00:01:52,720 Speaker 1: to shoot your own guy. Yeah, yeah, there's some there's 28 00:01:52,760 --> 00:01:55,360 Speaker 1: some general little rules that make it easier to know 29 00:01:55,400 --> 00:01:58,280 Speaker 1: which guys are the ones you're supposed to be shooting. Um. 30 00:01:58,440 --> 00:02:01,240 Speaker 1: Cyber war is not quite that clean cut. But the 31 00:02:01,280 --> 00:02:03,880 Speaker 1: problem with cyber war is that the attacks can come 32 00:02:03,960 --> 00:02:07,680 Speaker 1: from anywhere. They can come from another country. They can 33 00:02:07,720 --> 00:02:11,040 Speaker 1: come from patriots within another country that are acting on 34 00:02:11,080 --> 00:02:15,800 Speaker 1: their own. That could come from essentially a mercenary, a 35 00:02:15,840 --> 00:02:19,320 Speaker 1: hacker that's hired to do this sort of thing. Um. 36 00:02:19,360 --> 00:02:21,640 Speaker 1: That could come from someone who's just trying to cause 37 00:02:21,720 --> 00:02:25,320 Speaker 1: mischief and they don't have any other motives. Uh. So 38 00:02:25,760 --> 00:02:27,960 Speaker 1: it's an attack that can come from another country, or 39 00:02:28,000 --> 00:02:30,520 Speaker 1: that they can come from within the country that is 40 00:02:30,600 --> 00:02:34,639 Speaker 1: being attacked. I mean, you know, you're talking about uh 41 00:02:34,639 --> 00:02:38,200 Speaker 1: sort of a cyber terrorism in a way. Yeah. And 42 00:02:38,240 --> 00:02:40,800 Speaker 1: as a matter of fact, hum, it could be somebody 43 00:02:41,000 --> 00:02:43,560 Speaker 1: sitting in his jammie, is in his living room in 44 00:02:43,639 --> 00:02:46,120 Speaker 1: the computer. You know, it doesn't need to be somebody out, 45 00:02:46,639 --> 00:02:49,440 Speaker 1: you know, skulking around the streets or you know, somewhere 46 00:02:49,440 --> 00:02:52,240 Speaker 1: in a foxhole. Heck, it could be someone parked in 47 00:02:52,280 --> 00:02:55,919 Speaker 1: your driveway hacking into your WiFi. Good point. I mean, 48 00:02:56,080 --> 00:02:58,400 Speaker 1: it's that's why we're talking about how scary this is. 49 00:02:58,440 --> 00:03:02,000 Speaker 1: It's um and and on another level, it's also scary 50 00:03:02,040 --> 00:03:06,280 Speaker 1: because it takes so little, relatively speaking to uh, to 51 00:03:06,600 --> 00:03:10,239 Speaker 1: perform an effective cyber attack. Now, when you're talking about 52 00:03:10,320 --> 00:03:13,680 Speaker 1: a traditional attack on from one nation on to another, 53 00:03:13,680 --> 00:03:18,400 Speaker 1: you're talking about billions of dollars worth of of equipment, 54 00:03:18,760 --> 00:03:22,760 Speaker 1: of of personnel. Uh, you know, the things that have 55 00:03:22,960 --> 00:03:26,119 Speaker 1: to go behind a war machine. I mean, we're that's 56 00:03:26,160 --> 00:03:29,000 Speaker 1: a huge investment. When you're talking about cyber attacks, you're 57 00:03:29,000 --> 00:03:33,680 Speaker 1: talking about a computer and a computer connection. And you know, 58 00:03:33,760 --> 00:03:35,560 Speaker 1: you might have a couple of other little bells and 59 00:03:35,560 --> 00:03:37,640 Speaker 1: whistles to help you along, but you really you don't 60 00:03:37,640 --> 00:03:40,040 Speaker 1: necessarily need it if you know what you're doing and 61 00:03:40,080 --> 00:03:43,640 Speaker 1: you have the right software. So it's one of those things. 62 00:03:43,640 --> 00:03:48,120 Speaker 1: Wherefore a very low small entrance fee, I guess you 63 00:03:48,160 --> 00:03:51,440 Speaker 1: could say you could have a huge, huge impact. As 64 00:03:51,440 --> 00:03:54,640 Speaker 1: a matter of fact, your computer could be used to 65 00:03:54,720 --> 00:03:58,040 Speaker 1: carry out a cyber attack. Yes, if you've if you've 66 00:03:58,120 --> 00:04:00,880 Speaker 1: installed some kind of malware like a virus or a 67 00:04:00,960 --> 00:04:04,080 Speaker 1: worm that UH can turn your machine into a zombie. 68 00:04:04,400 --> 00:04:08,520 Speaker 1: Someone else can direct your computer to UH to send 69 00:04:08,600 --> 00:04:12,760 Speaker 1: email and a denial of service attack which basically floods 70 00:04:12,880 --> 00:04:18,160 Speaker 1: UM floods computers with spam and other and other requests 71 00:04:18,240 --> 00:04:21,200 Speaker 1: if you will for information. The thing is that doesn't 72 00:04:21,240 --> 00:04:24,880 Speaker 1: require any cost on the part of on the part 73 00:04:24,880 --> 00:04:27,000 Speaker 1: of the attack at all, because all the machines are 74 00:04:27,080 --> 00:04:30,120 Speaker 1: essentially donated, you know, from somebody else, right and the 75 00:04:30,400 --> 00:04:34,719 Speaker 1: And to make matters worse, UH, when when anyone in 76 00:04:34,760 --> 00:04:37,880 Speaker 1: authority tries to trace the source of the attack, they 77 00:04:37,960 --> 00:04:40,919 Speaker 1: might come to your computer and never find the person 78 00:04:41,000 --> 00:04:44,480 Speaker 1: who