Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
(00:00):
Did you hear about the AT &T hack today? Yes. Every text from 2022 has been leaked. Does that include pictures, too? Oh, people are in trouble now. Like all the dick picks are out there now. Yeah, exactly. That should be the intro of the podcast. The dick picks
(00:50):
are out. AT &T releases dick picks. That I'll get some clicks. And to be fair, they probably did, millions of them. Right? How much of that is online now. This is the biggest hack since Ashley Madison of personal information. I mean, hackers are going to use AI to
(01:40):
scour through that, find leverage points to extort people, and start calling people up and be, I know what you did in 2022. Guess what? I noticed you didn't have a mask on 2022. Right. Yeah. Yeah, it's just a trip. I think we're, what is AT &T going to
(02:30):
do? You know, that's the question. They're not going to do anything. They're going to do what they did last time. They're going to send out a letter saying, oh, you know, shit happens. You have a breach, you know, let us assure you that we're going to do credit
(03:20):
monitoring and all this BS that they have to do for the law anyway and act like they're doing it out of their, you know. Because they're so altruistic and they're so concerned about security. That's what we're going to do for you because we care about you. No, it's
(04:10):
because you're doing the least amount you have to comply with the law. Exactly. We're going to send this message out after the fact. If you really gave a shit, because AT &T has the resources, it never would have happened in the first place. You think about the internet
(05:00):
was built on AT &T's backbone. Back Back with Maupel, Pac -Dell, they have the resources. Yeah, it's a company that's too big, and they don't have any control from the top down. It seems like they are unable to secure their data in any fashion. They don't even know
(05:50):
how they lost the 76 million people records from here. They couldn't even figure out how they got Um, so I mean, I have no trust in AT &T and I don't either. And I don't have them on any level. Um, the few things I can say about AT
(06:40):
and my dad used to work at AT &T. Just pull the speaker. Yeah, you hired from AT &T. And it's just so big. This whole job was doing reports for executives. So he knew, uh, MySQL really Well, he knew this sort of relational database. He knew how to
(07:30):
run him really well. So his whole job at AT &T, and he's retired now, so I won't get him in trouble. It's just to run the reports for the C -suite. Right. They're the TPS reports. Exactly. And TPS reports. That's what he did for a living. So I
(08:20):
think AT &T and these telcos are just so big. And they have so much data. They just don't don't give a shit. Or they're not. They can't keep up. Yeah, they can't keep up. A lot of departments are siloed, but I do think there is a portion of
(09:10):
giving a shit because these companies are so big, they can just pass the baton to the next guys. You've got to pass that on to the cybersecurity guy, and the cybersecurity guys have no clue what you're talking about. It always falls back to some guy, some poor guy
(10:00):
It just gets all the blame. And it's so annoying to change your phone service that they just figure, whatever, we'll just send out a letter and offer free credit monitoring. But I think this is really going to send out Ripples if what I think is going to happen
(10:50):
happens with people getting extorted. I mean, with the Ashley Madison hack, they just did that Netflix special. I mean, people were like offing themselves because they were so embarrassed. That's horrible. Yeah, it was really horrible. but you know people couldn't live with their themselves so do the crime
(11:40):
you got to pay right not that you should kill yourself i do not think you should do that um for the record for the record but like you know live your truth right so and i'm probably involved with the AT &T breach just think how big that is
(12:30):
i don't have AT &T but i'm sure my information's in there somewhere It has to be. Yeah, you were texted by people from AT &T, right? Right. Texted back and forth. So there's nobody that's going to be unaffected by this. Especially those nice people that kept asking for
(13:20):
my username and password to my Coinbase account. Right. It's all good. And how many times did you text your wife password to your Amazon account or something like that? Oh, I'm guilty. There's a lot of that out there as well. So I don't know what's going to happen
(14:10):
with all that data. I mean, people should be just aware that it's out there and they should have already changed their passwords like 50 times. We go through this every day. I'll talk to people and they don't understand the data is the business. And I'll just preach this
(15:00):
day and night. They think cybersecurity is boring. I think cyber insurance is boring. I'll tell you what's not boring is having your wife seen everything that you had with AT &T for the last 20 years because that's not going to be boring. She's going to call you out
(15:50):
on your bullshit. So maybe you should consider securing your shit. Oh, think about all the celebrities and high -profile people. They said they were holding on to the data because there was national security concerns of texts that were taken out of there. So there's high -level government people.
(16:40):
There's people from media, people from movies, whatever, celebrities. So it's going to have quite the fallout, especially if these hackers make this data public. And you saw how they did it with Ashley Madison. They made the data public. And then different hackers or people on their own used
(17:30):
that data to create search function and it was pretty much accessible to everyone even though it was practically on the dark web they basically democratized it i could see something that happening where you just text you just put in your name and then you can see all your
(18:20):
texts that are out there yeah so that's going to be pretty up a couple things that just crossed my mind right here. AT &T is now the Jeffrey Epstein Diddy of Telko's. So they're doing business with AT &T, it's like doing business with Jeffrey Estes or Ditty. Yeah,
(19:10):
they're on the AT &T Island. And the other thing too is like, think about when they, you authenticate your account. Let's say someone's using Tender. I mean, that's how I meant my wife, by the way. I met her on Tender. And they would have that information because that's
(20:00):
how it authenticated. And then it would also authenticate a Facebook with Facebook's just a whole different thing. It's like it's pretty much just giving the back guys your info right away when they put them in there. When you first saw Facebook, I'm going to digress a little bit.
