Cybersecurity expert Mike Fitzpatrick returned as he and BZ spoke about Russian cyberattacks aimed at the United States, what can be expected, how affective could they be, at what are the Russians aiming, and any other "actors" that may be involved.
Plus, the Chicago Death Toll, and Happy Stories!
One of the last featured shows in Kalifornia, BZ will becoming back after he rebuilds the SHR Media studio in an actual free state!
Our website is always up at http://SHRMEDIA.COM!
Plus, the Chicago Death Toll, and Happy Stories!
One of the last featured shows in Kalifornia, BZ will becoming back after he rebuilds the SHR Media studio in an actual free state!
Our website is always up at http://SHRMEDIA.COM!
Mark as Played
Transcript
Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
(00:00):
Well, Mike Fitzpatrick, you saidthat eventually, I mean, in truth,
this ends up saving money. Cybersecurityends up saving money in the long
rum or long run. Well,there I am thinking alcohol again in the
long rum. In the long run, it's like the mechanic in the old
I think it was a shell commercialwhere the mechanics as later can pay me
(00:22):
now or you can pay me later. Well a mortgage, Well, we
had a mortgage company that we thatwe worked with from day one. We
built their cybersecurity policies, their programs, did their initial assessments for six years.
And one afternoon I'm pumping gas andget a call from Dave and he's
(00:43):
going, hey, do you rememberthat cybersecurity assessment, the internal assessment that
you wanted us to do? AndI said yeah, and he said,
I need to get that done.Okay, So when do you need to
have it done by day? Tuesday? Now? It was Thursday afternoon at
(01:03):
two o'clock. And I said,you know, it's been about a year
since we had a look. Howand I know your environment's grown considerably over
the last year. How many serversare we talking about now? He said,
well, we've got nine hundred andseventy six servers. What I said,
(01:26):
how many how many routers and switchesdo you have? Now we have
four hundred of each, So okay, how many firewalls? Well, we've
got four firewalls and we've got thenew data center over in Arizona. And
I said, okay, I said, what is going on? What's prompted
(01:49):
that? And he says, wehave an opportunity with a new bank to
provide their loan services, and theauditor from the bank is coming on Wednesday
and we need to have the internalassessment done. So after I said,
(02:13):
let me get back to you,talk to my team. We went through
and we put together three two menteams that ran a twenty four hour shift
going through and scanning and testing,scanning and testing, writing, scanning and
testing, writing, scanning and testing. And so Monday evening we handed over
(02:37):
to them their internal assessment for draftand final changes. We made those final
changes Tuesday afternoon and Wednesday morning whenthe auditor arrived, they were able to
go through the report see how wellthey were doing, and then they approved
(03:00):
them for the loan servicing business ona ten year contract at get this easy,
two billion dollars a year in servicefees. Okay, stop stop stop
stop stop to B with a B. This is a B. Two billion
(03:23):
dollars and this is not doctor evilhere. Two billion dollars a year to
you, no, not to me, to the mortgage company of our client,
to our client. So, becauseof the work that they did in
cybersecurity, because of the effort thatthey put into it, oh, the
(03:45):
real effort to really build a cybersecurityprogram within the operation, the bank felt
comfortable enough to provide the business tothem and have them be their loan servicing.
Are okay, so they're home loans. That was their landing the big
fish, courtesy of you, correctfrom the courtesy of the work that we've
(04:12):
done and those those kinds of projectswhere we see them over time and we
see them successful. Quite frankly,that's the part that excites us. It
excites us when they improve, whenthey start to get strong. We're really
we're really the coach. I mean, we're not the hero of the story
(04:34):
where the Obi wan or the Gandolfof the story. You know, we're
the guide along the way. We'rethe ones that helped make the hero better.
Well, that's everyone has to havea percentile of job satisfaction, or
(04:55):
they don't want to do the jobin the first place. I got about
fifteen minutes left and I saved thebig dog for last. This is the
biggest elephant in the room. Thisis the scariest elephant in the room.
And I would like your thoughts onthis. And it's come up recently and
(05:20):
it sounds remarkably similar to this.Intelligence agencies are warning of cyber threats from
Russia and are urging US critical infrastructuredefenses to be reinforced. As CBS is
Bill Whitaker reported on Sunday Night sixtyMinutes, it wouldn't take much to throw
the entire country into darkness. Thegrid is a sprawling target. There are
(05:43):
actually three in the US, theeastern Western and Texas has its own.