actually infected your computer in the first place. So 79 00:04:44,520 --> 00:04:47,840 Speaker 1: then you become the person of interest, the person who's 80 00:04:47,920 --> 00:04:51,440 Speaker 1: under suspicion for committing an attack, and the whole time 81 00:04:51,480 --> 00:04:55,320 Speaker 1: you were completely unaware. UM. Actually, that's another big, big 82 00:04:55,360 --> 00:04:59,520 Speaker 1: issue with the cyber warfare problem. Even when you can 83 00:04:59,560 --> 00:05:02,279 Speaker 1: detect an attack and trace it back, you can never 84 00:05:02,360 --> 00:05:06,240 Speaker 1: be a sure that the last place you you trace 85 00:05:06,320 --> 00:05:09,680 Speaker 1: it back to is in fact the original spot of 86 00:05:09,720 --> 00:05:13,360 Speaker 1: the attack, because there are these you know, there's there 87 00:05:13,360 --> 00:05:16,280 Speaker 1: are things like proxy sites, there are these zombie computers 88 00:05:16,680 --> 00:05:20,040 Speaker 1: where there's always the possibility that there's one more link 89 00:05:20,080 --> 00:05:23,080 Speaker 1: you haven't found yet that will take you back even further. 90 00:05:23,720 --> 00:05:26,600 Speaker 1: So that's uh, you know, if you if you uh, 91 00:05:26,760 --> 00:05:28,760 Speaker 1: if you were to detect, say an attack, and you say, well, 92 00:05:28,800 --> 00:05:30,919 Speaker 1: we've traced it back to China, you can never be 93 00:05:31,000 --> 00:05:34,880 Speaker 1: sure that that the Chinese government was behind it. It 94 00:05:34,920 --> 00:05:37,720 Speaker 1: could have been patriots in China who had the same 95 00:05:37,760 --> 00:05:39,720 Speaker 1: sort of goals as the government of China, but we're 96 00:05:39,720 --> 00:05:41,840 Speaker 1: acting on their own. Or it could have even been 97 00:05:41,880 --> 00:05:45,040 Speaker 1: a people in a totally different country that just managed 98 00:05:45,080 --> 00:05:48,280 Speaker 1: to use proxy sites in China to fool you into 99 00:05:48,320 --> 00:05:54,080 Speaker 1: thinking that's where the attack came from. So it's really insidious, um, 100 00:05:54,120 --> 00:05:57,040 Speaker 1: And you might wonder, well, how how vulnerable are we 101 00:05:57,440 --> 00:05:59,720 Speaker 1: to these sort of attacks? And I guess it really 102 00:05:59,760 --> 00:06:02,520 Speaker 1: depends on which system you're talking about, because you know, 103 00:06:02,880 --> 00:06:06,600 Speaker 1: the Internet is a network of networks, right right, So 104 00:06:06,680 --> 00:06:10,839 Speaker 1: any given network or any given computer could be the 105 00:06:10,920 --> 00:06:15,000 Speaker 1: weak spot, you know, and and there are just tons 106 00:06:15,080 --> 00:06:17,480 Speaker 1: of computers as part of the Internet. You know, every 107 00:06:17,480 --> 00:06:21,440 Speaker 1: time you were computer is hooked up for Internet access, 108 00:06:21,480 --> 00:06:24,960 Speaker 1: you become part of this giant cloud. Um So. And 109 00:06:25,000 --> 00:06:29,239 Speaker 1: then the really sophisticated crackers, those are the really nasty hackers. 110 00:06:29,279 --> 00:06:32,360 Speaker 1: Those are the ones who can find ways to manipulate 111 00:06:32,400 --> 00:06:35,479 Speaker 1: a network in ways that you know, most people don't 112 00:06:35,520 --> 00:06:38,280 Speaker 1: think of, right And and to give you an idea 113 00:06:38,480 --> 00:06:43,640 Speaker 1: of how vulnerable certain systems can be. Back in seven, 114 00:06:44,200 --> 00:06:48,480 Speaker 1: there was a secret experiment the Department of Defense commissioned 115 00:06:48,480 --> 00:06:51,680 Speaker 1: and it was called Eligible Receiver. I remember that. Yeah, 116 00:06:51,680 --> 00:06:54,640 Speaker 1: this isn't This was a kind of an eye opener 117 00:06:55,000 --> 00:06:57,640 Speaker 1: um Now, a lot of Eligible Receiver. A lot of 118 00:06:57,680 --> 00:07:00,760 Speaker 1: that mission remains classified, so we don't know all the details. 119 00:07:00,800 --> 00:07:04,039 Speaker 1: But what we do know is that part of the 120 00:07:04,040 --> 00:07:09,119 Speaker 1: the experiment involved getting a group of hackers together, giving 121 00:07:09,120 --> 00:07:13,920 Speaker 1: them some very basic computing hardware and software, and telling 122 00:07:13,960 --> 00:07:17,480 Speaker 1: them to try and break their way into the Pentagon's 123 00:07:17,600 --> 00:07:22,160 Speaker 1: computer system. And it took them three days using basic 124 00:07:22,360 --> 00:07:28,320 Speaker 1: computers and basic software. Uh, three days. Just for regular hackers, 125 00:07:28,520 --> 00:07:31,400 Speaker 1: these aren't necessarily the people who are who have a 126 00:07:31,640 --> 00:07:34,320 Speaker 1: you know, an actual motive to break into the Pentagon, 127 00:07:34,400 --> 00:07:36,840 Speaker 1: and the fact that they're part of an experiment. Right, 128 00:07:36,880 --> 00:07:38,720 Speaker 1: it's not like they have a government breathing down