(20:50):
When you first saw Facebook, did you say oh shit all the information here is real what do you mean way back joe well prior to facebook they had my space where people would have like yours dog and then have fake birthdays and addresses and then when this is
(21:40):
why the zuck made so much money because everyone was putting in the real information i told us i had to digress like my tension's going up but it's the same thing like when it came out it's like the address is correct person's name. They even have, like, people's
(22:30):
date of birth, and they've toned back. But it was, it was bad. Yeah, we still have birthdays on there. And a lot of people share their birthday on Facebook so they can get wished happy birthday. I mean, I kind of liked it when I got wished happy birthday.
(23:20):
I don't care. I was born in 1987, by the way. That's what I put on Facebook. Makes me feel good. Oh, nice. You know, pretty young for a birth And you don't, hey, I'm an aged of it. No, not at all. There's another things out there, like Floyd's
(24:10):
health care, truth's health care, and then there's a black hat. That one was interesting. I spoke change health care. And what I thought, I don't know if we talked about this earlier for a recording of a knot where we talked about how bad guys are screwing each over
(25:00):
with the data that they're stealing from all the health care companies. Right, right. No, I don't think you did. Yeah, that one's interesting, too, with, like, Black Cat, stealing that much data, they get their ransom paid, or like a subsidiary Black Cat does the hack, and then they
(25:50):
don't pay Black Cat. And it's just, I don't understand. It's like playing three -card money. Like, they're, now we got to the point where these companies are just throwing the money away, $22 million, by the way. They have no idea who it's given it to, and it ended
(26:40):
up not being people that were responsible for the hack in the first place. Yeah, they seemed a little desperate to pay that. I mean, it's a $99 billion company, UHC, United Healthcare. So that's a drop in the bucket for them. So if they could have gotten systems back
(27:30):
line, that would have definitely been a good thing for them to do in hindsight. Unfortunately, it didn't happen that way. The affiliate of Black Cat did not pay Black Cat, and it didn't matter that they paid the $22 million. Yeah. I think most people don't understand that there's
(28:20):
like the Black Cat, which is a manufacturer of the malware, And they license it just like a software corporation to the affiliates who are actually doing the hacking. And the affiliates, they may not even be the ones that access Ascension. There's also data access brokers. So there's companies
(29:10):
that all they do is get access to these hospitals or companies. And then they sell the access to you know the highest bidder so that's why it's important to have like dark net searching for your name and for your company's name because there could be you could be
(30:00):
on a message board where they're saying hey i've got access to ex -health care who wants to buy this from me wow what that's thinking or it goes the other way somebody puts up a bid saying i need access access to change healthcare or a healthcare company with,
(30:50):
you know, over a thousand employees. This is how much I'm willing to pay and then people will do it to get in. I mean, the Ascension healthcare hack, which was last month, May 8th, 2024, they were spearfished. So spearfishing is a specific personalized way of fishing so they
(31:40):
know enough information about you in order to target you directly by using some kind of name of your boss or or maybe they're they've seen in your email and the way that you sign off on emails or how your boss signs up on their emails so they can
(32:30):
get in or maybe they had access to one of your vendors, emails, and they're able to spearfish you that way. And they're really efficient. Like, I've gotten a few of them and it has the branding from the company. And the only thing is they'll do is I'll look
(33:20):
at the domain and it'll be like a Gmail account, hotmail account, but everything else looks the same. It's not like back in the day where you get emails like the Nigerian princes or something where like from Boris and half the words are spelled wrong, they look really professional.
