Try out our new FREE Youtube Summarizer!

Fighting Cybercrime on the Dark Web

Dark Web Fighting Cybercrime Full Hacking Documentary

Estimated read time: 1:20

    AI is evolving every day. Don't fall behind.

    Join 50,000+ readers learning how to use AI in just 5 minutes daily.

    Completely free, unsubscribe at any time.

    Summary

    In the documentary "Dark Web Fighting Cybercrime," The Cyber Network explores how the rapid advancement of technology creates vulnerabilities that cybercriminals exploit for immense financial gain. It traces the history of cyberattacks from early internet days to the present, where organized hacker groups operate on the dark web. The documentary emphasizes the growing sophistication of cyber threats and the role of AI in battling these challenges. The increasing interconnectivity in everyday life, through the Internet of Things, has heightened the risk landscape, making cybersecurity a shared responsibility for all.

      Highlights

      • In today's digital world, every connection creates a vulnerability for cyberattacks. 🤖
      • The Morris Worm, the first widespread internet worm, impacted 10% of computers connected internationally in 1988. 🐛
      • Cybercrime has evolved significantly, with billions in losses and a thriving dark web marketplace. 💸
      • The Internet of Things increases our exposure to cyber threats, with hackers targeting everything from cars to refrigerators. 🚗🍴
      • Artificial intelligence is becoming a crucial tool in the battle against cybercriminals, helping to quickly identify and respond to threats. 🤖⚔️

      Key Takeaways

      • Cybercrime is a growing threat, with the dark web hosting a thriving marketplace for illicit activities. 🌐
      • Hacking has evolved from small-scale pranks to well-organized cybercriminal operations with significant financial impacts. 🕵️‍♂️💰
      • AI and cybersecurity professionals are constantly evolving to combat the ever-changing landscape of cyber threats. ♟️

      Overview

      The documentary begins by presenting the dual nature of modern technology — while it provides immense convenience, it also poses significant risks in the form of cybercrime. Hackers manipulate the vast connectivity of our digital world to exploit vulnerabilities and steal valuable information, leading to substantial financial losses. The narrative sets the stage for understanding the complex battle between cyber criminals and security experts.

        As the documentary unfolds, viewers are taken on a journey through the evolution of cybercrime, from the accidental release of the Morris Worm to today's advanced hacker collectives and cybercriminal marketplaces on the dark web. The narrative showcases the increasing sophistication of attacks and their severe implications for individuals, businesses, and even governments. The film highlights how the rapid digitalization of daily life has expanded the targets available to cybercriminals, illustrating the need for advanced defensive measures.

          In the fight against cybercrime, artificial intelligence emerges as a notable ally, offering a way to sift through the avalanche of data to detect potential threats swiftly. The documentary emphasizes the importance of collaboration between AI and human expertise, suggesting a future where this partnership could turn the tide against cybercriminals. It wraps up with practical advice on personal cybersecurity, underlining the shared responsibility in securing our digital lives.

