Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
(00:02):
Fifty five kr CD talk station.Happy Friday. Always made half here with
this segment. Look forward to itevery week. Brought to you by Intrust.
It the best cord of the businesscareer for your solving and dealing with
your computer related business challenges. DaveHatter is the principle there and it's in
his company. And I appreciate Dave. You appreciate you, uh and interest
(00:22):
I for sponsoring this very informative andoften frightening segment. Welcome back and Happy
Friday. Brother. Hey Brian,always good to be here in this kind
of this topic, this AI generatorreviews fooling humans and detectors. I was
commenting earlier, you know, Ijust I just look at it from my
perspective as a you know, anow recovering attorney, the evidentiary realities of
(00:44):
being in court. And I'm thinking, like on along a criminal trial where
you know, reasonable doubt reasonable,and if there's some piece of evidence,
video camera, ring camera footage,a recording of a voice, as you
have talked talked about time and timeagain, it's easy to clone it.
We are never going to believe anything. We can't believe our eyes or our
ears anymore. Yeah, that's wherewe're at, and it's been a concern
(01:07):
of mine for some time. Youknow, you and I have talked about
this for years, but I thoughtthis story was kind of interesting. You
know, online reviews have also comeunder fire for a long time, well
long before you know generative AI andchat GPT tools that produce this stuff.
But because let's face it, ifyou are a person that doesn't understand the
review could be fake, and someonegoes out and generates a bunch of fake
(01:30):
reviews for their product or service,it looks good to you, right,
yep. So the fake the fakereview thing has been around for a while.
But now with these synthetic media toolslike chat GPT, you can crank
out enormous amounts of text at scale. I mean, you can use an
API to automate this process, soyou know, if you know what you're
doing, you could generally generate alarge number of incredibly authentic sounding reviews very
(01:53):
quickly. And this recent study,which I thought was really interesting because it
gets into some pretty some pretty intricatedetail, shows that most people when they
look at these reviews, can't tellnot only whether they're fake in general,
but whether they've been generated by somesort of generative AI tool. Again,
think of things like chat GPT,Google's, Gemini, X's Rock, Microsoft
(02:19):
Copilot, and there are others outthere. So they said three hundred and
one participants split into two studies,the average ages forty seven and fifty percent
were female. That all native Englishspeakers from United States, Canada, UK,
Ireland and Australia. This is whereI think it gets so interesting.
And study one participants were showing amix of real YELP reviews and AI generated
counterparts created by chat GPT. Theycorrectly identified the source only about fifty percent
(02:45):
of the time. Now the secondstudy, everything was generated by chat GPT
and they only got it right sixtyfour percent at the time. So it's
it's pretty interesting to me that whenyou had at all AI reviews, people
(03:06):
just couldn't tell at all. AndI'll also point out, Brian, because
we've talked about this, there aremany companies out there who have been trying
to create tools that can tell youwhether something was generated through AI. One
of the probably more well known onesout there is called no GPT right play
off the GPT. And by theway, for folks out there listening and
(03:28):
hearing this GPT all the time.It just means generative pre trained transformer.