(34:10):
They're getting really sophisticated. So, you know, I can't put fault on anyone that clicks on those. It's just you have to protect themselves. I'm coming from a perspective that someone is going to click on it. And I'm going to click on it. I'm not overly sophisticated where I'm
(35:00):
going to know. So what am I going to do when that happens? And that's why I like some of things that they look at DNS and there's lots of companies out there like minecast and what have you to prevent it but yeah that's that's definitely something that that's
(35:50):
going to happen because they're just so sophisticated the fishing attacks as well it's just the world we live about that a little bit companies like minecasts that do like demark and anti -spoofing services can you explain that how that works essentially what they're doing is they're doing everything
(36:40):
on the DNS level. So high level, the computers, the internet works on numbers. And then it'll see when they use the DMARC, it's basically protecting your domain. So before it ever even hits your domain, these companies will be go, oh, no, no, no. They're spoofing into domain. So
(37:30):
they're hitting the issue before it goes to the end user. And high level, essentially that's what they're doing. And that's what makes them so useful. And I just mentioned Mindcast because that's top of, top of mind, that's the biggest one. But it's really efficient. And what they do
(38:20):
is once they, they see, this email is being spoofed, the domain is wrong. And I'll take a step back. Everything still runs through DNS. Like the internet hasn't changed since the 70s. It's still TCP IP protocol, DNS and what have you. So the good thing about these companies
(39:10):
is they'll block those emails knowing that the DNS is resolving to the wrong domain. And then they could also see the IP addresses because there's jumping to another rabbit holds all these blacklisted IP addresses when these people spam. And they see that as well. And then they quarantine
(40:00):
it as opposed to a traditional antivirus where the end user downloads the virus, downloads the email, and then releases all the information goes, oh shit and then it's too late right right that's interesting yeah so somebody like can't use like c3 insurance dot com if we have this
(40:50):
service and stated they can't spoof that well they can spoof it but they can't send out from it if someone has this kind of service they'll see oh this thing was spooked it's really easy just to do say c3 insurance dot net or whatever and then just make
(41:40):
some variation that's usually what they do but with these systems like minecast like different a yeah exactly or use a different a and it just takes a trained eye honestly but these services will see that and they'll say oh this is not right this one variable is wrong
(42:30):
especially and you notice the way they word those emails I had one my former where It looked like it was coming from my boss, and he was very direct and quick. And the email was, like, very quick and direct. It's like, hey, I'm in this location, I'm out
(43:20):
of country. I just need you to send them my username and password or go use signal. I was like, that's something that a CEO would say. I just looked at it for a minute. It's like, oh, shit. And then I went in the signal and said, hey, did
(44:10):
you just request this. It's like, no. So, yeah, they're good. They're very good. And it happens more than you think. I work with a lot of companies to do their cyber insurance. And there's always a question like, have you been hacked before? And like 25 to 50 %
(45:00):
of the time, somebody says, no, we haven't been hacked. But one time, one of my assistants, you know, transferred $90 ,000 over to some Nigerian prints because they thought it was me. Did I tell you the story that it actually happened to our company where somebody, it was
(45:50):
a smishing attack, which is a text message fishing attempt, and somebody spoofed the owner's phone number and said, hey, we need these gift cards for the holiday party, you know, because it was around Christmas. Can you get him for me? And she went to the store, bought the
(46:40):
gift cards. He's like, oh, I need the numbers and the pin. And she gave all that over to him. Oh, no. It was only like 500 bucks, but still. It could have been a lot worse. Yeah. Yeah, it could have been worse and learn. Sophisticated. But the number
(47:30):
red flag is green card. They always says, hey, can you go to the 7 -Eleven and buy a green card? Oh, what are those? Those are the cards that's as good as cash. And then they found these in the prison system. This is what the prisoners would use,
(48:20):
too. It looks like a phone number, but it's actually a number that you can use on the green card system. And then it's like cash app. And it's just a series of numbers. You can put them into a phone. And so what the scammers were doing was they
(49:10):
asked for the green card. And then my wife, God bless her, but she got a call supposedly from Facebook. And they were saying, hey, you know, this is Mark Zuckerberg. I need you to get a green card to get access to you a Facebook account. And I'm like,
(50:00):
babe, that's not real. That's not real. The phone number looks like it's from Facebook. It's like Facebook's not going to call anyone. They don't have to. And the other thing is think about, do you think the Zuck needs your green card? No, but they just randomly pick people.
(50:50):
They had one, two, here in San Diego with SD &E, or he's getting calls about, like, this is SDD &E. We're going to turn off your electricity and let you go get the green card and you give us the number right now. Go to the 7 -Eleven. But,
(51:40):
you know, it didn't work on us. It's comical. They're hitting elderly people now, too, a lot. So So there's the phone. It seems like once you get a home. Oh, go ahead. Sorry. Go ahead. No, I was just rambling about how different methodologies that they can use. It's
(52:30):
really interesting how like you, it's interesting how you get over a certain age and you're more prone to fall for scams. And I've seen it. There's like a threshold of how old you get. And I don't know why, but it's everybody once they get to a certain age
(53:20):
is like more prone to getting scammed i don't know why it's like your dad or your mom they're constantly being scammed and i don't know what's a day to them just like don't click nobody's going to call you never never send anything over the phone there's never give
(54:10):
anyone your password i mean i even probably fall for more things than I used to. I almost clicked for a free cooler. Six sporting goods. I was like, I want a cooler. This is what a Yeti cooler. I always had to do. It's getting my social and date
(55:00):
of birth and I got a free Yeti cooler. So close to clicking. I'm going to go buy one. Yeah, it's just buy one. But to your point, my dad has a landline And he's, you know, he's married and they're both in their 80s. And that damn landline just
(55:50):
rings all day long. If it's not just like political campaigns, religious stuff, it's just like, holy shit. If you want to see a good social experiment, go to some seniors house that has a landline and just have the conversations with all the scammers they call into that landline.
