1 00:00:00,240 --> 00:00:02,480 Speaker 1: Hi, This is newt twenty twenty is going to be 2 00:00:02,520 --> 00:00:05,160 Speaker 1: one of the most extraordinary election years of our lifetime. 3 00:00:05,360 --> 00:00:07,560 Speaker 1: I want to invite you to join my Inner Circle 4 00:00:07,920 --> 00:00:10,280 Speaker 1: as we discuss each twist and turn in the race 5 00:00:10,320 --> 00:00:13,640 Speaker 1: and my members only Inner Circle Club. You will receive 6 00:00:13,760 --> 00:00:18,960 Speaker 1: special flash briefings, online events, and members only audio reports 7 00:00:18,960 --> 00:00:21,599 Speaker 1: from me and my team. Here's a special offer to 8 00:00:21,640 --> 00:00:24,880 Speaker 1: my podcast listeners. If you joined the Inner Circle today 9 00:00:24,920 --> 00:00:27,760 Speaker 1: at newtcenter circle dot com and sign up for a 10 00:00:27,800 --> 00:00:30,720 Speaker 1: one or two year membership, I'll send you a free 11 00:00:30,960 --> 00:00:34,760 Speaker 1: personally autographed copy of my book Jettisburg and a VIP 12 00:00:35,000 --> 00:00:39,000 Speaker 1: fast pass to my live events. Join my Inner Circle 13 00:00:39,080 --> 00:00:43,120 Speaker 1: today at newts Inner Circle dot com. Use the code 14 00:00:43,520 --> 00:00:47,200 Speaker 1: free book at checkout. Sign up today at Newts Inner 15 00:00:47,280 --> 00:00:51,599 Speaker 1: Circle dot com Code free Book. This offer ends January 16 00:00:51,640 --> 00:01:00,840 Speaker 1: thirty first. On this episode of news Work, we are 17 00:01:00,880 --> 00:01:03,920 Speaker 1: fighting a new war with an invisible front line and 18 00:01:04,000 --> 00:01:07,440 Speaker 1: an indiscernible enemy. The enemy can strike us at any 19 00:01:07,480 --> 00:01:10,920 Speaker 1: time without warning, and we aren't doing enough to fortify 20 00:01:10,920 --> 00:01:15,399 Speaker 1: and protect ourselves. This is America's secret cyber war, and 21 00:01:15,480 --> 00:01:17,680 Speaker 1: we've been fighting it since the dawn of the Internet. 22 00:01:18,240 --> 00:01:23,000 Speaker 1: It includes cyber attacks on companies, governments and individuals, hacking, 23 00:01:23,280 --> 00:01:28,640 Speaker 1: spreading propaganda through social media, intellectual property theft, and stealing 24 00:01:28,640 --> 00:01:33,280 Speaker 1: on military secrets. It is an invisible war we are 25 00:01:33,280 --> 00:01:36,920 Speaker 1: fighting every day and we as a nation need to 26 00:01:36,959 --> 00:01:40,800 Speaker 1: do more to protect ourselves against these advanced adversaries. And 27 00:01:41,000 --> 00:01:44,760 Speaker 1: please to introduce my guest, Chris Gore. Chris is CEO 28 00:01:45,200 --> 00:01:50,160 Speaker 1: of D four C Global, a private counterintelligence firm based 29 00:01:50,200 --> 00:01:54,000 Speaker 1: in Fairfax, Virginia. He served as a former Air Force 30 00:01:54,040 --> 00:02:07,920 Speaker 1: OSI special Agent. We really underestimate the amount of criminal 31 00:02:08,480 --> 00:02:13,480 Speaker 1: involvement in cyber because many companies just pay them off 32 00:02:13,520 --> 00:02:17,040 Speaker 1: and stay quiet because they don't want the publicity that 33 00:02:17,160 --> 00:02:19,760 Speaker 1: they can be penetrated. Is it your impression that there's 34 00:02:19,800 --> 00:02:23,960 Speaker 1: probably actually more cyber crime than we know about, because 35 00:02:24,000 --> 00:02:28,840 Speaker 1: there's a substantial pattern of not reporting. If you have 36 00:02:29,000 --> 00:02:31,680 Speaker 1: the ability to get onto a network, whether it's a 37 00:02:31,680 --> 00:02:34,880 Speaker 1: corporate backbone, whether it's data or a power grid, to 38 00:02:35,120 --> 00:02:39,760 Speaker 1: steal information, you have the ability to cause damage. So 39 00:02:39,800 --> 00:02:43,280 Speaker 1: it's just a matter of intent to change from stealing 40 00:02:43,320 --> 00:02:45,919 Speaker 1: to destruction. I can take you all the way back 41 00:02:45,960 --> 00:02:48,960 Speaker 1: to two thousand and four when I was investigating the 42 00:02:49,000 --> 00:02:51,960 Speaker 1: intrusions around the trying Strike Fighter, which is the largest 43 00:02:51,960 --> 00:02:55,320 Speaker 1: contract in the history of DOOD, thousands of subcontractors. It's 44 00:02:55,360 --> 00:02:57,760 Speaker 1: being targeted all over the place. And at that time, 45 00:02:57,800 --> 00:03:01,160 Speaker 1: there was no requirement for defense contract to report to 46 00:03:01,520 --> 00:03:05,560 Speaker 1: the government that their unclassified networks were compromised, and so 47 00:03:05,720 --> 00:03:09,400 Speaker 1: we had to change policy and the federal acquisition requirements 48 00:03:09,440 --> 00:03:12,960 Speaker 1: and all kinds of things. And that kind of shift 49 00:03:13,160 --> 00:03:15,960 Speaker 1: hasn't happened in the rest of the sectors in America. 50 00:03:16,040 --> 00:03:18,200 Speaker 1: So the financial sector and those type of things are 51 00:03:18,240 --> 00:03:21,080 Speaker 1: not don't have the same type of reporting acquirements. And 52 00:03:21,200 --> 00:03:24,400 Speaker 1: I am personally familiar with a number of cases where 53 00:03:24,440 --> 00:03:28,359 Speaker 1: corporations have been hit with ransomware, have paid the ransom 54 00:03:28,680 --> 00:03:32,880 Speaker 1: have brought in professional cybersecurity firms to negotiate with the 55 00:03:32,919 --> 00:03:36,320 Speaker 1: bad guys and pay it, and then move on as 56 00:03:36,360 --> 00:03:39,880 Speaker 1: if nothing has happened. Some of these are substantial ransoms, 57 00:03:40,080 --> 00:03:43,240 Speaker 1: and so there's definitely no motivation for the bad guys 58 00:03:43,240 --> 00:03:48,880 Speaker 1: to stop. American society is completely unaware just how bad 59 00:03:48,920 --> 00:03:52,040 Speaker 1: the criminal elements are. Taken a lot of money from people. 60 00:03:52,280 --> 00:03:55,880 Speaker 1: If you had to guess what percent of this is criminal, 61 00:03:56,240 --> 00:03:58,440 Speaker 1: what percents government, and what percent of it is just 62 00:03:58,880 --> 00:04:02,040 Speaker 1: the individual's journking around as a hobby. There are different 63 00:04:02,080 --> 00:04:06,240 Speaker 1: types of things happening. When you see ransomware that's happening 64 00:04:06,400 --> 00:04:10,080 Speaker 1: and organizations being blackmailed without going and there encrypt all 65 00:04:10,080 --> 00:04:11,960 Speaker 1: of their servers and then basically you have to pay 66 00:04:12,000 --> 00:04:14,640 Speaker 1: a bunch of bitcoin to get your stuff undone that 67 00:04:14,800 --> 00:04:18,400 Speaker 1: is in most part a criminal enterprise, but it can 68 00:04:18,440 --> 00:04:22,960 Speaker 1: also blend into state sponsored enterprise. The North Koreans are 69 00:04:23,040 --> 00:04:25,800 Speaker 1: kind of considered for doing this to try to increase 70 00:04:25,839 --> 00:04:28,920 Speaker 1: some revenue because of all the sanctions. I would suggest 71 00:04:29,000 --> 00:04:33,760 Speaker 1: that any of the targeting US intellectual property that's been 72 00:04:33,800 --> 00:04:38,000 Speaker 1: happening over the last five, six seven years, to the 73 00:04:38,000 --> 00:04:42,039 Speaker 1: tune of some government reporting three hundred billion dollars a 74 00:04:42,120 --> 00:04:46,280 Speaker 1: year and losses of intellectual