It's the way the large language modelworks that produces the output. So you
can take your synthetic media generated byone of these tools, paste it into
this and it tries to tell youif it was created by an AI tool
or not. Now, the studythey used one of these tools to do
(03:51):
it, not this one in particular, it didn't do much better. And
I can tell you from playing withthis. I have literally fired up chat
GPT for had it write something,paste it directly into this box with no
edits by me whatsoever, and ittell me it was like seventy four percent
likely it was written by chat CHEPT. Well it was one hundred percent because
(04:13):
I literally copied and pasted it in. So you know, when people tell
you these you can use these toolsto detect it and you know that something
was certainly written by an AI.There's just no way to know at this
point. So you know, itgoes to show on two fronts. A
you can't believe online reviews, andI think the credibility of them will further
(04:35):
go down because of these tools andthe ability to easily create very realistic sounding
content quickly and then be going backto your point, we are at a
place where you can't believe your earsor eyes. You've got voice cloning,
you've got the ability to create veryrealistic videos, you can create text,
and you know the impact on oursociety is going to be Substantialum. Anyways,
(04:56):
you mentioned the legal angle. Youknow we've already seen a case now
where someone used as a defense,oh I was deep faked. And just
again for terminology purposes, you've gotgenerative aye tools like chat GPT. They
create synthetic media. Synthetic media couldbe text, it could be audio,
could be video. It's something createdentirely by the computer. And then when
(05:19):
you hear the term deep fake,and that is a specific type of synthetic
media. Sorry, that has somekind of negative, you know, dubious
purpose. It's designed to be tofool somebody rather than I just want to
write something using chat SCHEPT. SoI think this study just goes to show
(05:40):
you that we're headed into a placewhere it's going to get harder and harder
to know what's real and what's notreal, and it has the potential to
cause some major societal up people aspeople use these to frame someone, yes,
to say I didn't do something,you know, exactly exactly. Here's
a video of me in Poughkeepsie,Iowa, on the day you said I
(06:00):
murdered my wife here in Cincinnati.Right, Yeah, it's gonna goes both
ways. Let's pause, We'll bringDave tenfoil hot Dave, or we'll report
Dave back. Thanks Interest, IT for this scaring the crap out of
me on our Future six sixty two. But about krcity talk station Interest I
T dot com where you find dave'vehatter. If you're a business, you've
got a computer, you need them? All right? More scams and I
(06:25):
personalized job scams. What's the storyon this one day? Yeah, so
the headline about this, which Ithought was timely with people graduating from college
looking for jobs and just people lookingfor jobs in general. Because job scams
are something they've been around for along time, they shift constantly. The
FBI has got some great information ontheir website, Internet Crime Complaints Center IC
(06:46):
three dot gov, as do othergovernment agencies warning about this. And I
mean, if you think about it, Brian, how scummy is it to
try to scam someone while they're lookingfor a job. In most cases,
you know they probably are already stressedout in the yes process. In many
cases, you know they might behaving financial issues, and now you're gonna
(07:09):
make their problems even worse by dumpingon them with some kind of scam.
So again, I thought this wastimely because of the college graduations and you
know former students now looking to getinto the workforce, and there's so many
different ways they'll come at you.For example, Uh, there's the whole
concept in cybercrime called search engine poisoning. I think we've talked about it before,
(07:31):
but there's nothing that would stop me, as a criminal from trying to
add legitimacy to whatever I'm doing bygoing to Google or Microsoft with their being
search engine or any search engine,and legitimately registering keywords and running ads on
their platform. And I think everyonethat I hope everyone that listens knows.
You know, in the old days, it was really clearly delineated what was
(07:54):
a paid link and what was anorganic link something that showed up just because
it ranked well. Right, that'sharder and harder to tell. So I
pay to get something in Google.And now let's say you're searching for a
job. Something pops up, it'son Google. You don't realize that a
criminal has literally paid to have itrank. It feels authentic and legitimate,
(08:16):
especially because it's on Google. Youclick the link and now you're down the
rabbit hole or in a similar vein. And in addition to that, I
might go to legitimate job sites likeMonster or Dice or glass door or any
number of legitimate job sites and spendmoney to post a fake job ad because
as a criminal, I know you'renot thinking, Wow, someone that's going
(08:37):
to post bogus stuff on glass doorand pay for it, So you know
they're gaming the system, and they'recreating authenticity and legitimacy by using legitimate sites
to make their bogus stuff seem morelegitimate. So maybe I go to Google,
I click a link, it takesme to a bogus site. I
use a job site, takes meto a bogus site. Now they got
(08:58):
me in their funnel. Will usuallywork something like this, Brian, I
found this great job, and allI need to do is take some training
in advance or buy some equipment inthere, and then I will be reimbursed
for it later. That's exactly whathad to my son. Yeah, it
was last year or whatever. Ican't remember. He was he wanted to
(09:20):
get additional part time work because he'skind of a freelancer, and he had
this company. Yeah, we wantto hire you. He looked into the
company. It appeared legitimate. Itwas a scam, and he knew,
I mean, it was a giantred flag the minute they said, you
need to get a computer. Soit's only for us. It's you know,
independent, it doesn't any connection withthe outside world. And I understand
some businesses require that, but theyinsisted he acquired this computer from some entity
(09:46):
in Texas and they promised you thereimbursement. It's like, you know,
hang up the phone. I mean, it's brilliant. Ultimately, that was
the conclusion, and then they threatenedhim with death when he when he refused
to When he refuse to go throughwith it, they said, yeah,
you know what, we're going toafter you and you keep your eyes peeled
and you know mind you're six orsomething along those lines, because you didn't
follow through with this. So youknow, well, we just turned it.
