 We got Judy Towers coming to speak to us next. She's going to be talking about subversion and espionage directed against you. Really cool part of the blue team responsibilities. Good afternoon. This is a lot of people. Oh, louder. Good Lord. I'm not used to. There we go. I'm used to yelling this in a theater. Mom was in the army. Who are you? Will it grant you served in the military? Raise your hand. Okay, cool. Army? Who? Okay, the rest of you, okay. Those that have been in, you know why we do that, right? So what I did is this a presentation as a counterintelligence agent in the army that I had to give to every new incoming soldier in the unit. It was called SEEDA, subversion and espionage directed against the army. And you were targeted just because you wore the uniform and you had the flag on your shoulder. So I think what I've been saying going on in the recent events made me realize I have to redo this. This is why I was an agent. This is why I'm in cyber. This is why you guys need to be aware of this is going on. You are targeted. Why is it individual? And it's not because you're in the military, it's because your job. And the businesses are targeted just as much as DOD in the military are if you're paying attention to the news. And I want you to be aware it's you by yourself that they're targeting. It's not your team. It's not your SISO. It's not your organization that go after you as an individual. You'll see some of this and what I'm going through. What you see on the screen is a movie. It's a scene from the movie called Bridge of the Guides. It's based on a true story. There is such bridges. I've been on them between when I was in, there was a Cold War. And I've stood on the bridge on the country line between Czechoslovakia and West Germany. And these things did happen. We did do trading across bridges. It's a very good movie and it's based on true stories. So what got me passionate about doing this is a couple of years ago I went to Derby Con to the Red Team Village or the Social Engineering Village. And I thought social engineering was such a generic term of, ah, when I was social engineer, you know, whatever. Well, a couple of the pen testers were talking about events that they had. He was at a bank. He was told to go get into the server room. He had, and just that was the pen test, be in the server room of the bank. So what he did smartly is he went out to the district banks and he got there early enough to profile all the workers as they went in. And he found out which teller he was gonna social engineer, right? So he walked Sam with a nice pair of khakis, but down shirt. And he approached Charles, wanna make an account. She goes, sure, let's go over here and talk. So they sit down and start talking. He goes, you know, I can't go to the bathroom. She likes shirts down the hall. When you're done, come back and get me. And we'll finish this account creation process. He waited so long, she got distracted, did something else. He went to one of the empty offices, sat there for an hour and started hacking the network. Nobody bothered him because he looked like he was from the home office, right? Business attire, home office does show up. They do do that kind of thing. So about an hour later, the bank manager walked in like, who are you? What are you doing? And that's when they realized he was hacking the network. They fired the teller because she didn't follow up with him. That made me mad. You didn't train her right. You fired her for the reasons you hired her. She was customer focused, outspoken, open. Are you gonna hire an introvert to take her place? Oh, you're gonna hire the exactly same person, right? But you didn't train her to be aware of her own vulnerabilities of what she was. Her personality was used against her. And the pentester, he was upset because he lost her job because of what he did to her. Now, he feels fine to a degree because he did his job. She didn't do hers right. But he profiled her and understood her vulnerabilities and used them against her. That is espionage and spying as I was taught. That's when I was like, oh my God. And I'll give you some more stories that should scare you about pentesters. Just to let you know, when I was in the Army, I didn't see any of those guys. And I didn't ever see that either. So I feel like I missed out when I do it over. But that is not the espionage that you're gonna see. That is not the spying that you're gonna see when it's targeted at you. This is a very good blog post. This is also impassioned. It made me motivated to do this. Instead of doing security compliance training that you get one hour once a year and you go back to your desk and start clicking on all the links and everything else you're not supposed to do, we need to change your behavior. We need you to be trained to understand what are your vulnerabilities? What are being targeted? I need your behavior to change. And the three things, motivation, ability and trigger. This is an excellent, excellent blog post. This is what we should do. This is what our training should be for compliance. It should be behavioral change, not a compliance thing. I would wanna throw this up there because this is what we need to do is behavioral info sec instead of security awareness. Because the security awareness is not working, right? We're still clicking on the links. We're still telling everybody their information. You're still putting all your stuff out on Facebook. We're not changing behavior. And this is one of my favorite, favorite sayings from Edward McCabe. My zero-day exploits are your employees. He's a pen tester. He's very good. And I've talked with him about what I was learning and he's like, yeah, this stuff works. This is how we do it. This is how things are being done. So it's