Cybersecurity MISTAKES That Will Cost You BIG | With information technology expert Hunter Geerts

00:00:07:09 - 00:00:30:20
Tim Conrad
On an early November morning, a cyber worm was released, infecting 10% of the computers on the internet. Over the next 24 hours, diversity students first flagged the widespread attack which infected many institutions. It stopped military and university networks, delayed emails for hours, and resulted in some wiping their systems clear to get the worm off of it. Costs were estimated to be 100,000 to over $1 million.

00:00:30:22 - 00:00:56:18
Tim Conrad
The source was a 23 year old programmer. The FBI eventually found indicted and convicted. This was despite the knowledge that Robert Morris, who was behind the supposed attack, had simply created a relatively innocent worm to crawl. The internet, which was only 60,000, interconnect computers at the time. It was 1988, a year before the World Wide Web was introduced, and it was the first cyber attack on the internet.

00:00:56:23 - 00:01:18:07
Tim Conrad
The Morris worm showed the internet had vulnerabilities before most of the world knew it existed, or even owned a computer. Cyber attacks are now constant and targeting individuals and organizations through phone calls, mobile devices, and computers. Welcome to the wildfires, Floods and Chaos Communications podcast with guest cybersecurity expert Hunter Gertz.

00:01:18:07 - 00:01:23:10
Tim Conrad
So if you haven't experienced a cyber attack, there's a good chance that you have just missed out

00:01:23:10 - 00:01:29:08
Tim Conrad
about 70% of Canadians, according to the Stats Canada, have experienced an attack in 2022.

00:01:29:08 - 00:01:34:21
Tim Conrad
And when it comes to cyber attacks, can you avoid them or is everyone a potential target?

00:01:34:21 - 00:01:36:09
Tim Conrad
everyone a potential target?

00:01:36:09 - 00:01:38:11
Hunter Geerts
Everyone is a target, of course.

00:01:38:11 - 00:01:40:16
Hunter Geerts
Very different varying threats out there.

00:01:40:16 - 00:01:42:11
Hunter Geerts
And who the target changes for every.

00:01:42:11 - 00:01:45:09
Hunter Geerts
Threat. But yes, everyone is a target of something.

00:01:45:11 - 00:01:54:07
Tim Conrad
And that's a that's a big challenge right. For everybody. So and is it one small mistake that ultimately opens that door to allow a cyber attacker.

00:01:54:07 - 00:01:57:14
Hunter Geerts
And it's there. It can be anything from one small mistake.

00:01:57:14 - 00:02:02:18
Hunter Geerts
Most commonly it's a series of small mistakes. Mistakes that all lead to a failure Cascade. It only.

00:02:02:18 - 00:02:04:21
Hunter Geerts
Takes one click, but in order for that one.

00:02:04:21 - 00:02:11:03
Hunter Geerts
Click to happen, there is definitely a process mistake along the way. And then maybe a software mistake and hardware mistake too.

00:02:11:05 - 00:02:24:04
Tim Conrad
So it's there are opportunities. Are there. And we are we were chatting about this last week and so simple thing that people can do is keeping their devices updated was one thing that you were saying. So tell me a little bit about that.

00:02:24:07 - 00:02:31:17
Hunter Geerts
Yeah, absolutely. Keeping your device updated is one of, if not the single best way to prevent yourself from being breached, whether you or a.

00:02:31:17 - 00:02:33:20
Hunter Geerts
Single person on your home side, or.

00:02:33:20 - 00:02:39:18
Hunter Geerts
If you're a business with thousands of computers, most of the major cyberattacks that hit organizations.

00:02:39:19 - 00:02:41:04
Hunter Geerts
Almost all of them.

00:02:41:04 - 00:02:54:04
Hunter Geerts
Have a part of it. The exploit chain is something that has already been discovered and patched by Microsoft, by Apple, by Google, any of the major hardware and software vendors they all rapidly discover and fix those flaws.

00:02:54:04 - 00:02:57:11
Hunter Geerts
But if an organization doesn't, patch doesn't matter because.

00:02:57:11 - 00:02:58:19
Hunter Geerts
Those flaws will be exploited.

00:02:59:02 - 00:03:06:18
Tim Conrad
Yeah. And it's so it's not that like a lot of people get these updates even on their phone and, and their computer, and sometimes they think just a feature update. But it's,

00:03:06:18 - 00:03:11:12
Hunter Geerts
oftentimes the security updates in there as well. And a lot of the times, if you look at any of the Apple.

00:03:11:12 - 00:03:12:11
Hunter Geerts
IOS updates, it'd be like.

00:03:12:11 - 00:03:20:05
Hunter Geerts
Hey, we added this new emoji, right? It's very common. That's very popular update. But then a lot of people skim over the low line. That's as important.

00:03:20:05 - 00:03:21:16
Hunter Geerts
Security and bug fixes.

00:03:21:20 - 00:03:22:17
Hunter Geerts
And that single.

00:03:22:17 - 00:03:34:17
Hunter Geerts
Line is what differentiates it from just a feature update to a full blown, very important security update that needs to be done. Yeah. So yeah, updating is always critical even on your especially on your phone.

00:03:34:18 - 00:03:49:07
Tim Conrad
Yeah. Yeah, absolutely. I certainly jump onto those ones really quickly. And including the ones that are I work on windows devices. So I'm updating those pretty much as soon as they're available. So are we seeing targets on organizations, individuals or boats?

00:03:49:09 - 00:03:53:01
Hunter Geerts
Definitely both. They experienced different types of attacks, but.

00:03:53:01 - 00:03:55:00
Hunter Geerts
They both experience attacks.

00:03:55:04 - 00:03:58:18
Hunter Geerts
On the personal side, you have things that are more like phishing scams.

00:03:58:20 - 00:04:00:21
Hunter Geerts
Hey, I'm a Nigerian prince. Send me 50.

00:04:00:21 - 00:04:02:02
Hunter Geerts
Dollars to unleash my.

00:04:02:02 - 00:04:03:01
Hunter Geerts
Funds. You know.

00:04:03:03 - 00:04:08:08
Hunter Geerts
That sort of thing, because they trying to get every single person to send the $50. That's a lot of dollars.

00:04:08:08 - 00:04:09:04
Hunter Geerts
When you add up the amount.

00:04:09:04 - 00:04:12:11
Hunter Geerts
Of people in the world on the business side, you're running into more corporate.

00:04:12:11 - 00:04:22:12
Hunter Geerts
Focused scams like, hey, I'm the CEO, go buy me gift cards, right? It's different types of scams, but it's still scams. Of course, those two are email examples, but there's many others.

00:04:22:12 - 00:04:25:03
Tim Conrad
And and they're they're pulling in some big money

00:04:25:03 - 00:04:26:15
Tim Conrad
essentially it's an industry.

00:04:26:16 - 00:04:27:10
Hunter Geerts
Oh definitely.

00:04:27:10 - 00:04:29:21
Tim Conrad
And it's a global industry. So what's what's it worth. Right.

00:04:29:21 - 00:04:30:06
Hunter Geerts
And

00:04:30:06 - 00:04:33:14
Hunter Geerts
Right now it's worth about $1.5 trillion.

00:04:33:14 - 00:04:33:21
Hunter Geerts
In.

00:04:33:21 - 00:04:44:02
Hunter Geerts
Revenue for cyber criminals and for ransomware alone, which is one particular type of attack that generally just hits businesses in one particular way, is 1 billion.

00:04:44:02 - 00:04:54:11
Hunter Geerts
Dollars of that alone. And that's just ransomware. And then the scams are a huge part of that. Other forms of financial fraud for easy amounts of money out.

00:04:54:11 - 00:04:56:13
Hunter Geerts
Everyone is a target, of course.

00:04:56:13 - 00:04:58:18
Hunter Geerts
Very different varying threats out there.

00:04:58:18 - 00:05:00:13
Hunter Geerts
And who the target changes for every.

00:05:00:13 - 00:05:03:02
Hunter Geerts
Threat. But yes, everyone is a target of something.

00:05:03:02 - 00:05:18:12
Tim Conrad
Yeah. I mean certainly you can see that in in young different news stories throughout the week. And throughout the month we've seen lots of different governments, help the, they'll, they'll go after anybody individuals, you name it. So there's not really anybody that but leave alone.