(56:40):
Yeah. It's horrible that they pick on are our most vulnerable. Going to change healthcare, that hack is going to cost them over almost $2 billion by the end of the year, according to the CFO. I mean, that's like almost 2 % of their total value, which is going
(57:30):
to hit their stock price pretty good already, but it could even be worse. I don't know how insured they were. I'm sure they had insurance, but I don't think they had $2 billion worth of insurance. Have you seen the stuff on Ascension Health? No. You talk to me
(58:20):
a little bit about that? Yeah, so they're like a non -profit health network with 140 hospitals, 40 senior living facilities in 19 states, And they were completely wiped out on their computers, and they had to go to all paper records and fax machines. Ouch. They were rerouting ambulances.
(59:10):
Doctors and nurses couldn't look at patient records, so they were giving the wrong medications, lab results. They had to do them over again. They couldn't find any lab results. And talking about pretty serious stuff when you give the person the wrong medication because you don't know they're allergic
(01:00:00):
or have some type of reaction to it. And you don't have those records to say don't give them this pain medication versus this pain medication. And I saw a statistic that 20 % increase in mortality rates. If somebody gets hacked, that's a medical hospital. So like 20 %
(01:00:50):
more people die if they're hacked just because they don't have access to the patient records. And it's pretty much. Yeah, it's horrible for them in so many ways because the nurses are running around with their head cut off. Super stressful. Everyone's working longer hours, they're trying to figure
(01:01:40):
out like how new SOPs because it's changing daily. So these hackers like blackbuster, they should be, you know, not just locked up. They should, you know, go to taking around back because they're actually causing deaths. It's definitely something to be taken seriously. And there needs to be more
(01:02:30):
consequences. I was thinking about this today too. I know you got a hard stop, but I was thinking about like the FBI. A lot of times when I talk to customers, I say, well, you know, there's the FBI and they can help us. And it's like law enforcement's
(01:03:20):
overwhelmed. And how much do you think the FBI is going to do? I mean, there's, how would they prosecute? And it just takes forever. I think people have to realize that they're on their own. And the more difficult you make it to get compromised, you just reduce the
(01:04:10):
probability of it. And I'm not saying it's, you'll never get hacked, you'll never get compromised, but you just have to think about it. I just can't put my shit out there. And everyone does. There's people out there running old, end -of -life firewalls, the old Cisco ASA 5510s
(01:05:00):
and what have you. It's no blame, vulnerability. Yeah. They're just out there on the internet and it's like, come on guys, anyone can do that. Another one too. That's what happened to Comcast, actually. It was the Cisco bleed. They lost 36 million people's data. Simple things like that,
(01:05:50):
not using end -of -life hardware. Yeah. And companies need to plan on being hacked too. They need to have a plan for when they get hacked because really it isn't if but then to work through that and war game it by doing tabletop exercises, going through what do
(01:06:40):
we do if we have to go to paper records? What's our standard operating procedures? Do we have a backup network? You know, especially for hospitals, they should have more contingency plans. They have backup power, right? They all have UPS systems and generators. So they have a backup network?
(01:07:30):
You know? There's a lot, like, they would, they should have a disaster recovery plan in place. And essentially what would happen in that case is once they get compromised, they could roll everything back before they got compromised. And then they could be up and running. When these situations,
(01:08:20):
A lot of it is always after the fact if they had a DR situation, a DR plan in place, that they have like what you just described as far as like I call it like a dead man policy. Like what are you going to do or a key
(01:09:10):
man policy? It's like the same thing. Like, hey, this person died. Now what? And well, now your data's gone. Now what? Now you're held liable. And so, yeah, it's just you can mitigate the loss and you can mitigate the damage on what's going to happen. You just have
(01:10:00):
to be realistic, stolic almost, and just accept the fact, hey, this is going to happen to me, especially if you're in health care. Yeah, and you have to have, like you said, a plan. You know, you probably want to assign somebody to be like your communications person. So
(01:10:50):
some CTO is not talking to the press when He doesn't know how to talk to the press. A lot of different ways you can mitigate that risk at the end of, you know, a hack. Of course, having insurance is really important as well because they can kind of
(01:11:40):
take you through the entire process. But with that, I got to go, man. This was really fun. I'm glad we got to chat it up here at the Ransomware Rewind podcast. Don't forget to like and subscribe. Smash that like button. Comment below. Do you have any good stories
(01:12:30):
or interesting facts about health care and hacking? And we will see you later. Anything else, Mike? No, I'm good. This is fun. I enjoy these. I want to do it more often. I'll leave it at that. Absolutely. All right, guys, stay safe out there. Take care.
