Charl van der Walt - Love triangles in cyberspace. A tale about trust in 5 chapters.

hi so my name is sha I'm from st. suppose my presentation today is titled love triangles in cyberspace it's a little bit different to the kind of stuff that you guys have seen up to now because I'm it's not a technical presentation I want to I want to offer some commentary on some of the kind of broader sort of geo political movements we've been we've been watching in the world over the last year and particularly over the last few months to fill you in a little bit about some of the things that have been happening and then kind of try and bring it back to our space and offer some commentary often some thoughts on how I think it

will affect our our industry and what it potentially means for us these are kind of new there fresh ideas I'm not here preaching a gospel but I thought I'd gonna plant some seeds with you that that you may be able to play with a little bit in your own minds I recognize this is the first presentation after lunch which is like graveyard shift and and and I'm worried because I don't I don't have any calc II xes to show you but but I have compensated with the three three ingredients for any classic presentation which is I have a lolcat so you'll be glad to know that I have a reference to Edward Snowden and I have a

picture of Vladimir Putin riding a beer so you've got something to look forward to oh that wasn't supposed to happen at all that's not a good that's not a good sort let's see we go from there we go today yes aha there you go this is Donald J Trump November the ninth this year he was elected the 44th President of the United States of America by the great people of the USA and I don't know how it was for you guys but for me and my family we were generally taken aback like we were we were shocked um my wife was more than shocked she was like just made you she was she was upset by it you

know she's really kind of shaken um not only but I think would have meant for the world and for geopolitics and for our country and for this you know the state of the human race but also because we've kind of been led to believe something completely different right the exit polls in the states had suggested that Clinton was going to win some were even saying by a landslide a sort of language they were they were using and yet as we watched the numbers filter in was watching TV in the morning it became very apparent this guy's gonna gonna win and so immediately afterwards you know all the analysts and the press and everyone jumped into this massive

discussion about you know how did that happen how did we get it so wrong and a number of different theories were floated this is really not working hard supposed to number of different theories were floated about how it could have happened and some was saying another you know Trump was better tapped into the American electorate he understood them better he read them better others were saying the Clintons followers didn't rock up they didn't pitch they were complacent they were apathetic they thought they had it in the bag didn't rock up on the day and and Trump stole it some was saying look is this is a this is a gender issue but Americans aren't ready for a female president they

just couldn't stomach last minute I chickened out there's other you know snide comments about Trump's hey and in some people in the last few weeks started saying something about the Russians is this theory that got floated that said we think Russian hackers swung the election in favour of Trump and at first it sounded like noise but eventually it got to the point that some actually very respected computer scientists and data scientists had a meeting with Clinton to say look you've got a lobby for a recount in some counties because the results that we're seeing are anomalous the variation from what the polls suggested in counties where there are electronic voting machines is significantly different from

the variation in counties where there's not electronic voting machines and so and and and so we can deduce that these electronic voting machines played a role is there a significant variable in the in the differences that we're seeing and we think these machines could have been hacked and it's not a ridiculous to think that the machines could have been hacked because machines like us have been proven over and over again to be you know to be vulnerable was it you doing the kiosk stuff just the other day okay he's not confessing but anyone who's anyone is kind of confronted you know these these sort of standard lame machines atms kiosks will know there's lots of vulnerabilities in them and also

the American people are very willing and very keen to believe that Russian that Trump has an association with the Russians the Russians favor Trump somehow Putin and Trump I don't know they're you know they connect their the lack of the same mind and and of course the Russians have got a history of messing around with with elections I'll come back to this in a little bit but when we saw them in Georgia we saw them most recently in in Ukraine and we saw the missing in the American electoral system so this is a woman called debbie Wasserman Schultz you might not recognize her which is quite a big deal she was between 2011 and 2016 the

chairman of what's called the Democratic National Committee which is the like our NEC I suppose n see any see that there the party leaders and she'd risen through American politics and taken control of this very important it's not a government body but it's at an American political organization and in the june july this year her email got hacked and leaked on to wikileaks just sort of become this the you know the the go-to place for these kinds of things and part of what those emails revealed were that she and some of her compatriots were conspiring to favor clinton as the Democratic Party candidate in favor of Bernie Sanders and was very shameful for her and as a

result of that she had to after a long career in politics yet it's yet to resign and the what do they call counter counter-strike American incident response crowd they went in and they said there's not just one these two different groups of Russian hackers running around on the DNC networks fuzzy bear and angry Bay or hug eBay I don't know what kind of Bay but it all kinds of Bay is running around in this network so the Russians are doing and it seems pretty and ambiguous that the Russians were all over the DNC and it seems pretty ambiguous and ambiguous that the leaks of these emails into the pub domain was very shaming for the

