 Hello, Han. How you doing? Welcome to Hibachi Talk. Colonel the tech star here. You got Andrew the security guy. How you doing? I haven't seen you for a long time. It's good to be home. It's all good today. Good to have you back. We have no guests today because you're the past guest. I'll play guest. We're there. So please grab yourself a libation. We can see we got everybody's got their name tag on it because we keep losing libations. I think we need to get one for Jay. Grab yourself a libation, pull up a chair, sit down and join us for another exciting episode and scary episode of Hibachi Talk. This is our Halloween kind of show. Last year we did a different venue of this one. But this one is going to be on the internet of things and how secure are you? We can talk about that. You've been traveling around the globe. Talking about that. Going to all kinds of different things. I also want to say a big shout out to the University of Hawaii football team. Yep. I cannot tell you how exciting that game was last week. I was at Air Force. Yep. There were 17-point favorites. 17-point favorites. Wow. Hadn't lost at home in 15 games. University of Hawaii pulls it out in double overtime. Yeah, and they were coming off a kind of upsetting loss at UNLV. They could have went the other way. They showed up and kicked butt. I tell you, I have not been that excited in a long time. Good. Shout out to her. Your grandson made a big play. Your grandson did well and the players did well. It was a team effort. You know, they have a lot of good players on the team. Sure. And when they all get worked together, they become a great team. And that includes the coaches and everybody else that was doing it. Sure. It was so much fun. So much fun. Nice. Great time. Great, great, great time. And it was in Colorado, which was a whole other experience. And that would be an off-air conversation that we'll have. Anyway, so great to have you back. I want to talk about what you've been doing in the area of security and traveling around the globe, pretending you're working. Yep. There's some of that. But first we got, this is a scary show. We're going to talk about UNLV got one tech job. Okay. Which is always scary. Which is always scary. But this one is a kind of, we're going to spend a little bit on it. But look at this. You want to be a computer security career path. So you want to be a computer security expert. Now you have two options here. One is you can go path one. You can become a forensic analyst. You can become a forensic lab director. Then a chief security official or chief security officer. And then you become a highly paid security consultant. That's 20 years. Right? Yeah. Now there is the other path. Yeah. Which is not bad. You can be a hacker. Yeah. Which makes you a criminal. Then you can get caught. You can get caught. Become a convict. And in two years. Then it can be caught. Yeah. How long have you been in the business for? For 14 months. So you decide which tech job you want. So Subaru, right? Yeah. The big anonymous guy that got busted. And Michael Midnick. Yeah. Michael Midnick gets ... he did about six. Six what? Years or months? Yeah. A month. It's a much faster path. Yeah. Six years. That's for sure. It's a much faster path. That's for sure. Anyway, that's the kind of, there's your, you know, got one tech job. But you got one tech opportunity. Okay. So are we getting advice? Or are we just highlighting? this is an educational program because the kids are out there you know there's a you saw that you saw that they probably bring some money in for the that apprenticeship program it's in IT so there's a lot of a lot of stuff happening so pick a path if you're gonna hack just be a whitehead yeah be a white hat don't be a black hat I'm getting caught so so what have you been doing you've been gone forever I know you were you were you were you were presenting and speaking some is so what were you speaking on watching so we had a PSA which is a PSA security network which stands for had PSA PSA I don't know it's called PSA I'm sure it meant something it's 40 years old the PSA network is the group public security no no it was provided in professional securities association something that's way back when you just nailed it I think it might have been yeah okay the um I should know these things no I'm scared so we Halloween so we had the but it's a owner that's a big buying who you're right so I think it's only thing globally like it right so it's a buying who he about 130 members from across North America I think I've talked about it before yeah we bought about a hundred million dollars worth of product this year yeah so really guys that you're just PSA you're a little tiny company no no PSA network the whole group yeah which is a lot of products so we were responding for a mind was on the so I'm I chair the cybersecurity committee for the PSA security network okay so oh oh look at that isn't handsome looking oh lord yeah lord love a duck that's all that that that tells you what I was gonna talk about anyway that that's you oh this so that's a little promo video they made when I was up in Denver last time but anyway they made a promo video yeah did we get any money no oh jeez well look at that I know what promoted them not us okay it was like it was just about that it's about what I was gonna talk about okay I think they were see they're trying to get people to come to convention which was you yeah I'm a draw I mean it's me okay yeah no the let me think about what we did sorry but no it's good it's good the the focus of the conference so our whole industry is working on getting to be everything as a service right so hardware as a service software as a service physical physical security as a service access control as a service blah blah blah all of it you've seen remember how we migrated your