WEBVTT

1
00:00:00.160 --> 00:00:03.319
<v Speaker 1>Welcome to the deep dive. We're here to sift through

2
00:00:03.359 --> 00:00:05.839
<v Speaker 1>mountains of research and boil it all down to the

3
00:00:05.960 --> 00:00:09.320
<v Speaker 1>key insights you need, pure signal, no noise.

4
00:00:09.720 --> 00:00:13.000
<v Speaker 2>And today we're doing a deep dive that honestly should

5
00:00:13.080 --> 00:00:16.879
<v Speaker 2>change how you think about cybersecurity. Forget that old image,

6
00:00:17.079 --> 00:00:19.399
<v Speaker 2>you know, the loan hacker in the dark room. Yeah,

7
00:00:19.600 --> 00:00:21.280
<v Speaker 2>that's well, that's history now.

8
00:00:21.320 --> 00:00:26.160
<v Speaker 1>Absolutely, we're moving way beyond just basic firewalls and viruses. Today.

9
00:00:26.199 --> 00:00:30.280
<v Speaker 1>We're looking at cybercrime as it actually is, a professional, global,

10
00:00:30.399 --> 00:00:34.479
<v Speaker 1>multi billion dollar industry. It runs with startling efficiency.

11
00:00:34.719 --> 00:00:37.079
<v Speaker 2>Yeah, our mission today is to pull back the curtain

12
00:00:37.119 --> 00:00:39.880
<v Speaker 2>on this global criminal machine. We're going to unpack the

13
00:00:39.920 --> 00:00:44.719
<v Speaker 2>economics behind it, the sophisticated business models they use, and

14
00:00:44.920 --> 00:00:47.840
<v Speaker 2>maybe most importantly, the core structural problems with the Internet

15
00:00:47.840 --> 00:00:50.479
<v Speaker 2>itself that makes stopping these guys so incredibly hard.

16
00:00:50.640 --> 00:00:52.600
<v Speaker 1>And let's just start with the hook, the core reason

17
00:00:52.640 --> 00:00:55.000
<v Speaker 1>this whole thing is exploded. It's what the research calls

18
00:00:55.039 --> 00:00:57.439
<v Speaker 1>an incredibly high risk to pay off ratio exactly.

19
00:00:57.520 --> 00:00:59.159
<v Speaker 2>I mean think about it, You as a criminal could

20
00:00:59.200 --> 00:01:03.320
<v Speaker 2>potentially make millillions and fast with a really surprisingly low

21
00:01:03.399 --> 00:01:04.640
<v Speaker 2>chance of actually getting caught.

22
00:01:04.799 --> 00:01:08.040
<v Speaker 1>When you have an incentive structure like that, Well, you're

23
00:01:08.040 --> 00:01:12.359
<v Speaker 1>basically guaranteeing a boom in organized crime, it's inevitable.

24
00:01:11.920 --> 00:01:15.439
<v Speaker 2>And organized is absolutely the word. To really get the

25
00:01:15.480 --> 00:01:18.079
<v Speaker 2>scale here, you have to understand these aren't mostly individuals

26
00:01:18.120 --> 00:01:21.439
<v Speaker 2>doing it for kicks anymore. No, this is organized groups.

27
00:01:21.599 --> 00:01:26.359
<v Speaker 2>They operate globally, and honestly, they often mimic legitimate businesses.

28
00:01:26.719 --> 00:01:29.719
<v Speaker 1>That comparison really struck me. In the research. We're talking

29
00:01:29.799 --> 00:01:34.560
<v Speaker 1>actual ecosystems. Aren't we like networks of partners, distributors, maybe

30
00:01:34.560 --> 00:01:38.200
<v Speaker 1>even franchise operations all working together.

31
00:01:38.319 --> 00:01:41.200
<v Speaker 2>Yeah, whether it's stealing credit card data or launching some

32
00:01:41.280 --> 00:01:45.879
<v Speaker 2>complex ransomware attack, it's like business strategy, but for crime.

