Are Hackers the Biggest Threat to America’s Critical Infrastructure? | Cyberwar
ฝัง
- เผยแพร่เมื่อ 8 เม.ย. 2024
- As Iran ramps up its offensive cyber operations, American critical infrastructure is increasingly vulnerable to attacks.
This episode of Cyberwar first aired on VICE TV in 2016.
Help keep VICE News’ fearless reporting free for millions by making a one-time or ongoing contribution here. - vice.com/contribute
Subscribe to VICE News here: bit.ly/Subscribe-to-VICE-News
Check out VICE News for more: vicenews.com
Follow VICE News here:
TikTok: www.tiktok.com/@vicenews?lang=en
Facebook: / vicenews
Twitter: / vicenews
Instagram: / vicenews
More videos from the VICE network: www. vicevideo
#VICENews #News
the government so full of old people that can't even open a PDF file lmao
lol 😂
the govt is filled with pdf files...
@@steven-el3swI see what you did there 😂
@@steven-el3sw only the ones with the (R) by their name!
Unless that PDF has a 0-day exploit ;-)
"You'll never be able to prevent all cyber intrusions..." -Michael Daniel. I'm glad we have someone in a position of power with the clarity to observe this fact.
This is 8 years old - little outdated?
Vice wasnt allow to release it until they checked in with their new Saudi masters...
I think the core message still stands, however, I did think something similar when they were talking to President Obama’s security consultant.
The video might be outdated, the message is absolutely relevant.
Vice doesn't actually exist anymore, what do you expect? Nothing they've uploaded recently is new...
@@GrannyDrydenawww do you?
How come these only get posted 8 years after it's aired on TV?
Bankruptcy, lol.
Vice is essentially dead. They tried to grow too much. When that collapsed they tried to partner/merge/be acquired in recent months but had no takers. They're just releasing most of their content now possibly in a last gasp. Very unfortunate but there doesn't seem to be a market for this content on the budget it requires, we're down to mostly small independent creators now and are going to lose out on a lot of topics.
Cause they are money grubbers
Vice got greedy they saw the money and they took it.
Because there's an Internet TV delay do to the hackers 😂
Cyberwar was one of the best shows on Vice when it aired on TV. Wished they kept this show going...
Keep bullying nerds in highschool, this is what happens
I think nation state adversaries are the threat. Not “nerds” in school. Bullied people are still good people who take part in our society.
@@Melted-Etheragreed, good response
nerds are out for revenge
💀wall st still bullies lol
We aren't in 1990 anymore dude lmao
Neglect is a bigger threat than spooky hackers.
I would have loved a reporter that actually knew IT or cyber security in the slightest to be reporting on this. This guy had no idea what any of these people were talking about.
I dont think it matters because we still got a lot of insight from in the know and cyber job title people.
@@brainwashedburgerworshipper it does matter because the person doing the interview needs to understand what the person is talking about to ask good questions in response to their answers to have an engaging conversation and to get more information about the topic.
This seems like the worst period.
Even the market are now very unpredictable. Started investing recently when the market prices were a bit high,today I am more than 60% down!
Don’t be confuse buying the dip in a bear market, with guaranteed future returns. Just because that company is down 60%+ from ATH does NOT make it a sound long-term investment. Make sure you’re investing in great companies. kudos to harriet alice
....
I agree just reached my goal of $500k yearly trade earnings. Setting realistic goals is an essential part of trading
Please educate me, i'm willing to make consultations to improve my situation,
Her technical analysis is excellent and her interpretation/projections of the market are so accurate I sometimes ask myself is she is a human The point she is the perfect trader to follow for advice and guidance
Please how do I find this financial counselor?
12:59 the person on the bike in the background for sure fell off after that shot
Attention to fine detail nice. Been there swerving out of control, lol
😂
As a person who learn computer/basic cybersecurity for 15years and play on both legacy and new technology, I can say one thing that if anything is connected on network, you better have it secure with good encryption. It is not guarantee, but better be safe than sorry.