Democratic Party and probably hurts clinton's chances at least at the time this is Michael Hayden he was the head of the NSA and that this is from an interview in Sydney for the guys in the room this is for an interview on play in Playboy magazine a very good interview that was done in Playboy magazine so you can actually read playboy magazine and if your better half finds you with it you can say ash where's full articles it's because there is actually this article was in Playboy magazine so Hayden came out and he commented on it he said he said as far as they can tell it seems pretty ambiguous maybe not the Russian government themselves but some

sort of Russian criminal organization acting on behalf of the Russian government was all over the the DNC and we've seen this before this is the comment I made earlier we've seen this part it's a pattern that we've seen before I mean I want to draw your attention to this place the Ukraine which comes up again and again it's going to play a sort of key part in in my little story and not only Hayden but also the boss of the of the NSA Michael Rogers he said look this is a conscious effort by a nation-state to achieve some kind of effect what we saw on the DNC wasn't accidental it wasn't opportunistic guys were going for

something and they had intent so the question is is my lolcat every 17 minutes in we already have one lolcat what was that effect what was it that the Russians were trying to achieve by hacking into the DNC and leaking poor Debbie's emails all over WikiLeaks well this guy the guy in the background he's got an a he's got an opinion and his name is John Podesta and he was he's an old Clinton stalwart and was a Clinton campaign advisor during during her campaign out of the last few months and his emails also got leaked its gmail not via the DNC in a completely different place and they're also actually currently still being curated and leaked

out via WikiLeaks every in a few weeks the press I've got another batch of things that they can run through and tell stories about does anybody know incidentally how his email was it's beautiful is it was fishing they sent him a mail from google saying your account has been accessed from guess where the Ukraine it's been accessed from the Ukraine and we believe there's been a security breach so you have to hit this link and change your password and apparently he took that email to his IT guys and said what should I do with this and they went duh you have to hit the link and change your password so so he did and now his emails of all

overlooked WikiLeaks and he knows he's unambiguous about it he's like this is why it was hat this is what happened the Russians went in it was the Russians and they went in because they wanted Trump to when that's that's the theory endless this theory is very popular in American in American politics at the moment so the theory is the the the the Russians are messing with elections American government officials are saying it the Clintons were giving us a reason for it and we've seen precedent for it back in 2014 you guys will remember there was an election in the Ukraine it was the sort of election that sparked off what eventually became the Russian annexation

of Crimea which we'll come back to in a bit oh nothing happened nothing happened something happened there you go so there was a selection in the in the Ukraine and 14 minutes 40 minutes before the official election results were to be published IT officials working for the Electoral Commission found a virus implanted on one not not on an elect about counting system but on a vote displaying system some with the actual data set but the thing that you would see on the on the TV showing that these guys whose name I can't remember but there are very right wing ultra conservative right-wing sort of separatist party within the Ukraine we're leaving the elections with thirty-seven percent the actual result

was one percent they'd actually won one percent of the road and there was a little virus sitting there that would show that they had earned thirty-seven percent of the vote and I think I found it they removed the virus and the results were shown as they were as was intended interestingly the Russian press had already published that the you guys had won by thirty-seven percent before before the virus was removed so there's like a little bit of conspiracies very happening there and and and Americans like to believe that Trump has a connection to these Russian hackers because of this guy his name is John Manfred he was Trump's campaign adviser up to about halfway through the campaign

and I don't know if you guys remember he had to resign at some point in Trump bought a new guy and the reason he had to resign is because the American public became aware that he had been the campaign adviser of this Ukrainian president who eventually won the election and that's what sparked off the the annexation of Crimea so he's all tied in via this Ukrainian president who's a big body of Putin's and he was an advisor to the Ukrainian now is an adviser to trump and it was like it's a little bit too close for comfort you know we're all it's like a little bit like like this anyway so all of these factors together the fact that the