            Dark Web Fighting Cybercrime Full Hacking Documentary Transcription

            • 00:00 - 00:30 (upbeat music) Every day is a technological miracle. (device beeps) (air whooshing) You can drive, bank, travel, connect with friends and family, (air whooshing) even run your home from wherever you are. (air whooshing) But all that convenience has a dark side. Every different connection creates another opportunity for a hacker to get in. We're seeing billions and billions of dollars of loss from cyber crime. (suspenseful music) There are those who have been hacked and know it, and those who have been hacked and don't know it yet.
            • 00:30 - 01:00 You will get hacked, and you have to understand how to react to it. In the next hour, you'll learn how cyber criminals operate. And there are hackers out there that work in highly organized groups. And these bad guys are brilliant, they're smart. they come up with innovative new ideas. How teaming up with artificial intelligence helps the good guys stay one step ahead. I want You to now think like threat hunters. And what you can do to protect your priceless data. The bad guys have to get it right just once, we have to get it right all the time. (dramatic music)
            • 01:00 - 01:30 (suspenseful music) The internet was born in the late 1960s as ARPANET, a small network of government computers sharing information from opposite sides of the country. By the early 1980s, people all over America were dialing into the internet from their schools, homes, and workplaces, (modem beeping) and it was just a few short years before it was hacked. In 1988, college student Robert Morris admitted that he created an electronic worm with the intent to penetrate research computers
            • 01:30 - 02:00 in a nationwide network. The first hackers were interested in exposing flaws in the early world of the internet. It was called the Morris Worm, after the college student who actually developed it. In his attempts to try to gauge the size of the internet, develops one of the most replicated worms that we've seen on the internet. As he was developing it, he made a coding error, and in that coding error, it allowed the worm to replicate itself causing computers globally to be unusable.
            • 02:00 - 02:30 By accident Robert Morris's worm brought down 10% of computers connected to the internet, and cost $98 million to clean up. So it was one of the largest widespread worms that the internet up to that date had ever seen. But hackers' ability to penetrate systems, and banks, and the government quickly caught the interest of criminals who saw a new frontier. It really was on the internet, it started becoming a place for businesses, a place to buy things, (mouse clicking) a place to maybe visit your bank,
            • 02:30 - 03:00 that crime became a thing. While robbing a bank and exposing yourself to physical danger and risking your life. (gas exploding) (people coughing) Stealing money online carried almost no risk whatsoever. In the early 2000s, the scale of things were such that it could be almost ignored, meaning banks were able to kind of eat the costs if some of their customers lost money. With the added bonus that instead of robbing one branch of the bank, you could rob the entire bank at once, cyber crime escalated quickly.
            • 03:00 - 03:30 I started working on identity theft, and credit card fraud cases in 2002, and at the time it seemed a significant case when we had 12 victims of identity theft, or 25 credit cards that were stolen with $70,000 of loss. Now credit cards are stolen by the millions, and we're seeing billions and billions of dollars of loss from cyber crime. (device clicking) Every year the haul grows, in 2014, cybercrime cost the global economy $450 billion,
            • 03:30 - 04:00 that number skyrocketed to $3 trillion just one year later. It used to be the banks are the target. Why? Because that's where the money's at, but now there are so many types of targets out there. Being connected makes us very vulnerable, every different connection you have in the network, be it a logical, social, or physical connection creates another opportunity for a hacker to get in. As we've made our lives more digital, we've opened up our lives, our digital information, medical records, these things are all connected to the internet.
            • 04:00 - 04:30 And there are hackers out there that work in highly organized groups, that are well-funded, that are working together, so that they can steal that information, sell it and make money, this is the essence of modern cybercrime. The 2017 breach of a major credit reporting agency compromised the data of over 143 million Americans, criminals stole social security numbers, birth dates, and more. And today's cyber criminals have moved beyond simply stealing money or data. We've seen a significant increase in ransomware attacks,
            • 04:30 - 05:00 where essentially hackers are taking the data on a computer and locking up that data by encrypting it, and requiring the user to pay a ransom. In the summer of 2017, the WannaCry ransomware held computers hostage, and businesses large and small in 150 countries. So here we have a computer with WannaCry on it, and this is the file that was downloaded, so now if I click on it, and you're getting a warning on your desktop that files are being encrypted. (dramatic music) So now we have actually the WannaCry interface that's saying payment is due within the next three days,
            • 05:00 - 05:30 and they're actually asking here for $300 worth of Bitcoin, and you have to pay them in a certain period of time, otherwise the price will go up, and in seven days, the data will be completely destroyed. (suspenseful music) At this point, all the files on this computer are encrypted, and I can't touch them unless I pay them the money. (suspenseful music) $300 is a lot of money for a consumer, but it's a tiny sum compared to the ransoms demanded of large companies for major ransomware attacks. So when attacking companies, they were no longer able to do business,
            • 05:30 - 06:00 the National Health Services in the UK was basically crippled, they had to turn patients away. (sirens beeping) So you're talking about potentially lives on the line, we are expecting technology to do more, and more things for us because of that, greater vulnerability is being built into our everyday lives. We live in a world that grows more connected every day, it's called the Internet of Things, and it's not just your smartphone. (phone beeping) Today, everything from your car, to your door locks, to your refrigerator can go online.
