14:05
Just because someone's described as a script kitty doesn't mean they're not capable of doing a lot of damage. Hi, I'm Allison Nixon, chief research officer at Unit 221B. We specialize in tracking cyber criminals. I'm here today to answer your questions from the internet. This is cyber security support. First up, this question is from Piro Pyro. The internet isn't just crowded with bots, it's being silently taken over by them. Think zombie apocalypse but digital. H. This question is suspicious. I see an M dash and I see an emoji at the end of this message. I think this is a bot. So, so I'm going to take this bots's question at face value and I'm just going to answer it in comment sections
all across the internet. There are a lot of bots that are posting nowadays. These bots may be tasked with advertising a product and spamming the comment section by saying, "Hey, this product is so great. I use it all the time and you can buy it here." But there's also political bots as well. And sometimes these are operated by nation states who may be trying to manipulate the population in another country into voting a certain way or doing a certain thing. They may be trying to stoke conflict. And so as you're reading comments on the internet, keep in mind there may be larger geopolitical situations where they're treating you as a pawn. Nobody has the problem under control. It's a difficult
issue to navigate. When you're reading the comment section, I would suggest that you find a different source of information to base your opinions on, like court documents or reports that happened right after an incident happened rather than later on down the line. It's really better for you to learn the facts and then form your own opinions. This question comes from Slimboy Sam. Scammers are using my voice with AI. What do I do? So, this question is describing a scam where a elder family member may receive a phone call where your voice may be manipulated with AI and the scammer may be telling your grandparents or family member, hey, I'm in a serious situation. I need money right now. I'm injured. I'm hurt. This
is a big emergency. So this is a very difficult situation because oftentimes these scams will try to prevent the victim from contacting the family member to actually verify that this happened. And when you're in that situation, it's very difficult to deal with. But one thing that you can do is before this scam hits you, you can talk about these scams with your family members. Say, "Hey, there's a new scam going around. Here's how it works. If you get this, let me know." And this can be a good topic of conversation to bond with your family members over as well and also keep each other safe. So as you talk to your family members about this scam, one
thing that they can do is try to verify that the person on the line is actually you. Ask a question that only you would know. So think very old past shared experience. What's your favorite food? What was the first dog's name? Uh, another thing that your family member can do is just hang up the phone and call you back on your number. That may be very difficult to do in the moment, but if you can discuss what your protocol is going to be before this happens, then if this scam does hit your family member, they're going to be more prepared uh, and they won't hand over the money. So, this question is from the privacy subreddit. Can someone gain access to your phone activity
without coming in contact with it? When someone gains access to your phone activity, most of the time it will not involve them coming into contact with your phone at all. Usually the way people steal your information um is when your information is stored on someone else's machine. One place where your phone activity is stored is at your phone company. So when you make a phone call or you send or receive a text message, there's going to be a record. And if your phone company gets hacked and those records get stolen, that's one way that bad actors can figure out what you're doing on your phone. Also, you may have personal data on cloud accounts, and when you're using your phone, you're updating those cloud
accounts with more information. So, if those accounts get hacked, these actors can figure out what you're doing on your phone without ever touching your phone. One way to keep yourself safe is to be mindful about how you secure your accounts in the cloud. Make sure that you're not using the same password across different websites. Use a password manager. hopefully uh store that password manager on a machine you own and not in the cloud. This is what we do. This is a question from IDK197283. Anybody getting this wrong number text scams? So the wrong number text scams is something that a lot of people have been getting lately. You receive a text from
an unknown number and it may say hello John and your name is not John. After that first text they'll say oh wrong number and then they'll try to initiate a conversation with you. These are part of organized crime operations that are operated out of other countries and unfortunately they have a history of even enslaving people to force them to work these scams. So when you receive a wrong number text scam, I recommend that you don't interact with it. Don't talk to the person. Don't give them any money. Also, don't insult them because you don't know who's on the other end and you don't know what kind of grizzly operation is behind that text that you got. This question is from Brick House.