very, very interesting. What I want you to do is become enlightened about you as an individual. Your syso is back there. Coach, please say no, say no. But you, when you're faced with it, you're by yourself and you're probably not gonna be at work when they approach you. So you're not even self-aware that it's work-related. It's probably out in the bar, your neighbor. You'll see. Why social engineering? Because it works. I didn't seek, if you follow her, I recommend you follow her on Twitter. She openly talks about how she is able to do what she's doing. One time I saw what she was doing, she said, I showed up my hands dressed nice. She's a woman, she's pretty, she's young. Showed up at a business where they were doing a pen test. Showed up with donuts or something in her hands where her hands were too full. She had a fake badge on. Hey, can someone help me open the door? I can't get my badge on my hands are full. What do we do because we're so nice? Oh, let me help you. They didn't take the donuts, they opened the door for her. Let her in. Follow her on Twitter. She talks about all of her exploits. It's very good and it's very true. But what caught my attention was the lockpicking, climbing over walls, hopping bar bar fences, dumpster diving, and really cool tools and gadgets and pretending to be something I'm not to get information. Those were the exact same things I was trained to do as a counterintelligence agent. The exact same things. Except for I didn't have the cool gadgets. I had a manual typewriter in the woods in Germany, and I got frostnip on my fingers to type reports it was snowing outside. That's how cool my gadgets were. That's how old I am too. But follow her. If you wanna learn what red teamers are doing, follow, she talks really good information. It's awesome. And she is doing exactly what I was taught as an agent, as a counterintelligence agent. And I love this saying, there's no patch for an untrained user and even an experienced security professional who forgets in the heat of the moment to follow what they've been taught. That's exactly it. Like I said, most of the times when I was in Germany and the terrorists did target our soldiers, they targeted them in a bar when they were drunk. They took him out. One of them, they took an airman out in the back. They killed him to take his ID cards so they could put a bomb on post the next day when everybody was doing PT in the morning. If you remember that in Ramstein. They took an air fort. They took him while he was drunk. Got a girl to talk to him, meet him out in the back. That's when they killed him. He was alone. Nobody saw this. So what I'm getting at is this is what they will do. You will be alone most likely when this happens. I'll give you more stories. Follow Chris Hagley. He's the one that has a social engineering village. I loved it at Durbikon and Defcon. Any act that influences a person to take an action that may not be in their best interest. That covers everything. A whole lot. So if you have classified information, you follow victim to that. If you have sensitive information, you'll follow victim to that. And one of them will do some is they will use you to get to the rest of it. You might not be the main target, but they will work their way through your network, just like a pen tester would, right? Just like some other hackers will, but they'll use the human to do it. How many of you are pen testers and I'm not gonna ask you to raise your hand? But if you can't get through the network, the network is so tight and you can't get in. What do you do? You show up in person. I know if you're gonna nod your head, I know. But you'll show up in person because you're gonna start using the people and their vulnerabilities, you're still gonna get in. This is one of the stories that kind of horrified me. I didn't realize pen testing went this far. But Chris Hagley had a panel and we could ask the pen testers, how far would you go? How far would you take this to a social engineer or somebody? And they asked him, how far would you use your sex to do it? And a nice young man, he stood there and he goes, look at this. Who can deny this? And I swing both ways. I walked away a little horrified going, that's a pen tester saying he's gonna use his sex or sex to get what he wants. That is nation state. That is China. That is Russia. That is nation state. And if a pen tester is gonna use sex to get into it, then my God, you guys are not prepared at all. Just saying. But this is the other story that horrified me. The pen tester goal was to get the sys admin's user ID and pass for it to the network. One individual, they had to hack him. He was the target of the pen test, one individual. So they profiled him, they looked at his social media, they saw that he liked the women. He was married, his wife was recently pregnant or just had a baby. They had a beautiful woman on their pen test team that was a lesbian. Asked her would you be willing to get into sexy clothes to compromise him? She said yes. So they sent her in. She struck up a friendship with him from work. I'm not sure how much longer after they met before she got him to meet her at a hotel room. He walked, she walks up to the hotel room, they got pictures of that. He walks up to the hotel room, they got pictures of that. He opens the door and she made sure she was in the sexy lingerie in the doorway with him in the doorway. They got pictures of that. He walks in, shuts the door, and she goes no, I'm not gonna get it. Walks away. I don't need those pictures, right? So the next day, they sent a note to the CIS admin and said we want the domain user password, network password, and he said no. So the next day they sent pictures of him at the hotel with her in sexy lingerie and said we'll send this to your