(10:09):
We could turn it into the FBI, and they said, oh,
this happens all the time, andseriously, do not take that complaint seriously
that you know, Ryan, SoI want to come back to that.
I'm glad you turned it in again. Internet Crimecomplaints Center dot gov. I'll
link that in my notes from theday's show. This is why it's important
for people to report these kind ofthings, is because over time, patterns
emerge, and then the FBI andother agencies can put out public service announcements
(10:33):
to warn the public about this.You know, if there's only one or
two, that's one thing. Butwhen you see hundreds of these coming in
because people say, you know,I might be embarrassed, i might feel
ashamed or whatever, but I'm goingto report it anyway, You're doing the
rest of society a real favor bydoing that. Obviously, you know,
any unsolicited job offer that seems toogood to be true probably true. I
will remind folks, you know,as part of their scam, they'll create
(10:56):
doppelganger websites, they'll set up LinkedInprofiles, they'll look up the name of
real people from legitimate companies or LinkedIn, and they'll use these online tools to
create legitimacy. And then they justrun a calm on you because you know,
they're they're basically comment at the endof the day, so you know,
if it's too good to be true, if suddenly it falls out of
the sky, and then there's alot of pressure like Jerry Gott Oh,
(11:18):
yeah, they want you to buythings in advance that you're supposedly going to
be reimbursed for, you know,all extremely likelyhood of indication of scam.
And they send him a check andof course it was a bad check,
so that that was another revenue.Of course it was a bad check.
Six. So don't trust any ofthis. No, don't trust any other
(11:41):
great, that's it. Just turnoff the computer at face to face meetings.
I guess we'll go back old schoolto comrement this from Mavity six forty
seven. One more time with techFriday's Day Hatter cyber attack on Change Healthcare
six fifty two. If you havekar City Talk station, Tech Friday Day
Hat or interest it cyber attacks onChange Healthcare. We got another one of
(12:03):
these men the healthcare entities and reallygetting whacked with hacks of late. Yeah.
I wanted to touch on a couplestories here because they make two important
points. First off, as youmentioned, Brian Healthcare organizations continue to be
attacked not only because they're a sourceof money, but they're also a source
(12:24):
of valuable information that can be usedfor extortion later, whether it's extorting the
company who lost the information or theindividuals whose information has been stolen. And
this is one of the reasons whyI am in a state of constant frustration,
Brian, trying to get people totake this seriously. There's several reasons.
I'll hit them all on this segment, but first off, as a
(12:45):
consumer, and I'm happy to sayKentucky has now passed the Kentucky Consumer Data
Privacy Law. It's not perfect,but it's a huge step in the right
direction. Most of the states aroundOhio have passed one. Ohio has not.
They have one in the works,I will tell you, Brian,
in most cases Ofhiowa's way ahead ofKentucky on anything related to cyber But you
(13:05):
guys need to catch up here.And you know, when your data is
stolen from any company, not justhealthcare, you know you get the letter.
I'm sure every one of your listenersand probably yourself, Brian, and
I know I've gotten numerous ones,get the letter. All your data has
been stolen here's some free credit monitoringfor a year. Good luck. And
we as consumers are the ones thatsuffer the consequences of your data being out
(13:26):
there now, which could be usedfor identity theft, impersonation, all kinds
of nefarious things. And sometimes theywill try to extort you as an individual.
