Outage: Who Is Behind Cyber Attacks on America's Infrastructure?

Change Agents with Andy Stumpf

IRONCLAD

Society & Culture

4.8 • 607 Ratings

🗓️ 17 July 2024

⏱️ 48 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

On today's Change Agents, Andy Stumpf sits down with Principal Adversary Hunter at the cybersecurity company Dragos, Kyle O’Meara who previously worked at the National Security Agency, and Gus Serino, an industrial cybersecurity consultant, and has worked with large water utilities on security issues. His company is I&C Secure ( https://www.iandcsecure.com/ ). They discuss the reality of cyber war and the vulnerabilities of America's utilities, Change Agents is presented by Montana Knife Company. Use CODE "CHANGEAGENTS10" for 10% off your first order at ⁠https://www.montanaknifecompany.com/⁠ MTNTOUGH Go to ⁠https://mtntough.com⁠ and enter code CHANGEAGENTS to receive 40% OFF - a savings of about $100 your MTNTOUGH+ annual subscription. OnX Offroad Start your adventure with a 7-day free trial and experience the difference. Download onX Offroad today and elevate your offroading experience at https://www.onxmaps.com/offroad/app Change Agents is IRONCLAD Original. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcript

Click on a timestamp to play from that location

0:00.0	If you haven't tried Abercrombie denim yet, you're missing out.
0:03.8	Denim should fit like this.
0:06.0	It's all about proportions.
0:07.7	Abercrombie has their classic fits and athletic fits for guys who want a little more room in the thigh.
0:13.1	When you find your staple fit, it'll be the pair you reach for day after day for every plan.
0:19.2	Shop Abercrombie denim in in the app, online, and in store.
0:26.9	This adversary searched, use the tools that can search the internet.
0:30.5	They look for this software called VNC, which is a remote access software that had some
0:36.0	vulnerabilities built in.
0:38.0	They connected.
0:39.5	They, in some cases, there were no password.
0:41.7	In some cases, it was a brute forcible password.
0:44.1	They got in.
0:45.1	That gave them basically access, like they were on the desktop of the computer that ran
0:49.8	the water system.
0:50.6	They made changes, which one of those changes were lucky enough to cause the
0:56.6	tank, the pumps to fill the tank to the point where they wouldn't shut off. It overflowed
1:00.6	the tank. They found the problem, corrected the problem, purposefully disrupted critical
1:06.2	infrastructure, right? So that's a problem. But nobody guide. There was no real consequence other than a lot of wasted water.
1:14.1	But so that's what happened there. And so when that happened and then it happened in a few other places by the same organization, I reached out to the local regulator here and was like, look, we need to get some people and do a sprint and go find out which water
1:28.6	utilities have VNC, because it's being attacked, directly connected to the internet,
1:33.9	like in an unprotected way. Just mobilizing that, it was like too much. That's the problem.
	...

Please login to see the full transcript.

Previous episode | Next episode

Disclaimer: The podcast and artwork embedded on this page are from IRONCLAD, and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of IRONCLAD and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.