Is Anonymous still around? Lol. Yes, Anonymous is still around. The original people that made up Anonymous, they are older. They have mortgages. They have kids. So you don't see them do the wild things that they used to do because they have lives that they need to live and they've moved on from those early days. So this question is from Tai Seph. Does SMS messages report spam do anything? Question mark question mark. There may be a button that looks like three dots or there might be some kind of further information button associated with that message. So click on that button and you may see an option that says report. When you report a
message on SMS or any other platform honestly that goes to an entire ecosystem of cyber security employees that review that information and aggregate it and take notes and monitor for trends. This is one of the last jobs that's going to be automated because this job involves essentially human conflict played out on the internet. The scammers are continuously updating their scams to try to bypass the anti-fraud and reporting mechanisms. And the cyber security people are receiving these reports and continuously updating the anti-fraud mechanisms that the platforms have. So when you receive a fraudulent message, be sure to hit report on those scam messages. So this question is from the explain like I'm five subreddit. Is there any
risk in snooping around the darknet? If you do choose to look around on the darknet, keep in mind that the biggest danger coming from the darknet is not necessarily coming from technical threats, but it's coming from human threats. I generally don't recommend that you interact with anybody. Keep in mind that the person on the other end is likely a criminal, and these are not normal social interactions. These people will often try to manipulate you, trick you, scam you. There's a lot of cyber criminal forums, socializing places, uh, where criminals tend to hang out, talk about crime, share tips on how to do crime. There's also ransom websites where, um, extortion groups will steal data from companies and threaten
companies and then leak the company's private data. Sometimes people go on the darknet for work to track what criminals are doing, what they're announcing, what they're bragging about, and to keep an eye out for any mistakes they may have made in their communications. So, the darknet is a place of social activity. It's definitely a dangerous forest. If you want to wander into it, keep your eyes open. Have someone watch your back. Obviously, keep your software updated. Don't download or install weird things that you find on the darknet. You are literally interacting with criminals and mafias and hostile countries. So this question is from K Jata 30. Don't click
the link. Okay, I clicked it. Now what? You may have just clicked on a weird suspicious link that you received over text message or email. Sometimes people do get weird messages with suspicious links and they may come from a legitimate sender that just may be a little bit weird looking. So double check the sender and if it's something that you still think is suspicious, definitely hit the report button on the message that you got. That way it can go into the system and cyber security people can aggregate that and look at that. On the device that you clicked on that suspicious link, ask yourself when you visited that link, did you input any of your personal information? Did you
download or install anything from that website? Think about what happened after clicking that link. And then that can help you understand the next steps that you need to take. So if you put a password into that website, you need to change that password. If you put your credit card number into that website, you need to call your bank and get your credit card number changed over and talk to them. If you have downloaded or installed anything from that website, you need to run a virus scan. And depending on the situation, it may be worth reinstalling your operating system. In the best case scenario where you may have clicked on that link and then closed out of it immediately, your
risks are a whole lot less than if you had inputed any information or downloaded anything. This question is from Lemon Snicks. Does it really matter if I don't change my password regularly? For accounts that you log into all the time, a common practice is to change passwords approximately every 3 months. Now, this is a lot of work. It's inconvenient and nobody wants to do it. If you have to pick between changing your passwords regularly versus using a unique password on every website, I would say put your effort towards using a unique password on every website. Don't reuse any password across any website. And the reason for this is uh when bad actors steal people's passwords, they will try that same