machines are vulnerable the fact that the Russians are in the dnc the fact that the Russians have missed around in systems before including by hacking election systems in the Ukraine gets too much and this chick her name is Jill Stein she was an independent candidate some of you may have noticed so she won like three percent of the vote or something she put up her she kicked up a bit of a fuss and she said guys this is too uncertain everyone's feeling uncomfortable weird like who's too much noise let's let's recount and she raised some money and actually right now there's a recount is he happening in some of those counties where these electoral these electronic voting

systems were we used and there's a lot of drama around that which I won't have time to to bore you with the bottom line from all of this is there's this message in the states that says the Russians are messing with our cybers and they're messing with it because of Trump and it's a very popular message popular enough to have driven a recount and actually count in this state but there are also some sound of minds and in some of these quotes you're going to see some names that we recognize Dave i tole run the company called immunity in the States there they're a big deal in terms of technical security is also ex-nsa and

he's like you know actually when I look at this stuff what I see is what what we would do we would find something that we can own it then we collect everything we can gobble it all up and then we take it home we like or what do we do with this right so so that so this notion of like intent the notion of like tactical intent that the Russians went after the dnc so they could leak the emails so that they can discredit trap Clinton in favor of Trump it's like maybe not exactly how he he has experienced it and then some other commentators are saying and actually the DNC is not the only

guys like fell to this the Republicans have fallen to it the republican national convention has also been a victim there's a lot of this stuff going on and Thomas pathetic who I think Martin mockers a bit of a fanboy I works for card for metro so no it's also like one of the big gorillas I suppose and I'll in our game he went so far as to say look the only thing that stands out about the DNC is that is that they got found he reckons look basically everyone else's being owned up and if you look past the pictures in that playboy article that I was telling you about and you read the rest of the the Hayden

interview he goes on to say actually what the Russians did with the DNC is not particularly remarkable we're all doing it to each other all the time right they're all in our stuff and we're all on their stuff what is remarkable though is that what they chose to do with the emails is to publish them they chose to publish the emails and that's something he calls covert influence which is unusual it's not traditional routine espionage which is what we're doing to each other stuff all the time it's something a little bit different and this is the thing that's making the American so uncomfortable it'll come up again in a bit anyway so all of this

adds up to my picture of Vladimir Putin riding the way because we deliver on our promises it adds up to the American political a statute saying you know what it's enough I forget what the Russian word is for no it's not knit knit is yes is that no what was it yes okay that's enough and they threatened to cyber you know [ __ ] slapped the Russians back and nobody knows where nobody knows hard but you know we're going to get our own back against you Russians for for all of us messing in our in our systems and as it turns out not long after they're threatened to do that some emails of Putin's were leaked onto the

internet revealing him conspiring with some of his associates about affecting the results of the elections in guess where the Ukraine all right so this whole story everywhere you look the Ukraine just keeps coming up it just keeps coming up and you guys may remember Ukraine used to belong to Russia so the premier it used to belong to Russia and then was transferred into the to the Ukraine and when when political teachers tensions really built up in 2014 after the selection that we were talking about the Russians said look actually enough the the people of Crimea belong to Russia and they want to be with Russia and and so they instigated this kind of silent when you

call it like an invasion silent occupation of Crimea and it's politically quite a remarkable event that they will tell you that the occupation of Crimea by the Russians the invasion of chromium by the Russians it's probably the single most significant political threat political political event that Europe is faced in modern times basically since its sense of the post-world War two ERA and you know that an NATO and the European Union could not move on that occupation for a year and a half for a year and a half they basically set and watched the Russians take over Crimea and affect the who there and the way they manage to do that the way the Russians did it is

basically just screwed by screaming louder than everyone else the Russians developed this narrative about what's going on which is on the one hand like completely false but on the other hand has just like enough truth that it keeps everyone sort of guessing and counter arguing and checking their facts you know that you heal people who might like a post truth world that the Russians are the masters of of post truth they kept so much noise in the present in the rhetoric about about Crimea that it basically paralyzed NATO and the and and and the European Union for a year and a half until this until the occupation was complete now it's done fait accompli and nobody moved

no no one was able to do anything and it turns out that that's the way the Russians role in America when you talk about like cyber and you to like you know computer network exploitation and computer network attacks and stuff what they're talking about is people hacking computers Russians have got a completely different view on it what what they talk about is something called network warfare or information warfare which kind of sounds like the same thing but for the Russians means something completely different it's all about operations of influence it's about changing the way your people and your adversary sees the world so that you maintain control of the information better fit battlefield and it's