00:05:18:17 - 00:05:19:01
Hunter Geerts
Yeah.

00:05:19:02 - 00:05:25:23
Hunter Geerts
Absolutely not. And to that end, even if they were willing to leave you alone, a lot of times all of those attacks are automated.

00:05:25:23 - 00:05:29:11
Hunter Geerts
So you're going to get caught in the crossfire even if they're not targeting you specifically.

00:05:29:11 - 00:05:33:14
Tim Conrad
So tell us the difference between a targeted attack and an automated attack

00:05:33:14 - 00:05:36:06
Hunter Geerts
a targeted attack is hey, I'm looking.

00:05:36:06 - 00:05:44:20
Hunter Geerts
To get into Tim's bank account, so I'm going to send Tim a specifically crafted phishing email to try and get his bank account details and then that bank.

00:05:44:20 - 00:05:48:13
Hunter Geerts
Him over. Let's say, hey, Tim, I know that your dog is a terrier.

00:05:48:16 - 00:05:49:22
Hunter Geerts
This is a scene from a movie.

00:05:49:22 - 00:06:03:20
Hunter Geerts
Actually, the hey, I know that your dog is this specific terrier, and so we're gonna send you a phishing email to join you in the terrier club and set up an account. And when you're setting up an account, some of the security questions and the security questions might just happen to match the ones that your bank uses for your personal bank account.

00:06:03:20 - 00:06:09:20
Hunter Geerts
So that would be that's an example of a specific attack. Of course, most of the time people are looking for target specific individuals.

00:06:09:20 - 00:06:12:16
Hunter Geerts
Unless you are a CEO or a CFO or.

00:06:12:16 - 00:06:13:20
Hunter Geerts
Some someone in position.

00:06:13:20 - 00:06:14:17
Hunter Geerts
Of financial power.

00:06:14:17 - 00:06:15:18
Hunter Geerts
Most of the time it's.

00:06:15:18 - 00:06:16:03
Hunter Geerts
Automated.

00:06:16:03 - 00:06:24:07
Hunter Geerts
Tax. Hey, I'm John and or I'm your daughter and I'm in trouble. I'm in jail. I need you to pay my bond. That's a very common one. Particular more recently.

00:06:24:07 - 00:06:25:17
Hunter Geerts
With, the.

00:06:25:17 - 00:06:27:04
Hunter Geerts
Amount anyone.

00:06:27:04 - 00:06:29:15
Hunter Geerts
Who is immigrated to a nation recently, that's been a huge.

00:06:29:15 - 00:06:31:02
Hunter Geerts
Thing. But call the parents.

00:06:31:02 - 00:06:31:15
Hunter Geerts
Back home.

00:06:31:15 - 00:06:34:05
Hunter Geerts
Say I'm your daughter, I'm in jail in this.

00:06:34:05 - 00:06:39:11
Hunter Geerts
New foreign country, and the police just need some money to get me out. And that's horrifying.

00:06:39:12 - 00:06:42:16
Hunter Geerts
And of course, they haven't. Maybe they haven't spoken to their daughter in years, so they don't really.

00:06:42:16 - 00:06:43:18
Hunter Geerts
Understand what they sound like.

00:06:44:00 - 00:06:46:03
Hunter Geerts
And with AI coming on the scene now.

00:06:46:03 - 00:06:46:15
Hunter Geerts
And that's.

00:06:46:15 - 00:06:47:04
Hunter Geerts
One of those.

00:06:47:08 - 00:06:48:03
Hunter Geerts
Places where I am.

00:06:48:03 - 00:06:49:04
Hunter Geerts
Is a huge leverage.

00:06:49:04 - 00:06:51:11
Hunter Geerts
Point. And it's getting worse and worse every year.

00:06:51:11 - 00:07:06:10
Tim Conrad
And that's it. They're they're they're masking somebody's voice or copying somebody's voice to be able to use it and call somebody. Yes, pretend to be them, which is just incredible technology. But it's, very unethical way of using it. Right.

00:07:06:10 - 00:07:11:01
Tim Conrad
the cyber attackers are using artificial intelligence, to improve their results.

00:07:11:03 - 00:07:20:10
Tim Conrad
This is particularly true for, individuals. So tell me some other, things that are happening to individuals, where they're getting attacked.

00:07:20:12 - 00:07:21:13
Hunter Geerts
Like they just it

00:07:21:13 - 00:07:25:13
Hunter Geerts
So for individuals getting attacked. So we just went to over.

00:07:25:15 - 00:07:29:14
Hunter Geerts
Phishing emails essentially direct scams was also things like.

00:07:29:17 - 00:07:33:16
Hunter Geerts
Malicious advertisements are a very, very common way.

00:07:33:16 - 00:07:35:00
Hunter Geerts
For people to get compromised.

00:07:35:00 - 00:07:35:18
Hunter Geerts
Particularly when.

00:07:35:18 - 00:07:40:14
Hunter Geerts
The advertisement is using a never before seen exploit. That hasn't been.

00:07:40:14 - 00:07:42:05
Hunter Geerts
Patched by any major vendors. Or if.

00:07:42:05 - 00:07:45:03
Hunter Geerts
You haven't updated your web browser yet, Tim, do you have a.

00:07:45:03 - 00:07:49:03
Hunter Geerts
Little orange bar at the top of Google saying update now? Yeah, yeah, I should like.

00:07:49:03 - 00:07:49:13
Hunter Geerts
That update.

00:07:49:15 - 00:07:50:14
Tim Conrad
Right? Right. Yeah.

00:07:50:15 - 00:07:52:18
Hunter Geerts
Just scrolling to any website, frequently.

00:07:52:18 - 00:07:54:13
Hunter Geerts
News websites are often.

00:07:54:13 - 00:07:55:18
Hunter Geerts
Victims because.

00:07:55:18 - 00:07:59:20
Hunter Geerts
They're not it's not the news website. Putting up the most enticement. They're selling that website.

00:07:59:20 - 00:08:00:19
Hunter Geerts
Space to.

00:08:00:19 - 00:08:05:08
Hunter Geerts
Someone else, to an advertising network. And then advertising networks sells that to a malicious threat actor.

00:08:05:08 - 00:08:08:05
Hunter Geerts
And then the malicious bad actor puts up a malicious advertisment. So you have.

00:08:08:05 - 00:08:09:05
Hunter Geerts
A perfectly legitimate.

00:08:09:05 - 00:08:11:14
Hunter Geerts
News organization. So any of the major.

00:08:11:14 - 00:08:19:15
Hunter Geerts
Ones or all of the major ones, any of them, right. You go to a website that you trust that you don't expect to be malicious, and you can start trying to attack your computer.

00:08:19:20 - 00:08:38:14
Tim Conrad
Yeah. That this crazy, right. And now this and this is that I just want to point out, like I've been doing this type of work for a while, and one of my first, the first time that I came across somebody getting something on their computer from a site, it was from a site, not from you email. It came from a website that they visited.

00:08:38:16 - 00:08:56:21
Tim Conrad
I was able to trace it back for them. Is a friend of mine that was helping out and it was like, wow, that's, they they took out, they took an ad essentially, just like you said, and replaced it with something that was malicious and, sucked something into it. So it's it's very difficult. So you have to put those protections in place.

00:08:57:00 - 00:08:58:12
Tim Conrad
Yeah. On your own system

00:08:58:12 - 00:09:00:05
Tim Conrad
you have to.

00:09:00:07 - 00:09:09:02
Hunter Geerts
And not just one protection is a common mistake. There is no silver bullet for being secure. And if you take one thing away from this, there's no silver bullet.

00:09:09:03 - 00:09:18:00
Hunter Geerts
Right? Right. There's no. So what you have to do many, many things. You have to have your antibodies right. You have to be up to date. You have to make sure your web browsers up to date. You have to make sure that.

00:09:18:00 - 00:09:25:01
Hunter Geerts
You're going to hopefully trusted websites, which as we just discussed, isn't bulletproof. But that's one more step. You have to be aware. Do not click.

00:09:25:01 - 00:09:25:21
Hunter Geerts
On all of those things.

00:09:26:02 - 00:09:28:02
Hunter Geerts
There's all of these individual.