33
00:01:45.959 --> 00:01:47.719
<v Speaker 1>Okay, so if it's a business, let's talk about the

34
00:01:47.799 --> 00:01:50.159
<v Speaker 1>damage it causes. How do we even quantify that? It

35
00:01:50.200 --> 00:01:52.799
<v Speaker 1>seems like it goes way beyond just the money they steal.

36
00:01:53.000 --> 00:01:55.280
<v Speaker 2>You're absolutely right, we need a proper framework for this.

37
00:01:55.599 --> 00:01:59.120
<v Speaker 2>The sources break down the total cost to society into

38
00:02:00.120 --> 00:02:01.079
<v Speaker 2>four main buckets.

39
00:02:01.120 --> 00:02:03.400
<v Speaker 1>Okay, four buckets. I guess the most obvious costs are

40
00:02:03.400 --> 00:02:05.439
<v Speaker 1>the ones we see up front, like the money we

41
00:02:05.519 --> 00:02:07.599
<v Speaker 1>spend trying to stop attacks, and the money we lose

42
00:02:07.599 --> 00:02:08.319
<v Speaker 1>when they succeed.

43
00:02:08.479 --> 00:02:11.000
<v Speaker 2>That's where most people start. Yeah, and those are huge.

44
00:02:11.039 --> 00:02:14.639
<v Speaker 2>You've got the anticipation cost, that's everything we spend before

45
00:02:14.680 --> 00:02:20.520
<v Speaker 2>an attack happens, antivirus, software, security teams, training, all that defensive.

46
00:02:20.080 --> 00:02:21.840
<v Speaker 1>Stuff, right, proactive measures.

47
00:02:21.919 --> 00:02:26.000
<v Speaker 2>Then there's the consequence cost. That's the immediate hit, the

48
00:02:26.039 --> 00:02:29.639
<v Speaker 2>money stolen, the data wiped out, maybe even physical damage

49
00:02:29.639 --> 00:02:32.560
<v Speaker 2>if they hit critical infrastructure. The direct impact.

50
00:02:32.800 --> 00:02:36.840
<v Speaker 1>So defense and direct loss, got it, But stopping there

51
00:02:36.960 --> 00:02:39.599
<v Speaker 1>feels like we're missing a huge part of the picture.

52
00:02:40.000 --> 00:02:42.240
<v Speaker 1>Which of these cost categories do you think people usually

53
00:02:42.319 --> 00:02:43.360
<v Speaker 1>underestimate the most?

54
00:02:43.400 --> 00:02:46.400
<v Speaker 2>Oh, definitely the next two. They deal with the fallout,

55
00:02:46.479 --> 00:02:49.360
<v Speaker 2>the sort of longer term systemic damage. First is the

56
00:02:49.400 --> 00:02:50.159
<v Speaker 2>response cost.

57
00:02:50.280 --> 00:02:53.800
<v Speaker 1>Response cost so cleaning up the mess pretty much.

58
00:02:54.000 --> 00:02:57.800
<v Speaker 2>Think about all the effort after the attack, investigations, court costs,

59
00:02:57.879 --> 00:03:00.719
<v Speaker 2>law enforcement time. These are the since we count on

60
00:03:00.759 --> 00:03:02.879
<v Speaker 2>to hold people accountable and frankly, they're overwhelmed.

61
00:03:02.919 --> 00:03:05.319
<v Speaker 1>Okay, that makes sense. And the last one indirect cost.

62
00:03:05.840 --> 00:03:08.319
<v Speaker 1>That sounds subtle, maybe.

63
00:03:08.120 --> 00:03:11.479
<v Speaker 2>It is, but it's massive. Indirect costs is all that

64
00:03:11.560 --> 00:03:15.240
<v Speaker 2>ripple damage. It's the hit to a company's reputation, it's

65
00:03:15.240 --> 00:03:19.159
<v Speaker 2>people losing trust and doing business online, which then drags

66
00:03:19.199 --> 00:03:20.639
<v Speaker 2>down revenues across the board.

67
00:03:20.759 --> 00:03:22.960
<v Speaker 1>Ah, the erosion of trust exactly.

68
00:03:23.319 --> 00:03:26.680
<v Speaker 2>So when you add it all up, the anticipation, the consequence,

69
00:03:26.719 --> 00:03:30.719
<v Speaker 2>and these indirect costs, that's the real cost to society.