You know, they'll say, hey, we have this data, We're
going to release it if you don'tpay us. So there's all kinds of
consequences to you as a consumer.But with these healthcare attacks, they're indicative
of the nature of our critical infrastructure. So the other story, which I
(13:50):
didn't email you, but I happento just remember as we were getting prepared
for this segment, cyber attack forcesa big US health system to divert ambulances
and take records offline. This isa different hospital chain. That's not the
first time this has happened. Wetalked many years ago about the first known
death as a result of a Germanhospital offline and a patient died when they
(14:11):
had to go to a different hospital. You know, attacks in the real
world as a result of cyber attacksor damage rather in the real world are
increasingly common, and that change healthcareattack apparently a third of all Americans perhaps
had their data stolen, and itwas because of stolen credentials, use your
name and password, people using thesame password on multiple sites probably, and
(14:33):
no multi factor authentication, which wehave been talking about for ten years.
Brian, Oh, yeah, it'sa recommendation of every government agency. It's
a recommendation of every major tech company. So your data has spin stolen.
And now this other attack to shutthe hospital down as Sension Health system.
It looks like a ransomware attack.So their systems are down, they can't
help you, they can't run theirbusiness. It's costing millions a change healthcare
(14:56):
thing again, different story. Lookslike they're out about a billion dollars so
far. Who's going to pay forthat. You're going to pay for it
as a consumer because you're a datait was leaked. You're going to pay
for it as a consumer because they'regoing to increase your prices and your insurance
may go up, et cetera.And these attacks are increasingly impacting the kinetic
(15:16):
or kinetic attacks in the real world, and all because organizations just continue to
not do the most basic things likemake sure you follow the simple practices there
are organizations like the Center for InternetSecurity that have basic guidelines you can follow.
Microsoft and their most recent yearly reportgave five things, and I love
(15:39):
the way they did it. Ifyou do these five things and they showed
it on a bell curve, it'llstop ninety nine percent of all attacks.
And it's the same stuff we talkabout all the time. Have a good
backup, use multi factor authentication,simple stuff. But we see over and
over again it's not done. Yourdata is stolen, you're impacted as a
consumer. But increasingly in the realworld now we're having devastating consequences that are
(16:03):
only going to get worse. Youknow, you've seen Director Ray say he
thinks, you know, the ChineseCommunist Party has infiltrated systems all across the
country and are just waiting for theright time to push the button. He's
also said that he thinks that theChinese Communist Party has a fifty to one
advantage in terms of their hacking capabilitiesto the US. We have got to
take this stuff seriously. I knowwe're out of time, but just yesterday
(16:25):
Brian got a call from a companyhere locally unfortunately ransomware. Now I want
to be clear, there's nothing youcan do that is one hundred percent effective.
You cannot be impervious to this stuff. But there's a lot of simple,
low cost things you can do thatwill make you a much more difficult
target. This particular company totally down. Their backups appear to be encrypted.
(16:47):
They got a major problem on theirhands. I mean they could be down
for weeks. They may never recover. It's hard to say. So these
two stories, in my mind,point out the danger to everyone as consumers.
But the companies have got to takethis seriously. Yes, it's not
just now that your business is damaged, were perhaps destroyed, but it has
real world impacts on our entire societyperiod exclamation point underscore in bold they've had
(17:14):
always a pleasure, frightening as hell, but we got you here, so
people start heeding your advice. Dowhat day, says I hope So,
Brian, you know, I'll putall this in the show outs and while
in trust would love to help youeven if you don't want to work with
us, can't work on the store, there are companies out there that will
help you take care of these things. Please, please, please, people
take this stuff seriously. Amen,that's a good point Dave. He says,
(17:36):
it doesn't even have to be interestit well, we thank you for
sponsoring the segment of bringing this toour attention every week until next Friday.
My friend, have a wonderful weekend. We'll talk in a week. It's
always my pleasure, Brian. Thanks
Fifty five kr CD talk station.Happy Friday. Always made half here with
this segment. Look forward to itevery week. Brought to you by Intrust.