00:09:28:02 - 00:09:31:06
Hunter Geerts
Steps you need to take in order to try and be secure.

00:09:31:08 - 00:09:35:02
Hunter Geerts
And even then, nothing is perfect. That's why Microsoft.

00:09:35:02 - 00:09:36:20
Hunter Geerts
To this day still gets hacked.

00:09:36:20 - 00:09:38:12
Hunter Geerts
Despite their hundreds.

00:09:38:12 - 00:09:41:02
Hunter Geerts
Of millions of dollars that they spend on security every year.

00:09:41:05 - 00:09:56:08
Tim Conrad
Yeah, absolutely. And, you know, Apple devices are still able to be, maliciously attacked, but we just don't see it as often either. They haven't been as targeted. Well, I think that's like security, right. That's what the word has been. Or is it? That's a common misconception, especially.

00:09:56:08 - 00:10:01:01
Hunter Geerts
With Apple devices in particular. All of the most popular exploits for.

00:10:01:01 - 00:10:02:03
Hunter Geerts
IPhones, for example.

00:10:02:03 - 00:10:03:01
Hunter Geerts
Which are commonly thought.

00:10:03:01 - 00:10:04:23
Hunter Geerts
It was unhackable, which is completely false.

00:10:04:23 - 00:10:08:10
Hunter Geerts
The most common exploits for phones are frequently found on.

00:10:08:10 - 00:10:09:17
Hunter Geerts
IPhones, because.

00:10:09:17 - 00:10:18:12
Hunter Geerts
They have such a wide installed user base, and most importantly, that install base is among people in positions of power, right? A lot of people see an iPhone as a.

00:10:18:12 - 00:10:19:11
Hunter Geerts
Status, so.

00:10:19:11 - 00:10:20:18
Hunter Geerts
If you're a CEO of a company.

00:10:20:21 - 00:10:21:18
Hunter Geerts
You're probably.

00:10:21:18 - 00:10:25:01
Hunter Geerts
Using an iPhone for, even if for no other reason other.

00:10:25:01 - 00:10:26:18
Hunter Geerts
Than it's the cool thing to do because.

00:10:26:18 - 00:10:27:20
Hunter Geerts
Everyone's human, right?

00:10:27:20 - 00:10:30:16
Hunter Geerts
The human element is important in security. And so you probably.

00:10:30:16 - 00:10:34:06
Hunter Geerts
Have an knife, and there are at any given time, there are several active.

00:10:34:06 - 00:10:37:06
Hunter Geerts
Exploits for iPhone that allow people to take control of the phone.

00:10:37:06 - 00:10:43:07
Hunter Geerts
Some of those are known to Apple, some of those are patched, or many most of them are patched. Inherently. Right.

00:10:43:09 - 00:10:44:17
Hunter Geerts
But some of those that have never been seen.

00:10:44:17 - 00:10:45:17
Hunter Geerts
Before and are currently.

00:10:45:17 - 00:10:56:12
Hunter Geerts
Being used by government agencies or on the black market being sold on the black market to criminal agencies. Take over your phone. If someone has access to your phone via one of these tools, then they can get into your bank account. I can.

00:10:56:12 - 00:10:57:17
Hunter Geerts
Guarantee right now that.

00:10:57:17 - 00:11:00:22
Hunter Geerts
Everyone who's listening to this will have on their phone.

00:11:00:22 - 00:11:03:03
Hunter Geerts
Banking either the bank account or the.

00:11:03:03 - 00:11:04:16
Hunter Geerts
Password manager for the bank account.

00:11:04:16 - 00:11:06:02
Hunter Geerts
Or if I open the.

00:11:06:02 - 00:11:08:05
Hunter Geerts
Web browser and they've logged into their banking in.

00:11:08:05 - 00:11:10:04
Hunter Geerts
Their online app, and it probably remembers.

00:11:10:04 - 00:11:18:19
Hunter Geerts
Their credentials, and they can log it, right. So access to a phone has access to your life. And it's very powerful. So Apple 100% still gets hacked.

00:11:18:19 - 00:11:29:18
Tim Conrad
it's it's all these access points. So the email is a separate thing on your phone and it's there. So it's like if you are, you know, using your email and click something and open it.

00:11:29:18 - 00:11:30:11
Tim Conrad
Very.

00:11:30:11 - 00:11:31:02
Tim Conrad
essentially.

00:11:31:02 - 00:11:34:11
Hunter Geerts
Yeah. I think what's going on. Everything is there.

00:11:36:10 - 00:11:58:16
Unknown
Several courses are being developed, and I'm happy to let you know that the first course will be on Canadian training AKA really soon. Job interviews, public speaking, messaging and speaking to media. How do you speak more confidently to groups of people in meeting settings? Will be our first course. It will teach you skills useful for many settings which require you to speak where your nerves may be.

00:11:58:16 - 00:12:18:23
Unknown
Winning the battle right now. Launching soon. Sign up for updates and early access at Canadian Training AKA to learn how to speak more confidently to groups of people. Subscribers will also get free checklists, guides and more. Canadian training okay. Learn from our mistakes. Someone should.

00:12:18:23 - 00:12:36:06
Tim Conrad
and what that is. We've we've heard a fair bit about that in recent years, and particularly most of the attacks that initially were at or after organizations. And some of those organizations, and they're attacked. What they do is they lock you out of the system and say, hey, pay us money usually in Bitcoin, and we'll let you have your data back.

00:12:36:06 - 00:12:41:17
Tim Conrad
So what is the first thing that somebody should do if they have an experience? A ransomware attack. Yeah.

00:12:41:19 - 00:12:42:06
Hunter Geerts
So the

00:12:42:06 - 00:12:47:22
Tim Conrad
what is the first thing somebody should do? Is they or they have an experience ransomware attack.

00:12:47:22 - 00:12:59:03
Hunter Geerts
step one, the ransomware attack and this is the identical step one for every single organization on the planet, other than maybe the government, some governments. And that is call your cyber or check your.

00:12:59:03 - 00:13:00:11
Hunter Geerts
Cyber insurance policy.

00:13:00:13 - 00:13:08:07
Hunter Geerts
And potentially call your insurance broker to see if any of your any of your career policies cover cyber insurance. Because if they do, then you need.

00:13:08:07 - 00:13:13:06
Hunter Geerts
To do what your cyber insurance tells you to do, or you might not get paid out. Right.

00:13:13:06 - 00:13:16:18
Hunter Geerts
So step one if you have cyber insurance, this is what it's here for.

00:13:16:20 - 00:13:17:16
Hunter Geerts
So you need to.

00:13:17:16 - 00:13:27:17
Hunter Geerts
Call your cyber insurance. And they almost all of the time because they don't want to pay you up for any more than they have to. They have teams in place that they pay 24 seven to be ready to go, to respond to your.

00:13:27:17 - 00:13:31:07
Hunter Geerts
Cyber attack and help lock down your business. So that's step one is call.

00:13:31:07 - 00:13:33:05
Hunter Geerts
Your submission and review the policies and see what do.

00:13:33:05 - 00:13:33:23
Hunter Geerts
They want you to do.

00:13:34:02 - 00:13:36:19
Hunter Geerts
Some of them are going to be shut down. Your systems. Some of them are never shut.

00:13:36:19 - 00:13:38:11
Hunter Geerts
Down your systems because we want evidence.

00:13:38:11 - 00:13:50:06
Hunter Geerts
Some of them are going to be I turn everything off and disconnect from region or disconnect. It's all everyone's going to be different and need to do what they say first and check that first. And you should already know this. The should be part of your disaster response plan.

00:13:50:11 - 00:13:50:18
Hunter Geerts
So that's.

00:13:50:18 - 00:13:53:18
Hunter Geerts
Step one. And then from there, depending on what they say, depending on.

00:13:53:23 - 00:13:54:20
Hunter Geerts
What data you have.

00:13:54:20 - 00:13:55:06
Hunter Geerts
Depending on what.

00:13:55:06 - 00:13:57:08
Hunter Geerts
You offer you're going to do, either you're.

00:13:57:08 - 00:13:59:21
Hunter Geerts
Done mode trying prevent it from spreading, or you're going.