Edit: learning network infrastructure is fun and get to see situations to building and finding vulnerability to prevent the real life situation.
Do you think computer science should be mandatory in school from elementary to high-school? Feel like it's not because to many people would try to be hackers
Stuxnet was brought into an Iranian facility via an external drive and wasn't even connected via the net.
A fun exercise is to look back at some of the “disasters” that happened to developed economies and ask yourself if this could have been intentionally caused by a cyber attack. Fires caused by overloaded power lines, hospitals loosing their medical records and access to their systems, trains carrying extreme chemicals derailing, and most recently cargo ships loosing power and crashing into bridges…
The insidious part is that it can also look like negligence, which is common enough when you have highly complex systems vulnerable to failures
A good point. Having watched most of the USCSB videos quite a few of them could potentially be caused by cyber attacks.
Crazy idea: what if we didn't connect them to the internet
"But muh line won't go up!"
- hedge fund tech stock flippers.
As the comment above says, Stuxnet was brought in via a USB Drive to an otherwise isolated system.
Yes, ICS and other critical systems should be in an air-gapped network.
@@LoayMatar They have been air-gapped when air-gapped wasnt cool . They all look and act the same , what you see aint nuthing new .
SO YALL JUST GONNA GIVE THEM IDEAS 😂
What worse is that they say there is a cyber security skill shortage but almost none of these companies actually wants to invest in training cyber workforce because there is no profit. They don’t realize it until they are impacted by an attack.
as a cybersecurity advisor this is so spot on. People don't want to pay for cybersecurity until they've already been breached. This is why I'm becoming a hacker instead lol
I’m just surprised more of these critical infrastructure systems aren’t “air gapped”
A ton of them (chemical facilities) are. There is no way that person could control an NG plant in Houston.
Yeah, air gaps are cheap and effective, but they can be very inconvenient. Also air gaps aren't perfect, everything with a pin that can be controlled programmatically can emit detectable RF. You can probably speak LoRa over VGA, HDMI, LPT, etc.
Also you can do what happened with Stuxnet and just infect computers via infected USB devices(nowadays probably smartphones).
In reality everything can probably be hacked, it's just about making it more difficult. Unfortunately, we're often prioritizing low cost and convenience over security.
@@Maxjoker98 true though to my mind, remote attacks verses needing physical access to machine to deliver a payload via USB, for example is of a magnitude more difficult and would stop a lot of these random attacks. Reminds me of the early days of home wifi, when routers open authentication was on by default and you had to turn WEP on.
@@Maxjoker98 Best comment in this section. Well said
Air gapping costs money -- it means power company engineers/technicians cannot monitor/operate remotely, e.g. WFH, requiring night shift.
Are you willing to pay extra on your power bill for air gap? Or are you going to pick the cheapest power company?
I love how he almost forgot and barely tacked on "health care"at the end 6:14 😂 lol because we don't have any health care.
Yes
I really enjoyed this series when it first aired. Even though this aired years ago , still very relevant in 2024.
It's not hackers you have to worry about. You have to worry about an entity ( a person who isn't in the system but is in the system with a name) that knows how to monopolize people. A computer doesn't know how to monopolize people and psyche them out with Psychological Operations. I knew of a girl who did this and she had five counties wrapped around her little finger. The cool thing was that she was being herself. She passed away and her legacy is still thriving.
❤
The biggest threat to America's critical infrastructure is under-investment in maintaining it by the corporations that own it, in favor of profit. This makes it more vulnerable to electronic attack, of course.
This video is 8 years old… your killin me smalls.
Please bring more such Cyber attacks videos... It's so much interesting topic... 🙏🙏🙏🙏😊
@4:50, she is being kind. There are bigger issues than that as well.
for those complaining that it's an 8 year old video, people who haven't watched back then has the chance to see it now.
and as cybersecurity goes, it's still relevant
Cybersecurity is a vitally important field for national security, there’s so much exposed in the US that it’s hard to defend it all effectively. Hackers are just one of the problems.