It the best cord of the businesscareer for your solving and dealing with
your computer related business challenges. DaveHatter is the principle there and it's in
his company. And I appreciate Dave. You appreciate you, uh and interest
(00:22):
I for sponsoring this very informative andoften frightening segment. Welcome back and Happy
Friday. Brother. Hey Brian,always good to be here in this kind
of this topic, this AI generatorreviews fooling humans and detectors. I was
commenting earlier, you know, Ijust I just look at it from my
perspective as a you know, anow recovering attorney, the evidentiary realities of
(00:44):
being in court. And I'm thinking, like on along a criminal trial where
you know, reasonable doubt reasonable,and if there's some piece of evidence,
video camera, ring camera footage,a recording of a voice, as you
have talked talked about time and timeagain, it's easy to clone it.
We are never going to believe anything. We can't believe our eyes or our
ears anymore. Yeah, that's wherewe're at, and it's been a concern
(01:07):
of mine for some time. Youknow, you and I have talked about
this for years, but I thoughtthis story was kind of interesting. You
know, online reviews have also comeunder fire for a long time, well
long before you know generative AI andchat GPT tools that produce this stuff.
But because let's face it, ifyou are a person that doesn't understand the
review could be fake, and someonegoes out and generates a bunch of fake
(01:30):
reviews for their product or service,it looks good to you, right,
yep. So the fake the fakereview thing has been around for a while.
But now with these synthetic media toolslike chat GPT, you can crank
out enormous amounts of text at scale. I mean, you can use an
API to automate this process, soyou know, if you know what you're
doing, you could generally generate alarge number of incredibly authentic sounding reviews very
(01:53):
quickly. And this recent study,which I thought was really interesting because it
gets into some pretty some pretty intricatedetail, shows that most people when they
look at these reviews, can't tellnot only whether they're fake in general,
but whether they've been generated by somesort of generative AI tool. Again,
think of things like chat GPT,Google's, Gemini, X's Rock, Microsoft
(02:19):
Copilot, and there are others outthere. So they said three hundred and
one participants split into two studies,the average ages forty seven and fifty percent
were female. That all native Englishspeakers from United States, Canada, UK,
Ireland and Australia. This is whereI think it gets so interesting.
And study one participants were showing amix of real YELP reviews and AI generated
counterparts created by chat GPT. Theycorrectly identified the source only about fifty percent
(02:45):
of the time. Now the secondstudy, everything was generated by chat GPT
and they only got it right sixtyfour percent at the time. So it's
it's pretty interesting to me that whenyou had at all AI reviews, people
(03:06):
just couldn't tell at all. AndI'll also point out, Brian, because
we've talked about this, there aremany companies out there who have been trying
to create tools that can tell youwhether something was generated through AI. One
of the probably more well known onesout there is called no GPT right play
off the GPT. And by theway, for folks out there listening and
(03:28):
hearing this GPT all the time.It just means generative pre trained transformer.
It's the way the large language modelworks that produces the output. So you
can take your synthetic media generated byone of these tools, paste it into
this and it tries to tell youif it was created by an AI tool
or not. Now, the studythey used one of these tools to do
(03:51):
it, not this one in particular, it didn't do much better. And
I can tell you from playing withthis. I have literally fired up chat
GPT for had it write something,paste it directly into this box with no
edits by me whatsoever, and ittell me it was like seventy four percent
likely it was written by chat CHEPT. Well it was one hundred percent because
(04:13):
I literally copied and pasted it in. So you know, when people tell
you these you can use these toolsto detect it and you know that something
was certainly written by an AI.There's just no way to know at this
point. So you know, itgoes to show on two fronts. A
you can't believe online reviews, andI think the credibility of them will further
(04:35):
go down because of these tools andthe ability to easily create very realistic sounding
content quickly and then be going backto your point, we are at a
place where you can't believe your earsor eyes. You've got voice cloning,
you've got the ability to create veryrealistic videos, you can create text,
and you know the impact on oursociety is going to be Substantialum. Anyways,
(04:56):
you mentioned the legal angle. Youknow we've already seen a case now
where someone used as a defense,oh I was deep faked. And just
again for terminology purposes, you've gotgenerative aye tools like chat GPT. They
create synthetic media. Synthetic media couldbe text, it could be audio,