00:13:59:21 - 00:14:10:21
Hunter Geerts
To go into a wipe and recovery mode, where you start wiping existing systems and restoring from backups and sharing your data. You're going to be partitioning off your critical systems to get those up and running. If you're.

00:14:10:21 - 00:14:12:18
Hunter Geerts
Someone like a shipping company, the first.

00:14:12:18 - 00:14:20:14
Hunter Geerts
Thing you're going to do is going to get all of your logistics up and running again, right? Everything else could wait for you if you're shipping company, but you need your the heart of your business running.

00:14:20:14 - 00:14:22:15
Hunter Geerts
So first insurance, then.

00:14:22:19 - 00:14:25:06
Hunter Geerts
Disaster response plan essentially is what it comes down to.

00:14:25:06 - 00:14:33:12
Tim Conrad
in place that they're known and you've trained and people know what to do in that moment. And so very key for for this should people pay ransomware.

00:14:33:14 - 00:14:36:11
Hunter Geerts
Never. Absolutely never. It's never worth it.

00:14:36:13 - 00:14:38:04
Hunter Geerts
Even when you pay your ransomware.

00:14:38:04 - 00:14:41:00
Hunter Geerts
You only get your data back about half of the time.

00:14:41:00 - 00:14:42:06
Hunter Geerts
It's never worth it.

00:14:42:08 - 00:14:43:23
Hunter Geerts
Even when you pay your ransomware.

00:14:43:23 - 00:14:48:18
Hunter Geerts
You only get your data back about half of the time. Sometimes the less you get all of you that back.

00:14:48:18 - 00:14:51:21
Hunter Geerts
And then almost in 90% plus.

00:14:51:21 - 00:14:55:00
Hunter Geerts
Of those cases, you're just leasing your data back from fate.

00:14:55:05 - 00:15:05:10
Hunter Geerts
Because now they know that you're willing to pay and they already got into your system. Once there's a solid chance they never left, there's a solid chance they can get in again. The same way. And even if they can't, they'll find a new way.

00:15:05:10 - 00:15:07:12
Hunter Geerts
Because they know that you're willing to pay them now.

00:15:07:13 - 00:15:09:21
Hunter Geerts
Rent, and even then. And that's assuming you.

00:15:09:21 - 00:15:10:18
Hunter Geerts
Get your data back.

00:15:10:18 - 00:15:14:18
Hunter Geerts
A lot of the time they just say, oh, you pay me, pay me more, right? And they just keep.

00:15:14:18 - 00:15:16:18
Hunter Geerts
Escalating to escalating and you're never going to get it.

00:15:16:18 - 00:15:17:03
Tim Conrad
Back.

00:15:17:03 - 00:15:18:16
Tim Conrad
does it eliminate you from future.

00:15:18:16 - 00:15:19:04
Hunter Geerts
That's

00:15:19:05 - 00:15:22:22
Hunter Geerts
Not at all. It makes you a significantly more likely target for future attacks.

00:15:22:23 - 00:15:23:08
Tim Conrad
Yeah,

00:15:23:08 - 00:15:35:10
Tim Conrad
Because they know that. Hey. You faded. We already have a backdoor in. They probably, maybe have set up another backdoors frequently. Yes. Yeah. So it makes it very tough. What about if someone reaches out,

00:15:35:10 - 00:15:45:17
Tim Conrad
definitely had this experience where, a breach happened. And funny enough, shortly after that, we receive notifications, from people is like, oh, I can help you.

00:15:45:17 - 00:15:56:10
Tim Conrad
I can get your data back to this. Just, feed me this amount of money, and I'll do this. Very. You'll get all your data back there. Is there anything there? If you get some random person, answer it on the internet.

00:15:56:16 - 00:15:56:17
Hunter Geerts
Of

00:15:56:17 - 00:16:14:08
Hunter Geerts
I think we all know the answer right now, that unsolicited messages from people on the internet are never good, or text messages to your phone, or calls to your phone, they never a good idea. Really. Frequently with ransomware, you posted about it somewhere on social media, or someone else has, and then the scammers will see that and they smell blood in the water.

00:16:14:08 - 00:16:25:22
Hunter Geerts
They know that you're in a vulnerable state. They know you're stressed, so they know you're not thinking right, and they want to reach out and save you. And your first instinct is, yes, someone's here to save me. And it's a trap again. They just want you to send them some money and.

00:16:25:22 - 00:16:30:00
Hunter Geerts
Give you access to your systems again, and they'll come after you again. They don't have access.

00:16:30:00 - 00:16:34:09
Hunter Geerts
To your data, so only way to get your data back if it's going to work at all is by paying that.

00:16:34:09 - 00:16:34:22
Hunter Geerts
Bitcoin.

00:16:34:22 - 00:16:35:15
Hunter Geerts
No one.

00:16:35:15 - 00:16:37:19
Hunter Geerts
Is going to contact you is going to be able to help you.

00:16:37:19 - 00:16:54:16
Tim Conrad
going back to phishing. Phishing if people don't understand is it's felt like phishing but starts with a pH instead of an F. So it's a little bit different. And we see it almost daily through almost any account. It's constantly the junk mail that you're getting is pretty much all phishing or something.

00:16:54:18 - 00:17:17:03
Tim Conrad
I've noticed that. And they're getting very, very creative. They look like banks with like a hotel. Travel is all sorts of different things. And of course, they look like somebody, you know. So. Yes. What can you give for, tips for people to sort of help them to navigate that and, and then also what are they trying to do when they're phishing,

00:17:17:03 - 00:17:20:04
Hunter Geerts
they're trying to make money. That is right. That's the overarching.

00:17:20:04 - 00:17:34:14
Hunter Geerts
Goal for these attackers is they're trying to make money somehow. Usually that's by compromising your credentials in some way, whether that's via your bank statement or via your bank accounts or your email to scam your clients via sending you a fake invoice that you're going to send the money.

00:17:34:14 - 00:17:34:18
Hunter Geerts
Right.

00:17:34:19 - 00:17:35:17
Hunter Geerts
So that's what they're trying to do.

00:17:35:17 - 00:17:36:23
Hunter Geerts
So then how do you.

00:17:36:23 - 00:17:38:16
Hunter Geerts
Defend against the answer is.

00:17:38:16 - 00:17:44:16
Hunter Geerts
Essentially be hyper vigilant about anything that involves money or account login details and being.

00:17:44:16 - 00:17:48:13
Hunter Geerts
Moderately paranoid about everything else. Right? So if it involves you, if.

00:17:48:13 - 00:17:53:17
Hunter Geerts
Involves anything banking then you need to ask, so were you expecting this email or.

00:17:53:17 - 00:17:55:17
Hunter Geerts
Message or text message or anything.

00:17:55:17 - 00:18:02:00
Hunter Geerts
Were you expecting it? Who is it from? Does it match something? Does it make sense? And then never click on a link.

00:18:02:00 - 00:18:02:09
Hunter Geerts
That's in.

00:18:02:09 - 00:18:04:20
Hunter Geerts
An email because those links, you know, anything else.

00:18:04:20 - 00:18:12:12
Hunter Geerts
Looks good. Those links could still be fake. So you want to navigate directly to the banking website or whatever it is directly, and log in there without.

00:18:12:12 - 00:18:13:19
Hunter Geerts
Clicking on a link in an email.

00:18:13:19 - 00:18:17:12
Hunter Geerts
That way you're not clicking on anything malicious, and then you can review to see if it's true.

00:18:17:14 - 00:18:25:22
Hunter Geerts
A lot of the times the email is true, you do have fraud on your credit card, but sometimes it's not, and trying to differentiate those two can be very hard. So just go to the root source, go.

00:18:25:22 - 00:18:27:20
Hunter Geerts
To that and check that directly. If you're.

00:18:27:20 - 00:18:29:06
Hunter Geerts
Getting an email from someone.

00:18:29:08 - 00:18:31:08
Hunter Geerts
That you trust, say a.

00:18:31:08 - 00:18:32:18
Hunter Geerts
Client of yours that's working.

00:18:32:18 - 00:18:34:05
Hunter Geerts
With you and has sent you, say.

00:18:34:08 - 00:18:51:12
Hunter Geerts
Something, but it seems just a little bit off, just a little bit different, right? BMF that you haven't found via email hello, go to their website, give them a call. Don't go to the website link in the email. Remember don't put links emails. Go to those site directly. Give them a call, send them an email back. Don't reply to it because you could be replying to the wrong address.