their 129 00:07:38,720 --> 00:07:42,560 Speaker 1: next saying we need access to this information. Uh. So 130 00:07:43,840 --> 00:07:47,280 Speaker 1: that's that's pretty sobering to think that within three days 131 00:07:47,960 --> 00:07:51,520 Speaker 1: one of the nation's most important computing systems was compromised, 132 00:07:52,560 --> 00:07:56,320 Speaker 1: even though it was an inside job and an experiment. Right. Well, 133 00:07:56,400 --> 00:08:00,560 Speaker 1: they there have been attempts to shore that up since then, 134 00:08:00,600 --> 00:08:05,880 Speaker 1: and in fact, they conduct regular exercises in order to 135 00:08:05,880 --> 00:08:08,120 Speaker 1: do that. In fact, there was one not that long ago. 136 00:08:08,960 --> 00:08:13,480 Speaker 1: Every year they there are students from Army, Navy, Air Force, 137 00:08:13,520 --> 00:08:15,600 Speaker 1: and the Coast Guarden Merchant Marine, as well as the 138 00:08:15,680 --> 00:08:19,720 Speaker 1: Naval Postgraduate Academy and the Air Force Institute of Technology. 139 00:08:19,880 --> 00:08:24,080 Speaker 1: And uh, basically it's it's uh undergrads were given the 140 00:08:24,080 --> 00:08:28,240 Speaker 1: opportunity to defend themselves from an attack by the n 141 00:08:28,360 --> 00:08:34,199 Speaker 1: s a UM and uh every year they undergo this experiment. 142 00:08:34,400 --> 00:08:37,320 Speaker 1: And uh, the West Point held out the longest and 143 00:08:37,360 --> 00:08:40,480 Speaker 1: they the Army got to defend their title. But they 144 00:08:40,960 --> 00:08:46,319 Speaker 1: were using Lenox computers. But this is apparently a normal thing. Um. 145 00:08:46,400 --> 00:08:49,640 Speaker 1: The Defense Department is only graduating eighties students a year 146 00:08:49,960 --> 00:08:52,640 Speaker 1: from schools of cyber war in the United States. According 147 00:08:52,640 --> 00:08:55,080 Speaker 1: to the New York Times article that I read about it, 148 00:08:55,559 --> 00:08:58,920 Speaker 1: um and if you're wondering, this is the fifty seven 149 00:08:59,080 --> 00:09:03,000 Speaker 1: Information aggress Or Squadron. They're based in Nellis Air Force Base, 150 00:09:03,960 --> 00:09:06,480 Speaker 1: and they are they they are, they are. They make 151 00:09:06,520 --> 00:09:09,959 Speaker 1: a point of doing this test every year, and um, 152 00:09:10,960 --> 00:09:13,760 Speaker 1: you know they it's one of those things where they 153 00:09:13,760 --> 00:09:18,600 Speaker 1: are making a conscious effort to attack and defend uh 154 00:09:18,760 --> 00:09:21,960 Speaker 1: computer networks. And apparently the uh you know, the nerds 155 00:09:21,960 --> 00:09:25,880 Speaker 1: are nerds everywhere, even at West Point um according to 156 00:09:26,040 --> 00:09:28,800 Speaker 1: the way, according to the way the article was written, 157 00:09:28,800 --> 00:09:31,079 Speaker 1: they get a little ribbing for being the geeks of 158 00:09:31,120 --> 00:09:34,960 Speaker 1: the group. But even the you know, the the future 159 00:09:35,120 --> 00:09:38,679 Speaker 1: officers that graduate from their know the importance of the 160 00:09:39,240 --> 00:09:41,640 Speaker 1: computer network because that's one of the very first things 161 00:09:41,640 --> 00:09:44,320 Speaker 1: they do. They're about to deploy these guys to Afghanistan, 162 00:09:44,360 --> 00:09:45,520 Speaker 1: as a matter of fact, and the first thing they're 163 00:09:45,520 --> 00:09:48,200 Speaker 1: gonna do is set up a secure internet connection, and 164 00:09:48,240 --> 00:09:51,720 Speaker 1: they have to be ready to defend themselves against denial 165 00:09:52,480 --> 00:09:56,959 Speaker 1: denial of service attacks and uh another attacks. So I mean, 166 00:09:57,000 --> 00:09:59,559 Speaker 1: they're they're coming right out of the service academies with 167 00:10:00,160 --> 00:10:05,319 Speaker 1: knowledge of how to attack and to protect UM computer 168 00:10:05,360 --> 00:10:09,240 Speaker 1: networks military computer networks. Sure. UM. Usually we call those 169 00:10:09,280 --> 00:10:14,280 Speaker 1: sort of exercises red team attacks UM, where a group 170 00:10:14,520 --> 00:10:19,080 Speaker 1: is is designated to play the part of an UM 171 00:10:19,120 --> 00:10:22,640 Speaker 1: adversary and that's the red team. And the Red team's 172 00:10:22,720 --> 00:10:26,600 Speaker 1: job is to is to achieve their goals by whatever 173 00:10:26,720 --> 00:10:29,440 Speaker 1: means necessary. So in other words, you know, you're not 174 00:10:29,480 --> 00:10:32,600 Speaker 1: supposed to necessarily follow a certain protocol or rules. You're 175 00:10:32,600 --> 00:10:35,160 Speaker 1: supposed to be inventive and creative and try and find 176 00:10:35,200 --> 00:10:39,439 Speaker 1: new ways to to really compromise or defeat the other 177 00:10:39,640 --> 00:10:42,719 Speaker 1: team and UM, because that's exactly what the enemy is 178 00:10:42,760 --> 00:10:44,320 Speaker 1: going to do. You