password for the victim's account on a different website. This is a common practice by attackers. when you are changing your passwords, uh you should focus on the most important accounts that you have. So your main personal email, your work accounts, your banking and any accounts that you use for communication with your friends. Now when you change those passwords, a good practice is to use something called a password manager where you note down all of your accounts and all of your passwords. And then when you update your password, you also need to update your password manager. Typically, when you use a password manager, you're going to use one password to unlock everything
else on your password manager. I prefer to use the ones where you're storing your passwords on your own machine and not in the cloud. Aora user asks, "Are sextorion emails real?" A lot of people will receive emails that say, "Oh, I've got your naked pictures. Uh, give me money or else I'll send them to your family." These are sent to millions of people. They are counting on a small number of those millions of people to think that it might be a real claim because they might have a situation going on and they are relying on those few people to pay them out. These kinds of scams are very damaging. Keep in mind that these claims are almost always a lie. Don't get emotionally wrapped up into this too much and don't pay these
people. There are also sexion schemes where they may use AI to create naked pictures of you if you are stuck in a situation like this. It's not going to ruin your life. Don't do anything drastic. Just slow down, calm down, make rational decisions. I understand that with social stigma, it may be difficult for people to report this information. If at all possible, please try to find someone that you trust that you can talk to privately about this matter. Okay, so this is coming from the explain like I'm five subreddit. How does a government block its country's internet access? When people are using the internet, there's
only a handful of companies in every country that provide internet access and the government simply tells those companies that you need to block these websites. For example, in Iran where they're shutting down the entire internet, the government has essentially told the internet service providers in that country to shut down the entire internet and under their laws, they have to comply. International law in cyber crime is very weak right now. It's very much where countries determine their own laws and in situations like with Iran when they shut down the entire internet that's a less common scenario. Most of the time countries are going to block specific websites. Sometimes this is
because the website criticized the government and in that country it's illegal to criticize the government. Now in western countries when they block websites it's usually because the website may be associated with fraud or harming the public. So the intentions behind blocking websites may also be different. As a regular person, if you don't like your country blocking websites, you need to get involved politically if you want to keep the internet open and free and able to access. A Quora user asks, "Do cyber criminals dump their phones after committing crimes?" Yes, they do. I have seen videos of cyber criminals smashing their phones, running over their phones, setting their phones on fire. It doesn't really help them. Oftentimes,
information is stored in the cloud or on different devices, or even if a phone is smashed, the data inside of it can still be retrieved. If the police really need to know something, there are forensics teams that can extract out the physical hardware, pull out the chips and the boards and read data off of chips bit by bit. It's very expensive, very slow, but if it's a really important case, the police will pull out all the stops and they'll figure out what they need to figure out. So, this question comes from zero style. Best security training for aging parents protecting against fishing, rogue links, other attacks. So, this is a very important topic. When your aging parents
are getting new phones or new devices, you can help them set up the devices to be more locked down and more secure. You can talk with them about how these devices can be used and make sure they know that they can call you anytime if they have a question or they see something weird. Also, another important thing is new scams that are going around. Oftentimes, these scams target elderly people. And if you learn about some new scam that's going around, bring that up as a topic of conversation with your parents. This will help them protect themselves. So, it's important to keep them educated and it's a great opportunity to talk to your parents. You should call your mother sometime.