literally by injecting sufficient noise into the system at all times that nobody else except you actually knows what's what's going on and this is a method that the Russians have have have researched and they talk about it if you go to you know army school and in Russia they'll train you on it and i've you know it's it's a deal for them and all that's happened in the last the last few years is that the Russians have taken that ideology that military doctrine and they've applied cyber to it so for example and they will employ armies like literally hundreds of Twitter trolls to sit on Twitter and say [ __ ] for them it doesn't particularly have to be true or

not true they're just like injecting noise the difference between them and us is they know who the Twitter trolls are and we still have to figure it out right so you faced with all this like why are in the air the whole time but they kind of know who's telling the truth and who's not telling the truth and they do it to keep their population under control and to enter unsettle their enemy to disadvantage the enemy because enemy now doesn't know what's true or not trainable to give an example one of the narratives that the Russians have used in Crimea from the very beginning is they said no no no what's happening in premier is it's a Nazi Revolution the

Nazis are taking over Crimea and since 2014 until now if you look at what the Russian press is talking about in Crimea they'll say this is naughty rising and we had to do is the good Russian people was to step in and save the crimeans from from these Nazis so it's something that actually we're very we're very familiar with fear uncertainty and doubt it to me our industry knows quite well and the Russians use it with you know with with greater with greater fit in effecting their political goals so how does that tie back to what's happening around the elections and all the noise about the DNC well the cloud strife guys eventually nailed it and the point is

the Russians probably did hacked the DNC and I probably hacked a whole lot of other people but they intent is not to try and gain votes specifically for one candidate in favor of another the intent is to create noise and uncertainty in the faith that the American system have in this process that presents them with the president which is exactly what we're seeing happening now and I don't think the Russians particularly mind whether it's Clinton or whether it's Trump I think it would be very hard to predict where the one candidate would be more or less favorable to your political goals but the uncertainty that they create is is presents them with it with a great advantage and that's kind of

what the Russians are about so so why are we why do we care about I didn't even tell ya is going to put a picture of a baby in the fiction as that one's the bonus ya la everyone's gay anyone all right so so why do we care now I want to backtrack a little bit to the story of the DNC because shortly after the hack against the DNC that happened in sort of June in August these guys appeared on the scene the car pulled the shadow brokers as a threat actor group this is not the actual does not that actually look like this is a figure from a computer game but they took the name

the hackers took the name shadow brokers and Cheryl Burke has appeared on Twitter first time nobody seen them before with with a dramatic announcement they announced that they were about to leak a set a whole cache of hacking tools from the NSA's technical access operations group of sort of elite bad air skies of the NSA shadow brokers reckon that they had done of these guys tools including zero day exploits and they were going to release them onto the market and it was a it was a big deal not just geopolitically but also technically because the exploits affected a whole lot of perimeter security appliances 40 net was in there and Cisco was in there and juniper was

in there some like weird Chinese firewall hood like top top secure or something was in there and and from the little bit of the cash that they did release because they released a sort of small part of the cash as a teaser it was it was apparent that they had zero-day vulnerabilities and they had weaponized experts for the zero-day vulnerabilities and as a result of these people was suddenly running around like we got a patch now this is affecting us these these exploits are affecting us some of those vulnerabilities dated back to 2012 so since 2012 the NSA has been running and running around with you know ways to own up your your firewalls your

perimeter firewalls we didn't know about it these guys somehow knew about it so a lot of theories as to as to where those exploits came from and one of them were one of them was it's like some NSA contractor kind of like a Snowden type story this NSA contractor he had the stuff and he's been like carrying it out in his underpants you know one bite at a time and and eventually nice girl and then they've been like lying in his boot and since been driving after them but there's another theory in the theory that the the shadow brokers put forward this was their argument is that the story starts with the crowd called the

equation group who some of you might remember as the guys who wrote Stuxnet and lhota later flame they like the dead like that you know the big gorillas in the computer hacking space and and what shadow brokers were saying is that equation group had a staging server jump box somewhere on the internet that they were using to launch a text from so what happens they earn up this box somewhere in the internet and then they drag their tool kits across onto that box evals pentest as you've all done it drag your your your tools on to that box you launch your attack from there do whatever it is that you want to do and then you reverse out again why can you