know, the enemy is not going 179 00:10:44,400 --> 00:10:47,920 Speaker 1: to play by rules necessarily, especially if you're talking about 180 00:10:48,040 --> 00:10:49,760 Speaker 1: enemies that you can't predict. I mean, they may not 181 00:10:49,840 --> 00:10:54,600 Speaker 1: even be directly involved with any other government or or 182 00:10:54,640 --> 00:11:00,000 Speaker 1: official agency. So UM. And and you know, we government 183 00:11:00,720 --> 00:11:04,280 Speaker 1: websites and our government web servers and and systems aren't 184 00:11:04,280 --> 00:11:07,240 Speaker 1: the only targets. One of the big targets in the 185 00:11:07,320 --> 00:11:09,319 Speaker 1: United States, and it's been in the news quite a 186 00:11:09,400 --> 00:11:12,080 Speaker 1: bit over the spring of two thousand nine is the 187 00:11:12,080 --> 00:11:15,320 Speaker 1: electric grid and UH part of the problem with that 188 00:11:15,400 --> 00:11:18,040 Speaker 1: is that systems like the electric grid and and some 189 00:11:18,120 --> 00:11:22,880 Speaker 1: water and fuel systems are using UM using the software 190 00:11:22,960 --> 00:11:26,640 Speaker 1: that that directly ties into hardware, and if you just 191 00:11:26,760 --> 00:11:31,240 Speaker 1: change a few settings, you can cause catastrophic damage to 192 00:11:31,360 --> 00:11:34,760 Speaker 1: the the equipment. UM. There was a video that was 193 00:11:34,800 --> 00:11:39,160 Speaker 1: on CNN for a while where some uh, some electric 194 00:11:39,800 --> 00:11:43,120 Speaker 1: utility experts showed that with just a couple of tweaks, 195 00:11:43,480 --> 00:11:47,760 Speaker 1: you could completely destroy a generator by changing some settings 196 00:11:47,800 --> 00:11:51,199 Speaker 1: through the computer system, and they essentially turned a generator 197 00:11:51,240 --> 00:11:54,760 Speaker 1: into a pile of scrap metal. UM. Yeah, it was 198 00:11:54,880 --> 00:11:58,120 Speaker 1: very sobering to me to see that, because not that 199 00:11:58,200 --> 00:12:02,040 Speaker 1: long ago the news broke out that the United States 200 00:12:02,080 --> 00:12:05,400 Speaker 1: Electric red certain parts of it. Anyway, UH has been 201 00:12:05,480 --> 00:12:10,320 Speaker 1: under attack by some cyber spies over the last several years, 202 00:12:10,720 --> 00:12:12,679 Speaker 1: and I don't really know who it is, right right right. 203 00:12:12,720 --> 00:12:16,600 Speaker 1: They've traced them back mostly to China and Russia. But again, um, 204 00:12:16,679 --> 00:12:18,960 Speaker 1: both China and Russia deny that they had anything to 205 00:12:18,960 --> 00:12:21,920 Speaker 1: do with it. But I mean, of course, the thing 206 00:12:22,000 --> 00:12:25,800 Speaker 1: is it, you know, those countries are are gradually becoming 207 00:12:25,880 --> 00:12:30,160 Speaker 1: more and more uh, computer centric, and it you know, 208 00:12:30,240 --> 00:12:32,720 Speaker 1: it could be anybody, It could be you know, it 209 00:12:32,760 --> 00:12:36,200 Speaker 1: could it could be that they are directly involved um 210 00:12:36,320 --> 00:12:39,679 Speaker 1: or it could be that it's groups of of individuals 211 00:12:39,720 --> 00:12:41,920 Speaker 1: within those countries, or like we said, it could even 212 00:12:41,960 --> 00:12:44,760 Speaker 1: be that the attacks are ultimately originating somewhere else, but 213 00:12:44,800 --> 00:12:46,800 Speaker 1: we're only able to trace them back as far as 214 00:12:46,840 --> 00:12:49,920 Speaker 1: Russia and China. So that's that's the other issue with 215 00:12:50,320 --> 00:12:53,440 Speaker 1: the Internet is that it is a global entity, and 216 00:12:53,520 --> 00:12:57,840 Speaker 1: so law enforcement officials only have so much authority to 217 00:12:58,280 --> 00:13:02,200 Speaker 1: pursue cyber attacks. You know, they can cross over borders 218 00:13:02,679 --> 00:13:06,080 Speaker 1: easily on the Internet, but law enforcement can't. They don't 219 00:13:06,120 --> 00:13:09,760 Speaker 1: necessarily have the authority to pursue an investigation beyond the 220 00:13:09,800 --> 00:13:12,880 Speaker 1: borders of you know, whatever their jurisdiction is. So that 221 00:13:12,960 --> 00:13:16,280 Speaker 1: also makes life much more complicated when you're talking about 222 00:13:16,600 --> 00:13:21,560 Speaker 1: fending off cyber warfare attacks. Yeah, you know, uh, it 223 00:13:21,600 --> 00:13:26,000 Speaker 1: wasn't even that long ago that some countries were complaining 224 00:13:26,360 --> 00:13:31,960 Speaker 1: of real cyber attacks launched on their inner infrastructure, like 225 00:13:32,080 --> 00:13:35,640 Speaker 1: Estonia not too long ago, and uh they were blaming 226 00:13:35,679 --> 00:13:37,800 Speaker 1: the Russians for that attack. But that was back in 227 00:13:37,800 --> 00:13:42,280 Speaker 1: in two thousand seven, all those years ago. Yeah, all 228 00:13:42,320 --> 00:13:45,600 Speaker 1: those both years ago. Yeah, well, you know they say 229 00:13:45,600 --> 00:13:48,400 Speaker 1: that Internet time is sort of like dog years. It's 230 00:13:48,440 --> 00:13:51,880 Speaker 1: about that would make it about fourteen years ago in internet, 231 00:13:52,160 --> 00:13:54,480 Speaker 1: so I guess so, um yeah. And then of course 232 00:13:54,520 --> 00:13:58,120 Speaker 1: there's the example of the Dalai Lama's office that the 233 00:13:58,160 --> 00:14:02,720 Speaker 1: Tibetan office that was UH. They knew they were being watched. 