00:18:51:12 - 00:18:54:21
Hunter Geerts
Create a new email and send it to the address you know.

00:18:54:21 - 00:18:59:08
Hunter Geerts
Is right and see if they send you something. Back. What do they know about it?

00:18:59:09 - 00:19:00:12
Hunter Geerts
Essentially, trust but.

00:19:00:12 - 00:19:03:00
Hunter Geerts
Verify is the root of all.

00:19:03:00 - 00:19:26:23
Tim Conrad
they're fishing for details, they're fishing and they're trying to build essentially a database on individuals or organizations to which they can tear down walls eventually. Right. And so, one of the things that I've always been, you know, aware of is these, these quizzes that you see on social media where they, you know, you're you're asking for, you know, where were you born, what was your first dates?

00:19:26:23 - 00:19:32:02
Tim Conrad
You know, who's your sister or all that kind of stuff. Would you be filling out those types of quizzes and posting

00:19:32:02 - 00:19:46:16
Hunter Geerts
Well, there's that is more nuanced then I think about the on the surface, it sounds ridiculous when you put it that way. You're kind of begging the question a little bit here, which makes sense right now. But when you really think about it, what are you giving out? Or if you're giving up anything confidential, maybe your niece's name.

00:19:46:20 - 00:19:59:11
Hunter Geerts
Well, is that confidential? Because they're on Facebook and you're probably friends with them and everyone has the same last name, so people can guess stuff like that. So what's the what's the reward? The reward is going to be maybe a little fun. The shared wants your friends and the risk is.

00:19:59:11 - 00:19:59:20
Hunter Geerts
Potentially give.

00:19:59:20 - 00:20:19:13
Hunter Geerts
Away confidential information. Personally, I wouldn't fill those out, but honestly, it's a lot harder than you think because if you're posting any of that, you're probably posting it on social media or someone else has posted it about you. Be mindful of what you're giving away. Maybe don't give away your mother's maiden name. You know you're the childhood name of your favorite book, that sort of thing.

00:20:19:13 - 00:20:21:09
Hunter Geerts
Those security questions that get.

00:20:21:09 - 00:20:23:02
Hunter Geerts
Asked you about your banks and by government.

00:20:23:02 - 00:20:28:00
Hunter Geerts
Agencies. But things like what's your first mean, your last name? Those details are out there.

00:20:28:00 - 00:20:29:01
Hunter Geerts
I wouldn't worry about it too much.

00:20:29:08 - 00:20:36:19
Tim Conrad
Yeah. So you're just going to be selective. It's like these same the same questions that I'm getting asked, the security questions on a regular basis. And don't use those ones exact.

00:20:36:19 - 00:20:45:22
Hunter Geerts
Well of course, even that is somewhat of a trap, because you're never going to remember all the security questions you've been asked. So it's really try and make your security questions unique and try to.

00:20:46:00 - 00:20:47:17
Hunter Geerts
Segregate the doubt in your mind.

00:20:47:17 - 00:20:50:08
Hunter Geerts
But it's it's a losing battle. Security questions are a.

00:20:50:08 - 00:20:52:22
Hunter Geerts
Bad thing most of the time, security wise, because of.

00:20:52:22 - 00:20:53:06
Tim Conrad
That.

00:20:53:06 - 00:21:03:10
Tim Conrad
curious question. While we're on this topic, there's a lot of these ones going around where it's like a legal message that I hereby removes the permission for so-and-so to do this. That was do anything.

00:21:03:10 - 00:21:11:09
Hunter Geerts
Absolutely not have no legal behind it bearing. And even if they did, they wouldn't the moment they crossed the border. Right. It doesn't matter where you live, the laws don't apply.

00:21:11:12 - 00:21:13:05
Hunter Geerts
Don't apply across the globe.

00:21:13:05 - 00:21:26:08
Tim Conrad
Okay. So let's talk about organizations and how they can protect themselves. Be it their small organizations, small businesses to larger businesses, what can they do to protect themselves from cyber attacks?

00:21:26:08 - 00:21:30:23
Hunter Geerts
that's a very broad question, which of course means it's the very broad answer. And the fundamental.

00:21:30:23 - 00:21:32:17
Hunter Geerts
Truth is you need to invest in cyber.

00:21:32:17 - 00:21:37:08
Hunter Geerts
Security, which of course I say it, it sounds kind of obvious, but really this four.

00:21:37:08 - 00:21:40:12
Hunter Geerts
Options with cybercrime and with cybersecurity risks in general.

00:21:40:14 - 00:22:02:18
Hunter Geerts
Right. You can accept that you're going to be ransomware. You can accept that you're going to be phished and just lose the money and pay it out. We already discussed that's not really viable. You can avoid the cyber risk by using pen and paper that's not particularly viable, although I will mention that that's the reason I don't use Lenovo devices, is because Lenovo is a partially or is a Chinese owned company.

00:22:02:18 - 00:22:03:07
Hunter Geerts
At least,

00:22:03:12 - 00:22:10:12
Hunter Geerts
To a major extent, which means that the Chinese government can have their hands on it. And that is a risk that I don't have any need to take personally.

00:22:10:15 - 00:22:12:04
Hunter Geerts
They're perfectly good alternatives.

00:22:12:04 - 00:22:19:13
Hunter Geerts
Out there, so I don't take it. I use other manufacturers. So that's a practical example of avoiding the risk. But of course that doesn't work. I still need.

00:22:19:13 - 00:22:21:04
Hunter Geerts
To or for the vast majority of cases.

00:22:21:04 - 00:22:23:14
Hunter Geerts
Don't work. I still need to use email. I still need to.

00:22:23:14 - 00:22:25:03
Hunter Geerts
Use computer use websites.

00:22:25:03 - 00:22:32:01
Hunter Geerts
Of course. Right. So then you can transfer your business to cyber insurance. But cyber insurance is going to require that you have certain.

00:22:32:01 - 00:22:33:23
Hunter Geerts
Mitigations in place. Otherwise they want to insure.

00:22:33:23 - 00:22:35:21
Hunter Geerts
You a lot like home insurance.

00:22:36:00 - 00:22:46:08
Hunter Geerts
Or commercial building insurance is going to require a fire suppression system in the building, otherwise you will be insured. Exact same concept. Cyber insurance requires you to have a cybersecurity mission in place.

00:22:46:14 - 00:22:48:10
Hunter Geerts
So that brings me to point number four, which.

00:22:48:10 - 00:22:51:10
Hunter Geerts
Is you need to have mitigations in place. That could be anything.

00:22:51:10 - 00:22:53:09
Hunter Geerts
From a spam filter to antivirus.

00:22:53:09 - 00:22:57:00
Hunter Geerts
To application whitelisting to cybersecurity training.

00:22:57:00 - 00:23:00:08
Hunter Geerts
All of those things. And the way you decide which of.

00:23:00:08 - 00:23:04:20
Hunter Geerts
Those things you implement and what your limits and how much is you need. Someone who cybersecurity.

00:23:04:20 - 00:23:05:15
Hunter Geerts
Is part of the job.

00:23:05:19 - 00:23:06:18
Hunter Geerts
So to that.

00:23:06:18 - 00:23:07:10
Hunter Geerts
End, you're.

00:23:07:10 - 00:23:09:13
Hunter Geerts
Either you're generally going to be looking at either hiring.

00:23:09:13 - 00:23:10:08
Hunter Geerts
An employee or.

00:23:10:08 - 00:23:11:12
Hunter Geerts
Contracting cybersecurity.

00:23:11:12 - 00:23:14:21
Hunter Geerts
Firm, much like someone like myself. Get professionals.

00:23:14:23 - 00:23:15:09
Hunter Geerts
That's security.

00:23:15:10 - 00:23:15:17
Hunter Geerts
For them.

00:23:15:22 - 00:23:17:22
Hunter Geerts
This is our bread and butter. And when.

00:23:17:22 - 00:23:18:22
Hunter Geerts
You contract.

00:23:18:22 - 00:23:22:04
Hunter Geerts
A cybersecurity firm, they're going to take a look at what is your.