could be video. It's something createdentirely by the computer. And then when
(05:19):
you hear the term deep fake,and that is a specific type of synthetic
media. Sorry, that has somekind of negative, you know, dubious
purpose. It's designed to be tofool somebody rather than I just want to
write something using chat SCHEPT. SoI think this study just goes to show
(05:40):
you that we're headed into a placewhere it's going to get harder and harder
to know what's real and what's notreal, and it has the potential to
cause some major societal up people aspeople use these to frame someone, yes,
to say I didn't do something,you know, exactly exactly. Here's
a video of me in Poughkeepsie,Iowa, on the day you said I
(06:00):
murdered my wife here in Cincinnati.Right, Yeah, it's gonna goes both
ways. Let's pause, We'll bringDave tenfoil hot Dave, or we'll report
Dave back. Thanks Interest, IT for this scaring the crap out of
me on our Future six sixty two. But about krcity talk station Interest I
T dot com where you find dave'vehatter. If you're a business, you've
got a computer, you need them? All right? More scams and I
(06:25):
personalized job scams. What's the storyon this one day? Yeah, so
the headline about this, which Ithought was timely with people graduating from college
looking for jobs and just people lookingfor jobs in general. Because job scams
are something they've been around for along time, they shift constantly. The
FBI has got some great information ontheir website, Internet Crime Complaints Center IC
(06:46):
three dot gov, as do othergovernment agencies warning about this. And I
mean, if you think about it, Brian, how scummy is it to
try to scam someone while they're lookingfor a job. In most cases,
you know they probably are already stressedout in the yes process. In many
cases, you know they might behaving financial issues, and now you're gonna
(07:09):
make their problems even worse by dumpingon them with some kind of scam.
So again, I thought this wastimely because of the college graduations and you
know former students now looking to getinto the workforce, and there's so many
different ways they'll come at you.For example, Uh, there's the whole
concept in cybercrime called search engine poisoning. I think we've talked about it before,
(07:31):
but there's nothing that would stop me, as a criminal from trying to
add legitimacy to whatever I'm doing bygoing to Google or Microsoft with their being
search engine or any search engine,and legitimately registering keywords and running ads on
their platform. And I think everyonethat I hope everyone that listens knows.
You know, in the old days, it was really clearly delineated what was
(07:54):
a paid link and what was anorganic link something that showed up just because
it ranked well. Right, that'sharder and harder to tell. So I
pay to get something in Google.And now let's say you're searching for a
job. Something pops up, it'son Google. You don't realize that a
criminal has literally paid to have itrank. It feels authentic and legitimate,
(08:16):
especially because it's on Google. Youclick the link and now you're down the
rabbit hole or in a similar vein. And in addition to that, I
might go to legitimate job sites likeMonster or Dice or glass door or any
number of legitimate job sites and spendmoney to post a fake job ad because
as a criminal, I know you'renot thinking, Wow, someone that's going
(08:37):
to post bogus stuff on glass doorand pay for it, So you know
they're gaming the system, and they'recreating authenticity and legitimacy by using legitimate sites
to make their bogus stuff seem morelegitimate. So maybe I go to Google,
I click a link, it takesme to a bogus site. I
use a job site, takes meto a bogus site. Now they got
(08:58):
me in their funnel. Will usuallywork something like this, Brian, I
found this great job, and allI need to do is take some training
in advance or buy some equipment inthere, and then I will be reimbursed
for it later. That's exactly whathad to my son. Yeah, it
was last year or whatever. Ican't remember. He was he wanted to
(09:20):
get additional part time work because he'skind of a freelancer, and he had
this company. Yeah, we wantto hire you. He looked into the
company. It appeared legitimate. Itwas a scam, and he knew,
I mean, it was a giantred flag the minute they said, you
need to get a computer. Soit's only for us. It's you know,
independent, it doesn't any connection withthe outside world. And I understand
some businesses require that, but theyinsisted he acquired this computer from some entity
(09:46):
in Texas and they promised you thereimbursement. It's like, you know,
hang up the phone. I mean, it's brilliant. Ultimately, that was
the conclusion, and then they threatenedhim with death when he when he refused
to When he refuse to go throughwith it, they said, yeah,
you know what, we're going toafter you and you keep your eyes peeled
and you know mind you're six orsomething along those lines, because you didn't
follow through with this. So youknow, well, we just turned it.