Most of US rarely notice substations.There are fifty five thousand across the country,
each housing transformers the workhourses of thegrid. Inside these massive metal boxes,
raw electricity is converted to higher orlower voltages. Should a transformer explode,
(06:11):
like this one in Manhattan during SuperstormSandy, the system is designed to
trigger a localized grid preserving blackout,but if several sections of the grid go
down at the same time. Theshutdowns can cascade like dominoes. That's what
set off the Great Northeast Blackout intwo thousand and three, leaving forty five
(06:34):
million Americans without power. A fewmonths before the assault on Metcalf, John
Wellinghoff of FERK commissioned a study tosee if a physical attack on critical transformers
could trigger cascading blackouts. It wasactually a very shocking result to us that
there's a very few number of substationsyou need to take out in the entire
(06:58):
United States to knock out the entiregrid. Knock out the entire grid,
that's correct. How many would ittake to knockout putting the entire country in
a blackout? Less than twenty?And Bill Whitaker joins us, now,
so build just twenty substations to knockout the entire system. I mean,
that's unbelievable. But your reporting isit could be even less than that.
That's right, Nora. That reportwas from twenty thirteen, and it actually
(07:20):
found the number was even lower.Nine taking out just nine critical substations could
blackout the whole country. We weretold by multiple sources that the number has
not changed much. That less thantwenty is a fair assessment. Well,
what can the government do or anybodydo about this. Spend money, and
spend it on two things. Oneto increase the capacity of these high powered
(07:43):
transmission lines so you decrease their vulnerabilityto large scale blackouts. That's already happening
through the administration's new infrastructure build Andtwo invest in better security. But that's
not happening right now. Remember thecountry's three thousand power companies. They're in
the business of selling electricity, notnational security. And this last point is
(08:03):
really important because the threat is real. Just last week, three white supremacists
pleaded guilty to plotting to attack powergrids throughout the country, and they had
a plan to hit critical substations simultaneouslyto cause a massive blackout. Quite scary.
Bill Whitaker, thank you. It'skind of interesting that they use the
(08:24):
proverbial white supremacists. I don't wantto talk about the physical security. We've
had guys that have shot at transformers, blah blah blah blah blah. I'm
interested in you know that story,You've told that story before here. I'm
interested in number one, what's thelikelihood in your estimation of something similar to
(08:48):
this occurring by way of a singleactor Russia, China, or perhaps in
concert with a number of actors pointedlytargeting our infrastructure, specifically our power system,
our power grid. Well, let'slook at it this way. Our
(09:15):
greatest strength as a nation is ourtechnology and what we're able to do and
accomplish with technology. It's also ourgreatest achilles heel yep as well. You
know, so you know, anythingis possible, whether whether it's a cyber
(09:37):
attack er, you know, Godforbid, they launch renewkes one off the
east coast, one out of theGulf, and one off the west coast.
Mid air explosion, the EMP willtake out everything and we're all back
to the eighteen hundreds. We've spokenabout this briefly, and before the show
(10:00):
it entered into my brain housing groupbecause I wasn't planning to ask this question,
but I remembered something from the lasttime that you were here. You
mentioned that hackers are odd little ducks, and they can take umbrage at the
strangest things, and they're pretty tolerantof hacking until there's some little bit of
(10:26):
criticality that pisses them off as anindividual, and their hackles are raised and
they'll go into a defense mode.You gave a couple of examples of that.
So if if, for example,Mike Fitzpatrick, there was a concerted
cyber attack, I don't know,let's say by Russia, are there white
(10:48):
hats here in the US, orpeople kind of aligned with the US who
might take it upon themselves to tryto dive vert or attack back at the
original attacker, in other words,to try to help the US. Do
people like that exist? There arepeople that would probably do that. There's
(11:11):
actually now corporations starting to embrace theidea of a hack pack strategy when when
they get hacked, their teams wouldbe on the offensive and going back over,
going back at the hackers that we'reattacking them. So it gets to
(11:35):
be interesting because, you know,in cyberspace, then you've just got all
this, You've got all out warin cyberspace, and there's no rules to
it at all. Anything goes Soto your point, I you know,
based upon the hackers that I've metwith and those that practice the art form,
(12:00):
I you know, a lot ofit seems to be agenda driven from
a personality standpoint. What their interestsare, what they think is right,
what they think is wrong and ahack back kind of approach. You know.
One of the things is Zelensky inUkraine is doing. He is really
(12:22):
trying to muster a cyber army tostrike back at Russia. So it's interesting
to see how that will play becauseit's never been done before. But wouldn't
you suspect that there would be therewould be sympathizers who would want to get
on board with him simply because nowhe's perceived as the underdog on the global
(12:46):
stage. It wouldn't surprise me abit busy now, but we hear of
it, but we're not necessarily seeingproof of it. Okay, do it?
You know? So I want totry. I want to try to
stay with what we're actually seeing andwhat is actually going on, because a
(13:11):
lot of times the truth is definitelymore interesting than the theater of the mind
on this kind of thing. Thisreminds me, speaking of theater of the
mind. One of the things Iwant to do when I come back is
I want to sit down with youand discuss your interactions with hackers, because
I bet they are some weird turtlesout there that in and of themselves are
(13:35):
pretty interesting little units. And Ithink it'd be fascinating. It'd be fascinating
topic for a show. And Ibet you got a lot of insight about
that. Let's do it. Okay, when I come back, by God,
let's do it. Let me askthis. I only got time for
about two or three more questions beforewe wrap up the show. In terms
(14:00):
of cyber attacks, who are themost effective nations? Russia? You know,
yeah, China, North Korea.They're each different in their own ways.