70
00:03:30.800 --> 00:03:33.280
<v Speaker 2>And it's way way bigger than just the dollar amount

71
00:03:33.280 --> 00:03:36.560
<v Speaker 2>stolen in any single attack. It's the price we pay

72
00:03:37.039 --> 00:03:39.120
<v Speaker 2>for trying to keep the digital world trustworthy.

73
00:03:39.199 --> 00:03:42.400
<v Speaker 1>Trust is definitely expensive. Yeah, Okay, let's shift gears a bit.

74
00:03:42.759 --> 00:03:47.319
<v Speaker 1>How has this become so industrialized? You mentioned mimicking businesses.

75
00:03:47.599 --> 00:03:50.639
<v Speaker 1>There's this concept called cybercrime as a service or katah

76
00:03:50.919 --> 00:03:51.960
<v Speaker 1>that sounds key oh.

77
00:03:52.039 --> 00:03:54.879
<v Speaker 2>Costs as a game changer. It's basically the great democratizer

78
00:03:55.039 --> 00:03:58.280
<v Speaker 2>yep for criminals. It completely breaks the link between needing

79
00:03:58.319 --> 00:04:01.039
<v Speaker 2>deep technical skill and being able to launch a really

80
00:04:01.039 --> 00:04:02.039
<v Speaker 2>sophisticated attack.

81
00:04:02.159 --> 00:04:04.000
<v Speaker 1>So you don't need to be a coding genius anymore,

82
00:04:04.039 --> 00:04:04.439
<v Speaker 1>not at all.

83
00:04:04.479 --> 00:04:06.199
<v Speaker 2>If you've got the money, you can just rent the

84
00:04:06.199 --> 00:04:09.240
<v Speaker 2>tools or the infrastructure. You can even hire the expertise

85
00:04:09.280 --> 00:04:11.680
<v Speaker 2>you need. It dramatically lowers the barrier to entry.

86
00:04:11.800 --> 00:04:15.000
<v Speaker 1>It really does sound like I don't know, aws for

87
00:04:15.039 --> 00:04:16.680
<v Speaker 1>the underworld, Like you can just pick and choose what

88
00:04:16.680 --> 00:04:17.519
<v Speaker 1>you need off a menu.

89
00:04:17.720 --> 00:04:20.959
<v Speaker 2>That's a great analogy. Actually it's very segmented. You might

90
00:04:21.040 --> 00:04:25.959
<v Speaker 2>start with say, initial access tools, meaning meaning people selling

91
00:04:26.000 --> 00:04:29.879
<v Speaker 2>ways to get in like exploit kits, targeting known flaws

92
00:04:30.439 --> 00:04:33.920
<v Speaker 2>or even zero days. Those are vulnerabilities nobody else knows

93
00:04:33.959 --> 00:04:36.199
<v Speaker 2>about yet. Basically they're selling you the key to the

94
00:04:36.199 --> 00:04:36.680
<v Speaker 2>front door.

95
00:04:36.759 --> 00:04:39.959
<v Speaker 1>Okay, so you buy the key. Then what you need

96
00:04:40.000 --> 00:04:42.079
<v Speaker 1>something to actually do the damage right precisely.

97
00:04:42.600 --> 00:04:45.839
<v Speaker 2>Then you move up the menu to payloads. This is

98
00:04:45.879 --> 00:04:49.560
<v Speaker 2>the actual malicious software, things like botnitz to control armies

99
00:04:49.560 --> 00:04:53.800
<v Speaker 2>of computers, spyware to steal info, or rit's remote access

100
00:04:53.879 --> 00:04:55.920
<v Speaker 2>trojans to take over a machine completely.

101
00:04:56.120 --> 00:04:58.839
<v Speaker 1>That's the heavy machinery. And what if you're like totally

102
00:04:58.879 --> 00:05:01.079
<v Speaker 1>non technical but still want to cause chaos, then.