So, this question is from Vision Quest 90054. What types of cyber crime exist besides hacking? Hacking implies a technical kind of attack, but a lot of cyber crime that happens nowadays doesn't involve technical skills or writing code or deploying code in any way. Often times it involves just lying to people on the phone, social engineering them, tricking them into doing something that they wouldn't otherwise do. This is a question from pure blank. Why should I care about my data getting stolen slashsold slashgenerally not being secure? A common attitude that people may have is they may not care about their data being stolen. They may think I'm not important. I'm not special. The problem is if you have an income, if you have a job, if you have anything worth
stealing, you are interesting to somebody. You may not realize in the moment how that data may be used against you, but into the future, somebody might come up with a new idea for this data in some kind of scheme. when it's stolen, it's out there and it's not going to go away. This question is from Kaylee Connors. Why are hospitals more vulnerable to cyber threats? So, hospitals are highly regulated. They are using machines that are very complex used for medical procedures and as a result, you can't update the software very often because security patches are not being deployed as quickly as maybe your phone might receive them. Hospitals often times have cyber security threats that are unique to them. Unfortunately,
in addition to hospitals being more vulnerable, the consequences are worse when the hospitals get hacked. There are people that have had their treatments delayed or may have died because they couldn't get treatment in a hospital because of a hack. The cyber security situation with hospitals, I feel, is getting worse over the years. Cyber criminal gangs have deliberately targeted them more than they used to. The police will often prioritize attacks against hospitals and any cyber criminals that are engaged in that kind of activity often get arrested more quickly. This question is from Sakura Miku. Is it possible to hack someone
through Wi-Fi? If this Wi-Fi is in your home and nobody else has access to your devices, you can be a lot more confident in it. If you're on a public Wi-Fi at a coffee shop and there's all kinds of unknown people also on the same Wi-Fi, there's a little bit more risk. Now, one thing to keep in mind is the situation is a lot better than it used to be. The typical machine that you're going to use will detect tampering and refuse to even operate. Now, that said, there's a lot of innovative advanced attacks out there. I can't guarantee that you're going to be totally safe on public Wi-Fi. Uh but nowadays when cyber criminals are attacking uh victims, they're using some kind of scheme where they can affect thousands of victims and
that just doesn't involve public Wi-Fi. So a Kora user asks, could cyber terrorists be as dangerous as the gun wielding terrorists or are they just a bunch of geeks? So the answer is why not both? One thing to keep in mind about the internet, people are conditioned to not take it seriously. But the problem is that the internet allows you to connect globally with anybody. So a bad actor can connect with millions of people. If they did that with malicious intent, that could cause harm against millions of people across the world. And there are gangs operating nowadays that are using the internet to commit violence and to mass recruit people into committing violence. And this is
something that governments are taking very seriously. And I think the general public should also take seriously. So this question is from zero edge io. Friend asks what do hackers actually do? Me says 70% googling, 20% reading documentation, 10% looking cool in terminal. When I'm answering this question of what do hackers actually do, I'm trying to describe the noncriminal version of hackers. The term hacker is a bit confusing and controversial. People use the same term to mean two very different things. On one hand, hacker can be used to describe a cyber criminal where they are abusing computers in
order to abuse people. Another way that people use the term hacking is to describe a noncriminal person just exploring what their computer is capable of doing, figuring out neat technical tricks that nobody else knows. So, a common way that people may engage in hacking that is fun and noncriminal is when kids are cheating at video games. And I don't mean downloading cheats that someone else wrote. I mean manipulating the memory in your computer, maybe changing the files on your own computer, just exploring for yourself. This is the kind of exploration that children commonly engage in. that could be considered hacking. But if there's no victim, it may be a safe activity to
engage in. Now, if you're a kid watching this, double check with an adult, don't just run off and do something crazy and say that I told you to do it. A question by swings subliminals. The line between script kitty and hacker. Script kitty is basically an insult. It's used to describe people that don't understand the systems that they're exploiting. They don't know how to read or understand code, but they will download exploits from the internet and try to hack just by pressing a button. Just because someone's described as a script kitty doesn't mean they're not capable of doing a lot of damage. The term hacker is a little bit controversial. It's used by people to describe cyber criminals that hack
illegally into computers. It's also used to describe people that work in the cyber security industry who do not break the law but figure out innovative, clever ways to use computers that wasn't anticipated and use those skills to make the world more secure. This question is from Zanzer Fine Suits. How do companies know that hackers stole data? And the person says, "It's not like the data disappears like if someone steals your car, they just copy it. How does any company know what data was actually stolen, if any?" So there's a lot of different ways that companies know about this. Often times with the extortion groups that are operating right now, they will just tell the company that they stole the data. That