You know, probably about fifteen yearsago, we started seeing, you
(14:24):
know, through our Managed Services Group, we started seeing China start to map
electronic assets here in the United States. And I'm what I mean is when
I mean map, they are basicallywe're searching for every network that they could
(14:45):
find, regardless of what the businessis, what it does. There was
no rhyme or reason. It justseems to be a gathering of reconnaissance.
I reached out to a friend ofmine in the FBI Cyber Time Unit and
asks the question. He says,yeah, every day, that's what's going
on. Now. We don't seethat necessarily with Russia as much. They're
(15:11):
more of asymmetrical warfare group that findstargets, recons targets and attacks targets.
It's not as methodical as the Chinese. The Chinese cyber Army is a million
people. That number is astounding inand of itself. No, I don't
(15:39):
even know that we have that manyIT people. So it's it's a staggering
number that they have. Just onthe cyber side. Our guys on the
Air Force, the cyber threat hunterswithin the Air Force, and the security
people cybersecurity people within the Air Force, which is where our cyber teams are.
(16:03):
They are fantastic. They are someof the best and most intelligent people
I've ever met as far as thehackers are concerned. My favorite, my
favorite hackers story is, uh,when I was at Defcom, which is
the hackers conference in Las Vegas,and they'll let you go. They'll let
(16:26):
you go. I mean yeah,I mean it's you know that you got
silly games. The early days ofthis were far more fun than than they
are today. In my opinion,today it's too corporate. But you know,
yes, hackers are there. Yes, are there cybersecurity professionals there,
Yes, are there Feds there.Yes. Matter of fact, that he
(16:52):
used to play a game called spotthe Fed. You know, so so
I'm setting there at a press conferencebeing held by e f F, which
is, you know, kind ofthe acl U of digital civil liberties without
the political bent of the a cl U Electrical Frontiers Foundation something like that.
(17:17):
Yes, Yes, Electronic Frontiers Foundationand great group fight the good fight.
And they were there talking about,you know, a gag order or
you know that was put upon someresearch related to how hackable Boston's mass transit
(17:38):
system is. And they were supposedto present at def Con and black Hat,
which is the corporate conference at thesame time. And myself and one
of my guys were sitting there listeningto this, and this dude that's clearly
a hacker shows up in common thatboots fatigues black T shirt. He reaches
(18:04):
into his high pocket and he pullsout, you know, a bottle of
Jack Daniel, and he's got aseven up and he hours it in he's
got his mixer, and then helooks over at us and he offers us
the ball you guys want to tug. So it's it's one of those kinds
(18:29):
of conferences. I love. Ilove def Coon because there's really no rules.
I love the fact that I'm ableto attend a lock picking class and
how to actually pick locks and beefficient at it. That you know,
there's other there's other classes on howto manipulate electromagnetic locks. It's it's astounding
(18:56):
some of the information and the detailthat is presented at these conferences. The
first quad rot or drone I eversaw in my life was at def Coon
and it had to be snuck intothe country by two hackers out of France.
Wow. So it's an interesting groupof people that pushed the boundaries in
(19:22):
so many ways. And again theyhave different, different perspectives, different opinions.
That particular Defcon conference that I'm talkingabout, one of the greatest hacks
I've ever seen in my life happenedthat weekend. A group of hackers roll
(19:45):
in an ATM machine and placed itan ATM machine into the conference room,
into the casino at the Riviera.They place it where there are no security
(20:06):
cameras and guess where that might be, right in front of the security office.
Okay, So the machine dispenses cashfor a period of time and then
it runs out of cash. Meanwhile, it continues to skim credit cards and
on the back end, the hackersare now getting all the credit cards with
(20:27):
pin numbers, and now they're goingback to an empty bank accounts afterwards.
But it was done right under thenose of security at the Riviera Hotel,
and that's a huge problem in California. Skimmers at gas stations. Yep,
(20:52):
yep. I started, you know, quite frankly, using Apple Pay at
the gas station. It's a onetime pad, it's a one time code.
It's probably the most secure thing youcan do at a gas station is
used your cashless payment on through yourphone, probably the most secure these days.
I got to wrap it up,but for your time, well,
(21:14):
a couple of things. I thinkI will probably and I should know tomorrow
whether or not Scott Brown is definitelygoing to be here this coming Tuesday.
If Scott is there Tuesday, I'mgoing to see if Lonnie is clear and
available for Thursday the seventeenth. Soif Lonnie is available for the final show
on the seventeenth, I'm if Ihaven't wrapped up this place yet, would
(21:37):
you be interested in coming back forthe final California show if I can pull
it off on the seventeenth. SaintPatrick's Day with you and Lonnie Poindexter and
I imagine there would be some brownliquor involved. Is the middle one?