103
00:05:00.959 --> 00:05:03.480
<v Speaker 2>You go for the premium option full services. You can

104
00:05:03.519 --> 00:05:06.560
<v Speaker 2>literally hire hackers, hackers for hire, or maybe the most

105
00:05:06.600 --> 00:05:10.079
<v Speaker 2>infamous is DDAs as a service. They'll run the whole

106
00:05:10.360 --> 00:05:13.040
<v Speaker 2>distributed denial of service attack for you. Start to finish.

107
00:05:13.199 --> 00:05:15.199
<v Speaker 1>Wow, they even handle the logistics.

108
00:05:15.439 --> 00:05:19.959
<v Speaker 2>Oh yeah, and they're enabling services too, things like manipulating

109
00:05:19.959 --> 00:05:23.319
<v Speaker 2>search results to send people to fake websites, or designing

110
00:05:23.399 --> 00:05:27.000
<v Speaker 2>convincing phishing pages. It's really end to end criminal support.

111
00:05:27.079 --> 00:05:30.959
<v Speaker 1>This scale is just staggering. And to make it even

112
00:05:31.040 --> 00:05:34.439
<v Speaker 1>more real, let's talk price tags. The research shows these

113
00:05:34.519 --> 00:05:39.240
<v Speaker 1>underground markets have surprisingly specific price lists, usually paid crypto

114
00:05:39.319 --> 00:05:41.240
<v Speaker 1>right for anonymity almost always.

115
00:05:41.279 --> 00:05:43.600
<v Speaker 2>Yeah, crypto makes tracing payments much harder.

116
00:05:43.639 --> 00:05:46.360
<v Speaker 1>So what's a really shocking example from these price lists?

117
00:05:46.519 --> 00:05:49.480
<v Speaker 2>For me, it's the cost of stolen identity info, credit

118
00:05:49.480 --> 00:05:51.720
<v Speaker 2>card details. They can go for as little as two dollars,

119
00:05:52.079 --> 00:05:54.600
<v Speaker 2>up to maybe ninety dollars for a high limit card

120
00:05:54.639 --> 00:05:55.600
<v Speaker 2>with all the extra data.

121
00:05:55.759 --> 00:05:59.720
<v Speaker 1>But two dollars two dollars for someone's financial identity. That's

122
00:05:59.720 --> 00:06:04.040
<v Speaker 1>incredibly cheap, and that low price must mean huge volume exactly.

123
00:06:04.079 --> 00:06:07.040
<v Speaker 2>It makes identity theft of volume business. And it's not

124
00:06:07.120 --> 00:06:09.680
<v Speaker 2>just data renting. A dedo or ass attack that might

125
00:06:09.720 --> 00:06:11.800
<v Speaker 2>only cost you sixty to ninety dollars an hour.

126
00:06:11.720 --> 00:06:15.160
<v Speaker 1>Sixty bucks an hour to potentially take down a major website.

127
00:06:15.240 --> 00:06:17.800
<v Speaker 2>That's the reality. When the price is that low, anyone

128
00:06:17.839 --> 00:06:19.800
<v Speaker 2>with a grudge and a bit of cash can cause

129
00:06:19.920 --> 00:06:22.560
<v Speaker 2>massive disruption. It fuels that whole can as.

130
00:06:22.680 --> 00:06:26.480
<v Speaker 1>Model and things like ransomware are those expensive.

131
00:06:26.040 --> 00:06:30.720
<v Speaker 2>To get, not necessarily the basic versions generic ransomware kits,

132
00:06:30.920 --> 00:06:33.319
<v Speaker 2>you know, the software build itself maybe two hundred to

133
00:06:33.319 --> 00:06:37.160
<v Speaker 2>two hundred and seventy dollars. Or buying compromise social media

134
00:06:37.199 --> 00:06:40.439
<v Speaker 2>bots for spamming or manipulation rund one hundred and forty

135
00:06:40.439 --> 00:06:43.120
<v Speaker 2>to two hundred and seventy dollars. It's cheap enough to

136
00:06:43.160 --> 00:06:45.759
<v Speaker 2>be almost an impulse buy for a would be criminal.

137
00:06:46.199 --> 00:06:48.639
<v Speaker 2>Classic low cost, potentially high reward.