00:23:22:04 - 00:23:24:21
Hunter Geerts
Environment like, what is your budget like, what sense.

00:23:24:23 - 00:23:28:04
Hunter Geerts
Data are you dealing with, what's the results or the consequences if you do.

00:23:28:04 - 00:23:28:15
Hunter Geerts
Get breached?

00:23:28:21 - 00:23:35:03
Hunter Geerts
That whole risk reward ratio. And then based on that, make specific recommendations of what actually needs to be ultimate.

00:23:35:03 - 00:23:48:18
Hunter Geerts
A freebie, one that'll give everyone here right now is you should have an EDR, which is a more advanced antivirus and preferably one that is monitored by 24/7. So it's a relatively cheap thing, but it's.

00:23:48:18 - 00:23:50:03
Hunter Geerts
Relatively it is.

00:23:50:08 - 00:23:50:19
Hunter Geerts
Fairly.

00:23:50:19 - 00:23:57:19
Hunter Geerts
Impactful in the scheme, in the grand scheme of things and in preventing cybersecurity attack or cyber attacks. So that's one of the mitigations I think everyone should have.

00:23:57:20 - 00:24:02:01
Tim Conrad
So what are some simple steps that an individual can do to protect themselves. Yeah.

00:24:02:03 - 00:24:27:10
Hunter Geerts
So they're for individual specifically not corporations. Because of corporations. You should genuinely seek someone either internal or external. It's very cost effective for individuals. There are many things you should be doing as an individual and many things that I do for myself. But they're far too numerous to list here. I think the very basics, the just, the very, very minimum is make sure you're always patching, always click that update button, just update your work.

00:24:27:10 - 00:24:39:13
Hunter Geerts
Make sure to save your work. Update. It's not a huge deal. It's much better to update than can be compromised. And make sure that your antivirus is running. Make sure that your firewall is turned off. Of course, if you're running windows, which you probably are, or.

00:24:39:13 - 00:24:40:09
Hunter Geerts
MacOS or anything.

00:24:40:09 - 00:24:56:13
Hunter Geerts
Like that, if you turn off your antivirus or firewall because it's breaking something, then it'll give you a little warning. Say, hey, it's off, let's go put that button, turn back on. It's probably not breaking anything. And if it was, it's probably not anymore. It's like constantly being updated. Windows updates something like five times a day or several times a day.

00:24:56:17 - 00:25:07:03
Hunter Geerts
I think even more than that, they do an hourly check in for updates for their antivirus, just inherently right. So having that constant up to date is critical. So update everything.

00:25:07:06 - 00:25:10:01
Hunter Geerts
Make sure make sure your antivirus is enabled. Those are the basics.

00:25:10:01 - 00:25:12:13
Tim Conrad
Yeah including your browser right. So your browser and your.

00:25:12:13 - 00:25:13:04
Hunter Geerts
Browser very.

00:25:13:04 - 00:25:20:02
Tim Conrad
Important. And that's that's a quick thing to do. It's up in the top right usually. And yeah so they say there's a update relaunch it and you're good to go.

00:25:20:04 - 00:25:27:19
Hunter Geerts
And browsers nowadays are so good that they will remember what page you're up believing. Rather like where in the page or scroll down to you. Don't lose any work.

00:25:27:19 - 00:25:43:13
Tim Conrad
let's go through a few others here and gear what the explanation is behind some of these types of attacks that you can see. So there's, VIP impersonation and this is some new one anyway. But probably not a lot of people have heard of this one. So very important person impersonation.

00:25:43:14 - 00:26:01:16
Hunter Geerts
So that is when someone when someone says, hello, I am your CEO and I'm hosting a or I'm working, I'm an HR and hosting a company gift, party next month. And I don't need to tell anyone else, but I need you to go purchase gift cards and send me pictures of them.

00:26:01:18 - 00:26:08:05
Hunter Geerts
Oh, with the number scratched up, of course, so that I can make these purchase so that I can, give the way to employees overseas or something like that.

00:26:08:05 - 00:26:14:22
Hunter Geerts
Some sort of. I'm impersonating personally someone else in the organization that you trust and who it makes sense.

00:26:14:22 - 00:26:15:15
Hunter Geerts
For them to be.

00:26:15:18 - 00:26:20:18
Hunter Geerts
And the CEO. I need gift cards, or I need you to send me this confidential document.

00:26:20:18 - 00:26:21:18
Hunter Geerts
Because I don't. I'm at home.

00:26:21:18 - 00:26:27:18
Hunter Geerts
Where they don't have access to the servers right now, or any of those sorts of things where they're impersonating someone in your.

00:26:27:18 - 00:26:32:21
Hunter Geerts
Organization who you implicitly trust, who implicitly has authority over you in some way.

00:26:32:21 - 00:26:34:14
Hunter Geerts
And they generally they're going to make it urgent.

00:26:34:14 - 00:26:38:18
Hunter Geerts
So I need these right now. I need this for the end of the day. You know, it's 20 minutes till the end of the day.

00:26:38:18 - 00:26:39:10
Hunter Geerts
I need this now.

00:26:39:15 - 00:26:42:19
Hunter Geerts
Please give it to me. Right. And so, of course, you want to be good employee.

00:26:42:19 - 00:26:46:08
Hunter Geerts
So you're like, oh, I need to do this. You don't even thinking about it. You're just responding the way you.

00:26:46:08 - 00:26:47:09
Hunter Geerts
Would with any other tasks.

00:26:47:14 - 00:26:49:10
Hunter Geerts
And then if you send them, perhaps.

00:26:49:10 - 00:26:53:22
Hunter Geerts
It's too late just given those gift cards. So, so that's example of VIP.

00:26:53:22 - 00:26:55:12
Tim Conrad
Interesting. Payroll fraud.

00:26:55:12 - 00:27:03:22
Hunter Geerts
Payroll fraud is one that's not talked about commonly but is much more insidious than most. It's very common for employees to change billing.

00:27:03:22 - 00:27:06:06
Hunter Geerts
Addresses or bank accounts.

00:27:06:06 - 00:27:13:12
Hunter Geerts
For anything, any of those many, many things. Right? Maybe they need to change their name. So along the way they go, hey, I need you to update my.

00:27:13:12 - 00:27:14:13
Hunter Geerts
Bank account details.

00:27:14:13 - 00:27:23:23
Hunter Geerts
And then you as the employer, go, oh no problem. Let me update those for you. And of course, this email came from a home Gmail address that looks like employee's first name, last name, and maybe some.

00:27:23:23 - 00:27:30:02
Hunter Geerts
Numbers on the end because that's common nowadays, right? That's common for everyone. And it's very easy for an attacker to do though. And then.

00:27:30:08 - 00:27:31:02
Hunter Geerts
And get all.

00:27:31:02 - 00:27:36:11
Hunter Geerts
Of that information because you're on LinkedIn. So they have all of your information and your employees information for this.

00:27:36:11 - 00:27:41:03
Hunter Geerts
And then you update it. And then your next payroll goes out and the employee never gets paid because it's.

00:27:41:03 - 00:27:43:16
Hunter Geerts
Over in the the attacker's bank accounts.

00:27:43:18 - 00:27:45:03
Hunter Geerts
So and of course the inverse.

00:27:45:03 - 00:27:51:15
Hunter Geerts
Can be true to where they pretend to be. An employee getting or they can connect with the.

00:27:51:15 - 00:27:55:14
Hunter Geerts
Employer saying, hey, we overpaid you, we need money back, or sending.

00:27:55:14 - 00:27:56:02
Hunter Geerts
The employee.

00:27:56:02 - 00:27:59:17
Hunter Geerts
A false check for $20,000, or just send us 8000.

00:27:59:17 - 00:28:01:15
Hunter Geerts
Back and then keep the last 2000 for.

00:28:01:15 - 00:28:03:18
Hunter Geerts
Your payroll or whatever it comes out to be. Right?

00:28:03:18 - 00:28:06:03
Hunter Geerts
So it goes both directions. But yeah, that's payroll fraud.

00:28:06:03 - 00:28:06:23
Hunter Geerts
And it's very.

00:28:06:23 - 00:28:07:19
Hunter Geerts
Insidious.