Oh that's Saint Patti's day. Ididn't know. Okay, well yeah,
(22:00):
so so I I you know,if that's the case, absolutely, if
if you were not able to pullit off, you know, California with
a K, We'll miss you,but you are headed to greener pastures and
a pre state and I'm going away. People will still be able to hear
me even though you will be outthere in the cold, crisp air of
(22:26):
Idaho. You know, those ofus that are left behind here will miss
you, will continue the fight.But you know, congratulations on the move
and the change of scenery. AndI can't wait to hear about the reports
from from the new place. Well, thank you very much. Before we
(22:47):
go, Mike Fitzpatrick, tell folkswhat you are CEO of and what you
guys do, and where you canbe found if they need to get in
touch with you. Okay, so, CEO and founder of nCX Group.
You can find us at ncxgroup dotcom. That's our website and that's probably
(23:07):
the best and easiest place to getin touch with us. And look forward
to helping anybody that we can froma cybersecurity perspective. Excellent, Mike Fitzpatrick,
Thank you ever so kindly, sir, and thank you for being here
tonight. We'll try for the seventeenth, but we're gonna have to play it
by year. You got to beasthanks a lot, be well, take
care already. Thank you kindly,sir. I'd like to talk very briefly.
(23:36):
Well, no, I'm not goingto talk briefly. I'm going to
let this guy tell you what hethinks of America for about a minute and
a half or so. This isa guy speaking from the heart, just
a blue collar kind of guy whoprobably has more smarts in his head than
ninety percent of the adults in DC. Get your thoughts on the whole Russia
(24:02):
and Ukraine situation. You know here, here's my first daughter is I'm not
going nowhere to fight none of thesewars for these politicians. I'm staying at
home. And when the Arkansas,I will dig my boots in the ground
and I will die for everything Ilove. And I will not retreat.
If this country is invaded and everybody'ssaying, well, we gotta we gotta
evacuate, we gotta leave, wegot I will not I will dig my
(24:26):
boots in the Arkansas soil, andI will fight for the people that I
love, for the land that Ilove, in the way of life that
I love. But I'm not goingoverseas to fight. I don't know what's
going on, to be honest,brother, I really don't. There's so
much stuff, and I don't thinknobody knows what's going on. Fully.
There's been so much political corruption inthat area. You got Biden and his
son making a shit ton of moneyoff of and using our tax dollars to
(24:51):
bribe their people. That's treason.This in my opinion. Uh so you
got hunter Biden and his son usingour tax dollars. Hey, if if
Ukrainian and if you don't do this, we're taking your tax dollars. He
shouldn't be giving our tax dollars tothat country anyways. We got veterans out
here sleeping on a street, andyou're gonna give our freaking tax dollars to
these Ukrainians. And I, brother, I don't know what's going on over
(25:12):
there, but I'm not going overthere and fighting. And God bless anybody
that's over there fighting. And Ihope that the shit just gets solved.
And man, I don't like war, you know what I mean. I
don't want people dying and all thatstuff. I don't want to be but
I don't know what's going on.There's so much stuff that I think that's
corrupted, that we just don't knowwhat's truly going on over there. And
I just I pray all those peopleare saying, smart guy. Well that's
(25:49):
it. One of the last showshere in California. So ladies and gentlemen,
boys and girls, children of allages, thanks for listening to the
Obbliviating Zeppelin's Bersert Bobcat Saloon radio showright here on the SHR Media network.
If you want to contact me orcan find me on Twitter at BZEP at
(26:11):
BZEP and Promotional consideration is by theLockheed Martin Skunkworks and the Boeing Company.
If it ain't Boeing, I ain'tgoing. T ours are buy my Little
Poet thanks to my personal Case onethirty five Kitto one refueling team, with
whom I will be in fact concertingten minutes or so. Then I won't.
(26:33):
Thanks to Mike Fitzpatrick for being here. Thanks to you for listening live
and also in podcast. I startedthe show in January of twenty seventeen.
For SHR, that's a long timeago, relatively speaking. I'm not going
away, I'm just changing locales.SHR will be here. I will be
(27:00):
here, and I'll be here Tuesdaynight next week, hopefully Thursday. Everybody,
God bless, take care, besafe, God Bless America. Everybody
quiet down now I'll get some sleep, and everybody. Good night, Mama,
not Ben, good night everyone,good night, Mama, can night,
Daddy, good night, Chowdren,good night, Daddy, good night,
(27:22):
Elizabeth, good night, Jim Blake, good night, Jimbob tonight,
Jimbob, good night, Jam.What's going on? I was asleep?