            • 06:00 - 06:30 Every connection to the internet is an opportunity for a hacker to get in. Think about all the ways your life connects to the internet. In the year 2015, there were about 15 billion connected devices worldwide, that's two devices for every person on the planet. Just as our technology is getting more complex, the bad guys are not behind in the sense that they're watching, they're observing, and they're innovating. The number of devices is projected to grow from 15 to 80 billion in the next 10 years. Anything can be targeted.
            • 06:30 - 07:00 Unfortunately, a lot of the products that we're seeing today go to market first, because they wanna be first guys to offer it with the best features, and security is still somewhere down the list in terms of things that should be considered. Cars that are internet enabled being hacked so that they would stop on the highway. (tires screeching) (car horn blowing) Webcams that are being turned on for spying purposes, baby monitors, where the cybercriminals could speak to the children in their rooms. There was an incident of an attack on an internet enabled toilet in Japan,
            • 07:00 - 07:30 where the toilet was then doing surprising things because it had been hacked. Hackers can even turn your devices into weapons without you knowing it. Once that happens, your device becomes what's known as a zombie There were a number of internet enabled devices in the United States that were operating under the default password that were taken over, and become what's called zombie computers, which were used to inject significant flow of clutter of traffic to block other networks.
            • 07:30 - 08:00 They called the computers, the zombies, those that are unwittingly, their devices are now becoming weaponized in a way to pull down websites. Think of what is it, Black Friday, large crowd of a thousand people, everybody's rushing in the door at the same time, it's gonna prevent some people from getting in the store. You're flooding the website itself, the traffic, so that website can't operate. Think about the massive number of devices that are now connected to the internet globally. The possibilities are endless
            • 08:00 - 08:30 in terms of the type of cybercrime that we could all be exposed to. (dramatic music) The question is where do cybercriminals get the tools of their nefarious trade? And how is a hidden online marketplace fueling the explosive rise in cybercrime? (dramatic music) There's a saying of, there are those who have been hacked and know it, and those who have been hacked and don't know it yet. 556 million people already fall victim to cybercrime each year. By 2020, there will be 50 times more information stored online, 50 times more opportunities for cybercriminals.
            • 08:30 - 09:00 We should be aware that we're constantly being targeted. And these bad guys are brilliant, they're smart, they come up with innovative new ideas. The technologies are advancing so quickly, and the opportunities for criminals to victimize individuals and companies and governments are so vast that it's very hard for law enforcement to stay apace with the cybercriminals. Financial crimes and identity theft are just tip of the iceberg of a much more sinister criminal presence on the web. When we think over the internet, we think about it in three layers,
            • 09:00 - 09:30 the clear web, the deep web, and the dark web. Clear web is anything that you can find on search engines. Deep web is anything behind a username and passwords. The dark web is a separate area, where you have to have specialized software to actually gain access into it, and start viewing the websites that are there. Go to the darkest corners of your mind, and you'll find that in the darkest corners of the dark web (dramatic music) Drugs, guns, passwords, credit card numbers, even humans, all for sale to anyone with crypto cash. Everything on the dark web is sold in Bitcoins
            • 09:30 - 10:00 because that secures the transaction, so the dark web allows the buyer to remain anonymous. The fact that the website is on the dark web means that the seller is anonymized, and then Bitcoins and other cryptocurrencies allow the transactions to be anonymized. Whatever you're really looking for, you can find it. This is a drug market for example, and you can see that they're selling different types of drugs, you can see the prices here are all in Bitcoins translated to US dollars. All you have to do is define the quantity, click buy, and you can start buying these things.
            • 10:00 - 10:30 Here's another website, this one sells counterfeit money, so you can buy fake money for basically half the price of the real value. So these guys will create passports, ID cards, driver's license, you can see the prices in Bitcoins are much higher here, and we're really just scratching the tip of the iceberg because it gets a lot deeper and nastier at the more you go down this rabbit hole. The dark web is a place where cybercriminals can gather with impunity. (air whooshing) You should ask yourself,
            • 10:30 - 11:00 "how will I, as a bad guy, get the service from this other bad guy?" And that's why criminals created markets where you don't have to just trust this guy who says who he is, you can see actual ratings and products. Just like you would look up ratings and reviews before choosing a restaurant, or making a big purchase online, (mouse clicking) cybercriminals shop for sophisticated hacks and scams on the underground markets of the dark web. And here you can actually search for whatever you want, so for example, I searched for ransomware. I can see the actual vendor,
            • 11:00 - 11:30 and the offer, and the price, and then you'll get full information about the offering. So this seller for example, has 556 five star reviews in the last month alone. These were left a couple of days ago. "What can I say? My new number one fraud guy." So now you know that you buy from this guy, and you can buy with confidence because he delivers. This is how you create trust in an untrusted environment, they created a market which is safe for them to deal with. These markets exist, and they are thriving, couple of them have been taken down by law enforcement,