Did you hear about the AT &T hack today? Yes. Every text from 2022 has been leaked. Does that include pictures, too? Oh, people are in trouble now. Like all the dick picks are out there now. Yeah, exactly. That should be the intro of the podcast. The dick picks
(00:50):
are out. AT &T releases dick picks. That I'll get some clicks. And to be fair, they probably did, millions of them. Right? How much of that is online now. This is the biggest hack since Ashley Madison of personal information. I mean, hackers are going to use AI to
(01:40):
scour through that, find leverage points to extort people, and start calling people up and be, I know what you did in 2022. Guess what? I noticed you didn't have a mask on 2022. Right. Yeah. Yeah, it's just a trip. I think we're, what is AT &T going to
(02:30):
do? You know, that's the question. They're not going to do anything. They're going to do what they did last time. They're going to send out a letter saying, oh, you know, shit happens. You have a breach, you know, let us assure you that we're going to do credit
(03:20):
monitoring and all this BS that they have to do for the law anyway and act like they're doing it out of their, you know. Because they're so altruistic and they're so concerned about security. That's what we're going to do for you because we care about you. No, it's
(04:10):
because you're doing the least amount you have to comply with the law. Exactly. We're going to send this message out after the fact. If you really gave a shit, because AT &T has the resources, it never would have happened in the first place. You think about the internet
(05:00):
was built on AT &T's backbone. Back Back with Maupel, Pac -Dell, they have the resources. Yeah, it's a company that's too big, and they don't have any control from the top down. It seems like they are unable to secure their data in any fashion. They don't even know
(05:50):
how they lost the 76 million people records from here. They couldn't even figure out how they got Um, so I mean, I have no trust in AT &T and I don't either. And I don't have them on any level. Um, the few things I can say about AT
(06:40):
and my dad used to work at AT &T. Just pull the speaker. Yeah, you hired from AT &T. And it's just so big. This whole job was doing reports for executives. So he knew, uh, MySQL really Well, he knew this sort of relational database. He knew how to
(07:30):
run him really well. So his whole job at AT &T, and he's retired now, so I won't get him in trouble. It's just to run the reports for the C -suite. Right. They're the TPS reports. Exactly. And TPS reports. That's what he did for a living. So I
(08:20):
think AT &T and these telcos are just so big. And they have so much data. They just don't don't give a shit. Or they're not. They can't keep up. Yeah, they can't keep up. A lot of departments are siloed, but I do think there is a portion of
(09:10):
giving a shit because these companies are so big, they can just pass the baton to the next guys. You've got to pass that on to the cybersecurity guy, and the cybersecurity guys have no clue what you're talking about. It always falls back to some guy, some poor guy
(10:00):
It just gets all the blame. And it's so annoying to change your phone service that they just figure, whatever, we'll just send out a letter and offer free credit monitoring. But I think this is really going to send out Ripples if what I think is going to happen
(10:50):
happens with people getting extorted. I mean, with the Ashley Madison hack, they just did that Netflix special. I mean, people were like offing themselves because they were so embarrassed. That's horrible. Yeah, it was really horrible. but you know people couldn't live with their themselves so do the crime
(11:40):
you got to pay right not that you should kill yourself i do not think you should do that um for the record for the record but like you know live your truth right so and i'm probably involved with the AT &T breach just think how big that is
(12:30):
i don't have AT &T but i'm sure my information's in there somewhere It has to be. Yeah, you were texted by people from AT &T, right? Right. Texted back and forth. So there's nobody that's going to be unaffected by this. Especially those nice people that kept asking for
(13:20):
my username and password to my Coinbase account. Right. It's all good. And how many times did you text your wife password to your Amazon account or something like that? Oh, I'm guilty. There's a lot of that out there as well. So I don't know what's going to happen
(14:10):
with all that data. I mean, people should be just aware that it's out there and they should have already changed their passwords like 50 times. We go through this every day. I'll talk to people and they don't understand the data is the business. And I'll just preach this
(15:00):
day and night. They think cybersecurity is boring. I think cyber insurance is boring. I'll tell you what's not boring is having your wife seen everything that you had with AT &T for the last 20 years because that's not going to be boring. She's going to call you out
(15:50):
on your bullshit. So maybe you should consider securing your shit. Oh, think about all the celebrities and high -profile people. They said they were holding on to the data because there was national security concerns of texts that were taken out of there. So there's high -level government people.
(16:40):
There's people from media, people from movies, whatever, celebrities. So it's going to have quite the fallout, especially if these hackers make this data public. And you saw how they did it with Ashley Madison. They made the data public. And then different hackers or people on their own used
(17:30):
that data to create search function and it was pretty much accessible to everyone even though it was practically on the dark web they basically democratized it i could see something that happening where you just text you just put in your name and then you can see all your
(18:20):
texts that are out there yeah so that's going to be pretty up a couple things that just crossed my mind right here. AT &T is now the Jeffrey Epstein Diddy of Telko's. So they're doing business with AT &T, it's like doing business with Jeffrey Estes or Ditty. Yeah,
(19:10):
they're on the AT &T Island. And the other thing too is like, think about when they, you authenticate your account. Let's say someone's using Tender. I mean, that's how I meant my wife, by the way. I met her on Tender. And they would have that information because that's
(20:00):
how it authenticated. And then it would also authenticate a Facebook with Facebook's just a whole different thing. It's like it's pretty much just giving the back guys your info right away when they put them in there. When you first saw Facebook, I'm going to digress a little bit.