What's everybody doing? Good night?Night, good night, and good luck,
Well, Mike Fitzpatrick, you saidthat eventually, I mean, in truth,
this ends up saving money. Cybersecurityends up saving money in the long
rum or long run. Well,there I am thinking alcohol again in the
long rum. In the long run, it's like the mechanic in the old
I think it was a shell commercialwhere the mechanics as later can pay me
(00:22):
now or you can pay me later. Well a mortgage, Well, we
had a mortgage company that we thatwe worked with from day one. We
built their cybersecurity policies, their programs, did their initial assessments for six years.
And one afternoon I'm pumping gas andget a call from Dave and he's
(00:43):
going, hey, do you rememberthat cybersecurity assessment, the internal assessment that
you wanted us to do? AndI said yeah, and he said,
I need to get that done.Okay, So when do you need to
have it done by day? Tuesday? Now? It was Thursday afternoon at
(01:03):
two o'clock. And I said,you know, it's been about a year
since we had a look. Howand I know your environment's grown considerably over
the last year. How many serversare we talking about now? He said,
well, we've got nine hundred andseventy six servers. What I said,
(01:26):
how many how many routers and switchesdo you have? Now we have
four hundred of each, So okay, how many firewalls? Well, we've
got four firewalls and we've got thenew data center over in Arizona. And
I said, okay, I said, what is going on? What's prompted
(01:49):
that? And he says, wehave an opportunity with a new bank to
provide their loan services, and theauditor from the bank is coming on Wednesday
and we need to have the internalassessment done. So after I said,
(02:13):
let me get back to you,talk to my team. We went through
and we put together three two menteams that ran a twenty four hour shift
going through and scanning and testing,scanning and testing, writing, scanning and
testing, writing, scanning and testing. And so Monday evening we handed over
(02:37):
to them their internal assessment for draftand final changes. We made those final
changes Tuesday afternoon and Wednesday morning whenthe auditor arrived, they were able to
go through the report see how wellthey were doing, and then they approved
(03:00):
them for the loan servicing business ona ten year contract at get this easy,
two billion dollars a year in servicefees. Okay, stop stop stop
stop stop to B with a B. This is a B. Two billion
(03:23):
dollars and this is not doctor evilhere. Two billion dollars a year to
you, no, not to me, to the mortgage company of our client,
to our client. So, becauseof the work that they did in
cybersecurity, because of the effort thatthey put into it, oh, the
(03:45):
real effort to really build a cybersecurityprogram within the operation, the bank felt
comfortable enough to provide the business tothem and have them be their loan servicing.
Are okay, so they're home loans. That was their landing the big
fish, courtesy of you, correctfrom the courtesy of the work that we've
(04:12):
done and those those kinds of projectswhere we see them over time and we
see them successful. Quite frankly,that's the part that excites us. It
excites us when they improve, whenthey start to get strong. We're really
we're really the coach. I mean, we're not the hero of the story
(04:34):
where the Obi wan or the Gandolfof the story. You know, we're
the guide along the way. We'rethe ones that helped make the hero better.
Well, that's everyone has to havea percentile of job satisfaction, or
(04:55):
they don't want to do the jobin the first place. I got about
fifteen minutes left and I saved thebig dog for last. This is the
biggest elephant in the room. Thisis the scariest elephant in the room.
And I would like your thoughts onthis. And it's come up recently and
(05:20):
it sounds remarkably similar to this.Intelligence agencies are warning of cyber threats from
Russia and are urging US critical infrastructuredefenses to be reinforced. As CBS is
Bill Whitaker reported on Sunday Night sixtyMinutes, it wouldn't take much to throw
the entire country into darkness. Thegrid is a sprawling target. There are
(05:43):
actually three in the US, theeastern Western and Texas has its own.
Most of US rarely notice substations.There are fifty five thousand across the country,
each housing transformers the workhourses of thegrid. Inside these massive metal boxes,
raw electricity is converted to higher orlower voltages. Should a transformer explode,
(06:11):
like this one in Manhattan during SuperstormSandy, the system is designed to
trigger a localized grid preserving blackout,but if several sections of the grid go
down at the same time. Theshutdowns can cascade like dominoes. That's what
set off the Great Northeast Blackout intwo thousand and three, leaving forty five
(06:34):
million Americans without power. A fewmonths before the assault on Metcalf, John
Wellinghoff of FERK commissioned a study tosee if a physical attack on critical transformers
could trigger cascading blackouts. It wasactually a very shocking result to us that
there's a very few number of substationsyou need to take out in the entire
(06:58):
United States to knock out the entiregrid. Knock out the entire grid,
that's correct. How many would ittake to knockout putting the entire country in
a blackout? Less than twenty?And Bill Whitaker joins us, now,
so build just twenty substations to knockout the entire system. I mean,
that's unbelievable. But your reporting isit could be even less than that.