will also come inside of a ransom note where they are threatening the company and demanding money. Often times with these extortion groups, they actually do delete the company's copy of the data as well. Uh when they're operating these schemes, they've realized that they can make more money by destroying the company on the way out. This question is from intelligent way 1288. At what point is hacking considered illegal? So there is a law called the computer fraud and abuse act. It was passed in the 1980s. It defines what is illegal computer hacking versus not. And when police are trying to determine if a certain behavior is illegal or not, usually the metric they go by is whether or not the behavior is
destroying someone else's property, stealing someone else's money, causing harm to a person. If you want to experiment with computers and do weird things that may break a computer, do it to your own computer. Just in general, don't be a bad person on the internet. And that significantly reduces your risk. This question comes from 747-269737-616E. What's happening when two countries launch cyber attacks on one another? So, launching a cyber attack is not quite the same as launching a missile. Uh, it very much depends on the situation. One thing that we've seen in recent
conflicts is cyber attacks that may be done in conjunction with a physical attack. So, it may enhance a physical attack. So for example, traffic cameras in a city may be hacked and the hackers working for the nation state may be monitoring the cameras to see what kind of activity is happening on the street. That knowledge may be used to inform missile strikes or an invasion of people. This is often how we see cyber attacks play out in realworld conflicts. This is from the privacy subreddit. Why do police and governments have so much trouble getting into iPhones? They have a lot of trouble getting into iPhones because iPhones were designed to make it very difficult to get into. It's as
simple as that. Different products available to the consumer have different design features, different selling points. And the people that want to buy an iPhone often want to have a phone that's more locked down and more secure. The people that want to buy other competitor phones like Android, they may be more interested in the freedom to do what they want on their phone. Now, there's trade-offs with that. If you want to do creative, unusual things with your phone, that opens up functionality that could also be used by governments and police to break into your phone and pull out your encrypted data. Do you want to have a more secure lock down machine that you can't do a lot with, or
do you want to have a machine you can do a lot with, but there are security risks associated with those abilities? It's up to you. So, this question comes from bad karma 18. people who work in cyber security or are hackers themselves. How do data breaches happen? Most of the time, it's because some criminal actor figured out an exploit that the company didn't fix yet or perhaps tricked an employee into providing a credential or stealing a credential from an employee and then abusing the employees access to steal data. The answer to this question changes a lot over time. There is a constant discovery of new mechanisms to steal data and companies are constantly fixing all of these exploits. So this question is from HR9383.
How does law enforcement track down cyber criminals who use public Wi-Fi and VPNs to commit illegal activities? So nowadays when it comes to catching cyber criminals, VPNs, public Wi-Fi, it's not actually a barrier to catching them. Catching them involves waiting for them to make a mistake. Cyber criminals love to brag. They love to show off. There's a lot of footprints they leave behind that may not necessarily be contained within their encrypted devices. And often times when cyber criminals get caught, it's because of something that has nothing to do with encryption or data protection. Every case is unique when it comes to catching cyber criminals. And it's often a battle of wits. It's quite interesting work
honestly. So this question is from dumb girl Brooke. So, how do VPNs work? It's like using a proxy. So, say you have a message that you want to send to a website, but you don't want to be the one actually sending it. You may pass that message to someone else's machine, say operated by a VPN company, and then that machine will pass that message to the website. So, a VPN is a way to hide your IP address online. And the way that it accomplishes that is that you're using someone else's IP address instead. Now, there's a lot of advertisements that are going to tell you this is how you get more secure, but unfortunately VPNs also increase risk as well. When you're sending all of your traffic
through someone else's machine so that you can use their IP address instead of yours, that other person's machine may be looking at your traffic. They may be hacked. They may have other issues. So, as you're making your cyber security choices, you need to weigh all these different risks against each other. So this question is from malware beasts. Did shutting down cyber crime forms like raid forms and breach forms reduce crime or just scatter it. So the answer to that is both. Cyber crime is something that's not going to be solved just like regular crime in society. But it can be reduced. And the actual strategy of fighting cyber crime is one where you need to both suppress it, arrest bad
actors, shut down infrastructure where bad actors are congregating. And scattering them is a positive step forward. Uh reducing cyber crime is also a positive step forward. And all of these different tactics are part of a larger strategy of fighting cyber crime. That's all for today. Hope you learned something. Stay safe out there and thanks for watching cyber security support.