(10:09):
We could turn it into the FBI, and they said, oh,
this happens all the time, andseriously, do not take that complaint seriously
that you know, Ryan, SoI want to come back to that.
I'm glad you turned it in again. Internet Crimecomplaints Center dot gov. I'll
link that in my notes from theday's show. This is why it's important
for people to report these kind ofthings, is because over time, patterns
emerge, and then the FBI andother agencies can put out public service announcements
(10:33):
to warn the public about this.You know, if there's only one or
two, that's one thing. Butwhen you see hundreds of these coming in
because people say, you know,I might be embarrassed, i might feel
ashamed or whatever, but I'm goingto report it anyway, You're doing the
rest of society a real favor bydoing that. Obviously, you know,
any unsolicited job offer that seems toogood to be true probably true. I
will remind folks, you know,as part of their scam, they'll create
(10:56):
doppelganger websites, they'll set up LinkedInprofiles, they'll look up the name of
real people from legitimate companies or LinkedIn, and they'll use these online tools to
create legitimacy. And then they justrun a calm on you because you know,
they're they're basically comment at the endof the day, so you know,
if it's too good to be true, if suddenly it falls out of
the sky, and then there's alot of pressure like Jerry Gott Oh,
(11:18):
yeah, they want you to buythings in advance that you're supposedly going to
be reimbursed for, you know,all extremely likelyhood of indication of scam.
And they send him a check andof course it was a bad check,
so that that was another revenue.Of course it was a bad check.
Six. So don't trust any ofthis. No, don't trust any other
(11:41):
great, that's it. Just turnoff the computer at face to face meetings.
I guess we'll go back old schoolto comrement this from Mavity six forty
seven. One more time with techFriday's Day Hatter cyber attack on Change Healthcare
six fifty two. If you havekar City Talk station, Tech Friday Day
Hat or interest it cyber attacks onChange Healthcare. We got another one of
(12:03):
these men the healthcare entities and reallygetting whacked with hacks of late. Yeah.
I wanted to touch on a couplestories here because they make two important
points. First off, as youmentioned, Brian Healthcare organizations continue to be
attacked not only because they're a sourceof money, but they're also a source
(12:24):
of valuable information that can be usedfor extortion later, whether it's extorting the
company who lost the information or theindividuals whose information has been stolen. And
this is one of the reasons whyI am in a state of constant frustration,
Brian, trying to get people totake this seriously. There's several reasons.
I'll hit them all on this segment, but first off, as a
(12:45):
consumer, and I'm happy to sayKentucky has now passed the Kentucky Consumer Data
Privacy Law. It's not perfect,but it's a huge step in the right
direction. Most of the states aroundOhio have passed one. Ohio has not.
They have one in the works,I will tell you, Brian,
in most cases Ofhiowa's way ahead ofKentucky on anything related to cyber But you
(13:05):
guys need to catch up here.And you know, when your data is
stolen from any company, not justhealthcare, you know you get the letter.
I'm sure every one of your listenersand probably yourself, Brian, and
I know I've gotten numerous ones,get the letter. All your data has
been stolen here's some free credit monitoringfor a year. Good luck. And
we as consumers are the ones thatsuffer the consequences of your data being out
(13:26):
there now, which could be usedfor identity theft, impersonation, all kinds
of nefarious things. And sometimes theywill try to extort you as an individual.