wife and the CISO, give us the user ID and password to the network. He said okay. One test over, we have one. Now where did I have to know when to look the code? Where did I have to know your network? Where did I have to know anything? I just had to know you. And I know you by your social media and what you were doing online. And they used that against him. I was horrified when I saw that a US company would do that to a US employee, but that's how close they'll go. That's just pen testing people. That was just a pen test. They were willing to compromise his principles I don't care whether he was willing to do it or not. They were willing to go to that part, right? Who's gonna deny this and they swing both ways? You were not prepared for this. You're not aware of this is gonna come. And I asked the pen tester, why would you go to that extreme? They didn't tell you to compromise his principles or go after him. They just said get the user ID and password to the domain and the network. He said I did it because they didn't have any protection for that individual. They didn't have any rules. The CISO didn't have anything to protect him so we went after him as an individual. They won. Pen test over. I was horrified. Sorry. Espionage has been around since the 1700s as you saw. Honestly, I didn't realize social engineering if you saw from the last one it's been around since 1899. I thought it was relatively a new term because we all say we've been social engineered. If you're gonna fire me and say I've been social engineered, I'm gonna challenge you to go, I was spied on, espionage, trade craft. But social engineering to me is too, it better be something bigger than that if you're gonna fire me for that. Illegals spying. If you guys are paying attention to this back in 2010 we sent 10 illegals back to Russia. And I'm gonna show in a video in a minute. And unfortunately this ex-CIA officer I really hate to see fellow officers, fellow agents caught with spying that he got caught in January and Shanghai handed over some information for money. But the illegals, they look like your neighbors, don't they? That's what they were. Nobody noticed. So versions have been around since the 14th century. And this is one of my favorite ones, Castersea, you guys probably have heard the news, right? It's a Russian owned company and not Russian Putin that a Russian ex-KGB officer owns the company. NSA had a Chinese national that he was spying and he bought home from NSA documents that he was gonna send over. He installed them on his home PC that has Castersea antivirus running. Castersea has certain things alerts when they see certain files to alert them and they took a copy of his stolen NSA documents and it got sent to Russia to Castersea. Amsterdam was apparently watching it and they're really mad at us now because we gave it away and told them that Amsterdam warned us that they had our NSA exploits. So this was like a level, level, level, level. But if you've noticed, the government is now saying Castersea cannot be on any of our PCs, all of our servers, any government machine cannot have this software installed because they have a back door that can take information off of it. It's built in. It's kinda cool. Uber? If you guys noticed that Uber recently, this is US, American, American spying on each other. Uber had employees over, I think it was Lyft, if my memory serves me right. They had people in Lyft gathering information to see what the competition was doing. This statement is by the legal team. So to be clear, to the extent anyone is working on any kind of competitive intelligent project that involves the surveillance of individuals, stop it now. Well, surveillance of individuals is spying, that's what I did. Same thing. So he's telling them, please stop doing these espionage spying efforts of our competitors. We're better than that. But I want you to be aware that it's not just nation state that it's going after what you have. It's business on business. This is, business, always does this, quit it. Med Robotics, this was in the news also. This is a Canadian, Chinese national. He, the company Med Robotics makes body parts. They're here in the US. China had tried to been making deals with them, trying to talk to the president. We want to be a part of your company. Well, he knew what they wanted is they want all their blueprints for the body parts and they would go make them over there cheap or whatever, they'd be competitors. So he kept telling them no. This man showed up one day at the corporate headquarters, the CEO was walking out. He saw him in the conference room. He had three laptops open. It's about five o'clock in the afternoon. He had three laptops open and he was working his inner by himself. So the CEO walks in and goes, can I help you? What are you doing? And he goes, well, I'm waiting for the CIO. I got a meeting with him. He goes, well, the CIO is not here today. Oh, well, I'm waiting for the CTO. Well, he's out of the country. Oh, well, I'm waiting for the CEO. And he goes, that's me and I don't know who you are, called the FBI. And that's when they found out he was in there trying to hack their network because the owner of the company would not sell his secrets to China. They wanted to try and steal it. The one thing that's really interesting, I had to say this up here, the lawyer that was defending this man, he was struggling to accept the fact he was no longer brilliant. That was his defense. Hope it worked. But he was a Canadian Chinese national and he just happened to be sitting in the conference room. Easy breezy, right? Just walked in. Nobody stopped him. Want you to pay attention to the couple right here? I wanted to show you a video real quick. We're gonna try and make this work. He is the most sophisticated