ad-free
Channel / Source:
TEDx Talks
Published: 2013-02-01
Source: https://www.youtube.com/watch?v=YiUN35Ikdfw
we see it every day in the news the past decade the battles that are being waged across the Middle East on the YouTube and Facebook we get instant updates through satellites to give us a front row seat into the action like never before the cameras don't capture is that there is another war going on beneath the surface a digital cyber world with the battles are not
being fought with bombs and bullets but with bits and bites my name is not Doug Smith but it could be if I wanted it to my real name is Eric Winnsboro and for the past two decades have been involved in creating the next generation disruptive technologies at companies such as Symantec and McAfee I currently run a cyber security company made up of P. H. D.'s from
MIT and scientists from the national labs who are tasked by the US government to create the next generation of cyber technology our customers include the office of the secretary of defense and the department of homeland security if there's one thing I'm certain of its this that what's going on today in cyber espionage will profoundly impact our lives and we may never even realize that if you
think about it a lot of technologies that impact our lives had been coming from government sponsored research into next generation defense technologies last generation the Cold War created technology such as the computer satellite communications and the navigation and even the internet it is so permeated our everyday lives it's gone to the point where we can't imagine ever having lived without it to be able to see
half way around the world instantly are just navigate around the block so if yesterday's next generation technology has such a profound impact on us today them once today's next generation technology I'm gonna show you the future of cyber espionage with technology that actually being created today to protect nations there are cyber battles taking place throughout the world and we don't even realize that it's gotten to
a point of a confluence emerging between man and machine in the digital cyber world where we can never tell them apart this is the age of the cyber spy now when we think of spicy might share Hollywood's image of the dashing in daring secret agent who sneaks into into some underground nuclear facility somewhere halfway around the world to protect us from a nuclear threat sometimes Hollywood
goes a bit too far in this case however they don't go far enough you see governments today would never send a human operative into such a secret location he'd never get in today's visor cyber spies you see it used to be that James Bond used technology today James Bond is technology I want to walk you on a journey into the future but before I can take
you there I have to take you to the past to where the first virus actually started and the beginning of this journey of convergence the first virus was actually written into a floppy disk video game inserted into a Macintosh yes ironically the world's first virus was aimed at a mac ma I have the world has changed and we call these types of viruses sneaker where you
literally had a walk around to install it this is the first level of convergence where man is completely separate from machines joined only by a pair of red sneakers if James Bond wanted to insert a virus into a computer in a nuclear facility he'd have to sneak into scuba gear installed himself I love you well not you we've only just met I'm talking about Melissa Melissa
is not my wife she's a stripper from Miami you see around the year two thousand or why two K. the Melissa virus named after the virus writers favorite stripper from was the world's first email borne virus it was inserted into an email attachment and sent with the subject line I love you once the touching was open the process repeated itself and within three months the world's
email systems were clogged up inadvertently becoming the world's first spam but this also marks the second leg of our convergence story because this is now the first time where man is leveraging technology to do work this would be the time that James Bond used technology but then in the September of two thousand and one the world changed and I'm not talking about nine eleven I'm talking
about one week later with the internet world changed this was the introduction of cold read could read was an email virus it wasn't a zombie a Trojan it was all of the above it was the world's first complex blended threat it it went around the world in three days by September twenty first it effected two point two million systems worldwide governments took notice because they realized
they could take this technology and bring it up to a whole other level to do the work it's human spies could not the center is the third face phase where technology replaces people this is the beginning of the era of the cyber spy I'm gonna tell you a little bit about this how this cyber spy technology works I'm gonna take you on a real life mission
that happened just before the end of last decade way off in the Middle East you might already have guessed its mission sneak in to an underground nuclear facility halfway around the world to protect us from a nuclear threat this is the nand taz nuclear fuel enrichment facility in Iran and so is this from space the allied nations were worried that this man president Ahmadinejad was using
those very centrifuges to create more nuclear fuel than he needed for electrical energy production and they were right he was also using those centrifuges to create nuclear fuel for atomic weapons they needed to destroy those centrifuges but how are they going to do it they couldn't send any human agent in a scuba gear in the middle of a desert and they actually debated sending in fighter
jets to drop bombs and blow the place apart little Massie and not good PR I mean imagine the follow and how I know I know need to you just wait so instead of dropping a bomb they dropped a bug very clean it was a group you they called it operation Olympic Games what a great name for it's a clean operation I was here for the Olympics
in Vancouver it was clean it was fine it's a great name it is great name you know if they wanted to stick with our old plan and set fire to everything and have followed for years they would call it operation Stanley Cup because actually expecting some booze there live at their but they had to get the agent in and there are several ways they do it
I can't describe them all but one that was at least publicly shared with this one so that's what we'll go with minister they did insert the agent program in two U. S. B. sticks and then they scattered those USB sticks around the compound some workers did manage to pick them up and insert them in their computers I don't look you know the story before you did
didn't you too judgmental think about this what would you do if you found a USB stick think about that the next time you go to a trade show in some stranger from marketing he says Hanjour USB and says read my collateral I don't know how many security trade shows I've been to where that's happened now that is a different story but the agents did get and
then they did what all good agents do they started doing reconnaissance they started working their way around the network walking the hallways so to speak looking for its targets target was that Siemens that's a seaman's box was a controller for the centrifuges and once they found it they inserted a root kit and a weapons payload that forgive me altered the programmable logic controller of the steps
have been software in the I. application and then a phone home in several ways phone home and gave the Americans and Israelis full command and control over that Siemens controller which of then of course went and spun off the centrifuges to such a state of supersonic speed that they literally fell to pieces they destroyed the centrifuges for months quite frankly without ever stepping foot into the