take all your stuff with you except according to shadow brokers they didn't reverse out they left some of their stuff lying on that box and and somebody found it the the shadow broker is found it and that's how it got to be got to be leet so it's a little bit it's a little bit if you think about it like your kid you know walking home from school and like finding a limpet mine lying on the side of the road that's somebody like left there from the Mozambican war is like I look my when I found you know these guys had sort of been throwing really big bombs at each other and and one of them just forgot to pack one away

and these guys found it and they've let go look now we've got it and what they did with it was really interesting they they offered to auction it they released this this little preview of what they had which proved that the exploits were real and that the vulnerabilities were real I caused a lot of us to be running around patching stuff and then they had this much bigger cash which they were offering to publish in exchange for like ten Bitcoin or something which I don't know if they ever got they didn't and and of course now there's a lot of there's a lot of drama around then everyone's talking about like who and what and why and who are these guys

really and this is where Snowden comes in Snowden came up with the theory which which is the one that I liked which is that really who the shadow brokers were is Russian government acting on behalf of the Russian government and what they were doing is sending a warning signal to the American government about pointing fingers effectively the messages look guys yes we hacked the dnc yes you caught us yes bad us but let's be honest we're all doing it to each other and if you're going to make a big noise about it by you know attributing the hack to us we can also make a noise big noise about it and here's an example of the kind of thing that we can tell

people about you guys and your capability and what you've been up to including the fact that you've been sitting on these zero-day vulnerabilities for like what five years all right so so what's happening is really a game is like international intrigue in which the hackers are really just players right but the point isn't the hacking the point is some political objective and the hackers are just like a part of and and maybe not even the part that we would intuitively imagine they would play the point about it for us is that at some point because this is happening on the internet and involving technologies that we work with every day at the some point it leaks it leaks out

and at some point it starts to it starts to affect us not just in terms of politics and world affairs but technically people like Ellen I think you were affected by this are now spending the weekend you know patching their 14 it's because of what the Russians did to the NSA did to the you know I don't know who cyber but quit all of these guys and it's now spilling over Nets affecting us I want to give you one more example of that this is guy called ahmed mansour he's a Saudi Arabian political dissident you know stands up for Human Rights he's been nominated for what they called the Nobel Prize of human rights and he's very unpopular in

the UAE they don't like him and unlike his message he's pointing fingers at the government the whole time and they've been going at him since like 2012 he's been arrested he stuffs been stolen passports been taken away they're really really really trying to get this guy in jail and keep him in jail and in the August August this year he received an SMS like this like I I can't read Arabic either but I i read it on the Internet basically it's a message saying look we've got evidence of human rights abuses in Saudi jails pictures click here to see the pictures problem is it's not actual pictures it's an exploit against these iOS whatever it was at the

time I always mine point something and it turns out it's not it's not the first time that he's been been targeted since 2012 he's been targeted 2011 he's been talked about three different times by three different groups in an effort to get onto his phone and owned up his stuff and this time it was by this card the NSO NSO NSO group which is an Israeli card will talk about the manner in a minute they sent an SMS with the link and but what makes this sort of exceptional relatives the other times is that the the attack vector that they were using I wasn't just social engineering it was an actual exploit not just not a known

exploit a zero-day exploit so unpatched even on iOS and not just one but they had to change together 3 iOS zero days to potentially own up the skies potentially on a disguise phone and just to put that into perspective there's a crowd you guys may have heard of them called the rhodium they buy exploits that particularly interested in buying zero days and particularly for mobile platforms they've looked like a whole shopping list that they advertised on their webpage and effectively what these guys do is they come to places like this and they reach out to guys like you and they say look we're looking for exploits and we'll pay good money for those exploits because we've got buyers for

them and those buyers are almost exclusively going to be army's intelligence agencies and maybe police who desperately want to get onto very specific devices like augment one source and to even indication of how badly they want that as rhodium published a bounty for iOS 9 and they were offering a million dollars for a remote for a remote oce for an rce on iOS 9 they've subsequently increased that to 1.5 million dollars as a standing Bharti so every time you bring them an iOS 10 rce they'll pay you another 1.5 million dollars now million dollars is a lot of money and and and the point I'm making about this is so this is again this is a