            • 11:30 - 12:00 which is great, but there are dozens others. Life has become easier for the criminals today. (suspenseful music) We have to keep in mind that our information is out there, so whether if it's your personal computer that's going to be targeted by some sort of virus, or a company that you work with, or somewhere that you bought something, we have to assume this type of information will be available to attackers at some point. So here's an example of a website where information from a breach is exposed, and you can see here, emails and passwords. In this case, we have an individual here, David Adams,
            • 12:00 - 12:30 and we have his password, once we start searching for that name, and searching for that email, we can start finding out his social media presence. We can find him on different social networks, see what he likes to do, what are his hobbies, in this case this guy obviously likes working out, surfing and his dog. We can also see his professional profile, see what companies he worked for, what he does, maybe he is higher up in the chain, so he would be a good target for us to try and go after. We can craft a phishing email, if he'll click on the link on it,
            • 12:30 - 13:00 it'll look like it's coming from some sort of a vet service, but actually what has happened in the background is he'll get infected with malware. Now it's up to us what we wanna do, do we wanna lock down his computer, and ask him for a ransom? Do we want to just remain under the radar, and collect username and passwords that are used, maybe gain access to some backend systems that he uses at work. Now, what I'm doing here is what an unfunded, unmotivated attacker can do in five minutes. Now, what happens when you have a funded, motivated attacker? How much information can they gather about you? It really is up to the attacker to decide how you wanna approach it.
            • 13:00 - 13:30 For cybercriminals selling hacking tools on the dark web business is booming. You also have people who sell and offer different services in the criminal underground that help you perform cybercrime, so you don't have to be a genius to do these, you can just go online and purchase services. One of the things that has made cybercriminals successful is that partnership with each other, use of information, "hey, my attack that I did on so-and-so worked really well, you want it? It'll cost you a little bit, but you can have it."
            • 13:30 - 14:00 You have military grade weapons on the dark web, and now it can be used by anybody. I personally can't buy an atomic bomb or hire SEAL Team Six, (explosion blasting) but I have the equivalent online. As the dark web has changed the way hacks are freely bought and sold, the typical cybercriminal has evolved from a lone computer savant to something much more frightening. (dramatic music) The stereotype of hackers is it's somebody sitting in a basement in a dark room, typing away on a keyboard in a hoodie. (keyboard typing) That isn't what we're dealing with at all,
            • 14:00 - 14:30 they are highly organized, they work kind of nine to five, just like the rest of us do, they take the weekends off. And how do we know this? Because they launch most of their attacks on a Friday evening before they head home for the long weekend, and then they come back in on Monday morning to see how those attacks went. I mean, hacking is a business, it's an industry, by some estimates it's trillions of dollars a year and rising. These hackers are out there to make a profit, they actually have expenditures, they sometimes they have payroll,
            • 14:30 - 15:00 they have benefits to their employees. The organizations themselves are sophisticated, they're a bureaucratic organization itself, where people are compartmentalized, so if one person is compromised, he or she does not even know the other players in the organization Attribution is really difficult because the dark web allows you to remain anonymous, and there are other tools that allow to hide who you are. Somebody who is sitting somewhere in the Middle East can be targeting somebody in South America, but like make it look like it's coming from Europe. (air whooshing)
            • 15:00 - 15:30 And it may look like an intrusion came from a certain computer in a certain state, but it maybe that that computer itself was the victim of a hack, and there was one hop, two hops, or multiple hops between the cybercriminal and the ultimate target of the crime. Worldwide cybercrime costs are expected to reach $6 trillion by 2021. Keep in mind that the attackers are very agile, they're very fast, and we have to be just as fast, if not faster, in order to stop these things. (dramatic music) What chance do we have against an enemy who is faster, better armed, and doesn't play by the rules?
            • 15:30 - 16:00 It turns out there is one tool that could revolutionize cyber security and even the odds. (suspenseful music) Security is always a battle against hacker and defender. The attacker wants to break in, the defender wants to stop him. Now, we find is that (metal banging) on the internet, attackers generally have the upper hand, the attacker will come up with a new attack first, and the defender will react, it's rarely the other way around. That is an arms race fueled by technology. (missile blasting)
            • 16:00 - 16:30 Arms races used to be the exclusive domain (propellors whirling) of nation, states, and governments, but the internet is changing that. (propellors whirling) Unlike the typical military missile, (missile exploding) which is not so easy to purchase on the open market, cyber weapons are different. It goes to whoever has the enough money to actually purchase them. Historically, there's always been this line between the private sector and the government, and there was no need to actually have these two different groups of people, and entities work together.
            • 16:30 - 17:00 Because of the nature of the threats, that's no longer the case. The government is gonna be unable to defend this country, unless the critical infrastructure owned, and operated by private companies actually work with the government, and ensure that their systems are protected. We usually expect that government will protect us and keep us safe from criminals, but there are a few challenges that make their job particularly difficult. One, the global reach of cybercriminals, two the speed at which a crime can be committed,