property, that when you're going 75 00:04:46,320 --> 00:04:50,960 Speaker 1: after a Lockey Martin or a Northrop Grumman or a Caterpillar, 76 00:04:51,440 --> 00:04:55,719 Speaker 1: those require substantial capability to defeat those organizations. That is 77 00:04:55,720 --> 00:04:59,360 Speaker 1: state sponsored. The criminal stuff is going after your money 78 00:04:59,400 --> 00:05:01,760 Speaker 1: in the black mail, and then your individual on the 79 00:05:01,800 --> 00:05:04,680 Speaker 1: basement can kind of weave in between. There. There was 80 00:05:04,720 --> 00:05:07,520 Speaker 1: a report of the teenager that compromised the director of 81 00:05:07,560 --> 00:05:10,839 Speaker 1: the CIA's home account that does happen. You do get 82 00:05:11,000 --> 00:05:15,400 Speaker 1: some activist groups anonymous will do some things, and those 83 00:05:15,480 --> 00:05:18,560 Speaker 1: may be kind of politically motivated, and they're doing it 84 00:05:18,640 --> 00:05:21,880 Speaker 1: more to put a message up on a website, those 85 00:05:21,880 --> 00:05:25,799 Speaker 1: type of things. So most of the lower level script kitty, 86 00:05:25,920 --> 00:05:29,480 Speaker 1: if you will, are defacing websites and that type of thing. 87 00:05:29,520 --> 00:05:31,599 Speaker 1: The criminal enterprises are getting in and trying to go 88 00:05:31,600 --> 00:05:35,160 Speaker 1: after money and doing blackmail, and the state sponsored organizations 89 00:05:35,160 --> 00:05:39,720 Speaker 1: are stealing our trade secrets and then positioning themselves from 90 00:05:39,760 --> 00:05:44,520 Speaker 1: an order battle perspective to have that strategic surprise. So 91 00:05:44,839 --> 00:05:47,600 Speaker 1: knock out the lights, can they shut down the FAA, 92 00:05:47,680 --> 00:05:49,720 Speaker 1: Can they hurt NAZDAC? Can they do those type of 93 00:05:49,760 --> 00:05:52,000 Speaker 1: things that would kind of cause a lot of turmoil 94 00:05:52,080 --> 00:05:54,360 Speaker 1: for us. That's the way I would kind of outline 95 00:05:54,440 --> 00:05:57,159 Speaker 1: a teering thing so that in sense, this is the 96 00:05:57,200 --> 00:06:00,880 Speaker 1: new cyber mafia and represents it totally different set of 97 00:06:00,920 --> 00:06:06,240 Speaker 1: skills and a much higher profit margin than the traditional crimes. 98 00:06:06,720 --> 00:06:10,560 Speaker 1: Agree ten years ago, the moneymaker on the cyberside was 99 00:06:10,680 --> 00:06:12,760 Speaker 1: you would steal data and then you had to go 100 00:06:12,800 --> 00:06:16,120 Speaker 1: find an information broker to sell the data to, or 101 00:06:16,160 --> 00:06:19,240 Speaker 1: you would create the actual exploits and sell those. So 102 00:06:19,440 --> 00:06:22,120 Speaker 1: a zero day right now can get you about a 103 00:06:22,160 --> 00:06:24,400 Speaker 1: million dollars a good one, like if you can get 104 00:06:24,400 --> 00:06:26,920 Speaker 1: through windows or get on an iPhone or something like that. 105 00:06:27,240 --> 00:06:29,359 Speaker 1: But if you're going to go hit a corporation and 106 00:06:29,440 --> 00:06:32,680 Speaker 1: you're going to hit them for five million dollars in bitcoin, 107 00:06:32,800 --> 00:06:34,760 Speaker 1: and you can use that same tool that you use 108 00:06:34,800 --> 00:06:36,960 Speaker 1: against them and hit five more companies, and now you're 109 00:06:36,960 --> 00:06:40,919 Speaker 1: at twenty five million dollars of somewhat untraceable in the 110 00:06:40,960 --> 00:06:43,359 Speaker 1: way this is being done, because it goes through multiple 111 00:06:43,400 --> 00:06:47,480 Speaker 1: iterations of different cryptocurrency providers and whatnot, it's a challenge 112 00:06:47,480 --> 00:06:51,719 Speaker 1: for law enforcement. There have been United States municipal, city, 113 00:06:51,720 --> 00:06:55,880 Speaker 1: and state police departments that themselves have been hit with 114 00:06:56,000 --> 00:06:59,839 Speaker 1: ransomware and paid the ransom. It's a part of kind 115 00:06:59,839 --> 00:07:02,320 Speaker 1: of cyber hygiene issue on our side where we're not 116 00:07:02,360 --> 00:07:04,919 Speaker 1: backing things up as much as we should. We're not 117 00:07:05,040 --> 00:07:08,960 Speaker 1: really preparing our communities and our organizations for the threat, 118 00:07:09,200 --> 00:07:11,840 Speaker 1: and then it's very very difficult once you've been hit 119 00:07:11,880 --> 00:07:14,640 Speaker 1: without stuff to get your data unlocked. The interesting thing 120 00:07:14,640 --> 00:07:17,520 Speaker 1: about this is for the most part the criminals, there 121 00:07:17,600 --> 00:07:19,720 Speaker 1: is some honor there, like once you do pay, you 122 00:07:19,800 --> 00:07:22,520 Speaker 1: do get your stuff back. Very rarely does it not 123 00:07:22,640 --> 00:07:26,840 Speaker 1: work out that way because within that criminal subculture, if 124 00:07:26,840 --> 00:07:31,160 Speaker 1: you get a reputation for not following through with releasing 125 00:07:31,200 --> 00:07:33,920 Speaker 1: the holdings, then they would expect that they wouldn't be 126 00:07:33,920 --> 00:07:35,600 Speaker 1: paid in the future, so they want to keep that 127 00:07:35,680 --> 00:07:39,880 Speaker 1: fasted on by honoring the bounty. Sony produced a movie 128 00:07:39,920 --> 00:07:43,000 Speaker 1: that made fun of Kim Jongan, and they promptly had 129 00:07:43,040 --> 00:07:46,200 Speaker 1: a cyber attack on Sony. I think everybody agrees with 130 00:07:46,240 --> 00:07:49,640 Speaker 1: the Koreans, but it's really hard to track down improve 131 00:07:49,720 --> 00:07:52,800 Speaker 1: it's the Koreans. And isn't that one of the problems 132 00:07:52,800 --> 00:07:56,240 Speaker 1: that you can have these attacks and really not know 133 00:07:56,440 --> 00:07:59,520 Speaker 1: precisely where they're coming from. It is definitely one of 134 00:07:59,560 --> 00:08:03,120 Speaker 1: the challenge. To some degree, there are elements with the 135 00:08:03,160 --> 00:08:08,040 Speaker 1: intelligence community that have better visibility and understanding than others, 136 00:08:08,120 --> 00:08:12,280 Speaker 1: and in some cases it's still unknown. The other challenge 137 00:08:12,320 --> 00:08:16,360 Speaker 1: with this if you're utilizing a criminal elements or you're 138 00:08:16,360 --> 00:08:19,920 Speaker 1: supporting them, and you kind of give yourself that plausible deniability, 139 00:08:19,960 --> 00:08:23,520 Speaker 1: whether it's the Russians or the Chinese, or the Koreans 140 00:08:23,680 --> 00:08:26,520 Speaker 1: or the Urians, if you can cause that doubt at 141 00:08:26,600 --> 00:08:30,560 Speaker 1: distance between an actual organized wearing a uniform group like 142 00:08:31,000 --> 00:08:34,120 Speaker 1: you had in the GRU I think most people in 143 00:08:34,160 --> 00:08:37,319 Speaker 1: the community would agree are still under the control or 144 00:08:37,360 --> 00:08:40,400 Speaker 1: supported by the government. Is an issue, but even more 145 00:08:40,440 --> 00:08:43,760 Speaker 1: so from a political will perspective, what happens when you 146 00:08:43,760 --> 00:08:48,000 Speaker 1: actually do attribute it to a Russian government or the 147 00:08:48,080 --> 00:08:51,600 Speaker 1: Chinese government or the North Koreans. The ability to dissuade 148 00:08:51,640 --> 00:08:54,800 Speaker 1: them from doing something like that is also a challenge, 149 00:08:54,880 --> 00:08:56,839 Speaker 1: both from a political will to do it and then 150 00:08:56,880 --> 00:09:01,319 Speaker 1: what you actually do. So it's a problem cross multiple 151 00:09:01,880 --> 00:09:06,200 Speaker 1: elements of national response. After you even understand who did it, 152 00:09:06,320 --> 00:09:09,160 Speaker 1: which is still a problem, how far would you go 153 00:09:09,280 --> 00:09:13,200 Speaker 1: in responding, For example, in response to Sony, should we 154 00:09:13,240 --> 00:09:15,560 Speaker 1: have tried to take down the North Korean system? And 155 00:09:15,640 --> 00:09:18,280 Speaker 1: even if we had, given how little electricity they use, 156 00:09:18,559 --> 00:09:21,200 Speaker 1: would they even have noticed it. We have the ability 157 00:09:21,240 --> 00:09:25,440 Speaker 1: to be surgical as well, So maybe the response is 158 00:09:25,880 --> 00:09:31,240 Speaker 1: if we have attribution or a strong enough agreement within 159 00:09:31,280 --> 00:09:35,760 Speaker 1: the community intelligence community, maybe the effect is to neutralize 160 00:09:35,800 --> 00:09:38,920 Speaker 1: the cyber capability of the people we believe are doing it, 161 00:09:39,360 --> 00:09:41,880 Speaker 1: whether it's going right back after their machines and the 162 00:09:42,000 --> 00:09:45,520 Speaker 1: quote unquote hats back taking out the infrastructure that they're 163 00:09:45,600 --> 00:09:48,480 Speaker 1: utilizing is a tactic that can be done and has 164 00:09:48,520 --> 00:09:50,840 Speaker 1: been done from law enforcements. So if you look at 165 00:09:50,880 --> 00:09:54,280 Speaker 1: how botnets are being done and some of the criminal enterprises, 166 00:09:54,800 --> 00:09:58,360 Speaker 1: there are coordinated efforts with interpoll and others to go 167 00:09:58,480 --> 00:10:02,640 Speaker 1: take down botnets, s and controllers and some of that infrastructure. 168 00:10:02,679 --> 00:10:05,920 Speaker 1: Takes a long time to build millions of dollars in 169 00:10:06,040 --> 00:10:09,240 Speaker 1: investment to get this stuff staged out, and taking that 170 00:10:09,360 --> 00:10:14,040 Speaker 1: down dramatically impacts the bad guys operations. That is something 171 00:10:14,040 --> 00:10:16,560 Speaker 1: that can be done. Maybe it needs to be a 172 00:10:16,600 --> 00:10:19,560 Speaker 1: little bit more public so people understand that this is happening. 173 00:10:19,800 --> 00:10:23,760 Speaker 1: In some cases, the United States government is aware of 174 00:10:24,200 --> 00:10:27,360 Speaker 1: more than the general population, as you would expect, on 175 00:10:27,400 --> 00:10:30,800 Speaker 1: a lot of things. So do they have capability to 176 00:10:30,920 --> 00:10:34,000 Speaker 1: do things? Does NSA and Cyber Command have the ability 177 00:10:34,040 --> 00:10:37,920 Speaker 1: from a cyber perspective to disrupt and engage in some 178 00:10:38,000 --> 00:10:42,720 Speaker 1: cases destroy cyber targets? Absolutely? Do they have the political 179 00:10:43,320 --> 00:10:46,160 Speaker 1: backing or charter to do that. That's where we're not 180 00:10:46,400 --> 00:10:50,559 Speaker 1: there yet. So we're not sending two one guys into 181 00:10:50,559 --> 00:10:54,000 Speaker 1: Beijing to kidnap hackers, we're not dropping bombs on buildings, 182 00:10:54,040 --> 00:10:56,320 Speaker 1: and in most cases we're not even doing a cyber 183 00:10:56,360 --> 00:10:59,640 Speaker 1: operation to nuke their routers. I'm sure there are conversations 184 00:10:59,640 --> 00:11:02,360 Speaker 1: happen in various pockets of the government on what to do. 185 00:11:02,520 --> 00:11:06,000 Speaker 1: These conversations have been happening for ten years now, and 186 00:11:06,080 --> 00:11:09,199 Speaker 1: we definitely have the capacity to do things. From my perspective, 187 00:11:09,200 --> 00:11:11,440 Speaker 1: when I was in the government as an operator doing 188 00:11:11,480 --> 00:11:14,120 Speaker 1: these type of things, the only thing we were lacking 189 00:11:14,280 --> 00:11:17,119 Speaker 1: was the political world to do it. That's the threshold. 190 00:11:17,280 --> 00:11:19,839 Speaker 1: If the military is ordered or given a green light, 191 00:11:19,880 --> 00:11:21,560 Speaker 1: they have the capability to do a lot of things 192 00:11:21,720 --> 00:11:25,960 Speaker 1: and various stages of escalation. So that's where we have 193 00:11:26,040 --> 00:11:30,439 Speaker 1: to get our political leadership on the same page, understanding 194 00:11:30,480 --> 00:11:35,640 Speaker 1: the threat better, and then having a series of responses 195 00:11:35,720 --> 00:11:39,200 Speaker 1: that are publicly known to the adversary. If you do this, 196 00:11:39,200 --> 00:11:42,240 Speaker 1: this is going to be the consequences very similar that 197 00:11:42,400 --> 00:11:46,880 Speaker 1: mutually assured destruction doctrine during the Cold War. We definitely 198 00:11:46,960 --> 00:11:50,120 Speaker 1: need to start moving towards that right now. It's just 199 00:11:50,200 --> 00:11:53,240 Speaker 1: been we've been getting hit, getting hit, getting hit, getting hit, 200 00:11:53,679 --> 00:11:57,640 Speaker 1: and a small group of American citizens have been seeing 201 00:11:57,679 --> 00:12:00,600 Speaker 1: this and trying to deal with it and pocket but 202 00:12:00,760 --> 00:12:04,880 Speaker 1: we haven't had a unified response, and that's the biggest 203 00:12:04,920 --> 00:12:09,319 Speaker 1: challenge next, a data breach on the opposite of personnel management, 204 00:12:09,720 --> 00:12:14,120 Speaker 1: leaks the personal information and fingerprints of millions of federal employees. 205 00:12:23,360 --> 00:12:25,600 Speaker 1: This is week to my profiled journey, and right now 206 00:12:25,600 --> 00:12:28,240 Speaker 1: we are beginning to talk about meal planning, which, when 207 00:12:28,240 --> 00:12:31,720 Speaker 1: you travel as much as I do, really requires thinking ahead. 208 00:12:31,920 --> 00:12:34,559 Speaker 1: I've already dropped some four and a half pounds, so 209 00:12:34,840 --> 00:12:37,760 Speaker 1: I'm pretty excited, wonderful. A lot of the things that 210 00:12:37,760 --> 00:12:40,840 Speaker 1: you've shared with me have been simple that you've already 211 00:12:40,840 --> 00:12:43,520 Speaker 1: just started cutting down on your portions and being a 212 00:12:43,559 --> 00:12:45,880 Speaker 1: little bit more aware of the foods that you're eating. 213 00:12:46,000 --> 00:12:48,280 Speaker 1: Those little changes can take you a long way in 214 00:12:48,320 --> 00:12:52,400 Speaker 1: your journey. I need coaching on getting the habit of 215 00:12:52,440 --> 00:12:57,520 Speaker 1: planning ahead, because when you travel, talking through how I 216 00:12:57,559 --> 00:13:01,079 Speaker 1: should think about planning the meals it's probably the most 217 00:13:01,120 --> 00:13:04,520 Speaker 1: important next step. I travel a lot. I see great 218 00:13:04,559 --> 00:13:08,679 Speaker 1: new restaurants, new different styles of food preparations, so I'm 219 00:13:08,720 --> 00:13:12,160 Speaker 1: always tempted to eat out a lot. Some tips along 220 00:13:12,240 --> 00:13:15,240 Speaker 1: the way when you're traveling, First of all, profile shakes 221 00:13:15,280 --> 00:13:19,320 Speaker 1: and bars very easy, very portable, easy to take with you. 222 00:13:19,960 --> 00:13:23,880 Speaker 1: And then also finding out how to time what meals 223 00:13:23,920 --> 00:13:26,320 Speaker 1: are available to you, and That's the whole key with 224 00:13:26,440 --> 00:13:29,240 Speaker 1: Profile is we don't want to focus on the fact 225 00:13:29,240 --> 00:13:31,480 Speaker 1: that it's a diet. We want to focus on the 226 00:13:31,520 --> 00:13:34,360 Speaker 1: lifestyle changes. And that's where it's really up to you 227 00:13:34,920 --> 00:13:40,040 Speaker 1: to make those lifestyle changes that are realistic for you. Right. 