234 00:14:03,720 --> 00:14:08,280 Speaker 1: They were absolutely certain that their systems had been compromised UM, 235 00:14:08,360 --> 00:14:12,840 Speaker 1: and they hired a Canadian firm to investigate. In the 236 00:14:12,840 --> 00:14:17,599 Speaker 1: Canadian firm found that indeed, there there were programs installed 237 00:14:17,720 --> 00:14:21,960 Speaker 1: upon the Dali lamas Uh computer systems, and that it 238 00:14:22,040 --> 00:14:26,160 Speaker 1: appeared to be coming from an offshore island off the 239 00:14:26,200 --> 00:14:32,800 Speaker 1: coast of a China. And the software even included UM 240 00:14:32,880 --> 00:14:35,640 Speaker 1: controls that would allow people on the other end to 241 00:14:35,760 --> 00:14:39,480 Speaker 1: activate audio and video software UM and hardware so that 242 00:14:39,520 --> 00:14:41,600 Speaker 1: they could turn on if the computer had a webcam 243 00:14:41,720 --> 00:14:43,760 Speaker 1: or a microphone, they could turn it on and turn 244 00:14:43,800 --> 00:14:47,080 Speaker 1: it into a remote listening station, so they could actually 245 00:14:47,120 --> 00:14:52,720 Speaker 1: spy on the goings on of these offices remotely. UM. So, 246 00:14:52,840 --> 00:14:55,440 Speaker 1: I mean, this is a very real problem worldwide. It's 247 00:14:55,520 --> 00:14:58,360 Speaker 1: not just something that we have to worry about in 248 00:14:58,400 --> 00:15:01,800 Speaker 1: the United States or or you know, any other specific nation. 249 00:15:01,880 --> 00:15:05,160 Speaker 1: It's it's pretty much if if you have computers, there's 250 00:15:05,160 --> 00:15:08,600 Speaker 1: a good chance there's another party somewhere that's really interested 251 00:15:08,640 --> 00:15:10,320 Speaker 1: in finding out what you know and what you don't 252 00:15:10,320 --> 00:15:14,400 Speaker 1: know and what you're up to. Yea, And um there's 253 00:15:14,480 --> 00:15:17,400 Speaker 1: there's even another component to it that I know we 254 00:15:17,400 --> 00:15:20,760 Speaker 1: were gonna stick, uh mainly to talking about how you 255 00:15:20,760 --> 00:15:25,680 Speaker 1: could use computers to launch computer attacks. But um, another 256 00:15:25,880 --> 00:15:29,040 Speaker 1: facet of this that I think is interesting was sort 257 00:15:29,080 --> 00:15:31,120 Speaker 1: of relates to a blog post I wrote in early 258 00:15:31,160 --> 00:15:34,960 Speaker 1: April UM on the tech Stuff blog that that talked 259 00:15:35,000 --> 00:15:40,240 Speaker 1: about the Moldovan pro democracy protesters and they weren't launching 260 00:15:40,480 --> 00:15:44,280 Speaker 1: computer attacks, but what they were doing was using uh 261 00:15:44,720 --> 00:15:49,080 Speaker 1: social networking sites like Twitter and Facebook to coordinate their 262 00:15:49,080 --> 00:15:51,880 Speaker 1: efforts sort of like flash mobs. They could go ahead 263 00:15:51,880 --> 00:15:57,560 Speaker 1: and use computer networks like those and uh text messaging 264 00:15:58,000 --> 00:16:00,960 Speaker 1: to discuss where and when they were going to organize 265 00:16:01,040 --> 00:16:05,880 Speaker 1: and meet and hold a demonstration. So that's um, I mean, 266 00:16:05,920 --> 00:16:09,760 Speaker 1: that's you know, relying on the network staying up and 267 00:16:09,840 --> 00:16:12,480 Speaker 1: rather than taking them down. But UM, I just it's 268 00:16:12,480 --> 00:16:14,640 Speaker 1: just kind of funny because you know, you don't think 269 00:16:14,640 --> 00:16:16,640 Speaker 1: of you think of Facebook and Twitter or something we 270 00:16:16,760 --> 00:16:19,000 Speaker 1: use for fun or to to keep up with people 271 00:16:19,080 --> 00:16:22,560 Speaker 1: and just another way that you can use them to Actually, 272 00:16:23,040 --> 00:16:25,000 Speaker 1: I mean those could those could just as well have 273 00:16:25,160 --> 00:16:29,400 Speaker 1: been used to hold a violent, you know attack on someone. Say, 274 00:16:29,440 --> 00:16:31,840 Speaker 1: you know, meet at this corner at one forty in 275 00:16:31,840 --> 00:16:36,640 Speaker 1: the afternoon. Uh, you know, and have everybody show up 276 00:16:36,680 --> 00:16:39,600 Speaker 1: and start fighting. Well, if the law enforcement is unaware 277 00:16:39,640 --> 00:16:41,920 Speaker 1: of it or the military forces are unaware of it, 278 00:16:42,480 --> 00:16:44,480 Speaker 1: you know, that could be a devastating attack, and it 279 00:16:44,480 --> 00:16:48,040 Speaker 