system recently into the cloud right your video surveillance so so that's a big thing except the problem is it's freaking expensive right so these these money guys come in and tell you how to show me how to do it for a rather less expensive way yeah you had a you had a good deal friends and family discount but the industry itself so these these investment banker guys come in right to tell you how they bankroll the stuff what's valuable about it when is it valuable and you talk about scary these guys will fund $25 to earn a dollar they think that's a good well you know we're so you're there with these investment bankers speaking on stage with with what Hillary Clinton because she gets $250,000 for oh no I didn't know for her talks to the investment bankers she gets a quarter of her mill so you must have been at least like what no I didn't get anything $2.80 no no no no no so the I don't think those guys do either I think they sort of pitch their services and stuff while they're there okay but I that to me is scary like honestly they're talking about laying out systems out there that and these models are sort of built on the way the the security intrusion detection you know I ADT on them guys right right and you know and they don't really aren't interested until you get let's say about a quarter million dollars a month of monthly revenue coming in but at that point I mean they'll truly loan you 25 to 1 on that money 25 to 1 on that money so so but what did you speak on what did you so so we did a couple days of all this other finance but but this cyber security such a big issue in our industry right so that they as the chair of the committee they just wanted an update on all the new tools and all the stuff that we've built since tech was back in the spring and we introduced tier zero so I've got a way to I've got a cyber mature of maturity modeling tool now I've got a big mapping tool that allows you like say you're going to be working under FFI EC or PC here you go with acrimonyms yeah that's a federal you got you got federal financial information I don't even know exchange yeah so those guys have have parameters right remember all these stuff we've talked about the cyber security framework we talked about the this what was the sands now the CSC top 20 right these all these technical controls right so you want to understand if you're going to implement something the sort of controls that they're looking for in that particular so so I've got so I've got something so I have a I've been you know I do a little homework so there's a nice you know so there's you know there all these hacks that have been happening there's been a lot so I now have access to a monthly report that will give me what the hacks that happen every month wow in detail it's a long report it's huge and that's the scary part Europe or is it international or it's focused a lot on us but if it's a big one and it hits outside of the US they'll also put that up there so anyway you know the motivation behind the attacks and I've got a slide we're going to bring up and show you like you're talking about this this is the kind of things so so why are people hacking or what what's happening so leave it so 80 80 percent right now and I'm going to give you a prediction in a minute 80 percent of the hacks are cybercrime yeah but the other one that's interesting is is 11.3 percent is hack division and that's that's the that's the anonymous block at ISIS and stuff all that kind of stuff and going in and DND getting the DCC get them a democratic Nash DNC yeah hitting DNC and all those that I my prediction is next year at this time when we're doing the show if we're still doing the show if we're so lucky to do the show that's going to be equal to if not more than the cybercrime side I really believe it I think it's definitely going to grow up that side you're gonna see because you know why where do you go now to get the truth and what's going on from a media perspective I it's a shame right now that I feel that I'm getting more truth in what's happening it was a for example in this political genre the races that are going on I feel like I'm getting more truthful information from the hackers than I am from the mainstream media the mainstream media are spinning up stuff from all over the side at least I can go in to various websites and we'll talk about that in the second half of the show about the deep web and things that you can find but I'm going into that those size and finding more substantiated information about what's going on that I can get from the mainstream media and we're not mainstream media so from us you're going to get the truth the whole truth and nothing but the truth so help you God because we can say God on this station yeah and they'll definitely get what we dig up right and so I mean I'm with you they're like I don't I don't actually don't pay any attention to mainstream media I just not I don't if it's a trust issue but I don't care about this it's blabber it yeah and like they put out stuff and they cut and then they correct it forever right I'm just get tired of hearing it so yeah but I read you know we read Krebs you know Krebs is a great a great resource right he's his homework is very well done he's you know nationally we know known right and again the guy like him not doing it to sell stories right you know I'm saying he's doing it because he got looking for eyeballs so they can get people to watch the commercials so they get advertising money and all this kind of stuff where you know the the the hackers have altruistic kind of reasons to doing all those reasons there and some one of those reasons there so that's why you're seeing that I like that hacktivism kind of term of activism it's hacktivism yeah and they and so in the in very effective tools I mean they've gone after several different