228 00:13:40,320 --> 00:13:42,680 Speaker 1: It has to become a set of habits so that 229 00:13:42,679 --> 00:13:45,439 Speaker 1: they're automatic, and I think having you as a coach 230 00:13:46,360 --> 00:13:49,680 Speaker 1: is really helpful. Frankly, at Profile, our coaches are here 231 00:13:49,760 --> 00:13:53,640 Speaker 1: to partner with you, to work through solutions with you, 232 00:13:54,160 --> 00:13:58,440 Speaker 1: hold you accountable as well as set realistic goals. Learn 233 00:13:58,480 --> 00:14:01,480 Speaker 1: more about Newton Dewe's journeys to better health at profile 234 00:14:01,520 --> 00:14:05,480 Speaker 1: plan dot com slash newt. Right now, Newts World listeners 235 00:14:05,520 --> 00:14:08,360 Speaker 1: get an exclusive offer one hundred dollars off a one 236 00:14:08,440 --> 00:14:12,440 Speaker 1: year Profile membership by visiting profile plan dot com and 237 00:14:12,720 --> 00:14:16,440 Speaker 1: entering code NEWT. Get your health journey started today with 238 00:14:16,559 --> 00:14:20,200 Speaker 1: a free coach consultation at your nearest Profile location or 239 00:14:20,240 --> 00:14:25,080 Speaker 1: by visiting profileplan dot com slash newt. That's profileplan dot 240 00:14:25,080 --> 00:14:41,880 Speaker 1: com slash n ewt. In twenty fifteen, and they reported 241 00:14:41,880 --> 00:14:47,520 Speaker 1: that packers had gotten five million, six hundred thousand digital 242 00:14:47,520 --> 00:14:51,920 Speaker 1: images of government employees fingerprints and had broken in just 243 00:14:52,000 --> 00:14:56,960 Speaker 1: a huge volume of information about federal employement that breach 244 00:14:57,320 --> 00:15:00,280 Speaker 1: the Office of Personnel Management and all of the the 245 00:15:00,280 --> 00:15:06,200 Speaker 1: background records for security clearances. Was a strategic hit that 246 00:15:06,400 --> 00:15:10,960 Speaker 1: was a focused effort to go after those records. That 247 00:15:11,080 --> 00:15:15,120 Speaker 1: has all of the information for every federal employee who 248 00:15:15,160 --> 00:15:18,360 Speaker 1: has gone through a security clearance background check, so it'll 249 00:15:18,480 --> 00:15:23,560 Speaker 1: cover the organization that you're in, your previous employment, your family, 250 00:15:23,640 --> 00:15:28,240 Speaker 1: every place you've lived, your credit record, your fingerplans, all 251 00:15:28,240 --> 00:15:31,920 Speaker 1: of it. So it was a major kit. But in 252 00:15:32,040 --> 00:15:35,000 Speaker 1: terms of the scale of constant aggressiveness, I think the 253 00:15:35,080 --> 00:15:39,240 Speaker 1: Officer Personal Management said that they get something like ten 254 00:15:39,360 --> 00:15:44,040 Speaker 1: million attempted digital intrusions every month. Shouldn't we be much 255 00:15:44,080 --> 00:15:47,920 Speaker 1: more militant about stopping the people who are doing all this? 256 00:15:48,840 --> 00:15:52,040 Speaker 1: It seems to me although we're playing defense with no offense, 257 00:15:52,760 --> 00:15:55,600 Speaker 1: and eventually they're going to break through. I agree, if 258 00:15:55,600 --> 00:15:57,840 Speaker 1: it's connected to the Internet, it's at risk and it 259 00:15:57,840 --> 00:16:00,480 Speaker 1: will always be at risk. I would suggests that ten 260 00:16:00,520 --> 00:16:02,840 Speaker 1: million attempts a day is a lot of that scanning 261 00:16:02,960 --> 00:16:05,880 Speaker 1: or system machines that are just probing for openings. But 262 00:16:05,960 --> 00:16:10,320 Speaker 1: when you get to an actual dedicated military intelligence unit 263 00:16:10,480 --> 00:16:14,640 Speaker 1: or Chinese INNESSA or Russian NSA, they will have a 264 00:16:14,840 --> 00:16:18,160 Speaker 1: dedicated campaign where they'll go at you from our target 265 00:16:18,200 --> 00:16:21,840 Speaker 1: like that from an insider perspective, from a human perspective, 266 00:16:21,880 --> 00:16:24,040 Speaker 1: from a cyber perspective, they're going to get after it. 267 00:16:24,520 --> 00:16:28,960 Speaker 1: And we haven't really come to the realization that some 268 00:16:29,040 --> 00:16:31,840 Speaker 1: of these things are highly vulnerable and good targets. If 269 00:16:31,840 --> 00:16:35,200 Speaker 1: you look at the ramifications of what happened there. Initially, 270 00:16:35,280 --> 00:16:38,400 Speaker 1: that breach when after a contractor that had to work 271 00:16:38,440 --> 00:16:41,160 Speaker 1: to do the investigations, so they would have contracted personnel 272 00:16:41,200 --> 00:16:43,600 Speaker 1: that would go out using laptops and do field interviews, 273 00:16:43,600 --> 00:16:46,360 Speaker 1: and then those laptops we're plugging back into a corporate backbone, 274 00:16:46,600 --> 00:16:49,960 Speaker 1: and they got on through that link. The US government 275 00:16:50,040 --> 00:16:54,280 Speaker 1: basically kind of blame that company. That company basically went bankrupt, 276 00:16:54,400 --> 00:16:57,120 Speaker 1: thousands of people lost their job. They tried to file 277 00:16:57,160 --> 00:17:00,280 Speaker 1: an insurance claim about it. The insurance policy said, this 278 00:17:00,440 --> 00:17:02,200 Speaker 1: is a state sponsored thing. We're not going to protect 279 00:17:02,240 --> 00:17:04,679 Speaker 1: you in your own Come to find out that the 280 00:17:04,840 --> 00:17:07,960 Speaker 1: government itself was also compromised in this thing, and they 281 00:17:07,960 --> 00:17:11,199 Speaker 1: had not complied with inspections and security audits saying you 282 00:17:11,240 --> 00:17:15,880 Speaker 1: need to do some things. So corporate side, big impact 283 00:17:15,920 --> 00:17:20,040 Speaker 1: government side. I'm not sure anybody even lost a job. 284 00:17:20,320 --> 00:17:23,760 Speaker 1: The bad guys got away with a strategic hall of 285 00:17:23,920 --> 00:17:28,399 Speaker 1: valuable intelligence about every employee in all their backgrounds and 286 00:17:28,480 --> 00:17:31,040 Speaker 1: everything that you could hope to have, and we really, 287 00:17:31,240 --> 00:17:35,040 Speaker 1: as a response, did nothing other than offer a couple 288 00:17:35,040 --> 00:17:38,560 Speaker 1: of years of free credit check to the employees. So 289 00:17:38,800 --> 00:17:42,560 Speaker 1: I completely agree with you that we need to start 290 00:17:42,760 --> 00:17:45,760 Speaker 1: changing our mindset and how we're responding to some of 291 00:17:45,800 --> 00:17:50,040 Speaker 1: these things, because there is no fear, there is no 292 00:17:50,359 --> 00:17:54,240 Speaker 1: cost of doing business from their side, there's no ramifications 293 00:17:54,280 --> 00:17:57,479 Speaker 1: for things like this. As I understand, in terms of 294 00:17:57,800 --> 