government thing right this is not cyber criminals these guys don't like trying to you know trying to steal your your your credit card information so they can buy like free shirts on superb lyst they they want that guy and they want him desperately enough that they were prepared to drop whatever it is that they spent on those 30 days plus whatever it is that they had to pay NSO group plus all of the risk because now it's burned right it's art it Citizen lab has published it they prepare to make that investment books they desperately want to have that specific political geopolitical impact and like we saw with the shadow brokers NSA equation group story eventually that

stuff leaks and just like in this case we were patching our phones because of what the Saudis were doing against Mansour with the help of the Israelis right so what's happening in this political spheres of is affecting us but it's affecting us with budgets that we've never before had to imagine right million and a half dollars for an exploit like how do you go to your see so and say so listen the bad guy is a really updated game so we need to up our game exactly like a wall to be talking it's like well you know they're dropping one and a half bar us on a single exploit so I don't know what you're

spending but it's not enough so what you see is is is this cycle of what what I call industrialization where political agendas drive professionalization like we want to go to people's phones so we need to find smart guys smart hackers to to help us get onto people's phones on to their computers went to the networks or whatever it is that you want to do so they find smart guys those smart guy says look we need exploits so so they go and that creates a market with crowds like so rhodium and who these French guys whooping thank you whooping we go for cool will either right or will buy what source these will sources exploits and a creator it creates an entire

industry like an industrial military complex with his connections between private industries and government that are creating these tools training these people and I think what's really important also giving people exposure to a kind of hacking and a taste for success that I think we've never had before so like I through the pen testers young his behalf of you guys or pen testers if somebody said to you you know Johnny over their lives next door I want to be on his iPhone 6 how much is it going to cost me you'd say to him buddy it's not going to happen you know hit him on the head and take his iphone 6 may be but we're not gonna not gonna own

it right we just like when a remotely only his iphone iphone 6 and but someone somewhere in the UAE had a conversation with someone in Israel is it yeah maybe we could try and they've probably done it right they've probably run that remote to exploit against against an iphone and they've probably got a back channel and they've probably dropped their malware on that on that phone so the next time that guy is presented with a problem like you know can you get on this phone or can you own that or would you dare to do this you know those guys have got a completely different mindsets due to what we have does it make sense it's like the whole

sense of the art of the possible has changed um and and and and what that does this is a really bad picture that I drew by hand maybe doesn't make much make makes sense but but I have this theory that that what happens is is for us that kind of the normal guys doing you know cyber cyber security what happens is we we look at the landscape and we and we watch threats emerge we watch risks imagery like oh here's the thing that's coming or there's a thing that's coming we'd better start preparing for that thing and we start to understand the threat a bit better and as we understand the threat to the better we can defend ourselves prepare

ourselves a bit better and in the beginning when the threat is unknown to us that's over here this is like a god my hype cycle kind of thing that's happening when Phil is unknown to us so we're on this blue line the threat is very effective like we can't really defend ourselves against it but we don't understand it it's unknown the tools the techniques but eventually our knowledge of the threat kind of grows to the point where we said ok actually we get that thing we know how to respond to it and we can start to mitigate the threat and then over time the impact of that threat on our environments reduces until some point where it reaches some kind of

acceptable acceptable level right the problem is of if governments are running around and creating an entire market for things like like zero days and and and and a completely different and kind of precedent at art of the possible then we never reached that point we never reach this tipping points we don't know what our think we don't know how to defend ourselves against it never been in the ring with someone who's actually chained 30 days to own an iOS machines one experience we've had I don't know how to mitigate and so that so the entire kind of balance of powers is shifted by these government shenanigans I don't actually have anything to do with us but

but they have a really real impact on us and I've got a theory that our our industry is sort of silently but but quite tangibly being almost completely inverted by what's happening in in geopolitics by what's happening with I don't call it cyber war because I don't think it's quite cyber war but so the government driven cyber operations is completely changing the rules all around us and we just we just haven't kind of picked picked up on it yet and I think that's a I think that's a very scary thing and it and it leaves us with the question of like okay well where does this all go now how does this actually play out if these guys are playing in

with a completely different set of rules completely different budgets completely different sense of the possible completely different levels of human resources you know where they're hiring thousands and thousands of people and training them to be hackers with a I don't know if you guys followed the story but the British government just turned out what is it called Bletchley Park how does it pronounced laterally late lately they just they've just turned it into a school for like savant kids like they're going to take like 13 year olds out of high school and put them in this iconic historical monument to 22 computer hacking and teach them to be hackers like from high school look how do we deal with that how do we know