(20:50):
When you first saw Facebook, did you say oh shit all the information here is real what do you mean way back joe well prior to facebook they had my space where people would have like yours dog and then have fake birthdays and addresses and then when this is
(21:40):
why the zuck made so much money because everyone was putting in the real information i told us i had to digress like my tension's going up but it's the same thing like when it came out it's like the address is correct person's name. They even have, like, people's
(22:30):
date of birth, and they've toned back. But it was, it was bad. Yeah, we still have birthdays on there. And a lot of people share their birthday on Facebook so they can get wished happy birthday. I mean, I kind of liked it when I got wished happy birthday.
(23:20):
I don't care. I was born in 1987, by the way. That's what I put on Facebook. Makes me feel good. Oh, nice. You know, pretty young for a birth And you don't, hey, I'm an aged of it. No, not at all. There's another things out there, like Floyd's
(24:10):
health care, truth's health care, and then there's a black hat. That one was interesting. I spoke change health care. And what I thought, I don't know if we talked about this earlier for a recording of a knot where we talked about how bad guys are screwing each over
(25:00):
with the data that they're stealing from all the health care companies. Right, right. No, I don't think you did. Yeah, that one's interesting, too, with, like, Black Cat, stealing that much data, they get their ransom paid, or like a subsidiary Black Cat does the hack, and then they
(25:50):
don't pay Black Cat. And it's just, I don't understand. It's like playing three -card money. Like, they're, now we got to the point where these companies are just throwing the money away, $22 million, by the way. They have no idea who it's given it to, and it ended
(26:40):
up not being people that were responsible for the hack in the first place. Yeah, they seemed a little desperate to pay that. I mean, it's a $99 billion company, UHC, United Healthcare. So that's a drop in the bucket for them. So if they could have gotten systems back
(27:30):
line, that would have definitely been a good thing for them to do in hindsight. Unfortunately, it didn't happen that way. The affiliate of Black Cat did not pay Black Cat, and it didn't matter that they paid the $22 million. Yeah. I think most people don't understand that there's
(28:20):
like the Black Cat, which is a manufacturer of the malware, And they license it just like a software corporation to the affiliates who are actually doing the hacking. And the affiliates, they may not even be the ones that access Ascension. There's also data access brokers. So there's companies
(29:10):
that all they do is get access to these hospitals or companies. And then they sell the access to you know the highest bidder so that's why it's important to have like dark net searching for your name and for your company's name because there could be you could be
(30:00):
on a message board where they're saying hey i've got access to ex -health care who wants to buy this from me wow what that's thinking or it goes the other way somebody puts up a bid saying i need access access to change healthcare or a healthcare company with,
(30:50):
you know, over a thousand employees. This is how much I'm willing to pay and then people will do it to get in. I mean, the Ascension healthcare hack, which was last month, May 8th, 2024, they were spearfished. So spearfishing is a specific personalized way of fishing so they
(31:40):
know enough information about you in order to target you directly by using some kind of name of your boss or or maybe they're they've seen in your email and the way that you sign off on emails or how your boss signs up on their emails so they can
(32:30):
get in or maybe they had access to one of your vendors, emails, and they're able to spearfish you that way. And they're really efficient. Like, I've gotten a few of them and it has the branding from the company. And the only thing is they'll do is I'll look
(33:20):
at the domain and it'll be like a Gmail account, hotmail account, but everything else looks the same. It's not like back in the day where you get emails like the Nigerian princes or something where like from Boris and half the words are spelled wrong, they look really professional.
(34:10):
They're getting really sophisticated. So, you know, I can't put fault on anyone that clicks on those. It's just you have to protect themselves. I'm coming from a perspective that someone is going to click on it. And I'm going to click on it. I'm not overly sophisticated where I'm
(35:00):
going to know. So what am I going to do when that happens? And that's why I like some of things that they look at DNS and there's lots of companies out there like minecast and what have you to prevent it but yeah that's that's definitely something that that's
(35:50):
going to happen because they're just so sophisticated the fishing attacks as well it's just the world we live about that a little bit companies like minecasts that do like demark and anti -spoofing services can you explain that how that works essentially what they're doing is they're doing everything
(36:40):
on the DNS level. So high level, the computers, the internet works on numbers. And then it'll see when they use the DMARC, it's basically protecting your domain. So before it ever even hits your domain, these companies will be go, oh, no, no, no. They're spoofing into domain. So
(37:30):
they're hitting the issue before it goes to the end user. And high level, essentially that's what they're doing. And that's what makes them so useful. And I just mentioned Mindcast because that's top of, top of mind, that's the biggest one. But it's really efficient. And what they do
(38:20):
is once they, they see, this email is being spoofed, the domain is wrong. And I'll take a step back. Everything still runs through DNS. Like the internet hasn't changed since the 70s. It's still TCP IP protocol, DNS and what have you. So the good thing about these companies
(39:10):
is they'll block those emails knowing that the DNS is resolving to the wrong domain. And then they could also see the IP addresses because there's jumping to another rabbit holds all these blacklisted IP addresses when these people spam. And they see that as well. And then they quarantine