facility the program was a smashing success Ahmadinejad was beside himself he was firing his best scientists at the thought they were incompetent one small problem no the allied spent so much time trying to get this agent in they didn't think about what if he actually got out and that's the program actually did and it did its job and started searching its way for other Siemens controllers
first in Iran and the Middle East when you're up and all the way to the doorstep the nuclear facilities in America now before you get a little nervous this by new its programming it was told to look for specific signature of that controller Nantasket didn't do anything however it's cover had been blown Keerthi industry chiefly a researcher from Kaspersky lab's founder the most was once a
covert operation to protect us from a nuclear threat became known as the advanced persistent threat Stuxnet pitch you've ever heard of it now there are battles like this going on all around the world and even in our backyards and we don't even realize it the Chinese are particularly good at this that video you saw earlier that's just marketing you don't see what else goes on so
let me explain about last year the Chinese successfully hacked into the RC security company through the HR department and like stocks that they weave their way around to find what they were after they found the confidential customer passwords for SecurID tokens were these tokens do they get you into networks like military contractors Lockheed Martin Northrup Grummond L. three and given Lockheed Martin make stealth fighter planes
you can imagine why that's a good target but they also focused on business operation Aurora you might have heard about because it was famous for successfully breaching Google's network but what people don't realize is that operation Aurora was about successfully targeting more than twenty companies from Intel to Morgan Stanley and here at home companies like Nortel were not immune the Chinese had C. E. O. level
access to confidential information and documentation for nearly ten years and if you're involved in natural resources for example bidding in the oil sands especially against the Chinese a little bit of a wake up call you might want to look up something called operation night dragon it brings a whole new meaning to the term bidding wars now these researchers at Kaspersky who discovered Stuxnet also recently recruit
released a report that said that the number of network intrusions around the world in a single year had skyrocketed from two hundred and twenty million that's already a big number two one point three billion what is going on what's the implications for all of us nationally or even personally well nationally you can see why governments are so concerned it's not just about international espionage it's about
the only infrastructure that we have after all if you can take out a nuclear facility in Iran what's stop them from returning the favor and if you're going to talk a nation you want to take out the communications network and the infrastructure like banking and what we're talking about technology replacing people in this current level of convergence then who flies commercial airplanes these days is that
pilots programs if a decade ago a number of operatives human operatives could storm into the cockpit of an airline what's to stop the program from invading an autopilot with air traffic control just last week Leon Panetta the secretary of defense for the United States publicly one record and said there's a high probability and I quote of a cyber Pearl Harbor with physical destruction and loss of
life now what about us individually there are a lot of hackers are so intelligent they know how to reverse engineer these types of attacks and use some of those techniques for their own gain you might have heard last year over a hundred million user accounts were stolen from Sony PlayStation network I see some nodding heads but you know what you might not have known is that
those attacks actually happened over a series of six several months many different individual attacks and Sony never realized it and as we get more and more dependent on internet appliances you know I wonder what's next taking over our food supply may be creating killer cookie robots you know the government always warned me about the queues were bad for our children but I just never knew a
little bit more seriously if we think about the centrifuges often around or we could spin them up and out of control until they fell to pieces what other devices are we reliant on under the assumption of perfectly secure wireless internet connectivity if this scares you just a bit remember this that our parents generation were so terrified of the technologies that were getting invented during the Cold
War that they built bomb shelters and yet they survive in those very same technologies that terrified them are changing our lives today in a way we can ever imagine living without them they also member this those technologies and talking about were invented last decade I promised you that I would take you on a vision to espionage of the future with technologies that are being invented today
so let me share that with you now I'm gonna take you down a digital wormhole a worm hole by the way that we plan to send those attackers you see if you're gonna defend yourself against technology that replaces people then the next step of convergence is to create technology that behaves like people that in a digital world you cannot tell one from the other we're capable
of creating massive network so real that you cannot tell them apart so when those attackers come in to a nuclear facility or to an HR department instead of finding the real network they find hours and they walk around it just like stocks that tried to do with the Chinese did looking for systems to in fact but instead of finding real ones they find hours the shadow
systems that look and behave just like real employees checking their emails were spending too much time on Facebook yet we know but here's the thing if one of those attacks programs send us an email attachment and ask us to open it we gladly do if they ask for confidential data we happily handed to them hoping they call home because in the shadow network for watching and
recording I'm actually gonna show you such a recording now I gotta be honest here we couldn't show you everything we had to actually change a lot of names scribble out some IP addresses and we're not allowed to bring you as deep into the network as we want the good thing because if we showed you everything we have to shoot you or even worse even worse make
you a government employee so this is like I said a real video those aren't the real locations course but what Israel is it did attack did start in the HR department it actually did may be a coincidence there's a real real systems doing emails real people sending out backing up their system but they're actually impacted with this spy program and we don't know what so then
we turn on our shadow network these are systems that behave like real the interlaced with the actual systems and they start communicating in fact that's the bad guys that communicate to us into our systems and we let them come on and send me an attachment because when they do that we have every bit of information because we can't look into the real computers but we can
look into ours and we can see what processes they use and then decide to quarantine the actual system using software defined networking and then they can't talk out to the real word instead we tunnel them down to a shadow HR department that isn't real but just behave like real and they can take whatever they want and we know exactly where they're going now what will we