Microsoft, which the U.S. Military uses for azure cloud, core codes all it's products, including azure cloud, overseas in Israel. Intel, who backdoored all of their chips, on purpose, does R&D in israel and considers themselves "as much an israeli company as a US one".
"core codes"? lmfao
stop making up terminology 😂
@@waverley41 he means mirco-code within the cpu itself. which makes sense to call it "core" of all code as its at the core of the cpu.
Agh…every time someone calls it “the cyber” I die a little bit.
This is Vice level reporting, important topic, great pace and clear explanations, great video.
Damn vice you laid off too many journalists.
we should cut or reduce use of the internet
I feel like refusing to repair and maintain infrastructure is probably a bigger risk lol.
Not that cyber warfare isn't a big risk
I think poor administration of said password logins is the main area were lacking in, and it's not unknown - just unaddressed, but that's where my research has me guessing. Is it unaddressed still?
The answer to question is no. The biggest threat is knowledge. And having so many inexperienced computer users set up government and critical infrastructure with default passwords isn't going to solve anything.
Bruh not far from us are the days when passwords mean nothing 😂 quantum computer and everything is public
@@GR4MPI Quantum computers are not a silver bullet. Post-quantum cryptography is well underway with cipher and digital signature algorithms already identified.
@@AlexanderNecheff ye, but still imo there will be large amount of sites and other things that will take long time until they change their encryption, so in the breakthrough time we will have nice opportunity
To help fight against lazy passwords they just have to add a biochip reader or fingerprint/retinal scanner. But a knowledgeable human can beat any security system unless you have an active human cyber security team.
@@minisithunknown5568 Humanity should work on moral rules instead of security systems so there will no passwords be needed :D
We all didn't Pay enough attention in "MATH" classes.
Situation is grim.
0:29 _"wind up with a cyber war"_
Hackers: We're... in... like... 4?
What U.S. Infrastructure? Have you been living under a rock or something? Whether physical or Cyber, The U.S. doesn't have any infrastructure left...
No, having all of our top technology R&D centers (Intel, Microsoft, AMD) in foreign countries is the greatest threat to US critical infrastructure.
13:02 had a double take of the guy in the background lol xD
Why does everything need to be connected to the internet? Smh
Talkin about SCADA systems I'm guessing - those are fun to mess with.
Plants get hacked when companies are cheap AF. No password managers, no enforcement in Conditional Access, no passkeys, no Yubikeys etc. Refusing to upgrade and patch systems due to cost.
16:40 I thought it was Doug Stamper from House of Cards lol
The more “ online “ the world goes, the easy is for the world to engage in cyber warfare/ cyber shenanigans.
Thanks for this information.
Why is Vice just re-uploading all their old stuff?
Bankruptcy problem
Moral of the story: Never keep all your eggs in one basket.
The fact that a bunch of boomers are in control of the cyber security of critical systems and departments gives little to no hope.
13:02 lol person wobbling on bike
That’s why cybersecurity is a growing job. They need more ppl in that field
Peace and LOVE for ONE and ALL
Car systems have very cheap electronics and software. These are even more vulnerable, especially since manufacturers implement black boxes and wireless connections via SIM cards! 😮😮
Yes.
is this a repost?
"Running on outdated software? You're the consequence of your own negligence. Making things proprietary? Expect consequences when the creators fade away." - SirCryptic
Being in gov cybersec professionally, I can tell you that it is most certainly foreign adversary hackers that are often state sponsored (even if they’re doing it for fun, the foreign adversary isn’t going to stop them bc they’re interested in that data as well). While some American hackers most certainly do have malicious intent, they are not often going after US companies. In my management of enterprise networks, bots are constantly (and annoyingly) crawling our network from foreign IP addresses (yes, namely Chinese and Russian).
They talked to some real people on this episode.
Little actions with BIG consequences. Very frightening outcomes 😡
Don't feel too sorry about the longer video not turning out nicely, we fully understand. Sucks to hear that you have to leave your current shol. Good luck with finding a new one, hope you get sorted out soon!