(40:00):
it as opposed to a traditional antivirus where the end user downloads the virus, downloads the email, and then releases all the information goes, oh shit and then it's too late right right that's interesting yeah so somebody like can't use like c3 insurance dot com if we have this
(40:50):
service and stated they can't spoof that well they can spoof it but they can't send out from it if someone has this kind of service they'll see oh this thing was spooked it's really easy just to do say c3 insurance dot net or whatever and then just make
(41:40):
some variation that's usually what they do but with these systems like minecast like different a yeah exactly or use a different a and it just takes a trained eye honestly but these services will see that and they'll say oh this is not right this one variable is wrong
(42:30):
especially and you notice the way they word those emails I had one my former where It looked like it was coming from my boss, and he was very direct and quick. And the email was, like, very quick and direct. It's like, hey, I'm in this location, I'm out
(43:20):
of country. I just need you to send them my username and password or go use signal. I was like, that's something that a CEO would say. I just looked at it for a minute. It's like, oh, shit. And then I went in the signal and said, hey, did
(44:10):
you just request this. It's like, no. So, yeah, they're good. They're very good. And it happens more than you think. I work with a lot of companies to do their cyber insurance. And there's always a question like, have you been hacked before? And like 25 to 50 %
(45:00):
of the time, somebody says, no, we haven't been hacked. But one time, one of my assistants, you know, transferred $90 ,000 over to some Nigerian prints because they thought it was me. Did I tell you the story that it actually happened to our company where somebody, it was
(45:50):
a smishing attack, which is a text message fishing attempt, and somebody spoofed the owner's phone number and said, hey, we need these gift cards for the holiday party, you know, because it was around Christmas. Can you get him for me? And she went to the store, bought the
(46:40):
gift cards. He's like, oh, I need the numbers and the pin. And she gave all that over to him. Oh, no. It was only like 500 bucks, but still. It could have been a lot worse. Yeah. Yeah, it could have been worse and learn. Sophisticated. But the number
(47:30):
red flag is green card. They always says, hey, can you go to the 7 -Eleven and buy a green card? Oh, what are those? Those are the cards that's as good as cash. And then they found these in the prison system. This is what the prisoners would use,
(48:20):
too. It looks like a phone number, but it's actually a number that you can use on the green card system. And then it's like cash app. And it's just a series of numbers. You can put them into a phone. And so what the scammers were doing was they
(49:10):
asked for the green card. And then my wife, God bless her, but she got a call supposedly from Facebook. And they were saying, hey, you know, this is Mark Zuckerberg. I need you to get a green card to get access to you a Facebook account. And I'm like,
(50:00):
babe, that's not real. That's not real. The phone number looks like it's from Facebook. It's like Facebook's not going to call anyone. They don't have to. And the other thing is think about, do you think the Zuck needs your green card? No, but they just randomly pick people.
(50:50):
They had one, two, here in San Diego with SD &E, or he's getting calls about, like, this is SDD &E. We're going to turn off your electricity and let you go get the green card and you give us the number right now. Go to the 7 -Eleven. But,
(51:40):
you know, it didn't work on us. It's comical. They're hitting elderly people now, too, a lot. So So there's the phone. It seems like once you get a home. Oh, go ahead. Sorry. Go ahead. No, I was just rambling about how different methodologies that they can use. It's
(52:30):
really interesting how like you, it's interesting how you get over a certain age and you're more prone to fall for scams. And I've seen it. There's like a threshold of how old you get. And I don't know why, but it's everybody once they get to a certain age
(53:20):
is like more prone to getting scammed i don't know why it's like your dad or your mom they're constantly being scammed and i don't know what's a day to them just like don't click nobody's going to call you never never send anything over the phone there's never give
(54:10):
anyone your password i mean i even probably fall for more things than I used to. I almost clicked for a free cooler. Six sporting goods. I was like, I want a cooler. This is what a Yeti cooler. I always had to do. It's getting my social and date
(55:00):
of birth and I got a free Yeti cooler. So close to clicking. I'm going to go buy one. Yeah, it's just buy one. But to your point, my dad has a landline And he's, you know, he's married and they're both in their 80s. And that damn landline just
(55:50):
rings all day long. If it's not just like political campaigns, religious stuff, it's just like, holy shit. If you want to see a good social experiment, go to some seniors house that has a landline and just have the conversations with all the scammers they call into that landline.
(56:40):
Yeah. It's horrible that they pick on are our most vulnerable. Going to change healthcare, that hack is going to cost them over almost $2 billion by the end of the year, according to the CFO. I mean, that's like almost 2 % of their total value, which is going
(57:30):
to hit their stock price pretty good already, but it could even be worse. I don't know how insured they were. I'm sure they had insurance, but I don't think they had $2 billion worth of insurance. Have you seen the stuff on Ascension Health? No. You talk to me
(58:20):
a little bit about that? Yeah, so they're like a non -profit health network with 140 hospitals, 40 senior living facilities in 19 states, And they were completely wiped out on their computers, and they had to go to all paper records and fax machines. Ouch. They were rerouting ambulances.