enemy in the world. Supersecrets for us living next door, they would like us to speak through what we do. Now be a minute. This is Elizabeth Page. Hi. What do you do, Sam? We are here to make sure I don't do anything. We're out here. We are here to make sure I don't do anything. There we go, there we go. All right, sorry. Americans is a somewhat sensationalized version of Soviet espionage in the United States. In fact, most Soviet spies in this country were Americans, not Russians, posing as Americans. And they didn't engage in murder, kidnapping, the kinds of dramatic episodes that appear on the Americans. The Soviet Union had two kinds of agents in the United States. The first kind were legal officers who would be attached to the embassy or consulate. Then there were the illegals who people that came to the country, into this country illegally and lived as ordinary Americans. The couple in the series are illegals. That is, they are Russian citizens who are in this country illegally posing as Americans. They have jobs and they spy on the side. When the Soviet Union recruited illegals, they were looking for people that were ordinary that could blend in to the United States. One of the advantages of recruiting people for the United States is that this country has a very diverse citizenry. So even somebody with an accent, say, can still pose as an American. The most important job that the illegals performed for the Soviet Union was to serve as couriers. The advantage of an illegal is in the country illegally. The FBI doesn't know who he is. He can meet with sources, pick up espionage material, and then he has to meet with somebody else to transfer it. But it's the anonymity that's important. Occasionally couples would serve as illegals. There were instances where you had couples who were not illegals. They're actually Americans spying for the Soviet Union and the Soviet Union then attempted to recruit their children as spies. The Senate started a program to develop second generation illegals. They weren't paid to be. The illegals were not executed. The United States and the Soviet Union had a kind of implicit deal that they didn't do that sort of thing, which is also why one of the themes of the Americans are all these assassinations and so on. It occasionally happened, but it was quite rare. And certainly not in the 1980s. Countries never cease to spang. And Russia has historically used illegals. No doubt they will continue to use them, but they're very expensive. And it costs a lot of money to train them and it costs a lot of money to maintain them. This couple right here that you see, can you hear me? The couple that you see on the screen, that's what the movie was about. They were a New Jersey couple. She was an accountant working in the Democratic Party of the United States. He was a stay-at-home dad. He was the courier. They'd got pictures of him going up and down stairs in New York City having his hand out and someone else passing off the information. That's how they caught him. His name is from, I think it's his name specifically, is a child that died like 100 years ago. And he used that name, and that's their name as a couple is in the US. Nobody validated or verified it. They're illegals, right? They didn't have to register. But she was an accountant and he was the actual courier that was spanning the information over to the other side. Let's do this. And this was interesting to me. When I was being trained as an agent, I was not told that this is one of the reasons why we do spying. But I thought it was very interesting is that by doing the spying, we have probably have stopped World War III from happening. We understand when you're called. They understand when we're bluffing and we understand when they're bluffing when they're saying and doing something. That's one thing that is a benefit of spying. So I'm not telling you to go do it. I'm not encouraging you to go do it. It is against the law. But what they were doing, what we're doing is probably is gonna stop World War III, but please don't take that as initiative. So that's why you're gonna do it, okay? I promise it won't work that way. And then North Korea, this is I thought was a very telling statement. If Warfare was about bullets in oil until now, Warfare in the 24th century is about information. Spying is so much easier now because I physically really don't have to show up anymore. Only when your network or your system or your data I can't get to, will I show up in person just like a pen tester will? So this is easier now to get this information than ever before, just like the NA spying that he put it on a thumb drive, took it home. I think he encased it in something so it could get through security. I don't know, somebody told me a cupcake or something like that when he went through the jump drive, he put it in there and that's how he got through security. Nobody noticed he had a jump drive. That's how he got it out of the NSA office. Trust but verify, 1986. That is a Russian saying, not ours. That is Russian, not ours. And so President Reagan, he really enjoyed it so much that he upset Gorbachev when they met because he said it to him all the time because he was practicing as Russian with him. Gorbachev kind of got annoyed with it. Thought it was kind of interesting. But today, be with the blockchain way, don't trust and verify. Because of our technology, because of our information, the way we trade it and we send it around, share it, I physically don't have to show up. You don't have to validate what I look like, who I am, I can be anything I want on the internet and talk to you, create a relationship. And if you've seen the news recently, there was a Playgirl, Playboy Bunny. She was social engineered by a hacker. She fell in love with