Why Hacking is the Future of War

As a senior software engineer working in the cyber security space. The castle analogy is one of the best explanations I've heard in a while. I'll be using this to explain these to people in the future

williemaxt

Cyber warfare is cruel. Romanian hospitals recently got attacked via ransomware and many hospitals are unoperable. For instance, my mum suffers from cancer and she had to do her treatment tomorrow, 15th of February, but she can't because the system got hacked...

mirceacelbatran

Back in the 1990s I met a guy who got busted by our university for hacking into the campus computer network. He was given an ultimatum, get expelled or work at the university in the IT department. He took the job but grumbled a lot about the workload. I suspect the USA has hired some hackers in the same way.

greghodges

Nitpick:

1. Not all vendors have bug bounties anywbere near what google/apple pays out
2. Sometimes google/apple try not to pay out
3. Black hat pays much better (which was covered in the video), like 100x more in some cases
4. Sometimes white/grey hats get flamed or threatened with lawsuits on disclosure, or get the ring around in the pre disclosure period as the company does nothing


Sorry to only throw mud but security posture and whistleblower peotection are things i'm passionate about improving

jameshughes

This video is more engaging than most sci fi movies because it’s non fiction and Johnny’s ability to narrate and edit serious topics. Any software engineer/ cyber security student should watch this.

thumpertorque_

I am network engineer and boy believe me there are attacks happening all over the place all the time. Either by bots or on some specific service in our datacenters. Its constant at this point.

godgige

Today's Fact: The oldest continuously inhabited city in the world is Damascus, Syria, which has been inhabited for over 11, 000 years.

FacterinoCommenterino

Very few great infosec folks work for the US government directly. The private sector pays WAAAY more and there's much less regulation. It also gives the public sector plausible deniability.

Btw "APT" (advanced persistent threat) is the term for what you're referring to at the end. They're a pretty big signature of a nation-state.

ClifBratcher

I think stuff like this should get a lot more views, so many people are way too ignorant of the dangers of the tools they opt into for no reason that more awarness is crucial to make everyone saver tomorrow.
Cybersecurity is important and we need to starting treating it like it is.

hansmueller

Fun fact: Recently, a research by a journalist of De Volkskrant in the Netherlands showed that it was a Dutch/Iranian citizen who brought Stuxnet physically into the factiory and installed onto the computers there. It was a collaboration with the AIVD (Dutch intelligence services).

brilliantroads

A side note everyone misses: WannaCry and NotPetya used a vulnerability in Windows that had a fix 1/3 months before the initial deployment respectively. The simple variant of this exploit was founded back in 2009 with Microsoft's employee stating in personal blog that they put a duck tape over a hole in Hoover Dam, the "fix" 8 years later just disabled the vulnerable part completely.

chupasaurus

i've seen johnny change the title and thumbnail of this video exactly 5 times by now

juanpiss

The analog oscilloscope behind you connected to the microphone is fantastic

diegomarconi

The castle animation is the sort of thing a movie would have to show the hackers are getting in.

elmerp

dude has changed the title and the thumbnail almost 4 times, was struggling a bit to find the video in my watch later list lol

puneet

Yes, use 2FA and keep your stuff updated but the most important thing is: backup, backup, backup. I've never had one of my computers hit with random ware but my family has. And I fixed it by just rolling back the computer to a previous backup. If you backup your data, it doesn't matter what they do to it. You can just recover it from backup. I keep 3 copies of everything. When I shut down my computer, before it turns off, a script runs to copy the entire hard drive to a compressed, encrypted single file. That file gets transferred to an external hard drive, a cloud storage drive, and secondary hard drive in the same computer. Not only does it protect your data from hackers but it also protects it from hardware failure or a disaster like a house fire or something. Backup your data.

xliquidflames

I remember "Petya" virus hits us when I was in university, it caused a lot of panic back there. You mostly was put in a hard choice like "do I turn on my PC to save my files risking getting this virus or do I just wait and hope for the best"

bloom

I LOVE the revenue split if we use Tom's music. That's so unbelievably reasonable. I might try to find him on the web and ask him licensing questions. You and your whole team are so awesome!!

laurenv

I normally just listen to youtube videos in the background while playing games on my PC. This is one of those few type of videos where I just have to pause the game and really watch it. I love your content. So interesting and captivating topics, fantastic graphics and music.

TheQuallsing

What's not stated clearly enough in the castle metaphor is that essentially everyone uses the same blueprints to build their castle. >90% of people use Windows, and >90% of servers use Linux. In this sense cyberwarfare has this odd symmetry to it: Developing new attack methods often exposes vulnerabilities in your own systems, but in order to patch your own vulnerabilities you must often report them to the developer, for example Microsoft, who will then roll out a fix to *everybody*, including your opponent.
Then remember that world powers often sit on exploits like these, rather than reporting them. Evidently, multiple people in power sat down and decided that holding on to an exploit to attack some theoretical future enemy was worth more than protecting their own people, hospitals, and power grids from real, known threats.

AGENTX