            • 17:00 - 17:30 and three, the tremendous scope of a cybercrime in a very short period of time. When we talk about cybercrime and the technologies, much of the defenses lie in the hands of the private sector. The evolving threat means companies are now on the front lines of the war on cybercrime. It's really kind of this warfare mindset that we have to take where it's a battle we're always gonna be fighting, (shot firing) and you have to keep the enemy at bay, it's not just, we do something and it's complete. Just as in physical warfare, getting the upper hand in a cyber war is all about speed.
            • 17:30 - 18:00 There's a concept in real time adversarial situations, and it's called an OODA loop. OODA stands for observe, orient, decide and act. (dramatic music) (engines revving) This theory was invented by an air force captain, and he's conceptualizing pilots in fighter aircraft tacking each other, (bullets firing) what he realized is that the pilot is going through this loop continuously in his head, observe, orient, decide, act. If you can do your OODA loop faster than your opponent,
            • 18:00 - 18:30 you have an enormous advantage. This notion of a OODA loop, (bullets firing) you can use it in strategic military planning, and in cybersecurity. And when you're being attacked, you as the defender, are going through this OODA loop, and it's all about figuring out what's going on quickly, and responding accurately. (suspenseful music) (plane exploding) The problem is there's just too much information out there for anyone human to really grasp for themselves, there's just too many alerts, there's too many logins,
            • 18:30 - 19:00 too many systems creating information, that this just becomes an avalanche. And the challenge we have is weeding through all of those security incidents, to find the one that really matters. Where is the attacker in all of these things that are happening every day> You could see that Sally has attempted to log into her account 10 times unsuccessfully, and then the last time remembered her password, I see your mobile phone has suddenly moved from Boston to Shenzhen China over the course of four hours,
            • 19:00 - 19:30 well, that's a little odd because first of all you can't even fly that fast. Maybe I see that you normally access 40 records a day, and today you access 4,000, maybe you work on a special project, but if I see the movement of your phone, the unusual access attempts on your account, and the odd access to data, those three things together are almost a guarantee that either you, your device, or your account has been compromised. For human analysts, handling hundreds of thousands of incidents per day, spotting the real threat and three security blips
            • 19:30 - 20:00 is an impossible task without help. And so experts are turning to a new tool in the fight against cybercrime, artificial intelligence. Broadly speaking, artificial intelligence is the ability of a computer or machine to think and learn independently. At high-tech facilities, like the X-Force Command Center in Atlanta, humans are working with artificial intelligence systems like Watson to fight cyber crime head on. Our analysts through the use of artificial intelligence, such as Watson for cybersecurity, are able to get the pieces of the puzzles laid out for them.
            • 20:00 - 20:30 And it's still up to the analyst really to look at those pieces and see where they fit, how they fit, whether they're a part of the same puzzle. We get hundreds and hundreds of events per second, so we need to work quickly, and decide is this something that we should focus on? Is this a real threat or is it a false positive? (suspenseful music) If I try to do the research myself, I will have to go through all of these different events, and the details of these events can be very cryptic, and not easy to understand, what Watson does is brings the information
            • 20:30 - 21:00 that is relevant about these events, understands what happened, and also is able to see what is happening globally. And you saw all those events come in very rapidly, there is an augmented intelligence engine that goes through those events, correlates them, and detects suspicious activity. And when suspicious activity is recognized, then is route to this screen in a way of an alert. Analysis initiated And in this alert, I see that there is critical servers involved, so immediately, I know that this is important.
            • 21:00 - 21:30 I also see this particular alert has been seen across multiple industries, and multiple customers, now I know I've seen it before it's bad and is propagating. Analysis complete. Within seconds, artificial intelligence brings Carlos vital information to evaluate the threat. (suspenseful music) These scars are communicating to me the severity of the previous alerts. Since this is red, it gives me a hint that this was a critical issue, it gives me some indication how credible
            • 21:30 - 22:00 that particular alert is. Now, I'm gonna deep dive into the alert. The company's called Vayner Knox, John Beckett is the user that was filed to be involved with this alert, his computer is very important, it belongs to the corporate network, and all of that information gets correlated here. Carlos asks the computer to connect the dots, Watson Advisor found some files there were suspicions, some URLs, some IP addresses, and what makes a Watson Advisor powerful, it was able to tell me that they're not just IP addresses,
            • 22:00 - 22:30 they're not just files, they are related to a campaign. Within minutes of receiving the alert, Carlos, with the help of artificial intelligence, has uncovered a massive criminal plot. This is a campaign that is affecting multiple companies, so there is a group that is using some particular type of malware to attack, the campaign is shamoon. (suspenseful music) The computer refines its search results in a simple graph, Carlos can quickly trace the threat,
            • 22:30 - 23:00 and see how deeply the shamoon malware has infiltrated the system. Watson has unbreached these particular knowledge graph, and I can see that, okay, John Beckett went to some IP addresses and websites that seem to be malicious, downloaded this file, this file has a particular signature, that signature now tells me this is related to the shamoon malware, very relevant and very toxic. Analysists can a couple of hours doing research on something like this, that Watson can bring in just a couple of minutes, and that increases our efficiency so much.