00:28:07:19 - 00:28:26:13
Tim Conrad
And the next one is vendor fraud. So this one has this one I heard of a quote some time ago and and they experienced this and, and there's lots I know there's different ways in which this will happen, but, and I'm glad to see, like, so I as a business person, I changed my banking info recently.

00:28:26:15 - 00:28:46:16
Tim Conrad
And the organization that, I changed it with, this also, they were going to pay me, based on the number of checks and balances that they went through. And I was so impressed with that, to make sure that they did that because it made sure it avoided that vendor fraud, that my money that I was supposed to receive and go to some someone else somewhere in the world.

00:28:46:16 - 00:28:51:11
Tim Conrad
So, so talk a little bit about what vendor fraud is and how they go about switching things out.

00:28:51:11 - 00:28:52:01
Hunter Geerts
But

00:28:52:01 - 00:28:52:09
Hunter Geerts
Yeah.

00:28:52:09 - 00:28:56:11
Hunter Geerts
So vendor fraud is it's very similar to payroll fraud in concept fundamentally.

00:28:56:11 - 00:29:00:11
Hunter Geerts
Where because we're switching bank account details. But it's with vendors who.

00:29:00:13 - 00:29:11:17
Hunter Geerts
You generally don't have a close relationship with. It's a little harder to talk to someone directly and say, hey, is this you? Right. Because it's easy with you or you just like, hey, this year, just double check both your vendor maybe only maybe you only talk to.

00:29:11:17 - 00:29:13:00
Hunter Geerts
Them via email. So they.

00:29:13:04 - 00:29:13:17
Hunter Geerts
Want you.

00:29:13:17 - 00:29:15:03
Hunter Geerts
To update their banking information.

00:29:15:03 - 00:29:18:18
Hunter Geerts
Or they send you an invoice for a product that one of your employee.

00:29:18:19 - 00:29:19:04
Hunter Geerts
Your.

00:29:19:04 - 00:29:20:21
Hunter Geerts
Employees use.

00:29:20:23 - 00:29:24:17
Hunter Geerts
Which may or may not be true. And so attempting to defraud the.

00:29:24:17 - 00:29:25:19
Hunter Geerts
Vendor or attempting.

00:29:25:19 - 00:29:40:17
Hunter Geerts
To have you pay false vendor invoices. But what that means are very plausible and happen frequently, is a very common occurrence. In fact, the last major one I'm thinking about was with the nonprofit who they.

00:29:40:17 - 00:29:44:03
Hunter Geerts
Didn't have but was working with them at the time, and they turned down.

00:29:44:03 - 00:29:50:09
Hunter Geerts
All of the, phishing prevention and I.T security email security things that I suggested.

00:29:50:09 - 00:29:54:20
Hunter Geerts
Which they're a nonprofit. Their funds are limited to send out a plea. Right? Yeah. Everything is a push and.

00:29:54:20 - 00:29:56:02
Hunter Geerts
Pull with nonprofits.

00:29:56:02 - 00:30:03:11
Hunter Geerts
And make sense. But unfortunately, they had a truckload and they got a grant from the government to pay off that truck loan as.

00:30:03:11 - 00:30:05:09
Hunter Geerts
They expected to. And so they.

00:30:05:09 - 00:30:17:13
Hunter Geerts
Got emails from the, loan organization saying, hey, perfect. No worries. Here's the, details. Send the payment here. Normally they'd all perfect the garden. They sent the money and they still had a truck loan.

00:30:17:18 - 00:30:22:12
Hunter Geerts
Because of course, that wasn't actually the, loan.

00:30:22:12 - 00:30:23:02
Hunter Geerts
Company.

00:30:23:02 - 00:30:29:13
Hunter Geerts
That was the cyber criminals, because they were already in their account and they were just impersonating and because they had been.

00:30:29:13 - 00:30:33:02
Hunter Geerts
In their account watching the email exchange back and forth, back.

00:30:33:02 - 00:30:36:00
Hunter Geerts
And forth about this loan, they knew it was coming due. They knew they.

00:30:36:00 - 00:30:37:14
Hunter Geerts
Were going to get a grant. They knew how much the actors.

00:30:37:14 - 00:30:40:10
Hunter Geerts
For which the loan as well they knew the expected dates, the.

00:30:40:10 - 00:30:41:13
Hunter Geerts
Payments, the terminology.

00:30:41:16 - 00:30:41:23
Hunter Geerts
That.

00:30:41:23 - 00:30:47:01
Hunter Geerts
They had, all the headers and footers, all of that. So like, there's no way to really know that.

00:30:47:01 - 00:30:50:13
Hunter Geerts
Any of this was happening without an active monitor. And so but.

00:30:50:13 - 00:31:09:23
Hunter Geerts
Because they were in the account, all they had to do was wait until they got that final email with the bank account details on it and just tweak a couple numbers. Right. Just tweak some routing numbers, tweak maybe the account name or something like that. Right? Not very much. It doesn't need to look like much. And of course, sending bank accounts to or bank payments to random looking accounts is kind of normal.

00:31:09:23 - 00:31:11:11
Hunter Geerts
Most accounts don't aren't.

00:31:11:11 - 00:31:12:03
Hunter Geerts
Named super.

00:31:12:03 - 00:31:16:13
Hunter Geerts
Fund. They're just a string of numbers, right? Yeah. There's no way to tell. And then the money's gone.

00:31:16:13 - 00:31:40:08
Tim Conrad
it's it's something that, particularly it's been targeted at governments and, and I, I was fortunate I heard of non-profits that as, didn't affect it so badly that they, they ceased to exist because of that. So it is something that, unfortunately, you have to take very seriously. You can get those, steps in place because, I always think of your organization, but what about credential phishing?

00:31:40:08 - 00:31:45:16
Hunter Geerts
super common. And it's frequently one of the very first steps in a lot of the other attacks.

00:31:45:17 - 00:31:46:00
Hunter Geerts
So.

00:31:46:00 - 00:31:46:22
Hunter Geerts
Credential phishing is.

00:31:46:22 - 00:31:47:04
Hunter Geerts
Quite.

00:31:47:04 - 00:31:55:00
Hunter Geerts
Simply, I send you a sign in link and I say click here to sign in. Of course, that doesn't actually go to the proper page, doesn't go to office.com or google.com.

00:31:55:00 - 00:31:55:19
Hunter Geerts
It goes to.

00:31:55:22 - 00:32:04:19
Hunter Geerts
Hacker website dot com slash office.com or something like that. But try and make it appear like it's the right website and they might make clone it so it looks identical, but you're.

00:32:04:19 - 00:32:05:23
Hunter Geerts
Actually giving your credentials to.

00:32:05:23 - 00:32:06:22
Hunter Geerts
The attacker, not.

00:32:06:22 - 00:32:08:08
Hunter Geerts
To the website that you think you're going.

00:32:08:08 - 00:32:17:15
Tim Conrad
To. And certainly that's one where we've seen like Interac transfers they're getting. Yeah, they're they've created a whole other site that looks identical. Same with banking.

00:32:17:17 - 00:32:22:15
Hunter Geerts
Banking. So E-Transfer is office login and Amazon password reset.

00:32:22:15 - 00:32:23:20
Hunter Geerts
For any website you.

00:32:23:20 - 00:32:24:11
Hunter Geerts
Can imagine.

00:32:24:11 - 00:32:26:07
Hunter Geerts
Netflix, everything you can imagine.

00:32:26:09 - 00:32:27:00
Hunter Geerts
Just on.

00:32:27:00 - 00:32:27:08
Hunter Geerts
All.

00:32:27:08 - 00:32:31:22
Hunter Geerts
Of them are being spoofed in some way. All the me are being, copied.

00:32:32:16 - 00:33:03:22
Unknown
Thank you for watching, for listening, for sharing and your reviews and emails. Hello to our listeners in Bangladesh and listeners in these communities. Ashburn, Virginia. Melbourne, Victoria. Westport, Ontario. Motherwell, Scotland. Yash, Romania. This little podcast is heard or watched in over 400 communities around the world. If you could do me a favor and send the podcast to professors you know, so they could use this content in their classroom.

00:33:04:00 - 00:33:21:15
Unknown
I hope it will make our next generation a bit more prepared for what they'll experience in the field. Wherever you listen, whether it's Spotify, iTunes, or Amazon Music. Please subscribe, leave a review and share with a friend by sending them communications. Podcast.com. Again, that's communications podcast.com.