That's right, Nora. That reportwas from twenty thirteen, and it actually
(07:20):
found the number was even lower.Nine taking out just nine critical substations could
blackout the whole country. We weretold by multiple sources that the number has
not changed much. That less thantwenty is a fair assessment. Well,
what can the government do or anybodydo about this. Spend money, and
spend it on two things. Oneto increase the capacity of these high powered
(07:43):
transmission lines so you decrease their vulnerabilityto large scale blackouts. That's already happening
through the administration's new infrastructure build Andtwo invest in better security. But that's
not happening right now. Remember thecountry's three thousand power companies. They're in
the business of selling electricity, notnational security. And this last point is
(08:03):
really important because the threat is real. Just last week, three white supremacists
pleaded guilty to plotting to attack powergrids throughout the country, and they had
a plan to hit critical substations simultaneouslyto cause a massive blackout. Quite scary.
Bill Whitaker, thank you. It'skind of interesting that they use the
(08:24):
proverbial white supremacists. I don't wantto talk about the physical security. We've
had guys that have shot at transformers, blah blah blah blah blah. I'm
interested in you know that story,You've told that story before here. I'm
interested in number one, what's thelikelihood in your estimation of something similar to
(08:48):
this occurring by way of a singleactor Russia, China, or perhaps in
concert with a number of actors pointedlytargeting our infrastructure, specifically our power system,
our power grid. Well, let'slook at it this way. Our
(09:15):
greatest strength as a nation is ourtechnology and what we're able to do and
accomplish with technology. It's also ourgreatest achilles heel yep as well. You
know, so you know, anythingis possible, whether whether it's a cyber
(09:37):
attack er, you know, Godforbid, they launch renewkes one off the
east coast, one out of theGulf, and one off the west coast.
Mid air explosion, the EMP willtake out everything and we're all back
to the eighteen hundreds. We've spokenabout this briefly, and before the show
(10:00):
it entered into my brain housing groupbecause I wasn't planning to ask this question,
but I remembered something from the lasttime that you were here. You
mentioned that hackers are odd little ducks, and they can take umbrage at the
strangest things, and they're pretty tolerantof hacking until there's some little bit of
(10:26):
criticality that pisses them off as anindividual, and their hackles are raised and
they'll go into a defense mode.You gave a couple of examples of that.
So if if, for example,Mike Fitzpatrick, there was a concerted
cyber attack, I don't know,let's say by Russia, are there white
(10:48):
hats here in the US, orpeople kind of aligned with the US who
might take it upon themselves to tryto dive vert or attack back at the
original attacker, in other words,to try to help the US. Do
people like that exist? There arepeople that would probably do that. There's
(11:11):
actually now corporations starting to embrace theidea of a hack pack strategy when when
they get hacked, their teams wouldbe on the offensive and going back over,
going back at the hackers that we'reattacking them. So it gets to
(11:35):
be interesting because, you know,in cyberspace, then you've just got all
this, You've got all out warin cyberspace, and there's no rules to
it at all. Anything goes Soto your point, I you know,
based upon the hackers that I've metwith and those that practice the art form,
(12:00):
I you know, a lot ofit seems to be agenda driven from
a personality standpoint. What their interestsare, what they think is right,
what they think is wrong and ahack back kind of approach. You know.
One of the things is Zelensky inUkraine is doing. He is really
(12:22):
trying to muster a cyber army tostrike back at Russia. So it's interesting
to see how that will play becauseit's never been done before. But wouldn't
you suspect that there would be therewould be sympathizers who would want to get
on board with him simply because nowhe's perceived as the underdog on the global
(12:46):
stage. It wouldn't surprise me abit busy now, but we hear of
it, but we're not necessarily seeingproof of it. Okay, do it?
You know? So I want totry. I want to try to
stay with what we're actually seeing andwhat is actually going on, because a
(13:11):
lot of times the truth is definitelymore interesting than the theater of the mind
on this kind of thing. Thisreminds me, speaking of theater of the
mind. One of the things Iwant to do when I come back is
I want to sit down with youand discuss your interactions with hackers, because
I bet they are some weird turtlesout there that in and of themselves are
(13:35):
pretty interesting little units. And Ithink it'd be fascinating. It'd be fascinating
topic for a show. And Ibet you got a lot of insight about
that. Let's do it. Okay, when I come back, by God,
let's do it. Let me askthis. I only got time for
about two or three more questions beforewe wrap up the show. In terms
(14:00):
of cyber attacks, who are themost effective nations? Russia? You know,
yeah, China, North Korea.They're each different in their own ways.
You know, probably about fifteen yearsago, we started seeing, you
(14:24):
know, through our Managed Services Group, we started seeing China start to map
electronic assets here in the United States. And I'm what I mean is when
I mean map, they are basicallywe're searching for every network that they could
(14:45):
find, regardless of what the businessis, what it does. There was
no rhyme or reason. It justseems to be a gathering of reconnaissance.