industries and shut them down you know and you know for periods of time right because nobody can afford to keep a big attack up for a long period of time right and then also the longer it's alive the easier it is for the people that are watching to figure out where it's coming from where it's coming from so so so speaking of that and we're gonna talk about in the second half we'll talk about some of the things that have been happening but I got another graph that shows okay oh where are they hitting you know where where are you know where are the distribution of targets you know we talked about we announced it on this show months ago it's health care yeah health care is the number one target oh and by the way your Obama premiums are going up 25% are they yeah the you just blew that oh well I mean it is this we got to pay I'm just thinking everybody's health care that's all so I wish it didn't cost so much but I think everybody needs it okay I agree I don't know I don't know if we're doing it the right way and all that kind of stuff but you know we have to have a health care show but don't we give it to them anyway like in other words if they get run over in a street you know what I have people that I know that work at the various hospitals in town and when people come in and they have no insurance and so on do you think they get turned away no absolutely not so do you think they get the same services you and I get yeah absolutely yes and so they don't end they're not carrying around their Obama care card yeah so so they do but I mean that those expenses get passed on to all the rest of the you and I yeah yeah so so we're paying so let's get back to hanging out we're gonna I'm with you we digress so but but no health care health care is big and health care is big for another reason because thinking about denying health care services right so if I if I would for it well first of all they're what they're talking about is Steve I think Stephen records and there's they're very valuable because there's a lot of what things you can do with them well here you know so and here's an example so and then we'll hit some more in the second half but I'll give you a couple of a few a couple of few couple of few these are them these are a couple of you so here's like yeah and this is this is fresh off the boat or fresh off the press fresh off the press hackers from Russia Newsweek suspects that Russian hackers are the blame for a crash of its website after it publicized or published an article about Donald Trump's company secretly conducting business in Cuba in the 90s so the Russians came in and they're very very open for hire yeah very open for hire that's that's your cybercrime right these guys are I mean they're out there you just can't do whatever you want and leave it I like these guys the Vendetta brothers you know we've talked about point of sale systems on the show too you know yeah point of sale systems when you're going into these stores you're hoping and praying that these companies with their point of sale systems are making them totally secure well what do you think I if you swipe the card that's a problem and there's we're still swiping cards yeah and so you know the and we showed people we had that episode where I showed them what those machines look like the ingenico right you know what to look for alright there so you got that the point of sale stuff and so on and then there's um you know so the researchers in Palo Alto have found some stuff there's a thing called complex it's a sophisticated sophisticated piece of software that's now attacking Apple OS X so everybody goes oh well I've got an Apple product you know we're the most secure there is no well wake up same with Linux they're all they all find wake up I don't care if your windows Apple yeah iOS any of them you are susceptible and you better be locking stuff down as you most certainly and possibly can't so yeah hold that pause point it pay some bills point of pause we have to go get Angus and Angus dressed up for Halloween nice so we got to go get Angus and we got to go pay some bills so we'll be back in about a minute a minute very good Angus and learn from scientists around the world scientists who talk about their work in meaningful easy to understand ways they'll come to appreciate science as a wonderful way of thinking way of knowing about the world you'll learn interesting facts interesting ideas you'll be stimulated to think more please come join us every Friday afternoon at 2 p.m. here on think tech Hawaii for a likeable science with me your host Ethan Allen hi I'm Donna Blanchard I'm the host of center stage which is on Wednesdays at 2 o'clock here on think tech on center stage I talk with artists about not only what they do and how they do it but the meat of the conversation for me is why they do it why we go through this a lot of us are not making our livings doing this and a lot of us would do this with our last dying breath if we had that choice and that's what I love to talk to people about I hope you enjoy watching it and I hope you get inspired because there's an artist inside you too join us on center stage at 2 o'clock on Wednesdays by Aloha I'm Carl Campania I hope you please visit us this summer it's a wonderful summer it's actually a cooler summer than we're used to but I hope that you come back and visit us and watch our show education movers shakers and reformers here on think tech Hawaii it's at noon every Wednesday see you then Aloha and welcome to the Savvy Chick show on think tech Hawaii I'm the weekly host at 11 a.m. Honolulu time very excited for the next six weeks we have the Aspire series which is all about the coolest careers I could find and interviewing and getting insights from these amazing people who want to share it with you and help you live your dreams look forward