1: could be used by virtually anybody. Sure, and uh, you know, 280 00:16:48,080 --> 00:16:51,560 Speaker 1: the dangers of these attacks go beyond just damaging a 281 00:16:51,640 --> 00:16:54,720 Speaker 1: network or shutting down a system. UM. One of the 282 00:16:54,800 --> 00:16:59,200 Speaker 1: big fears that that a lot of security folks have 283 00:16:59,360 --> 00:17:01,800 Speaker 1: is that what if you were to coordinate a physical 284 00:17:01,840 --> 00:17:04,840 Speaker 1: attack with a cyber attack. So what if you were 285 00:17:04,880 --> 00:17:08,480 Speaker 1: to target a major city and first you bring down 286 00:17:08,520 --> 00:17:11,960 Speaker 1: the city's power grid through a cyber attack, and then 287 00:17:12,000 --> 00:17:15,440 Speaker 1: you couple that with an actual physical attack link bombs 288 00:17:15,600 --> 00:17:20,359 Speaker 1: or or whatever, and that UM together, that would cause 289 00:17:20,440 --> 00:17:23,720 Speaker 1: a real panic because suddenly you have an entire population 290 00:17:23,760 --> 00:17:28,119 Speaker 1: that that doesn't have access to UM information the way 291 00:17:28,160 --> 00:17:31,880 Speaker 1: they normally would, and yet there is obviously chaos going on. 292 00:17:32,200 --> 00:17:36,840 Speaker 1: And uh that that really is the true definition of terrorism. There, 293 00:17:37,000 --> 00:17:41,080 Speaker 1: you're you're inspiring terror in the victim. UM. Now would 294 00:17:41,080 --> 00:17:44,159 Speaker 1: this be nationwide? Probably not. For one thing, the electric 295 00:17:44,200 --> 00:17:46,560 Speaker 1: grid is really much a pretty much a regional kind 296 00:17:46,560 --> 00:17:50,640 Speaker 1: of thing. UM. But it's something that every region could 297 00:17:50,840 --> 00:17:58,120 Speaker 1: theoretically be vulnerable to without the right security measures in place. Um. I. Now, 298 00:17:58,240 --> 00:18:00,399 Speaker 1: that sort of attack obviously would have to come from 299 00:18:00,440 --> 00:18:03,480 Speaker 1: a much more organized group. UM. It would have to 300 00:18:03,520 --> 00:18:07,159 Speaker 1: come from a country or organization that had a strong 301 00:18:07,280 --> 00:18:10,840 Speaker 1: financial backing to be able to fund the physical side 302 00:18:10,840 --> 00:18:14,560 Speaker 1: of the attack. UM. So that that narrows down the 303 00:18:14,600 --> 00:18:17,840 Speaker 1: list of possible suspects who could do that. But it's 304 00:18:17,880 --> 00:18:20,159 Speaker 1: still within the realm of possibility. And it's one of 305 00:18:20,200 --> 00:18:23,000 Speaker 1: those things that you know, keep security people up at night. 306 00:18:23,240 --> 00:18:28,800 Speaker 1: Sure sure UM. And you know, I'm really not certain 307 00:18:29,520 --> 00:18:31,399 Speaker 1: what we're going to be able to do short of 308 00:18:31,440 --> 00:18:35,520 Speaker 1: pulling all the plugs um to make it an impost 309 00:18:35,800 --> 00:18:38,600 Speaker 1: complete and utter impossibility that they could carry out those 310 00:18:38,680 --> 00:18:41,800 Speaker 1: kinds of attacks, because UM, it's just going to require 311 00:18:41,840 --> 00:18:45,960 Speaker 1: constant monitoring and searching for vulnerabilities. That's why the the 312 00:18:46,040 --> 00:18:51,280 Speaker 1: efforts of those who are participating in those um those 313 00:18:51,359 --> 00:18:56,400 Speaker 1: computer security uh war games. If you will. Um, they're 314 00:18:56,400 --> 00:18:58,879 Speaker 1: they're so important because they're searching, they're actively searching for 315 00:18:58,920 --> 00:19:01,119 Speaker 1: those vulnerabilities in the system and try, you know, to 316 00:19:01,119 --> 00:19:02,959 Speaker 1: try to find ways to patch them up before they 317 00:19:03,000 --> 00:19:06,480 Speaker 1: can be hacked into. But um, you know, I think 318 00:19:06,600 --> 00:19:10,320 Speaker 1: that any time that you update those systems, you're going 319 00:19:10,359 --> 00:19:13,800 Speaker 1: to open up new vulnerabilities and new problems. And you know, 320 00:19:13,920 --> 00:19:16,480 Speaker 1: it's just one of those things where the people who 321 00:19:16,560 --> 00:19:18,640 Speaker 1: whose job it is to pay attention to it are 322 00:19:18,680 --> 00:19:21,879 Speaker 1: just going to have to stay constantly vigilant to prevent 323 00:19:21,960 --> 00:19:24,360 Speaker 1: something like that from happening. And it is even more 324 00:19:24,400 --> 00:19:27,080 Speaker 1: complicated when you think that, you know, not every system 325 00:19:27,200 --> 00:19:30,840 Speaker 1: runs on the same software or operating system or whatever, 326 00:19:31,359 --> 00:19:34,440 Speaker 1: so some of them are proprietary and uh and and 327 00:19:34,480 --> 00:19:36,640 Speaker 1: so you might find something that works as a great 328 00:19:36,680 --> 00:19:39,479 Speaker 1: security measure for one system, but it's not at all 329 00:19:39,520 --> 00:19:42,520 Speaker 1: applicable to any other. So it is a huge challenge. 