(59:10):
Doctors and nurses couldn't look at patient records, so they were giving the wrong medications, lab results. They had to do them over again. They couldn't find any lab results. And talking about pretty serious stuff when you give the person the wrong medication because you don't know they're allergic
(01:00:00):
or have some type of reaction to it. And you don't have those records to say don't give them this pain medication versus this pain medication. And I saw a statistic that 20 % increase in mortality rates. If somebody gets hacked, that's a medical hospital. So like 20 %
(01:00:50):
more people die if they're hacked just because they don't have access to the patient records. And it's pretty much. Yeah, it's horrible for them in so many ways because the nurses are running around with their head cut off. Super stressful. Everyone's working longer hours, they're trying to figure
(01:01:40):
out like how new SOPs because it's changing daily. So these hackers like blackbuster, they should be, you know, not just locked up. They should, you know, go to taking around back because they're actually causing deaths. It's definitely something to be taken seriously. And there needs to be more
(01:02:30):
consequences. I was thinking about this today too. I know you got a hard stop, but I was thinking about like the FBI. A lot of times when I talk to customers, I say, well, you know, there's the FBI and they can help us. And it's like law enforcement's
(01:03:20):
overwhelmed. And how much do you think the FBI is going to do? I mean, there's, how would they prosecute? And it just takes forever. I think people have to realize that they're on their own. And the more difficult you make it to get compromised, you just reduce the
(01:04:10):
probability of it. And I'm not saying it's, you'll never get hacked, you'll never get compromised, but you just have to think about it. I just can't put my shit out there. And everyone does. There's people out there running old, end -of -life firewalls, the old Cisco ASA 5510s
(01:05:00):
and what have you. It's no blame, vulnerability. Yeah. They're just out there on the internet and it's like, come on guys, anyone can do that. Another one too. That's what happened to Comcast, actually. It was the Cisco bleed. They lost 36 million people's data. Simple things like that,
(01:05:50):
not using end -of -life hardware. Yeah. And companies need to plan on being hacked too. They need to have a plan for when they get hacked because really it isn't if but then to work through that and war game it by doing tabletop exercises, going through what do
(01:06:40):
we do if we have to go to paper records? What's our standard operating procedures? Do we have a backup network? You know, especially for hospitals, they should have more contingency plans. They have backup power, right? They all have UPS systems and generators. So they have a backup network?
(01:07:30):
You know? There's a lot, like, they would, they should have a disaster recovery plan in place. And essentially what would happen in that case is once they get compromised, they could roll everything back before they got compromised. And then they could be up and running. When these situations,
(01:08:20):
A lot of it is always after the fact if they had a DR situation, a DR plan in place, that they have like what you just described as far as like I call it like a dead man policy. Like what are you going to do or a key
(01:09:10):
man policy? It's like the same thing. Like, hey, this person died. Now what? And well, now your data's gone. Now what? Now you're held liable. And so, yeah, it's just you can mitigate the loss and you can mitigate the damage on what's going to happen. You just have
(01:10:00):
to be realistic, stolic almost, and just accept the fact, hey, this is going to happen to me, especially if you're in health care. Yeah, and you have to have, like you said, a plan. You know, you probably want to assign somebody to be like your communications person. So
(01:10:50):
some CTO is not talking to the press when He doesn't know how to talk to the press. A lot of different ways you can mitigate that risk at the end of, you know, a hack. Of course, having insurance is really important as well because they can kind of
(01:11:40):
take you through the entire process. But with that, I got to go, man. This was really fun. I'm glad we got to chat it up here at the Ransomware Rewind podcast. Don't forget to like and subscribe. Smash that like button. Comment below. Do you have any good stories
(01:12:30):
or interesting facts about health care and hacking? And we will see you later. Anything else, Mike? No, I'm good. This is fun. I enjoy these. I want to do it more often. I'll leave it at that. Absolutely. All right, guys, stay safe out there. Take care.
Popular Podcasts
Fudd Around And Find Out
UConn basketball star Azzi Fudd brings her championship swag to iHeart Women’s Sports with Fudd Around and Find Out, a weekly podcast that takes fans along for the ride as Azzi spends her final year of college trying to reclaim the National Championship and prepare to be a first round WNBA draft pick. Ever wonder what it’s like to be a world-class athlete in the public spotlight while still managing schoolwork, friendships and family time? It’s time to Fudd Around and Find Out!
Crime Junkie
Does hearing about a true crime case always leave you scouring the internet for the truth behind the story? Dive into your next mystery with Crime Junkie. Every Monday, join your host Ashley Flowers as she unravels all the details of infamous and underreported true crime cases with her best friend Brit Prawat. From cold cases to missing persons and heroes in our community who seek justice, Crime Junkie is your destination for theories and stories you won’t hear anywhere else. Whether you're a seasoned true crime enthusiast or new to the genre, you'll find yourself on the edge of your seat awaiting a new episode every Monday. If you can never get enough true crime... Congratulations, you’ve found your people. Follow to join a community of Crime Junkies! Crime Junkie is presented by audiochuck Media Company.
The Breakfast Club
The World's Most Dangerous Morning Show, The Breakfast Club, With DJ Envy, Jess Hilarious, And Charlamagne Tha God!