138
00:06:48.920 --> 00:06:52.279
<v Speaker 1>Okay, so this Kullias model is thriving, making crime easy

139
00:06:52.319 --> 00:06:55.399
<v Speaker 1>and cheap. But it only works because, as you mentioned earlier,

140
00:06:55.519 --> 00:06:58.800
<v Speaker 1>the digital world itself has some fundamental issues, problems that

141
00:06:58.839 --> 00:07:00.000
<v Speaker 1>protect the attackers.

142
00:07:00.000 --> 00:07:02.040
<v Speaker 2>That's the core of it. It really starts with the

143
00:07:02.079 --> 00:07:05.720
<v Speaker 2>Internet's basic design. The source material calls it a major

144
00:07:05.839 --> 00:07:07.480
<v Speaker 2>structural shortfall.

145
00:07:07.199 --> 00:07:09.879
<v Speaker 1>Meaning it just wasn't built with today's crime in mind.

146
00:07:10.000 --> 00:07:12.639
<v Speaker 2>Exactly. Think about the old phone system. It had tracking

147
00:07:12.639 --> 00:07:15.319
<v Speaker 2>and billing built in from day one, right host to

148
00:07:15.360 --> 00:07:18.920
<v Speaker 2>host communication was trackable. The Internet wasn't designed that way.

149
00:07:19.199 --> 00:07:21.959
<v Speaker 2>It was built for openness and resilience, not for easily

150
00:07:22.000 --> 00:07:23.879
<v Speaker 2>tracking every connection back to its source.

151
00:07:24.079 --> 00:07:26.959
<v Speaker 1>That's the technical flaw. But then there's a huge legal

152
00:07:27.000 --> 00:07:29.079
<v Speaker 1>and political problem layered on top. Isn't there the whole

153
00:07:29.079 --> 00:07:30.040
<v Speaker 1>borderless crisis?

154
00:07:30.199 --> 00:07:35.839
<v Speaker 2>Oh? Absolutely. Cybercrime jumps borders instantly, but laws, law enforcement

155
00:07:36.319 --> 00:07:40.399
<v Speaker 2>they're stuck within national boundaries, getting cooperation between countries, dealing

156
00:07:40.480 --> 00:07:43.680
<v Speaker 2>with different legal systems, extradition, it's a nightmare.

157
00:07:43.720 --> 00:07:46.839
<v Speaker 1>So the criminals operate globally, but the cops are stuck locally.

158
00:07:47.000 --> 00:07:49.879
<v Speaker 2>That's a big part of it. It creates huge enforcement gaps.

159
00:07:49.800 --> 00:07:53.160
<v Speaker 1>And while law enforcement is navigating red tape, the criminals

160
00:07:53.199 --> 00:07:56.720
<v Speaker 1>are using specific techniques to cover their tracks. What's the

161
00:07:56.720 --> 00:07:58.240
<v Speaker 1>simplest one. IP spoofing?

162
00:07:58.439 --> 00:08:02.680
<v Speaker 2>Yeah, AKI spoofing is basic but effective. It's like sending

163
00:08:02.680 --> 00:08:05.480
<v Speaker 2>a letter with a fake return address. You forge the

164
00:08:05.480 --> 00:08:08.360
<v Speaker 2>source IP address on the malicious data packets.

165
00:08:08.040 --> 00:08:10.279
<v Speaker 1>You send, so it looks like the attack came from

166
00:08:10.319 --> 00:08:10.879
<v Speaker 1>somewhere else.

167
00:08:11.000 --> 00:08:14.199
<v Speaker 2>Right. If the victim system tries to respond, the response

168
00:08:14.279 --> 00:08:17.639
<v Speaker 2>goes to the innocent forged address the real attacker, they

169
00:08:17.720 --> 00:08:18.319
<v Speaker 2>just disappear.

170
00:08:18.519 --> 00:08:21.759
<v Speaker 1>Okay, simple impersonation. What about reflector hosts? That sounds a

171
00:08:21.759 --> 00:08:22.560
<v Speaker 1>bit more complex.