330 00:19:42,560 --> 00:19:45,159 Speaker 1: I mean, well, what's the response to that. Do you 331 00:19:45,280 --> 00:19:48,280 Speaker 1: go ahead and try and standardize everything so that hopefully 332 00:19:48,320 --> 00:19:50,719 Speaker 1: the same measures will work across the board. Because if 333 00:19:50,720 --> 00:19:53,399 Speaker 1: you do that and someone does find a vulnerability, suddenly 334 00:19:53,400 --> 00:19:56,880 Speaker 1: they've got a vulnerability that works across all systems. Right, So, 335 00:19:57,600 --> 00:19:59,399 Speaker 1: I mean it's a yeah, it's a double edged sword, 336 00:19:59,480 --> 00:20:02,200 Speaker 1: and it's it's there are no easy answers. We've got 337 00:20:02,200 --> 00:20:05,479 Speaker 1: people who are way smarter than I am working on this, 338 00:20:06,240 --> 00:20:09,359 Speaker 1: UM and I wish them the best because this is 339 00:20:09,440 --> 00:20:12,479 Speaker 1: this is scary stuff. Now. Are we all in danger 340 00:20:12,560 --> 00:20:16,600 Speaker 1: of something like this happening anytime soon? I don't know. 341 00:20:16,840 --> 00:20:18,600 Speaker 1: I don't know. I don't think so. I mean, I'm 342 00:20:18,600 --> 00:20:21,800 Speaker 1: not I'm not staying up at night worrying the next 343 00:20:21,880 --> 00:20:23,879 Speaker 1: day about that's going to be the day when the 344 00:20:23,920 --> 00:20:27,360 Speaker 1: cyber war attack is going to happen. But it's I mean, 345 00:20:27,400 --> 00:20:30,760 Speaker 1: it is possible. It's just not necessarily something that you 346 00:20:30,800 --> 00:20:34,439 Speaker 1: know that I'm gonna have to worry about on a 347 00:20:34,520 --> 00:20:37,679 Speaker 1: day to day basis. Well, the more systems come online 348 00:20:38,240 --> 00:20:40,480 Speaker 1: UM in more places around the world, I think it's 349 00:20:40,520 --> 00:20:43,439 Speaker 1: going to be it becomes sort of like you know, 350 00:20:43,520 --> 00:20:46,840 Speaker 1: aerial assaults were after you know, that became a real 351 00:20:46,880 --> 00:20:49,760 Speaker 1: possibility in the twentieth century. It's it's going to be 352 00:20:49,800 --> 00:20:54,200 Speaker 1: something that a well planned military strategy is going to include. 353 00:20:54,600 --> 00:20:59,360 Speaker 1: You've got your ground troops, you know, air, sea, and internet. 354 00:21:00,000 --> 00:21:02,920 Speaker 1: Anything that can take down the computer network, the computer 355 00:21:03,040 --> 00:21:07,200 Speaker 1: the communications network, the power grid all at one time. 356 00:21:07,240 --> 00:21:09,680 Speaker 1: If you can do that, then you know you'll panic 357 00:21:09,760 --> 00:21:12,280 Speaker 1: the citizenry, and that just gives you a better chance. 358 00:21:12,640 --> 00:21:15,280 Speaker 1: I can pretty much guarantee that just about every modern 359 00:21:15,400 --> 00:21:17,679 Speaker 1: nation in the world has some sort of plan like 360 00:21:17,720 --> 00:21:20,119 Speaker 1: that in place. Um, and I can also guarantee that 361 00:21:20,160 --> 00:21:22,520 Speaker 1: they're not going to share that because that kind of 362 00:21:22,520 --> 00:21:26,080 Speaker 1: defeats the purpose of the plan. Yeah, but you know, 363 00:21:26,880 --> 00:21:30,280 Speaker 1: my internet connection goes down plenty without anybody attacking it. 364 00:21:30,400 --> 00:21:33,240 Speaker 1: So and I occasionally lose power if I sneeze too hard, 365 00:21:34,000 --> 00:21:36,560 Speaker 1: so or maybe I blackout. It's one of the two 366 00:21:37,600 --> 00:21:42,719 Speaker 1: either way. Alright, then I'm done. I'm yeah, that's all 367 00:21:42,760 --> 00:21:45,240 Speaker 1: I have that divulge to the public. Now that we've 368 00:21:45,280 --> 00:21:49,760 Speaker 1: scared the pants off of you, it's time for listener 369 00:21:49,920 --> 00:21:56,199 Speaker 1: me fitness knows that scares the pants off me. And 370 00:21:56,240 --> 00:21:59,439 Speaker 1: you know what, in retrospect, the alarm noise is probably 371 00:21:59,480 --> 00:22:02,320 Speaker 1: not the most appropriate one to play the podcast holbably not. 372 00:22:02,600 --> 00:22:06,560 Speaker 1: I apologize, folks, I should have picked something like Kittens 373 00:22:06,600 --> 00:22:11,960 Speaker 1: Purring Kittens. Well, today's listener mail comes from Tom from Kansas. 