what that what that means for us and I think what's going to happen is we're going to see two kinds of kinds of operators emerging before I say anything I just want to apologize to this guy on the left on the right because he's actually much skinnier in real life but I had to add to shape the picture to get it to fit nicely into the boxes and he came out looking a little bit like he hasn't trained for a while but he trains every day that's like it doesn't have a pudgy face like then so what I think is you're going to get to kind of two kinds of orientation the one orientation the

boring guy on that side is it's going to be insurance oriented it's going to be it's going to be it's going to be focused around risk management effectively by ensuring for residual risk and the reasoning is going to be look we can't we as a normal civilian business a mom and topshop mom and pop drop with a you know an e-commerce site and some guys using Windows 10 and you know a couple of other guys using Android and a pause and all of these things that we've seen getting owned up all the time we can't realistically expect to defend ourselves against the shadow brokers and the and the equation groups of this of this world it's not a

fair contest we're not paying so what we're going to do is we're going to do what's reasonable what may be best practice calls for we're going to put those things in place kind of like you would do with the business on the high street and anything else that happens after that you know what I call off my broken say they owned me again how do i claim and you're just going to offset and for businesses i actually think that's not an that i think it's a it's a familiar route to take you've got a certain amount of rescue you you cover your residual using insurance and and management and leadership in the business kind of know what they're in

for and then have to worry too much about all the likes lima that that's so scary and unpredictable that's the one route I think there are other businesses and organizations for whom that won't be an option that will say look we can't insure against the kind of threats that we face the compromise would be unsurvivable for us or the consequences in would would be unacceptable and I think basically those guys are going to get badass and they're going to get badass using the spillover from this industrial military complex because what's going to happen is guys with being taken into the NSA and into cyber command and into the FBI now we've just gotten like a large-scale mandate to

basically have any hack anything that they want those guys are going to spend four years there eight years or 12 years or 20 years and then they're going to leave and they're going to join a consulting company and they're going to bring all those connections all of those tools all of that experience like all of that stuff that they've gotten from actual if you like cyber combat operations they're going to bring it back into the private sector and if you've really got something that you think I can't afford to have this thing hacked what you're going to end up doing is calling a group like that and saying hey how do we deal with it and the guys

will be like oh yeah we know those Russians and we know those Ukrainians we know how the Chinese operate will sort them out for you and it may not work in ways that we're familiar with and you're kind of seeing that already right so NSO group they're all ex-israeli signals intelligence it's it's like it's a standard mo for this route for Israelis you go to the army if you're really smart you going to signals intelligence they teach you side but you leave and you start up a cyber company and was those guys that changed the 30 days together now in this case there it's offensive operations but I think you'll see similar things happening in

defensive operations on the other side of the fence we're seeing similar things we're seeing the insurance thing happening also this guy's a guy called ed / mult very curiously the funny guy and he's a he's a he's an American politician from the 7th zone in Colorado as my don't understand American politics works but he's forwarded this boy he's proposed a bull in the states that that effectively suggests that American companies who comply with the set of standards laid down by the NIS t by NIST will receive a discount on cyber insurance so what you do is you go to the government and you say okay look I've done these 10 things that you said we should do so I'm you know reasonable

man I've kind of done everything you can expect me as a normal business to do I need cover for my residual risk and the government will say cool will subsidize that cover go and buy it from these go and bite from these 10 companies that we that we support so the offering of fifteen percent tax credit against cyber insurance provided that provided that you comply and of course the cyber insurance market is loving it their predicted to triple by 2020 and reach like market size of 7.5 billion dollars I don't actually know that's a lot of money or not I mean like we're literally speaking but it sounds like a lot of all right so those two those two models

already starting to present themselves and so I think kind of just to wrap it up there's a lot more that can be said on the subject but I've only have so much time to wrap it up i think we're sort of seeing ourselves at a bit of a at a bit of a split in the road and i think we're going to start seeing players emerging on both sides of this of the split i think in the meantime there's a lot of stuff that's still to be done here but i imagine for those of us operating in this space we're going to find our legs getting like wider and wider and wider apart as we kind of have

to decide which route it is that we want to take and that's that's me thanks very much [Applause]