            • 23:00 - 23:30 (suspenseful music) With artificial intelligence, we have access to information that we exchange with each other, and that enhances our ability to get ahead of the threats. And in other cases, when bad things do happen, work together to make sure that we are able to address it faster. Artificial intelligence systems like Watson process data at superhuman speeds. In the time it takes Carlos to enter his search terms, Watson can read hundreds of thousands of articles,
            • 23:30 - 24:00 and share what it's learned. Watson allows the security analyst to ask the Watson machine to actually elaborate on a security alert that they're trying to investigate to see what Watson knows about it. So very, very quickly, all of that data will be available at the fingertips of the analyst. It's important to know that Watson doesn't replace the human, Watson is an assistant. This is an era of man and machine working together.
            • 24:00 - 24:30 (dramatic music) But before men and machine can defeat cybercriminals, AI must learn to think like a human. Can AI's learning keep pace with the emerging threats, or will it be left behind? (dramatic music) Cybersecurity specialists around the world are waging a new kind of war, one in which the old ways of securing data are obsolete. The attackers are evolving their tools, the malware that they deploy the attacks that they use are constantly changing. In fact, they might be morphing every single second. I can't tell you how many times I walk into a customer and they're showing me this great virtual moat
            • 24:30 - 25:00 they've built, it's 40 feet wide, it's 80 feet deep, we even spent extra money it came on the alligators. Well, that's great, until somebody shows up with a canoe. In this era of rapidly evolving threats, there are actually two enemies, criminals and information overload. (mysterious music) If you understand the role of the cybersecurity analyst, they look at thousands, hundreds of thousands of security alerts, they sift through them looking for false positives, and really looking for the alert that needs to be acted upon. These cyber security analysts
            • 25:00 - 25:30 are looking for every possible assistance to get to the incident that is concerning, the incident that needs a response. For human analysts, keeping up with the barrage of alerts was impossible until the dawn of cognitive computing, also known as artificial intelligence. What cognitive computing does is compliment the areas where humans are really bad at, and what humans are bad at are really processing information, especially a large amounts of information. The human brain is remarkable, but it didn't evolve to process massive amounts
            • 25:30 - 26:00 of digital information in an instant. Watson Advisor, which we have at IBM, can go through upwards of 700,000 blogs and articles about the cybersecurity industry, extract that into structured data, and process it and make a recommendation to an analyst on what they should look at. But before AI can join the fight against hackers, it has to learn the language of cybercrime, a shadowy dialect filled with slang, inside jokes, and confusing jargon. (suspenseful music) If you consider the jargon used
            • 26:00 - 26:30 in the cybersecurity domain, you'll hear the term honeypot, and it doesn't mean a jar of honey as we might know it, so you've got to teach Watson what that term means in the cybersecurity context. Training artificial intelligence is a complex process that requires lots of human intervention to get right. So you can think of Watson just like a child, when you're teaching a child language, you don't directly start off with Shakespeare and vocabulary, you just start off with a limited set of information. Similarly, you start off with a limited set of information
            • 26:30 - 27:00 for Watson, and this is what gives context for Watson to learn further. We give it examples and by associative learning, it automatically learns. Researchers comb the web for cybersecruity materials to feed the AI, then they set to work teaching it what the words mean. We're teaching Watson to read this blog post and make sense of it, so that it can be of use for other analysts later at some point. We definitely guide Watson in order for it to be able
            • 27:00 - 27:30 to firstly recognize the language that we speak in, then it has to process that language because Watson is just a machine, and after it processes the language it has to understand or make connections, and that is truly it's cognitive capability. Those connections are really important because there is just a plethora of information out there in the internet, which not everyone has access to, and not everyone can process and assimilate in a quick span of time. Giving the artificial intelligence this context is key to its cognitive capability.
            • 27:30 - 28:00 Next, Preeti teaches that how words relate to each other. We are using ransomware, which is a common security term, we are indicating to Watson to understand that okay, whenever I see this word called ransomware, it means I have to associate with malware. Training like this helps artificial intelligence bring structure to the otherwise shapeless information of the internet. Instead of returning all the information the internet has about a particular threat, AI can bring an analyst only the information he or she needs.
            • 28:00 - 28:30 As in, when it processes these millions of documents, at one point, we stopped the handholding, and let Watson try and learn on its own, make educated guesses, and come up with these kinds of vocabulary for unseen documents, so this is how it learns and it applies. And cognitive capabilities go even further. It's not just a one-way communication, as analysts look to create rules that help them detect new threats and protect against them,
            • 28:30 - 29:00 the artificial intelligence is learning, it's looking at how is the analyst applying the data? What is it that they're finding and doing? So as this partnership between technology and human continues, we look at getting smarter, more efficient, and being able to really protect faster, the humans are teaching computers to be better. But even with the most sophisticated defenses, cybercriminals sometimes get lucky, the best defense is to prepare for the worst.
            • 29:00 - 29:30 Coming up, what happens when real people (men conversing quietly) go head to head against well-armed cyber criminals? Hold on just a second. This is complete chaos right now. Will they use their cybersecurity range to defend against hackers, (women conversing quietly) or crash and burn? Run it past made before we get a go, and then we're gonna get it out. Cybersecurity breaches, they're a fact of life these days. A major credit Bureau faces harsh scrutiny for waiting months to notify Americans their personal information was stolen. Many, if not, most of the major large scale breaches