00:18:01,800 Speaker 1: intellectual property theft, it's a different kind of problem. There 295 00:18:01,840 --> 00:18:04,880 Speaker 1: was one report the China may account for as much 296 00:18:04,880 --> 00:18:08,199 Speaker 1: as eighty seven percent of the counterfeit goods that are 297 00:18:08,240 --> 00:18:11,240 Speaker 1: seized coming into the US. Doesn't this almost have to 298 00:18:11,320 --> 00:18:13,600 Speaker 1: have the backing of the government of China to be 299 00:18:13,640 --> 00:18:17,640 Speaker 1: on this scale as far as I'm concerned. I mean, 300 00:18:17,640 --> 00:18:20,560 Speaker 1: they control the Internet, to control your access in and out. 301 00:18:21,080 --> 00:18:22,880 Speaker 1: I could tell you a story all the way back 302 00:18:22,880 --> 00:18:25,720 Speaker 1: in two thousand and one. You may recall that there 303 00:18:25,800 --> 00:18:28,800 Speaker 1: was a Navy P three surveillance plane that was flying 304 00:18:28,800 --> 00:18:31,520 Speaker 1: along the coast of China. China sent up two fighter 305 00:18:31,600 --> 00:18:34,879 Speaker 1: jets to shadow it and they ended up clipping wings 306 00:18:34,920 --> 00:18:37,760 Speaker 1: and we had to land our navy plane on the ground. 307 00:18:37,840 --> 00:18:40,960 Speaker 1: And it was a big kind of international incident that 308 00:18:41,080 --> 00:18:44,520 Speaker 1: kicked off around a kind of patriotic hacking between the 309 00:18:44,600 --> 00:18:47,480 Speaker 1: US and China, and on our side, the FBI and 310 00:18:47,520 --> 00:18:49,359 Speaker 1: others kind of try to track our guys down and 311 00:18:49,440 --> 00:18:52,159 Speaker 1: tell them to stop. On the Chinese side, they started 312 00:18:52,200 --> 00:18:54,000 Speaker 1: to kind of watch this and they saw that these 313 00:18:54,040 --> 00:18:57,479 Speaker 1: patriarch hackers were going against the US and they were 314 00:18:57,520 --> 00:19:02,640 Speaker 1: allowed to continue. That created your first generation of what 315 00:19:02,680 --> 00:19:05,400 Speaker 1: the Chinese called big bulls or like the strong hackers, 316 00:19:05,720 --> 00:19:08,480 Speaker 1: and they started their own little hackle organizations. And then 317 00:19:08,520 --> 00:19:12,320 Speaker 1: ten years later, in twenty eleven, they literally had kind 318 00:19:12,320 --> 00:19:17,280 Speaker 1: of a ten year anniversary awards ceremony for these groups 319 00:19:17,320 --> 00:19:20,800 Speaker 1: and it was held in a Chinese Communist leadership quadric 320 00:19:20,840 --> 00:19:25,600 Speaker 1: facility cassette approval from the government. So, without a doubt, 321 00:19:25,720 --> 00:19:28,560 Speaker 1: these groups that are going after intellectual property, and we're 322 00:19:28,600 --> 00:19:33,199 Speaker 1: talking hundreds of terabytes of data over the course of 323 00:19:33,520 --> 00:19:36,200 Speaker 1: a couple of years that have been taken. I think 324 00:19:36,200 --> 00:19:39,360 Speaker 1: the Mandian report that talked about six one nine eighth 325 00:19:39,359 --> 00:19:42,320 Speaker 1: the military unit that the FBI did indictments on. They 326 00:19:42,320 --> 00:19:45,919 Speaker 1: were talking about hundreds of terabytes and weekly stands, and 327 00:19:45,960 --> 00:19:48,960 Speaker 1: that's just one unit. So when you start talking about 328 00:19:49,160 --> 00:19:52,479 Speaker 1: hundreds of terabytes, I don't think people understand what that 329 00:19:52,560 --> 00:19:56,720 Speaker 1: really looks like. Fifteen terabytes. If you were to take 330 00:19:56,760 --> 00:20:01,400 Speaker 1: that and print that out, that would equate to every 331 00:20:01,760 --> 00:20:05,439 Speaker 1: piece of printed material in the Library of Congress, and 332 00:20:05,520 --> 00:20:08,960 Speaker 1: you're talking hundreds and hundreds of those. So it's a 333 00:20:09,000 --> 00:20:12,320 Speaker 1: massive amount of information that's been taken. And the Chinese 334 00:20:12,359 --> 00:20:16,800 Speaker 1: are experts at recreating through imitation. So not only are 335 00:20:16,800 --> 00:20:19,920 Speaker 1: they doing counterfeit goods for purses and shoes and t 336 00:20:20,080 --> 00:20:22,760 Speaker 1: shirts and those type of things, but they're also creating 337 00:20:23,359 --> 00:20:26,919 Speaker 1: weapons systems. They've created the J thirty one, which looks 338 00:20:27,080 --> 00:20:30,119 Speaker 1: and flies exactly like the forty five Joint Strike Fighter. 339 00:20:30,480 --> 00:20:33,000 Speaker 1: They have a drone that looks just like our Predator. 340 00:20:33,359 --> 00:20:35,960 Speaker 1: They're selling it in Africa in the Middle East. They've 341 00:20:35,960 --> 00:20:38,800 Speaker 1: taken our technology, they've created it themselves, and now they're 342 00:20:38,800 --> 00:20:41,680 Speaker 1: moving into the market and they're competing against US, so 343 00:20:41,760 --> 00:20:44,440 Speaker 1: not only from commercial goods, but from weapons of war 344 00:20:44,480 --> 00:20:47,600 Speaker 1: as well. So there's a commission on the Theft of 345 00:20:47,640 --> 00:20:51,400 Speaker 1: American Intellectual Property, which made a report in twenty seventeen, 346 00:20:51,800 --> 00:20:56,840 Speaker 1: and the range they estimate of how much has stolen 347 00:20:57,800 --> 00:21:02,640 Speaker 1: of intellectual property annually from the US economy was between 348 00:21:02,760 --> 00:21:08,280 Speaker 1: one hundred and eighty billion in five hundred and forty billion. Now, 349 00:21:08,280 --> 00:21:10,879 Speaker 1: how can we know so little that we have a 350 00:21:11,000 --> 00:21:15,760 Speaker 1: range of almost four hundred billion between the high and 351 00:21:15,840 --> 00:21:19,119 Speaker 1: low estimate for one year. Isn't there something wrong with 352 00:21:19,160 --> 00:21:22,120 Speaker 1: our own systems if we can't get a narrower than that. Well, 353 00:21:22,119 --> 00:21:24,400 Speaker 1: it kind of goes back to your point of it's 354 00:21:24,440 --> 00:21:27,720 Speaker 1: hard to get everybody to admit that has happened. It's 355 00:21:27,760 --> 00:21:32,240 Speaker 1: hard to quantify the volume of what's been taken and 356 00:21:32,359 --> 00:21:35,080 Speaker 1: how you actually turn that into a dollar amount. Some 357 00:21:35,240 --> 00:21:37,199 Speaker 1: of us amongst the community will just kind of take 358 00:21:37,280 --> 00:21:39,840 Speaker 1: up middle number and it's three hundred billion a year. 359 00:21:40,160 --> 00:21:42,320 Speaker 1: And if you do that across five years, I mean 360 00:21:42,359 --> 00:21:47,040 Speaker 1: you're at one point five trillion dollars in economic impact. 361 00:21:47,680 --> 00:21:52,680 Speaker 1: We cannot sustain this, We cannot continue to compete economically 362 00:21:52,960 --> 00:21:56,800 Speaker 1: and eventually militarily. I can tell you I personally briefed 363 00:21:56,800 --> 00:21:58,560 Speaker 1: the CEO of Lockey Martin when we were doing a 364 00:21:58,640 --> 00:22:02,160 Speaker 1: joint strike fighter intrusion and had a big analyst note, 365 00:22:02,160 --> 00:22:03,719 Speaker 1: but chart out, and here's kind of what we're doing, 366 00:22:03,840 --> 00:22:06,720 Speaker 1: what we know, and where the case is going. He 367 00:22:06,880 --> 00:22:09,240 Speaker 1: basically kind of sat there and looked up and said, 368 00:22:09,320 --> 00:22:13,159 Speaker 1: I'm sick and tired of investing hundreds of millions of 369 00:22:13,200 --> 00:22:15,440 Speaker 1: dollars in building the stuff to have it stolen in 370 00:22:15,480 --> 00:22:18,080 Speaker 1: a matter of minutes. And that was just one company. 