You know, they'll say, hey, we have this data, We're
going to release it if you don'tpay us. So there's all kinds of
consequences to you as a consumer.But with these healthcare attacks, they're indicative
of the nature of our critical infrastructure. So the other story, which I
(13:50):
didn't email you, but I happento just remember as we were getting prepared
for this segment, cyber attack forcesa big US health system to divert ambulances
and take records offline. This isa different hospital chain. That's not the
first time this has happened. Wetalked many years ago about the first known
death as a result of a Germanhospital offline and a patient died when they
(14:11):
had to go to a different hospital. You know, attacks in the real
world as a result of cyber attacksor damage rather in the real world are
increasingly common, and that change healthcareattack apparently a third of all Americans perhaps
had their data stolen, and itwas because of stolen credentials, use your
name and password, people using thesame password on multiple sites probably, and
(14:33):
no multi factor authentication, which wehave been talking about for ten years.
Brian, Oh, yeah, it'sa recommendation of every government agency. It's
a recommendation of every major tech company. So your data has spin stolen.
And now this other attack to shutthe hospital down as Sension Health system.
It looks like a ransomware attack.So their systems are down, they can't
help you, they can't run theirbusiness. It's costing millions a change healthcare
(14:56):
thing again, different story. Lookslike they're out about a billion dollars so
far. Who's going to pay forthat. You're going to pay for it
as a consumer because you're a datait was leaked. You're going to pay
for it as a consumer because they'regoing to increase your prices and your insurance
may go up, et cetera.And these attacks are increasingly impacting the kinetic
(15:16):
or kinetic attacks in the real world, and all because organizations just continue to
not do the most basic things likemake sure you follow the simple practices there
are organizations like the Center for InternetSecurity that have basic guidelines you can follow.
Microsoft and their most recent yearly reportgave five things, and I love
(15:39):
the way they did it. Ifyou do these five things and they showed
it on a bell curve, it'llstop ninety nine percent of all attacks.
And it's the same stuff we talkabout all the time. Have a good
backup, use multi factor authentication,simple stuff. But we see over and
over again it's not done. Yourdata is stolen, you're impacted as a
consumer. But increasingly in the realworld now we're having devastating consequences that are
(16:03):
only going to get worse. Youknow, you've seen Director Ray say he
thinks, you know, the ChineseCommunist Party has infiltrated systems all across the
country and are just waiting for theright time to push the button. He's
also said that he thinks that theChinese Communist Party has a fifty to one
advantage in terms of their hacking capabilitiesto the US. We have got to
take this stuff seriously. I knowwe're out of time, but just yesterday
(16:25):
Brian got a call from a companyhere locally unfortunately ransomware. Now I want
to be clear, there's nothing youcan do that is one hundred percent effective.
You cannot be impervious to this stuff. But there's a lot of simple,
low cost things you can do thatwill make you a much more difficult
target. This particular company totally down. Their backups appear to be encrypted.
(16:47):
They got a major problem on theirhands. I mean they could be down
for weeks. They may never recover. It's hard to say. So these
two stories, in my mind,point out the danger to everyone as consumers.
But the companies have got to takethis seriously. Yes, it's not
just now that your business is damaged, were perhaps destroyed, but it has
real world impacts on our entire societyperiod exclamation point underscore in bold they've had
(17:14):
always a pleasure, frightening as hell, but we got you here, so
people start heeding your advice. Dowhat day, says I hope So,
Brian, you know, I'll putall this in the show outs and while
in trust would love to help youeven if you don't want to work with
us, can't work on the store, there are companies out there that will
help you take care of these things. Please, please, please, people
take this stuff seriously. Amen,that's a good point Dave. He says,
(17:36):
it doesn't even have to be interestit well, we thank you for
sponsoring the segment of bringing this toour attention every week until next Friday.
My friend, have a wonderful weekend. We'll talk in a week. It's
always my pleasure, Brian. Thanks
Brian Thomas News
Popular Podcasts
Dateline NBC
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com
24/7 News: The Latest
The latest news in 4 minutes updated every hour, every day.
Therapy Gecko
An unlicensed lizard psychologist travels the universe talking to strangers about absolutely nothing. TO CALL THE GECKO: follow me on https://www.twitch.tv/lyleforever to get a notification for when I am taking calls. I am usually live Mondays, Wednesdays, and Fridays but lately a lot of other times too. I am a gecko.