00:33:22:16 - 00:33:32:22
Tim Conrad
So what is one book documentary a resource that you can recommend to someone that, is interested in learning about either crisis emergency management or cyber and cyber attacks?

00:33:32:22 - 00:33:56:19
Hunter Geerts
I'm going to take two wildly different tracks here. And if you want to generally become the cyber security expert for your organization, you should go for your CISSP, which is a giant certification. It's super hard, is not possible for most people, but that is generally the path you go down if you want to do that. And the other one much more reasonable for the common man is there's a podcast that I strongly recommend because it combines entertainment and information beautifully.

00:33:56:19 - 00:34:02:13
Hunter Geerts
It's called Darknet Diaries. It's all about ransomware and attack hackers and the host.

00:34:02:16 - 00:34:04:02
Hunter Geerts
What they do is they.

00:34:04:06 - 00:34:10:07
Hunter Geerts
Interview the perpetrator behind a major attack of some sort, be it ransomware, be.

00:34:10:07 - 00:34:14:10
Hunter Geerts
It phishing, be it some other sort of scheme. And they ask.

00:34:14:10 - 00:34:15:06
Hunter Geerts
Them, hey, how did.

00:34:15:06 - 00:34:17:07
Hunter Geerts
You do this? Why did you do this? What his motivation, what.

00:34:17:07 - 00:34:25:10
Hunter Geerts
Was your path like? And so you can really see and understand where the vulnerabilities that they saw and how they solve it. Because one of the things that I learned.

00:34:25:10 - 00:34:27:04
Hunter Geerts
With that podcast is.

00:34:27:04 - 00:34:38:07
Hunter Geerts
Almost a lot of the prolific scammers out there. They actually just get started as kids, just missing out on the enthusiasm and then they see someone scamming, and then they contact them and they talk to them and they go.

00:34:38:07 - 00:34:39:01
Hunter Geerts
Hey, I can do that.

00:34:39:01 - 00:34:49:10
Hunter Geerts
And then they just perpetuate and they follow that path and they take the path of least resistance. It's very common that basically, oh, that's kind of simple. I just going to start doing that myself, maybe make a little bit of money. Right.

00:34:49:10 - 00:34:50:10
Hunter Geerts
So yeah, that's.

00:34:50:10 - 00:34:54:16
Hunter Geerts
Why I strongly recommend for getting it's not technical. So don't worry if you're not technical.

00:34:54:16 - 00:34:56:19
Hunter Geerts
It's great is just a hey here.

00:34:56:19 - 00:34:57:07
Hunter Geerts
Here's what's.

00:34:57:07 - 00:34:58:15
Hunter Geerts
Out there in the world in general.

00:34:58:15 - 00:35:02:09
Hunter Geerts
And it's because it's all real world experts, because it's the person.

00:35:02:09 - 00:35:02:23
Hunter Geerts
It's great.

00:35:02:23 - 00:35:08:18
Tim Conrad
So what advice would you give to communicators who are managing crisis or emergencies that could help us do our better?

00:35:08:18 - 00:35:31:05
Hunter Geerts
number one is Understa and your audience. A lot of crisis communications, particularly in cybersecurity world, are written either way too friendly or way too technical. To that end, technical. And it's easy to say if there's a bunch of jargon in it that the average person doesn't understand, that's not particularly useful. I love it, and I love to see those as an addendum or a link to the full explanation.

00:35:31:05 - 00:35:52:11
Hunter Geerts
I'm totally here for that. Yeah, that's not useful for the average person. That doesn't reassure them or anything. On the other hand, if you're just saying, hey, everything is fine, there's nothing to worry about. There's just very minor information breach on a couple of people. Non identify vital information. If you say that as a cybersecurity expert, I, I see that and I go, oh you're lying to me because almost every time the.

00:35:52:11 - 00:35:56:07
Hunter Geerts
Truth is your username was leaked, your passwords release to your email was leaked.

00:35:56:10 - 00:35:58:02
Hunter Geerts
Probably something more.

00:35:58:02 - 00:36:03:00
Hunter Geerts
Confidential like payment details was leaked. And you should be resetting your password and monitoring your credit.

00:36:03:00 - 00:36:10:14
Hunter Geerts
Score and all of those things. And because of that breach. But oftentimes that truth comes out months later when the FBI forces people to say that.

00:36:10:14 - 00:36:11:22
Hunter Geerts
Especially with major organizations.

00:36:12:01 - 00:36:14:02
Hunter Geerts
So I like seeing the transparency.

00:36:14:02 - 00:36:14:18
Hunter Geerts
Of, hey.

00:36:14:22 - 00:36:31:16
Hunter Geerts
This is what's happened. This is who we think are impacted. Here's what you should do. As in an abundance of caution, you don't have to, of course, say, hey, we were breached. Everything's terrible. Just say, hey, at worst case scenario, you should be resetting that as a pass. Just reset this. Reset your passwords, right. Don't waste you don't use passwords anyway.

00:36:31:16 - 00:36:44:05
Hunter Geerts
It's just been hard. But we've taken these steps to mitigate it. Or we've already, like, kicked the attackers out or whatever. Whatever. You should have something in there. A morsel of progress is really important for reassuring people and then.

00:36:44:05 - 00:36:47:16
Hunter Geerts
Update them in a day or week or whatever the timeline makes sense.

00:36:47:16 - 00:36:58:22
Tim Conrad
Or puts. And obviously you would face some stressful situations in doing your work. What do you do to protect your mental health and your mental well-being? What advice do you give for those intense moments?

00:36:58:22 - 00:37:01:13
Hunter Geerts
I learned I'm going to quote a movie here a little.

00:37:01:13 - 00:37:02:01
Hunter Geerts
Bit, which.

00:37:02:01 - 00:37:05:09
Hunter Geerts
Is, I learned to stop worrying and love the bomb.

00:37:05:11 - 00:37:07:04
Hunter Geerts
Which is, Doctor Love.

00:37:07:04 - 00:37:24:19
Hunter Geerts
Strange. I think the title movie where everything is always terrible all the time. It everything's on the brink of destruction, and that's life. You just got to take one a day at a time. Accept it. You can mitigate it as best you can. Yeah. The way I sleep at night is I know that my customers are so much safer on average and so much more secure.

00:37:24:19 - 00:37:31:01
Hunter Geerts
And there are so many less attacks than the average high end. And when the attacks around the discovery so much faster, that's how I.

00:37:31:02 - 00:37:33:04
Hunter Geerts
Stay sane, because I know I'm doing a good job.

00:37:33:04 - 00:37:38:22
Hunter Geerts
I know that my clients are secure. I know that generally things are fine. Things. RSA as long as you're doing the right thing.

00:37:38:22 - 00:37:48:14
Tim Conrad
thanks for joining me. Hunter, it's been a pleasure having you, really good information. And hopefully it helps some of our audience out there to avoid attacks. And, of course, are you ready to mitigate?

00:37:48:19 - 00:37:51:02
Hunter Geerts
Of course. It's my pleasure to be here. Thank you very much for having me.

00:37:52:09 - 00:38:05:15
Unknown
We recorded this episode at Romeo's Kitchen and Spirits in the Coast Hotel, just off the Trans-Canada Highway in Kamloops, British Columbia. We appreciate the hospitality and delicious menu at Romeo's Kitchen and Spirits. Thank you for hosting us.

00:38:05:15 - 00:38:16:21
Unknown
We are always looking for interesting guests and topics. Jump on to communications podcast.com to send us a message, which is where you can also leave us a review when you subscribe or share the podcast.

00:38:16:23 - 00:38:41:08
Unknown
I jump in joy. You will find transcripts, links and information from our guests at Communications podcasts.com. I'd appreciate it if you shared this podcast with someone who works in municipal government, as they faced many cyber attacks today. If you like this episode, check out season two, episode 14 Communicating a Time of Chaos, war, and Conflict with author Doug Levy.

00:38:41:10 - 00:38:55:04
Unknown
Thank you for joining the wildfires, floods and chaos. Communications podcast. A production of Butterfly Effect Communications. We are masters of doom and gloom. Communications bringing calm to chaos. Goodbye. Hear me later.