371 00:22:18,200 --> 00:22:20,600 Speaker 1: Some of the other statistics around that report that you 372 00:22:20,640 --> 00:22:24,600 Speaker 1: mentioned was one in five corporations has been hit or 373 00:22:24,640 --> 00:22:28,119 Speaker 1: will be hit, maybe as high as two fifths. So 374 00:22:28,200 --> 00:22:31,600 Speaker 1: that's a massive amount of intrusion. And then being able 375 00:22:31,640 --> 00:22:33,640 Speaker 1: to quantify it. So let's say you did. Let's say 376 00:22:33,640 --> 00:22:36,160 Speaker 1: you actually said we narrowed it down. We can tell 377 00:22:36,200 --> 00:22:40,080 Speaker 1: you it's three hundred and fifty billion dollars. The question is, then, 378 00:22:40,160 --> 00:22:43,440 Speaker 1: what if we know it's eighty seven percent China and 379 00:22:43,480 --> 00:22:46,160 Speaker 1: they took three hundred billion dollars a year for five years, 380 00:22:46,240 --> 00:22:49,720 Speaker 1: where at one point five trillion dollars in economic warfare, 381 00:22:50,359 --> 00:22:52,320 Speaker 1: what are we doing about it. Some of the things 382 00:22:52,359 --> 00:22:55,400 Speaker 1: that the current administration is doing is saying enough is enough. 383 00:22:55,840 --> 00:22:59,359 Speaker 1: The American public is not really as far as I 384 00:22:59,400 --> 00:23:03,240 Speaker 1: can see well informed or in tune to this because 385 00:23:03,359 --> 00:23:05,480 Speaker 1: what you see on the news on a daily basis 386 00:23:05,600 --> 00:23:09,720 Speaker 1: is something else that's not really focusing on these strategic 387 00:23:10,400 --> 00:23:14,919 Speaker 1: challenges that we're facing as a society. Next, we reveal 388 00:23:15,000 --> 00:23:17,840 Speaker 1: the lack of cyber health around our senior corporate and 389 00:23:17,920 --> 00:23:41,640 Speaker 1: government leaders and what they need to do to protect themselves. Chris, 390 00:23:41,640 --> 00:23:45,160 Speaker 1: Since there is a growing pattern of going after individuals 391 00:23:45,320 --> 00:23:47,960 Speaker 1: and their home systems, etc. What advice do you have 392 00:23:48,040 --> 00:23:50,960 Speaker 1: for people who want to deal with the cyber threat 393 00:23:51,280 --> 00:23:54,720 Speaker 1: in a way that's effective for them as individuals. A 394 00:23:54,760 --> 00:23:58,560 Speaker 1: couple of things. A couple of things. Cyber hygiene is important, 395 00:23:58,600 --> 00:24:02,119 Speaker 1: so kind of basic practices. If you are part of 396 00:24:02,119 --> 00:24:05,520 Speaker 1: a corporation and you've got a set of security policies 397 00:24:05,520 --> 00:24:08,919 Speaker 1: in place, changing your password quarterly, making sure that your 398 00:24:08,960 --> 00:24:13,600 Speaker 1: systems are updated and patched. Apply those same disciplines to 399 00:24:13,680 --> 00:24:18,080 Speaker 1: your home life. So change a password on your Gmail regularly, 400 00:24:18,520 --> 00:24:24,160 Speaker 1: make sure that your home network equipment is updated and patched. 401 00:24:24,400 --> 00:24:26,440 Speaker 1: You need to make sure that those things are updated 402 00:24:26,480 --> 00:24:30,840 Speaker 1: and patched. Your home computers have basic anavirus, and those 403 00:24:30,880 --> 00:24:33,399 Speaker 1: things will make it a little bit more difficult for 404 00:24:33,800 --> 00:24:36,960 Speaker 1: the bad guys to move into your personal space. It 405 00:24:37,119 --> 00:24:40,000 Speaker 1: is a growing challenge. I will fully admit that this 406 00:24:40,119 --> 00:24:42,719 Speaker 1: is a challenge. The growth of the Internet of Things 407 00:24:42,760 --> 00:24:45,400 Speaker 1: and your refrigerator being able to call out and order 408 00:24:45,480 --> 00:24:48,520 Speaker 1: milk adds a level of risk to your home. What 409 00:24:48,560 --> 00:24:52,240 Speaker 1: we advise friends and family and clients is that you 410 00:24:52,359 --> 00:24:54,439 Speaker 1: pay attention to this. So when you read the news, 411 00:24:54,760 --> 00:24:57,320 Speaker 1: pay attention to what's going on from a cyber perspective 412 00:24:57,359 --> 00:24:59,640 Speaker 1: as well. I mean, there's always a blurb out there 413 00:24:59,640 --> 00:25:02,199 Speaker 1: somewhere about what's going on, and see how that might 414 00:25:02,280 --> 00:25:07,119 Speaker 1: impact you. It's definitely a concern across a number of things. 415 00:25:07,160 --> 00:25:10,520 Speaker 1: So I do want to touch on this for the executives. 416 00:25:10,640 --> 00:25:14,160 Speaker 1: So if you are a corporate executive, there's an entire 417 00:25:14,240 --> 00:25:16,760 Speaker 1: trend of this whale fishing where people will go in 418 00:25:16,840 --> 00:25:18,920 Speaker 1: and grab your information, make it look like it is 419 00:25:18,960 --> 00:25:21,919 Speaker 1: you send an email to your chief financial officer to 420 00:25:21,960 --> 00:25:24,040 Speaker 1: tell you to move money. It's a whole scam that's 421 00:25:24,040 --> 00:25:26,879 Speaker 1: been going around for a couple of years. Targeting often 422 00:25:26,920 --> 00:25:29,239 Speaker 1: happens at home, so if they can go after your 423 00:25:29,280 --> 00:25:31,560 Speaker 1: Gmail or your home route or they're going to do that. 424 00:25:31,880 --> 00:25:34,560 Speaker 1: What we find over and over again is if you're 425 00:25:34,680 --> 00:25:37,840 Speaker 1: a senior leader in a corporation. You're well defended in 426 00:25:37,840 --> 00:25:40,640 Speaker 1: your office, you have a team of security professionals, you've 427 00:25:40,640 --> 00:25:42,720 Speaker 1: got a lot of money invested, you've got the latest 428 00:25:42,760 --> 00:25:45,960 Speaker 1: and greatest security technology. As soon as you go home, 429 00:25:46,560 --> 00:25:50,120 Speaker 1: you are just like everybody else, and your corporate security 430 00:25:50,160 --> 00:25:52,919 Speaker 1: posture and visibility isn't coming to the home because we 431 00:25:53,000 --> 00:25:56,959 Speaker 1: as Americans value that privacy, so it's beyond the remit 432 00:25:57,160 --> 00:25:59,680 Speaker 1: of a security team from a corporation or even a 433 00:25:59,720 --> 00:26:03,199 Speaker 1: govern to protect officials at home. I can tell you 434 00:26:03,200 --> 00:26:06,040 Speaker 1: that I personally spoke to a member of Congress who 435 00:26:06,080 --> 00:26:09,040 Speaker 1: gave me their official business card with their Congressional seal 436 00:26:09,080 --> 00:26:11,960 Speaker 1: on there, and their email address was a GMAIL. That 437 00:26:12,240 --> 00:26:15,400 Speaker 1: scares me to death because that Gmail is not being 438 00:26:15,440 --> 00:26:19,000 Speaker 1: protected by the States government. That is an area where 439 00:26:19,200 --> 00:26:23,479 Speaker 1: people need to recognize that you are a target, especially 440 00:26:23,480 --> 00:26:26,440 Speaker 1: if you're in a position of political leadership or corporate leadership, 441 00:26:26,680 --> 00:26:30,080 Speaker 1: and either take the time to invest in your own security, 442 00:26:30,520 --> 00:26:34,119 Speaker 1: consider getting some consultation on how to or protect yourself. 