to seeing you on the show Aloha please join us at think tech Hawaii my program is Asia in the real on my next program is on November 17th Thursday 11 a.m. this is Johnson Choi your host Aloha welcome back to a bachi talk Andrew the security guy almost here a lot of me's here a lot of me's not but Angus is with us we got him off the beach and he's got a buddy on his head I like your outfit you're in election mode it looks like you lost some weight yeah I'm just a shadow of my former self I can see that you know even you're kind of kind of peckish yeah it's me it's me Angus mid-trump so anyway I got some scary news for you wait it's kind of scary news and then get my scared I get a wee bit of a health care security minute okay okay and we got you know and we get this from our good old friends at Paul box anyway you know another fishing attack happened in the hospital base state health base state health puts 13,000 patient records I they got nailed 50 bucks each what's that yeah yeah well who that's a wee bit of money a lot of money I know well you know you saw you you got no got one tech job you the opportunity knocks anyway so you know I always have a wee gadget of the week and I'm getting really pissed off you know these security things are available and no was using them we know what it's like it's really really really aggravating the hell out of me what what do you got for me a couple things and you know about one of them but the one I like is this extra hop-up clients we had one in Hawaii now we put it on some of them the businesses here and we found all kinds of issues and we're able to solve the problems good and then you've got the other one for the cameras right the cameras I don't know I don't know it wasn't a denial of service attack last week yeah there wasn't a guess what where they say it came from a lot of iot devices particularly a lot of cameras that was that was what was happening so we gotta make sure you look at America again we gotta fix all this security stuff yeah we got to get people to configure them properly right they just leave the default passwords we've talked about that like ad nauseam and there's guaranteed there's millions of matter guaranteed so remember so one of the things to make America great again you know it's fix your security devices and make sure that I got all the past yeah read the manual read the manual oh my goodness please read the manual so anyway this is Angus mctrump telling everybody remember lay your wing gang free where area B that's amazing Angus Angus mctrump bringing us some iot advice right there it's good for you because it's a scary thing when you're getting it from Angus mctrump that's all I'm gonna say about but it's good to get it wherever you can get it nice to see you floating around thank you well you've been a traveling man so you've been all over you've been you've been traveling all over the place and and doing all I'll tell you a scary fact though all this education I've been doing for about two years now for right within the industry right so we did I used that poll anywhere thing did took some polls I was talking okay and about still 60% of our integrators haven't started 60% yeah I haven't really started a program internally for their organization even especially after this most recent hack yeah and and about 70% of them think no about 70% were were motivated to do something after my presentation they said so we're gonna poll them again with the same questions yeah in the spring see if they did something so how many do you think mr. floating head will what third of that 60% I would love to see it come down to 40 yeah I'd like to see a third of them this time next year moving yeah by spring I mean we've got we've done so much work now and it's not as scary as the problem is we don't have to be scared of it we can definitely harden the networks up these tools you just talked about are great examples there's a lot of work that's gone on today to help you know businesses especially get there's like cybersecurity hygiene squared away others I mean all they got to do is track that's true and you know a good example is you know that you know the the things that we are finding on with using tools like I know those are awesome so but I want to talk a little bit now it's kind of like you know we talked we've been talking about the physical security aspects cameras you're making sure you've got your routers and switches and all those kind of things but I want people to understand that you know there's an aspect of the worldwide web that they may not realize that's out there you know you've heard things like the dark web the deep web and the surface web and you know and maybe they haven't that's right and so I want a lot of people don't know I think I thought it was gonna be good if we kind of just talk a little bit about what those are so I'm gonna get Zuri if you can throw up a tour count of the worldwide web and it shows two little chart so it's a chart with a couple of things on it and one shows the visible surface web and that's the web that we all know about right when you go to Google and you do your searches and all kind of stuff like that that's just standard web that you see but how many people realize there's another web out there and it's all it's there and it's in the invisible web and there's different flavors of that invisible web and so you know and there's there's there's free stuff and then there's all kinds of hidden stuff and so on so there's that aspects of the web that I want to kind of go and kind of dig a little bit no pun intended or maybe pun intended deeper into that side of the web and you and I have talked about this before I mean when you look at things like the surface web which we all use they're saying right now that when we're out there doing they being the experts the pundits