374 00:22:12,760 --> 00:22:14,520 Speaker 1: When I call a radio station to try and win 375 00:22:14,560 --> 00:22:16,439 Speaker 1: a contest, would I have an advantage if I were 376 00:22:16,480 --> 00:22:18,840 Speaker 1: closer to the radio station, or closer to a tower 377 00:22:18,880 --> 00:22:21,520 Speaker 1: that's closest to the station. Sometimes when I call, I 378 00:22:21,560 --> 00:22:25,320 Speaker 1: never get through. Who's getting through? And why? Um? Tom, 379 00:22:25,359 --> 00:22:29,119 Speaker 1: I was getting through? No, Seriously, I used to have 380 00:22:29,200 --> 00:22:31,919 Speaker 1: like the bat phone into the local radio station. I 381 00:22:32,000 --> 00:22:35,280 Speaker 1: won so many tickets from that station that they actually 382 00:22:35,320 --> 00:22:37,160 Speaker 1: had to say, Hey, how long has it been since 383 00:22:37,200 --> 00:22:40,359 Speaker 1: the last time you won. I'd be like sixty two days, 384 00:22:40,800 --> 00:22:46,040 Speaker 1: and your your policies is sixty hands them over? Um. 385 00:22:46,240 --> 00:22:49,000 Speaker 1: Does it help if I could just see you doing that? 386 00:22:49,760 --> 00:22:52,360 Speaker 1: Does it help if you're closer now? Does it help 387 00:22:52,400 --> 00:22:56,679 Speaker 1: if the tower is closer. No, these signals are moving 388 00:22:57,680 --> 00:23:01,439 Speaker 1: really really fast. Um. Otherwise you couldn't have a conversation 389 00:23:01,880 --> 00:23:06,000 Speaker 1: normal time. Exactly. These signals are moving essentially at the 390 00:23:06,000 --> 00:23:09,080 Speaker 1: speed of light, um, or close enough to it. Because 391 00:23:09,080 --> 00:23:11,480 Speaker 1: if you if they weren't moving that fast, if when 392 00:23:11,520 --> 00:23:14,200 Speaker 1: you spoke into the phone, the person on the other 393 00:23:14,280 --> 00:23:16,879 Speaker 1: end would experience a really long delay and then they 394 00:23:16,920 --> 00:23:18,680 Speaker 1: would hear you, and then they would speak, and you 395 00:23:18,720 --> 00:23:20,880 Speaker 1: would hear a really long pause, and then you would 396 00:23:20,920 --> 00:23:23,760 Speaker 1: hear them and then you'd speak. That's not how it happens. 397 00:23:23,760 --> 00:23:26,840 Speaker 1: Conversations have happened in near real time, so we're talking 398 00:23:26,880 --> 00:23:30,600 Speaker 1: about really really fast signals. Now, what is happening, Tom, 399 00:23:30,760 --> 00:23:34,320 Speaker 1: is that the radio station has only so many incoming 400 00:23:34,400 --> 00:23:37,000 Speaker 1: lines available. After that, you're going to get a busy 401 00:23:37,040 --> 00:23:39,960 Speaker 1: signal and those lines are going to fill up pretty quickly, 402 00:23:40,280 --> 00:23:44,600 Speaker 1: especially if the radio station has a large audience. Yeah, 403 00:23:44,600 --> 00:23:48,080 Speaker 1: if you have a switchboard with with ten lines and 404 00:23:48,640 --> 00:23:52,879 Speaker 1: switchboard two people are calling in, that means two sixty 405 00:23:52,880 --> 00:23:55,600 Speaker 1: five people are getting a busy signal or an all 406 00:23:55,640 --> 00:23:59,359 Speaker 1: circuits are busy recording, which is probably what you're hearing. 407 00:23:59,640 --> 00:24:02,200 Speaker 1: And that's what I always heard when I called in, 408 00:24:02,560 --> 00:24:05,879 Speaker 1: you know, until I worked for a very specific company 409 00:24:05,920 --> 00:24:10,399 Speaker 1: that had a particular phone system. That's why I used 410 00:24:10,400 --> 00:24:12,160 Speaker 1: to get to I don't know what it was about 411 00:24:12,160 --> 00:24:14,119 Speaker 1: that phone system. I think it was nothing at all. 412 00:24:14,160 --> 00:24:16,639 Speaker 1: I think it was just luck and coincidence. So I 413 00:24:16,640 --> 00:24:20,200 Speaker 1: don't think it was I don't think there was any causation. 414 00:24:20,440 --> 00:24:23,919 Speaker 1: There might have been correlation, but no causation um at 415 00:24:23,960 --> 00:24:26,800 Speaker 1: any rate. Um. All I can say is keep trying. 416 00:24:27,440 --> 00:24:31,320 Speaker 1: Lines are open, um. But yeah, if as soon as 417 00:24:31,320 --> 00:24:33,600 Speaker 1: the line does go open, someone else is trying to call. 418 00:24:33,640 --> 00:24:35,520 Speaker 1: It's going to fill up really quickly. It's really just, 419 00:24:35,640 --> 00:24:41,399 Speaker 1: you know, kind of a crapshoot. All right then, all right, Tom, 420 00:24:41,440 --> 00:24:44,160 Speaker 1: thanks for writing in. If any of you have any 421 00:24:44,280 --> 00:24:48,320 Speaker 1: questions you'd like answered right in at tech stuff at 422 00:24:48,440 --> 00:24:51,160 Speaker 1: how stuff works dot com. Remember, you can find out 423 00:24:51,160 --> 00:24:54,879 Speaker 1: all about fun activities like cyber war at how stuff 424 00:24:54,920 --> 00:24:58,159 Speaker 1: works dot com. Well, I was trying to, you know, 425 00:24:58,240 --> 00:25:01,320 Speaker 1: lighten up the mood after that podcast, and we will 426 00:25:01,320 --> 00:25:06,760 Speaker 1: talk to you again really soon for more on this 427 00:25:06,960 --> 00:25:09,480 Speaker 1: and thousands of other topics. Does it how stuff works 428 00:25:09,480 --> 00:25:11,600 Speaker 1: dot com And be sure to check out the new 429 00:25:11,640 --> 00:25:18,080 Speaker 1: tech stuff blog now on the house stuff Works homepage, 430 00:25:19,200 --> 00:25:21,760 Speaker 1: brought to you by the reinvented two thousand twelve camera. 431 00:25:22,080 --> 00:25:23,240 Speaker 1: It's ready, are you