Is it just me or are we actually witnessing the reporter get smarter with each interview? 😂
You might want to look into NERC/CIP as there are already regulations that tell utilities how they need to protect their networks
Unfortunately, the question of how to localize the attackers was not addressed.
I recall seeing this video before, today 04-12-2024, refresh.
This is like a movie we have suspense!
If there's a will there's a way. Especially when the hackable internet is involved. I didn't hear any new information in this doc
The problem is not the hackers, but the quality and maintenance of the software.
"We've 'cleaned up' the place for you to come in..." ahhh, I see. Ofcourse, you did. How courteous. 🤗😑
you cant attack some thing that's not connected to the internet ,
The answer to Michael Chertoff's question is in cyber war there are no rules.
17:31 “i dont fully unsee how it works “,then why are you advising anyone regarding it then??
the answer is simple, there are no rules of engagement.
Be sure to do an update to this and talk to a bunch of "experts" and government reps that either have no idea wtf they are talking about or are being intentionally vague and fear mongering while ignoring or not actually explaining the real issues for this subject out there. Or you could just reshare this video I suppose since you already did that.
Who leaves their plcs industrial network connected to net?
Found some outstandingly intelligent folks on this one!!
Idk how much do you know about the flaws in siemens 7 plc's
Seems I’ve taken the right decision enrolling to be a Certified Ethical Hacker here in Ghana
Let’s see where this journey leads us
Is it so hard to just have some computers within the infrastructure that are not connected to the internet or outside world in any way?
Yes because they are too lazy and stupid.
If you want remote support from the vendor or your operators - yes having completely air gapped systems is a problem.
@@AlexanderNecheff "Remote support from the vendor"???? The companies / the goverment running that stuff should be able to operate it by themselves.
@@_Blay_ They could. But it isn't a matter of ability. Organizations love to pay support contract fees in order to shift liability to another entity. When some dam control system goes tits up because of a faulty update, the utility operating the dam doesn't want to be left holding the bag. This is the tao of corporate software purchasing agreements.
No, the biggest threat to American infrastructure are the people who refuse to fix and maintain. Greed is the real problem here with corner cutting. If a computer attack causes an infrastructure problem, either someone is stupid or it could have been prevented but security is skimped to save money.
Finally, some sense down here.
Id suggest rust currently is
Why even have those networks connected to the Internet?
HEMP would make cyberwarfare look like a drop in the ocean tbh; if you know, you know.
Good idea to use against the darkness in our world these days 👍
I hope they don’t have box knives….
good news is the best hackers are white hats, hopefully but i'm pretty sure, black hat hackers usually work alone but white hat hackers have more people and resources
No compliance is the biggest threat
If you make a documentary with tense, suspenseful music in the background then whatever it is about is bound to feel like a threat. Humans, especially the kind that would tune in to tis documentary in TH-cam, are pretty dim and easily influenced - BECAUSE of the music that sets the tone.
I wish we can go back to the early and mid 90s one cell phones were only cell phones and Internet was only used for business purpose. Life was goooooood!
Why does this video seem so old?
YEAR:2900
me:“Oh no a pipe broke in our house”
dad:”ITS A CYBER ATTACK”
Meanwhile in a place far far away….
hampter:”hahah pipe go BOOM!!!!”
That like hacking into ai/robot too
no corporate greed is
Interesting to see what comes of the US port cranes being found to have Chinese malware
Refinery control systems aren't connected to the internet😂
Why isn’t critical infrastructure; utilities, military, government etc on a closed network?
No iot, no remote access,
Closed.
We invest trillions. The investment and our security needs to be protected and secured from anyone that is a possible bad actor. Including people with access on the inside.
This needs to be addressed like yesterday
18:40 Lorra Windows boxes in dat US Cybersecurity HQ 🤡
ICS networks are gapped from internet access... no one is accessing ICS systems from the internet.
When the internet as a whole learns to speak for itself it may tell us who did what and when and even know why.
Who started using stuxnet at another nation's critical infrastructure 1st?
What is the problème of this Channel
Russian used on Ukraine
@@flashmedia8953 Russia used stuxnet 1st?