            • 29:30 - 30:00 we've seen over the last year or two, the response to the breach is causing more damage than the breach did itself. IBM has built a cyber range, modeled on military training ranges, to help companies practice for the inevitable. This type of simulation environment is all about building the proactive skills that you need to respond in crisis, and be able to do that with confidence. This is something where we're able to bring and promote cybersecurity as a whole, versus just looking as a security incident. Today, we're gonna go through an actual live simulation. Think about it kind of like a flight simulator,
            • 30:00 - 30:30 where you get a chance to take charge, sit in the pilot's seat, make mistakes, and it's okay to crash that plane. We'd rather have you fail in here, than outside in the real world, right? No matter who walks into this range environment, this is about practicing, and there's built in as muscle memory. So let's see how you do today. We're gonna introduce you to our company that we've set up for you, which is bane & ox. If I suddenly have a cardiac episode, do you wanna be pulling out a manual, and learning CPR for the first time? No, you wanna practiced it and rehearsed it, so you know what to do, you know what steps to take.
            • 30:30 - 31:00 It's the exact same thing, we're responding to a cybersecurity incident, the only difference is rather than me having a heart attack, it's the company. You're all new bane & ox employees, you know, you've got your employee badges. Now today, bane & ox is gonna be a large financial institution. A couple of things about bane & ox, you'll notice that bane & ox has a stock price, it has social media feeds that we're tracking, and all of kind of the aspects that you'd expect of a real company. We're gonna learn a little bit (phone ringing) about it's environment. (phone ringing)
            • 31:00 - 31:30 Oh, we've got a phone call, you just hit the white button and answer that. You see this every time, the phone rings, people lean back in their chairs. (phone ringing) This is Quanta communications, Hey, this is Mike over at the bane & ox trading desk, we're having some problems with our computers, it's asking for Bitcoin, and we can't do any money transfers, we need some help. When you put someone into a crisis situation, you need to act, you need to respond,
            • 31:30 - 32:00 in fact, one of the worst things you can do is nothing. That can be the most deadly thing you do. Oh, that's bad. Yeah, you're telling me, we can't make any money transfers, what can you do to help me? I don't know, oh, let's see. In graduate school and business schools all across the country, we have taught people to be slow and deliberate in their decision-making, to make decisions with data, build a consensus. These are about the worst things you can possibly do when you're being breached, you need to make decisions quickly and decisively.
            • 32:00 - 32:30 Hi, hold on one second, hi, this is Josh over in IT, how you doing? I'm doing pretty good, man, except all of our computers have been hit with ransomware, we're probably loses millions of dollars every minute. All right, we're gonna work on it from this end, just keep them off, and I will let you know immediately as soon as we get this resolved, okay? Ah, so yeah, (phone ringing) we've been looking at it, (phone ringing) I have a pin. (phone ringing) Legal department. Yes, My name is Spencer Tameless with Passive Finance, who am I speaking with? Hi, yes, this is Kathy from legal, can I help you? First thing I'm gonna need you to do is take that computer off the network, can you do that for me? (phone ringing) Unaware.
            • 32:30 - 33:00 Hello, this is Enkoo in HR. This is Matt from HR here in New York. Well, at this point, there's no information for me to tell you. Okay folks, there's an awful going on right now. There's a- I think I've been hearing Take charge of this situation right now. a little bit of something there down the hall. This is complete chaos right now. Except there's one group that leans in, and we were trying to figure out why is this? And also we noticed that when they respond, they do an incredibly good job, Which one of you is gonna take charge of this situation? (suspenseful music)
            • 33:00 - 33:30 I'll do it. You're in charge, figure out what's going on. Put him on hold real quick. What's his issue right now? He's- Okay there hang on- Give me it. one second now. Saying that security license is expiring today- Aaron. and we need to pay it otherwise... That's most likely a scam. (indistinct) guys, Get a number, we'll call him back. Talk to each other 'cause once you know- I've got Matt at HR on hold on. Okay. And the other team. And we've got all these employees calling about different issues with their computers. So we started asking them like, what's your background? Where did you go to school? What did you study? What's your job? And we noticed two things started popping up
            • 33:30 - 34:00 over and over again. Get a phone number, we'll call him back as soon as we're done. The first one's not a complete surprise, military experience. Anyone with military experience here at response incredibly well. What do you have? Yes, so I've got the stock is trading, there's a lot of stock being sold, the stock price is being impacted. Draw something up with her, run it past me before we get a go, and then we're gonna get it out. The second one, was people with emergency medicine experience. Because if you think about it, those are two roles where you have to make decisions in a hurry with limited information, and you have to do that comfortably,
            • 34:00 - 34:30 and being willing to fall back on those decisions. Disconnect him. That's it, he's all done. All right, so what was that like? Chaotic. (everyone laughing) A little bit chaotic, part of the reason why we do that is to get you used to working in crisis, and ne of the things we notice in these types of environments is identifying who's in charge, getting that leadership model in place. So Josiah, I'm curious, what is your background? Well, I served eight years at Fort Sam Houston, 232nd medical battalion. Well, well done. Thank you. What does a firefighter do all day?