I reached out to a friend ofmine in the FBI Cyber Time Unit and
asks the question. He says,yeah, every day, that's what's going
on. Now. We don't seethat necessarily with Russia as much. They're
(15:11):
more of asymmetrical warfare group that findstargets, recons targets and attacks targets.
It's not as methodical as the Chinese. The Chinese cyber Army is a million
people. That number is astounding inand of itself. No, I don't
(15:39):
even know that we have that manyIT people. So it's it's a staggering
number that they have. Just onthe cyber side. Our guys on the
Air Force, the cyber threat hunterswithin the Air Force, and the security
people cybersecurity people within the Air Force, which is where our cyber teams are.
(16:03):
They are fantastic. They are someof the best and most intelligent people
I've ever met as far as thehackers are concerned. My favorite, my
favorite hackers story is, uh,when I was at Defcom, which is
the hackers conference in Las Vegas,and they'll let you go. They'll let
(16:26):
you go. I mean yeah,I mean it's you know that you got
silly games. The early days ofthis were far more fun than than they
are today. In my opinion,today it's too corporate. But you know,
yes, hackers are there. Yes, are there cybersecurity professionals there,
Yes, are there Feds there.Yes. Matter of fact, that he
(16:52):
used to play a game called spotthe Fed. You know, so so
I'm setting there at a press conferencebeing held by e f F, which
is, you know, kind ofthe acl U of digital civil liberties without
the political bent of the a cl U Electrical Frontiers Foundation something like that.
(17:17):
Yes, Yes, Electronic Frontiers Foundationand great group fight the good fight.
And they were there talking about,you know, a gag order or
you know that was put upon someresearch related to how hackable Boston's mass transit
(17:38):
system is. And they were supposedto present at def Con and black Hat,
which is the corporate conference at thesame time. And myself and one
of my guys were sitting there listeningto this, and this dude that's clearly
a hacker shows up in common thatboots fatigues black T shirt. He reaches
(18:04):
into his high pocket and he pullsout, you know, a bottle of
Jack Daniel, and he's got aseven up and he hours it in he's
got his mixer, and then helooks over at us and he offers us
the ball you guys want to tug. So it's it's one of those kinds
(18:29):
of conferences. I love. Ilove def Coon because there's really no rules.
I love the fact that I'm ableto attend a lock picking class and
how to actually pick locks and beefficient at it. That you know,
there's other there's other classes on howto manipulate electromagnetic locks. It's it's astounding
(18:56):
some of the information and the detailthat is presented at these conferences. The
first quad rot or drone I eversaw in my life was at def Coon
and it had to be snuck intothe country by two hackers out of France.
Wow. So it's an interesting groupof people that pushed the boundaries in
(19:22):
so many ways. And again theyhave different, different perspectives, different opinions.
That particular Defcon conference that I'm talkingabout, one of the greatest hacks
I've ever seen in my life happenedthat weekend. A group of hackers roll
(19:45):
in an ATM machine and placed itan ATM machine into the conference room,
into the casino at the Riviera.They place it where there are no security
(20:06):
cameras and guess where that might be, right in front of the security office.
Okay, So the machine dispenses cashfor a period of time and then
it runs out of cash. Meanwhile, it continues to skim credit cards and
on the back end, the hackersare now getting all the credit cards with
(20:27):
pin numbers, and now they're goingback to an empty bank accounts afterwards.
But it was done right under thenose of security at the Riviera Hotel,
and that's a huge problem in California. Skimmers at gas stations. Yep,
(20:52):
yep. I started, you know, quite frankly, using Apple Pay at
the gas station. It's a onetime pad, it's a one time code.
It's probably the most secure thing youcan do at a gas station is
used your cashless payment on through yourphone, probably the most secure these days.
I got to wrap it up,but for your time, well,
(21:14):
a couple of things. I thinkI will probably and I should know tomorrow
whether or not Scott Brown is definitelygoing to be here this coming Tuesday.
If Scott is there Tuesday, I'mgoing to see if Lonnie is clear and
available for Thursday the seventeenth. Soif Lonnie is available for the final show
on the seventeenth, I'm if Ihaven't wrapped up this place yet, would
(21:37):
you be interested in coming back forthe final California show if I can pull
it off on the seventeenth. SaintPatrick's Day with you and Lonnie Poindexter and
I imagine there would be some brownliquor involved. Is the middle one?
Oh that's Saint Patti's day. Ididn't know. Okay, well yeah,
(22:00):
so so I I you know,if that's the case, absolutely, if
if you were not able to pullit off, you know, California with
a K, We'll miss you,but you are headed to greener pastures and
a pre state and I'm going away. People will still be able to hear
me even though you will be outthere in the cold, crisp air of
(22:26):
Idaho. You know, those ofus that are left behind here will miss
you, will continue the fight.But you know, congratulations on the move
and the change of scenery. AndI can't wait to hear about the reports
from from the new place. Well, thank you very much. Before we
(22:47):
go, Mike Fitzpatrick, tell folkswhat you are CEO of and what you
guys do, and where you canbe found if they need to get in
touch with you. Okay, so, CEO and founder of nCX Group.