172
00:08:22.879 --> 00:08:25.800
<v Speaker 2>It's a step up. Think of a reflector host as

173
00:08:25.839 --> 00:08:30.600
<v Speaker 2>an unwitting middleman, an intermediate computer. The attacker bounces their

174
00:08:30.639 --> 00:08:34.000
<v Speaker 2>malicious traffic off this reflector towards the actual target.

175
00:08:34.159 --> 00:08:36.039
<v Speaker 1>So the reflector gets the attack traffic.

176
00:08:35.799 --> 00:08:40.559
<v Speaker 2>First exactly, and then it forwards it. If the victim responds,

177
00:08:40.919 --> 00:08:44.000
<v Speaker 2>they respond to the reflector host, not the original attacker.

178
00:08:44.360 --> 00:08:46.639
<v Speaker 2>It acts like a shield, making it look like the

179
00:08:46.679 --> 00:08:49.360
<v Speaker 2>attack originated from that innocent third party server.

180
00:08:49.600 --> 00:08:55.679
<v Speaker 1>Okay, using innocent bystanders as shields nasty. And the last

181
00:08:55.679 --> 00:08:58.840
<v Speaker 1>technique mention is stepping stones. What's that about?

182
00:08:59.279 --> 00:09:04.279
<v Speaker 2>Stepping stone involves creating a chain. An attacker compromises one computer,

183
00:09:04.679 --> 00:09:07.759
<v Speaker 2>then uses that computer to log into a second compromised computer,

184
00:09:07.840 --> 00:09:08.879
<v Speaker 2>that maybe a third.

185
00:09:08.799 --> 00:09:10.799
<v Speaker 1>And so on, a whole chain of hacked machines.

186
00:09:10.879 --> 00:09:13.240
<v Speaker 2>Yeah, a connection chain. They launched the final attack from

187
00:09:13.240 --> 00:09:15.840
<v Speaker 2>the last computer in that chain. So if anyone tries

188
00:09:15.840 --> 00:09:17.960
<v Speaker 2>to trace it back to hit that last machine and

189
00:09:18.080 --> 00:09:21.039
<v Speaker 2>maybe the one before it. But tracing the entire chain

190
00:09:21.120 --> 00:09:23.720
<v Speaker 2>back to the original attacker is incredibly.

191
00:09:23.200 --> 00:09:25.960
<v Speaker 1>Hard, especially if those machines are all different types in

192
00:09:26.000 --> 00:09:27.360
<v Speaker 1>different places.

193
00:09:26.960 --> 00:09:31.120
<v Speaker 2>Exactly, different operating systems, different network administrators, maybe spread across

194
00:09:31.200 --> 00:09:35.080
<v Speaker 2>multiple countries. It makes forensic trace back a massive headache.

195
00:09:35.279 --> 00:09:38.399
<v Speaker 1>So because criminals use all these clever ways to hide

196
00:09:38.559 --> 00:09:43.320
<v Speaker 1>spoofing reflectors stepping stones. We need special tools just to

197
00:09:43.360 --> 00:09:45.759
<v Speaker 1>figure out where attacks are even coming from. That's where

198
00:09:45.799 --> 00:09:46.840
<v Speaker 1>trace back schemes come.

199
00:09:46.759 --> 00:09:49.840
<v Speaker 2>In, right. Trace back is essentially trinked to bolt on

200
00:09:49.879 --> 00:09:53.440
<v Speaker 2>the tracking capability that wasn't built into the Internet originally.

201
00:09:54.120 --> 00:09:57.279
<v Speaker 2>It's about finding the true source of those malicious packets

202
00:09:57.519 --> 00:10:01.240
<v Speaker 2>despite the evasion techniques. And how do they generally, Well,

203
00:10:01.279 --> 00:10:04.799
<v Speaker 2>they're different approaches. Some involve trying to get routers along

204
00:10:04.840 --> 00:10:08.279
<v Speaker 2>the path to log information about the packets passing through.

205
00:10:08.600 --> 00:10:12.320
<v Speaker 2>Others involve actually marking the packets themselves as they travel.

206
00:10:12.120 --> 00:10:14.799
<v Speaker 1>Marking the packets like putting a little digital tag on

207
00:10:14.879 --> 00:10:15.759
<v Speaker 1>them sort of.