and so on that are in this stuff when we're out there is doing searches in Google and Bing and all those kinds of things we're probably getting about 25% of the real content that's out there there's a lot of stuff that's not picked up because of the deep side yeah it's not searchable sure it's not searchable it's encrypted it's it's been hidden it's licensed it's like so that's we call that level one yeah so you're all sitting out there doing your stuff at home or at work and you think you got everything under control and so on but then what about level two there's another level of it level two which some of us probably know about that level two is the stuff that's blocked by governments right you know you go to China I mean when I was in China I tried to do some stuff on Amazon couldn't get there there's a whole bunch of things now I found some workarounds in the other side of the web that China wasn't blocking that allow me to do certain things and such but that that's sitting in there but a lot of the stuff that you find in that level two is illegal yeah and there's a lot of content filtering right so they're just they're just flat out blocking whole domains or whole services or whatever so there's a lot of that in countries do it corporations do it there's there's sort of like reasons for that right I mean in some instances there's some reasons that are legal and there's some reasons that are not and then there's you know there's the still you know still the number one driving industry throughout the worldwide web no matter whether you're on the surface side of the the deep side is still pornography and that's oh it has been shared porn is porn is paid for a lot of the development it's amazing it's been around since the beginning of time we're on here today on this program because of the porn industry trust me all this broadcast that we're doing is all built is all the result of all the stuff that the porn industry pioneered okay I thought you were bragging about some of your past no I couldn't sell trust me that would be a well man I know you yeah we don't want to talk so then there's you know that there's the deep web and we've again we've talked now we're getting level three and that level three is where you kind of really get down into the into the dark weeks and the dark side you know and tour browse you use to our browser yeah I do too you know what I'm doing yeah I use a lot yeah I use it more now than I use the than the other browser and Google and all those kinds of things you know and that's a free one and it but it doesn't track where you're going and it's a little bit more safer but it's also designed for those that want to be hidden and not caught in what they're doing so you know you can do the if you use the tour browser you can do a lot of illegal things you can do a lot of obscene things you'll find a lot of really the content that you pull up our stuff the content you put with shock a lot of people if they start to use that and and and Google thing Google common words you may Google that when you Google there you're going to get this content that you're talking about you don't normally see you just get access to you just nailed it so if I could do a search on let's say engines and what I get out of engines is you know totally different oh yeah and more diverse than what I get if I just did it on Google sure it's it's really it starts to get even more scarier sure it's a scarier stuff then we got the next one coming down which is level four which is the call we call it the charter web which gets really started deep as it really gets into more advanced government research kind of stuff it's the black internet it's a lot of black stuff and so on and then we'll go down one more so my whole point is this is the Marianas web which is really gets really kind of deep and then my point here and Julia sound how do you say his last name I sound sound and other top wiki leaks people so this is the wiki leaks people that are using this part of the web to start distributing things that are going on and then my other one is my favorite one and I haven't been able to get into this one so I is is the it's conspiracy theorists okay level 68 of the fog and yeah it really gets down into the real kind of like weird stuff that the conspiracy guys and girls are thinking it's happening so again my point of this show is it's kind of scary Halloween show but scary you you as our viewers and you as business owners and you as chief security officers and you as CFOs COO's and CEO's you better come on wake up to this stuff because it's you're you we have the tools and they're not doing it yeah so they're in I mean there's a lot of I I'm one of these guys that believes that I don't I don't believe tour is as secure as everyone thinks it is from the eyes guys know how to get there's well in a say I just think there's been some people some of the arrests we've seen I think where they got their evidence but you know they're not gonna open it up the rest of us right and for so far by and large unless you're doing something wrong it's it's it's very secure I don't have to worry about and if you're doing something very very wrong then we are to wonder about your security grab you anyway believe it or not we burn through another on yeah we don't we burn through another well look you're I get my body you're just a portion of yourself we started the show you know this is like you fade it away yeah it happens yeah it happens anyway um we want to thank our we don't have to write a cup number no cup number it was 90 some odd I think about the show the next I know cup number anyway please be safe secure your systems yes attention to this or I'll say wake up to it have a safe Halloween and as we say thank you so much for helping us pull this up as we say at the end never show how you doing