            • 34:30 - 35:00 They don't put a fires, they practice and rehearse, so when they're presented with that situation, they know how to respond. And that type of muscle memory is what we have to build into our response. (dramatic music) Sophisticated damaging attacks like the one in this simulation are on the rise, will there be enough cybersecurity warriors to repel the attacks? Or is a shortage in qualified personnel putting us all at risk? And coming up, what can you do to protect your personal data? (dramatic music)
            • 35:00 - 35:30 According to the FBI, there were over 4,000 ransomware attacks on US businesses every single day in 2016, that's a 300% increase over the year before, and the number of cyber attacks will only continue to grow. We're gonna continue to see more sophisticated cyber attacks, the nature of how we use technology, and what we demand from it, will continue to make it more complex, leaving more vulnerabilities, and unfortunately the bad guys will not stop innovating either. You know, just like we're evolving artificial intelligence
            • 35:30 - 36:00 to defend against cyber crime, so to cyber criminals will use artificial intelligence. As criminals become more sophisticated, the demand for cybersecurity professionals will surge. There'll be 2 million open unfilled cybersecurity jobs globally by 2020, so seats in rooms like this behind me we're gonna have difficulty filling them. We're not going to solve this problem if we don't expand the aperture of who we're trying to bring in and recruit, it's about bringing new people into the workforce, people that maybe wanna work in these seats
            • 36:00 - 36:30 is more of a trade and a skill. These are skillsets you have to learn by doing, right? It's not something you can go to school for, and then just get out and start applying it, it's more of a trade and that apprenticeship type mindset, and some of them may not require a college degree at all. Many of the people that I work with never went to school for cybersecurity, one of our best analysts was actually a mechanic, he had a passion of fixing things, figuring out how they work,
            • 36:30 - 37:00 and that's what we need. Maybe this is someone that doesn't have a traditional four year degree, maybe they've spent time in the military, maybe they've spent time working in an operations floor like this, and have learned that craft through doing. So this isn't a blue collar versus white collar type of thing, this is a new collar thing. Whether you choose to join the ranks fighting cybercriminals or not, there are a few simple powerful steps you can take to secure your own data. Everybody has a role to play in cyber security. So some things that can be done,
            • 37:00 - 37:30 ought to be done by everybody, is that you need to update all of your software, meaning there are automatic patches that are sent out. If your computer's alerting you that you're out of date, get it up to date 'cause what that typically means is there's a vulnerability that attacker could take advantage of, and they can gain access to your system. You also want to change passwords regularly, and use somewhat complicated passwords that are not easy to guess, not your children's names, not your birth date, not your anniversary date. Your bank account password for online access should not be the same as your social media password
            • 37:30 - 38:00 because if one is compromised, you don't want the other to then be also likely to be compromised because your password has been revealed. And then importantly, that is not even enough, you have to make sure your antivirus software is working properly. Keep your security software, and run security software update. This is good advice, just making sure that you have good hygiene on your system, whether it be your mobile phone, whether it be your computer at home. Basic hygiene's gonna prevent 90% of the threats coming your way. But for the 10% of threats you can't prevent
            • 38:00 - 38:30 with basic cyber hygiene, you must use active measures to protect your data, it begins by not clicking on suspect links. We sometimes forget that not all information that is being sent to us, being provided to us is legitimate, so we click on things, it's a natural human tendency to do that. Those links can embed malware into your system, they can go undetected unless you've got the right tools, unless you yourself are diligent. The weakest link is always the human, another technology,
            • 38:30 - 39:00 It's always a person who makes the mistake. The rule of thumb is if there is a doubt, there's no doubt, if it looks mildly suspicious, or you think there's something slightly wrong with an email that you got, or a link, or a file that you received, it's not worth the click. (mouse clicking) (dramatic music) It's also important to monitor your devices, and financial accounts for irregularities. You need to watch your networks, personally you need to watch your bank accounts, you need to watch your credit reports, you need to be aware of any changes in activity in your system.
            • 39:00 - 39:30 If your computer is slowing down, you need to check it out, if it is the screen is going black and acting weird, you need to have it checked out. Passwords can be strengthened with two-factor authentication. Two-factor authentication, where to get onto one account, you might get a text for example on your phone to enter a code. People don't do it because it takes an extra step, but it is for example one easy way to add another layer of security to help protect yourself against being compromised. Sometimes people think that cybersecurity is very complicated,
            • 39:30 - 40:00 but it's a basic issue of locking your front door, closing your windows. (mouse clicking) (dramatic music) Practicing good cyber hygiene with tips like these helps the professionals in their fight too. As a defender, as someone who's helping our clients protect their own clients, that's just a very powerful thing, in a way I'm helping protect my family, helping secure the world's data, which is a very important thing to me. So there's this mission and sense of purpose that I'm making the world a better place. I get to work with a lot of bright minds, and we are constantly fighting a lot of bright minds.
            • 40:00 - 40:30 And right now, humans are smarter, will be for a long time, but computers are faster, and the more we can leverage that speed with some smarts, the more a computer will be able to compete successfully, and it computer human team together will be unbeatable. (dramatic music)