You can find us at ncxgroup dotcom. That's our website and that's probably
(23:07):
the best and easiest place to getin touch with us. And look forward
to helping anybody that we can froma cybersecurity perspective. Excellent, Mike Fitzpatrick,
Thank you ever so kindly, sir, and thank you for being here
tonight. We'll try for the seventeenth, but we're gonna have to play it
by year. You got to beasthanks a lot, be well, take
care already. Thank you kindly,sir. I'd like to talk very briefly.
(23:36):
Well, no, I'm not goingto talk briefly. I'm going to
let this guy tell you what hethinks of America for about a minute and
a half or so. This isa guy speaking from the heart, just
a blue collar kind of guy whoprobably has more smarts in his head than
ninety percent of the adults in DC. Get your thoughts on the whole Russia
(24:02):
and Ukraine situation. You know here, here's my first daughter is I'm not
going nowhere to fight none of thesewars for these politicians. I'm staying at
home. And when the Arkansas,I will dig my boots in the ground
and I will die for everything Ilove. And I will not retreat.
If this country is invaded and everybody'ssaying, well, we gotta we gotta
evacuate, we gotta leave, wegot I will not I will dig my
(24:26):
boots in the Arkansas soil, andI will fight for the people that I
love, for the land that Ilove, in the way of life that
I love. But I'm not goingoverseas to fight. I don't know what's
going on, to be honest,brother, I really don't. There's so
much stuff, and I don't thinknobody knows what's going on. Fully.
There's been so much political corruption inthat area. You got Biden and his
son making a shit ton of moneyoff of and using our tax dollars to
(24:51):
bribe their people. That's treason.This in my opinion. Uh so you
got hunter Biden and his son usingour tax dollars. Hey, if if
Ukrainian and if you don't do this, we're taking your tax dollars. He
shouldn't be giving our tax dollars tothat country anyways. We got veterans out
here sleeping on a street, andyou're gonna give our freaking tax dollars to
these Ukrainians. And I, brother, I don't know what's going on over
(25:12):
there, but I'm not going overthere and fighting. And God bless anybody
that's over there fighting. And Ihope that the shit just gets solved.
And man, I don't like war, you know what I mean. I
don't want people dying and all thatstuff. I don't want to be but
I don't know what's going on.There's so much stuff that I think that's
corrupted, that we just don't knowwhat's truly going on over there. And
I just I pray all those peopleare saying, smart guy. Well that's
(25:49):
it. One of the last showshere in California. So ladies and gentlemen,
boys and girls, children of allages, thanks for listening to the
Obbliviating Zeppelin's Bersert Bobcat Saloon radio showright here on the SHR Media network.
If you want to contact me orcan find me on Twitter at BZEP at
(26:11):
BZEP and Promotional consideration is by theLockheed Martin Skunkworks and the Boeing Company.
If it ain't Boeing, I ain'tgoing. T ours are buy my Little
Poet thanks to my personal Case onethirty five Kitto one refueling team, with
whom I will be in fact concertingten minutes or so. Then I won't.
(26:33):
Thanks to Mike Fitzpatrick for being here. Thanks to you for listening live
and also in podcast. I startedthe show in January of twenty seventeen.
For SHR, that's a long timeago, relatively speaking. I'm not going
away, I'm just changing locales.SHR will be here. I will be
(27:00):
here, and I'll be here Tuesdaynight next week, hopefully Thursday. Everybody,
God bless, take care, besafe, God Bless America. Everybody
quiet down now I'll get some sleep, and everybody. Good night, Mama,
not Ben, good night everyone,good night, Mama, can night,
Daddy, good night, Chowdren,good night, Daddy, good night,
(27:22):
Elizabeth, good night, Jim Blake, good night, Jimbob tonight,
Jimbob, good night, Jam.What's going on? I was asleep?
What's everybody doing? Good night?Night, good night, and good luck,
Popular Podcasts
On Purpose with Jay Shetty
I’m Jay Shetty host of On Purpose the worlds #1 Mental Health podcast and I’m so grateful you found us. I started this podcast 5 years ago to invite you into conversations and workshops that are designed to help make you happier, healthier and more healed. I believe that when you (yes you) feel seen, heard and understood you’re able to deal with relationship struggles, work challenges and life’s ups and downs with more ease and grace. I interview experts, celebrities, thought leaders and athletes so that we can grow our mindset, build better habits and uncover a side of them we’ve never seen before. New episodes every Monday and Friday. Your support means the world to me and I don’t take it for granted — click the follow button and leave a review to help us spread the love with On Purpose. I can’t wait for you to listen to your first or 500th episode!
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
The Joe Rogan Experience
The official podcast of comedian Joe Rogan.