443 00:26:34,160 --> 00:26:37,240 Speaker 1: There are some simple, free things that can be done 444 00:26:37,280 --> 00:26:41,200 Speaker 1: to improve your posture. Training is a huge benefit. Understanding 445 00:26:41,200 --> 00:26:43,960 Speaker 1: how to maybe adjust some of the settings on your 446 00:26:44,160 --> 00:26:47,199 Speaker 1: mobile devices. Making sure that you come in and just 447 00:26:47,280 --> 00:26:49,640 Speaker 1: have a basic assessment of what your posture is at 448 00:26:49,640 --> 00:26:52,600 Speaker 1: home is simple thing to do that either is low 449 00:26:52,640 --> 00:26:55,040 Speaker 1: cost or no cost. But let me do o distinction. 450 00:26:55,160 --> 00:26:59,359 Speaker 1: If you're a business executive, shouldn't thinking through protecting you 451 00:26:59,400 --> 00:27:03,200 Speaker 1: at home be part of your corporate system? It should 452 00:27:03,200 --> 00:27:06,520 Speaker 1: be in some cases it is, in most cases it 453 00:27:06,680 --> 00:27:09,480 Speaker 1: is not. How many executives have you seen that walk 454 00:27:09,480 --> 00:27:12,320 Speaker 1: around two phones. They'll have their corporate phone and they'll 455 00:27:12,359 --> 00:27:15,760 Speaker 1: have their personal phone. I've seen communications in the kind 456 00:27:15,760 --> 00:27:18,800 Speaker 1: of the cyber underground, the deep and dark web, where 457 00:27:18,800 --> 00:27:22,840 Speaker 1: people are offering bounties for executives personal email addresses and 458 00:27:22,880 --> 00:27:25,720 Speaker 1: personal phone numbers. Why because that's what they want to target. 459 00:27:25,960 --> 00:27:29,119 Speaker 1: I've seen kind of dialogues happening about why would I 460 00:27:29,119 --> 00:27:32,600 Speaker 1: bomb the hacker? Why would I attack the general on 461 00:27:32,640 --> 00:27:35,560 Speaker 1: his dot mill account when he's protected by literally an 462 00:27:35,640 --> 00:27:38,600 Speaker 1: army of cyberdefenders. When I can attack the general on 463 00:27:38,720 --> 00:27:42,000 Speaker 1: his cool account where he's got no desenses other than 464 00:27:42,040 --> 00:27:44,520 Speaker 1: AOL and all is not going to be able to stop. 465 00:27:44,520 --> 00:27:48,240 Speaker 1: But what's coming. There's been recent reporting that three hundred 466 00:27:48,240 --> 00:27:52,520 Speaker 1: to seven hundred thousand home routers in the United States 467 00:27:52,760 --> 00:27:56,679 Speaker 1: have been compromised by a suspected Russian hacker group, and 468 00:27:56,720 --> 00:28:01,439 Speaker 1: so that's moving away from corporate enterprise and businesses into 469 00:28:01,880 --> 00:28:06,080 Speaker 1: the home space. That's an extremely troubling potential where there's 470 00:28:06,160 --> 00:28:10,960 Speaker 1: definitely a lower security posture in the homes. So when 471 00:28:11,000 --> 00:28:14,680 Speaker 1: you start to look at global operations from a cyber perspective, 472 00:28:14,720 --> 00:28:18,520 Speaker 1: and you look you're talking about Russian NSA or Chinese NSA, 473 00:28:18,680 --> 00:28:21,480 Speaker 1: they have the ability to go very surgical right after 474 00:28:21,520 --> 00:28:25,680 Speaker 1: an individual or step back and try to have thousand 475 00:28:25,680 --> 00:28:28,040 Speaker 1: points of light or a thousand points of presence or 476 00:28:28,240 --> 00:28:30,560 Speaker 1: a million points of presence around the world to help 477 00:28:30,600 --> 00:28:33,360 Speaker 1: them with their sick in operations. When you start talking 478 00:28:33,359 --> 00:28:35,800 Speaker 1: about a million points of presence, how much of that's 479 00:28:35,840 --> 00:28:40,120 Speaker 1: done just by using automatic devices, whether they're bots or 480 00:28:40,160 --> 00:28:43,640 Speaker 1: other things that self propagate a love it is initially, 481 00:28:44,000 --> 00:28:47,920 Speaker 1: so there'll be scanning of the Internet constantly looking for 482 00:28:48,200 --> 00:28:52,040 Speaker 1: unpatched machines and vulnerabilities, and then they'll have a library 483 00:28:52,040 --> 00:28:56,600 Speaker 1: of exploits when their machinists scanning across Western Europe or 484 00:28:56,640 --> 00:28:59,480 Speaker 1: across North America and they find an IP address that's 485 00:28:59,480 --> 00:29:02,360 Speaker 1: reporting that it has a port open or a vulnerability, 486 00:29:02,640 --> 00:29:05,600 Speaker 1: then their exploit library will just compromise that system and 487 00:29:05,640 --> 00:29:07,280 Speaker 1: then they can take control of it and move on 488 00:29:07,320 --> 00:29:09,560 Speaker 1: to the next one. That is kind of a regular 489 00:29:09,640 --> 00:29:12,520 Speaker 1: general noise that's happening on a daily basis, which is 490 00:29:12,520 --> 00:29:14,680 Speaker 1: what a lot of the cybersecurity industry is kind of 491 00:29:14,720 --> 00:29:17,320 Speaker 1: dealing with, where you're constantly having an update and patcher 492 00:29:17,400 --> 00:29:19,680 Speaker 1: machines and make sure your firewall is up to date 493 00:29:19,720 --> 00:29:23,720 Speaker 1: and your annavirus is good. Criminals can do that. Sponsored 494 00:29:23,800 --> 00:29:26,920 Speaker 1: organizations can do that. Teenagers in their basement can do that. 495 00:29:27,840 --> 00:29:30,240 Speaker 1: But when you start to move into the higher order 496 00:29:30,320 --> 00:29:34,840 Speaker 1: advanced groups, state sponsored with national level backing and funding, 497 00:29:34,840 --> 00:29:38,120 Speaker 1: and they're creating zero days, which is an exploiter a 498 00:29:38,240 --> 00:29:42,160 Speaker 1: piece of malware that has no signature. So the way 499 00:29:42,200 --> 00:29:44,880 Speaker 1: most antiviruses work as they're based off of the signature, 500 00:29:44,920 --> 00:29:46,719 Speaker 1: so it has to know that this is a malware. 501 00:29:46,840 --> 00:29:48,920 Speaker 1: It creates a fingerprint for it, and then it can 502 00:29:48,960 --> 00:29:51,680 Speaker 1: look for it some other place. A zero day would 503 00:29:51,720 --> 00:29:54,520 Speaker 1: be something that has never been detained before, and it 504 00:29:54,520 --> 00:29:57,560 Speaker 1: can run for a long time until it's actually identified. 505 00:29:58,000 --> 00:30:01,240 Speaker 1: The fingerprint created and then put into your anavirus. When 506 00:30:01,280 --> 00:30:05,000 Speaker 1: you have state sponsor organizations that have dedicated funding. They're 507 00:30:05,040 --> 00:30:08,480 Speaker 1: constantly looking and creating new zero days. They have a 508 00:30:08,520 --> 00:30:11,720 Speaker 1: library full of weapons, if you will, that they can 509 00:30:11,800 --> 00:30:14,560 Speaker 1: use to continue to maintain access in places that they want. 510 00:30:15,240 --> 00:30:17,120 Speaker 1: How would you change things if you could get the 511 00:30:17,160 --> 00:30:20,000 Speaker 1: President and the Congress to agree. I think there's a 512 00:30:20,040 --> 00:30:23,440 Speaker 1: couple of things that we should be doing that are 513 00:30:23,800 --> 00:30:26,040 Speaker 1: less provocative than others, and it can kind of go 514 00:30:26,200 --> 00:30:28,760 Speaker 1: from a scale. We should be taking more advantage of 515 00:30:28,920 --> 00:30:32,600 Speaker 1: encryption and encrypting our data at rest. It's very, very 516 