208
00:10:15.960 --> 00:10:19.159
<v Speaker 2>Yeah. You have things like probabilistic packet marking where routers

209
00:10:19.240 --> 00:10:23.360
<v Speaker 2>randomly mark some packets with path information, yeah, or deterministic

210
00:10:23.399 --> 00:10:26.320
<v Speaker 2>packet marking where maybe the entry router marks everything. The

211
00:10:26.360 --> 00:10:28.679
<v Speaker 2>goal is the same, create a bread frumb trail.

212
00:10:28.960 --> 00:10:32.639
<v Speaker 1>But it sounds like we're constantly playing catchup, trying to

213
00:10:32.679 --> 00:10:36.159
<v Speaker 1>add tracking onto a system that was fundamentally designed not

214
00:10:36.360 --> 00:10:37.519
<v Speaker 1>to be easily tracked.

215
00:10:37.720 --> 00:10:41.399
<v Speaker 2>That's the fundamental pension. Yes, we're trying to retrofit accountability

216
00:10:41.399 --> 00:10:44.360
<v Speaker 2>onto a system prized for its initial openness and well,

217
00:10:44.799 --> 00:10:45.919
<v Speaker 2>anonymity to some extent.

218
00:10:46.039 --> 00:10:48.720
<v Speaker 1>Okay, let's pull this together. Quick recap of the big takeaways.

219
00:10:48.960 --> 00:10:53.840
<v Speaker 1>Cybercrime isn't hobbyists anymore. It's a professional, very profitable industry.

220
00:10:53.919 --> 00:10:57.080
<v Speaker 2>Yeah, a global enterprise using this as a service model

221
00:10:57.320 --> 00:11:00.919
<v Speaker 2>to make sophisticated attacks accessible to all almost anyone with

222
00:11:01.000 --> 00:11:01.559
<v Speaker 2>the cash.

223
00:11:01.679 --> 00:11:04.919
<v Speaker 1>And it thrives because it exploits both the internets built

224
00:11:04.960 --> 00:11:08.320
<v Speaker 1>in lack of tracking and the huge problems with international

225
00:11:08.399 --> 00:11:09.600
<v Speaker 1>law enforcement cooperation.

226
00:11:09.759 --> 00:11:13.879
<v Speaker 2>Blue risk, high reward built on systemic weaknesses. That's the

227
00:11:13.960 --> 00:11:14.679
<v Speaker 2>grim picture.

228
00:11:14.879 --> 00:11:17.519
<v Speaker 1>It really is stark. We want to leave you the

229
00:11:17.600 --> 00:11:20.159
<v Speaker 1>listener with one final thought that ties right back to

230
00:11:20.200 --> 00:11:22.080
<v Speaker 1>that core design issue we discussed.

231
00:11:22.320 --> 00:11:25.840
<v Speaker 2>Remember how the Internet's original design didn't include those robust

232
00:11:25.960 --> 00:11:29.360
<v Speaker 2>tracking and billing features like the old phone network. That

233
00:11:29.440 --> 00:11:32.360
<v Speaker 2>wasn't an oversight. It was a choice for openness. But

234
00:11:32.440 --> 00:11:36.639
<v Speaker 2>the consequence is this deep structural problem in identifying where

235
00:11:36.679 --> 00:11:38.159
<v Speaker 2>attacks originate, which.

236
00:11:38.159 --> 00:11:41.080
<v Speaker 1>Leads to a really challenging question for you to think about.

237
00:11:41.559 --> 00:11:44.679
<v Speaker 1>If the Internet's very architecture was built in part to

238
00:11:44.799 --> 00:11:48.679
<v Speaker 1>resist easy tracking of user behavior, can all our security patches,

239
00:11:48.720 --> 00:11:52.000
<v Speaker 1>our detection systems, ever truly win this fight against borderless

240
00:11:52.039 --> 00:11:56.399
<v Speaker 1>sophisticated cybercrime, or are we fundamentally fighting an uphill battle

241
00:11:56.399 --> 00:11:57.639
<v Speaker 1>against the system's own design