00:30:32,640 --> 00:30:35,920 Speaker 1: difficult for it to be utilized because it's encrypted, and 517 00:30:35,960 --> 00:30:37,680 Speaker 1: you've got to spend a lot of time and resources 518 00:30:37,720 --> 00:30:40,720 Speaker 1: to decrypt that stuff. As just a fundamental policy, we're 519 00:30:40,760 --> 00:30:43,520 Speaker 1: not doing as much as we could there. As just 520 00:30:43,600 --> 00:30:47,080 Speaker 1: a hygiene perspective, there would be a good cause at 521 00:30:47,120 --> 00:30:49,800 Speaker 1: some point in time for the American public to know 522 00:30:50,440 --> 00:30:54,760 Speaker 1: more about what's going on. We have a tendency to 523 00:30:54,800 --> 00:30:57,760 Speaker 1: classify a lot of stuff, and some of it absolutely 524 00:30:57,760 --> 00:31:00,960 Speaker 1: one hundred percent needs to be classified. Maybe some arguments 525 00:31:00,960 --> 00:31:03,280 Speaker 1: where some of it shouldn't be and people need to 526 00:31:03,280 --> 00:31:06,280 Speaker 1: know about it. If I had the ability to make 527 00:31:06,360 --> 00:31:10,600 Speaker 1: some changes now, I would hope that we could get 528 00:31:10,600 --> 00:31:14,240 Speaker 1: both sides of the aisle to stop looking at each 529 00:31:14,240 --> 00:31:18,840 Speaker 1: other as the enemy and look outward at Russia and 530 00:31:18,960 --> 00:31:21,840 Speaker 1: China and what they're doing to us as a country. 531 00:31:22,160 --> 00:31:25,400 Speaker 1: So we're too busy pointing a finger at each other 532 00:31:26,000 --> 00:31:29,160 Speaker 1: over things then looking outward. I mean, if you kind 533 00:31:29,200 --> 00:31:31,720 Speaker 1: of look back over the last few months, in the 534 00:31:31,800 --> 00:31:35,080 Speaker 1: last year and the whole Russia thing. The Muller Report 535 00:31:35,200 --> 00:31:38,400 Speaker 1: talks about Russia doing some things, but the since you 536 00:31:38,520 --> 00:31:41,880 Speaker 1: get from the way it's being projected on a daily 537 00:31:41,920 --> 00:31:44,520 Speaker 1: basis is is still more of a focus on the 538 00:31:44,560 --> 00:31:48,000 Speaker 1: Trump administration than on what Russia was actually doing and 539 00:31:48,200 --> 00:31:51,720 Speaker 1: has been doing since the Cold War. There are just 540 00:31:51,800 --> 00:31:54,880 Speaker 1: as many or more Russian spies in the United States 541 00:31:54,920 --> 00:31:56,600 Speaker 1: now than they weren't a peak of the Cold War. 542 00:31:56,960 --> 00:31:59,240 Speaker 1: But that's not what we're talking about. We're talking about 543 00:31:59,280 --> 00:32:01,840 Speaker 1: the wrong thing. So that would be the next year 544 00:32:02,040 --> 00:32:04,840 Speaker 1: is so let's make a data that sits on our 545 00:32:05,000 --> 00:32:09,040 Speaker 1: enterprises more difficult to capitalize on because you encrypted, let's 546 00:32:09,040 --> 00:32:12,720 Speaker 1: get our political leadership to stop throwing stones at each 547 00:32:12,760 --> 00:32:16,080 Speaker 1: other and pay attention to what's impacting our country from 548 00:32:16,080 --> 00:32:20,280 Speaker 1: an external forces perspective. And then three, we need to 549 00:32:20,320 --> 00:32:24,959 Speaker 1: have the political resolve to escalate and for people to 550 00:32:25,040 --> 00:32:28,800 Speaker 1: understand why this is happening. I don't know what the 551 00:32:28,840 --> 00:32:31,080 Speaker 1: line is where you would start to go kinetic on 552 00:32:31,200 --> 00:32:34,400 Speaker 1: something like this, but one point five trillion dollars over 553 00:32:34,480 --> 00:32:38,360 Speaker 1: five years in economics theft is a huge number and 554 00:32:38,560 --> 00:32:40,920 Speaker 1: something should be done about that. And there needs to 555 00:32:40,960 --> 00:32:45,200 Speaker 1: be some concern by these units that sit in Moscow 556 00:32:45,280 --> 00:32:49,240 Speaker 1: or Beijing and are basically operating with impunity. I mean 557 00:32:49,360 --> 00:32:52,960 Speaker 1: Muller doing an indictment on GRU officers and naming them, 558 00:32:53,040 --> 00:32:56,959 Speaker 1: saying this major in the GRU at seven fifteen in 559 00:32:57,000 --> 00:33:00,800 Speaker 1: the morning did this event? Is telling them what we know, 560 00:33:01,520 --> 00:33:05,160 Speaker 1: but nothing's happening to these individuals or the country or 561 00:33:05,200 --> 00:33:08,120 Speaker 1: the government. From that perspective, I don't have an answer 562 00:33:08,480 --> 00:33:11,400 Speaker 1: other than I think if we had our political leadership 563 00:33:12,640 --> 00:33:16,520 Speaker 1: working together to come up with some better solutions is 564 00:33:16,560 --> 00:33:19,800 Speaker 1: the first step. And that's definitely not happening right now 565 00:33:19,840 --> 00:33:22,960 Speaker 1: because we focus on for your political cycles and the 566 00:33:23,080 --> 00:33:26,640 Speaker 1: constant campaigning and that type of thing, so we're losing 567 00:33:26,640 --> 00:33:31,200 Speaker 1: the ability to actually protect against the strategic threats in 568 00:33:31,240 --> 00:33:33,880 Speaker 1: the long term. I'm just very grateful to you for 569 00:33:34,640 --> 00:33:37,880 Speaker 1: taking the time and sharing all this knowledge with us, Yes, sir, 570 00:33:38,000 --> 00:33:48,880 Speaker 1: my pleasure. Thank you to my guest Chris Gore. You 571 00:33:48,880 --> 00:33:52,080 Speaker 1: can learn more about America's secret cyber war on our 572 00:33:52,120 --> 00:33:56,640 Speaker 1: showpage at newtsworld dot com. Newtsworld is produced by Westwood One. 573 00:33:57,080 --> 00:34:01,200 Speaker 1: Our executive producer is Debbie Myers and oducer is Garnsey Sloan. 574 00:34:01,720 --> 00:34:06,040 Speaker 1: Our editor is Robert Borowski, and our researcher is Rachel Peterson. 575 00:34:06,520 --> 00:34:09,960 Speaker 1: Our guest booker is Grace Davis. The artwork for the 576 00:34:10,000 --> 00:34:14,440 Speaker 1: show was created by Steve Penley. The music was composed 577 00:34:14,480 --> 00:34:17,880 Speaker 1: by Joey Salvia. Special thanks to the team at Gingrash 578 00:34:17,880 --> 00:34:22,240 Speaker 1: three sixty and Westwood Ones, John Wardock and Robert Mathers. 579 00:34:23,000 --> 00:34:26,960 Speaker 1: Please email me with your comments at newt at newtsworld 580 00:34:26,960 --> 00:34:30,600 Speaker 1: dot com. If you've been enjoying Newtsworld, I hope you'll 581 00:34:30,640 --> 00:34:33,560 Speaker 1: go to Apple Podcasts and both rate us with five 582 00:34:33,640 --> 00:34:36,879 Speaker 1: stars and give us a review so others can learn 583 00:34:36,880 --> 00:34:46,880 Speaker 1: what it's all about. On the next episode of Newtsworld, 584 00:34:47,600 --> 00:34:51,759 Speaker 1: twenty five years ago, we began the Republican Revolution with 585 00:34:51,880 --> 00:34:55,160 Speaker 1: a set of promises to the nation called the Contract 586 00:34:55,160 --> 00:34:59,080 Speaker 1: with America. Republicans gained the majority of seats in one 587 00:34:59,160 --> 00:35:02,120 Speaker 1: hundred and fourth for the first time in forty years. 588 00:35:02,880 --> 00:35:06,280 Speaker 1: Next week, I'm looking back at that time and revealing 589 00:35:06,280 --> 00:35:10,719 Speaker 1: my own personal experience. I'm new Kingridge. This is Newsworld, 590 00:35:19,600 --> 00:35:21,960 Speaker 1: the Westwood one podcast network.