him. And you know, but they had a relationship online and she finally realized he got taken in and arrested and that's when she realized he was social engineering her for whatever reason. I guess for pictures, I don't know. But I don't think she had a whole lot of code to share with him. If you recognize Maria, just two days ago, I talked to the Jack Bardsky. Did you guys see him over there at Mandalay? He was signing his book, his next KGB spy. He's in the US, he wrote a book, he's on a speaking tour, he's a famous guy. He was a spy during the time that I was, so I thought, I gotta go meet him. And so I went up and I'm like, hey, I was a counterintelligence agent during the same time that you were a KGB spy and he goes, hey, comrade. I'm like, whoa. And a friend of mine was like, hey, can we take a picture of you two together? I'm like, no, no, I don't know him that well. But anyway, he was signing his book, I had to have his book, right? And so he was signing and he actually sat in there to a comrade and he looks at me and he goes, what is going on with Russia? They're so obvious at what they're doing, like her. She freely admitted why she was drunk, what she was. She wasn't hiding, I'm Russian. I'm paid by a Russian person. I'm collecting information. Hey, can I, oh yeah, let's give you drinks. He was like saying, Russia is not even doing hard tradecraft anymore. They're doing everything too easy. It's too easy what they're doing. It's too obvious what they're doing. And he asked me what the problem was and I could only guess it that one, we're not paying attention. Two, we don't care. Three, we can't think it's the person next to me. Or four, I don't know what the fourth one is. I just think we're not paying attention. We don't think it's, we're too nice of a society to think anybody's gonna do this to us or our neighbor is gonna steal that information. But it was kind of interesting to have an ex-KGB spy going, what's going on? What do you guys are not, why don't you get better at this? Look what I did. It was interesting. If you guys saw in the news, kind of Feinstein, her driver of 20 years, he was a Chinese spy. 20 years, he was her driver. That just came out this week. Then another one in the news, we have a woman in the US embassy. They found out she was a spy. They just happened to be doing her background check again. Those of you who had a security clearance, the renewal, they renewed hers. They found out she'd been in there for like 10 or 15 years. They just realized she was a spy. I don't have a picture of her, I'd put her up there. I thought that was kind of interesting that it's becoming so common. The Russians are not even trying to hide what they're doing. It's sad. So the motivations of why people spy is mice. These are the main ones. Money, ideology, coercion, blackmail, or ego and extortion efforts. I'm gonna give you some just examples real quick, but I don't want you to think everybody around you is a spy, but you need to be paying attention to your coworkers or strangers that walk into your data center, walk into your desk area. Make people, don't let people just walk in without shining their badge. I pissed, excuse me, upset somebody the other day. He was tailgating me in. I pushed him, like, oh, excuse me, can you, you got a badge? You go back out there and scan it and he goes, I've been in here many times and I'm like, yeah, but I don't know you. And it said contractor on his badge with no picture. And he goes, but I've been in here all, and I'm like, I don't know you. Would you just please scan your badge? I'm asking, it's just a second of your time. He argued with me longer than it would it took for him to scan it. He finally scanned it, he could get through, but he was so upset because I stopped him, but that's what you're gonna have to do. Because that's exactly what they're gonna do. They're gonna walk right behind you. And I have to admit where I work, our badges are very easy to replicate. I could do it with a crayon. It's really sad. I've told my boss that. And he goes, I know we're trying to fix that. That's just one more thing we're trying to fix. But I'm like, I literally had my badge turned around where nobody can see it because it is too easy to copy it and make a picture of it. Plus I ride the train to work. So if anybody, you know, if you have, I have my badge hanging off because my train passes on it too. So if anybody's there, they just take a picture of my badge, you pickade it, boom, they're done, right? And then they just stand there. I can't get in, can't get in, can't get in. Would you help me get in? Someone will let you in. I'm sorry, we will, we're nice, we'll do it. It works. But this saying right here, beware of spies, that came out in World War II. So that's how long at least it's been around. This was a spy that was a U.S. Army ward officer. I almost wanna believe I did his background. I did his espionage case. My job as an agent. If I'm charging you with espionage, the law says I have to have or you have passed the information to a foreign entity. Wonderful, it does not have to be an enemy of this country, just a foreign entity. I have to have you where you're passing that information to them. He came home with about 25 or 30, this is the days of discats with secret, literally had secret written on it. It was in his gym bag, he couldn't figure out how it got in his household goods when he moved back from Germany to the U.S. I don't know. He had 30 of these in his bag. NSA came and took them from us. They got everything off of it, it was signal intelligence during the first Gulf storm. I could not, he had a German wife that didn't come back to the U.S. with him, but I never got where he was passing information to her. So I couldn't charge him with espionage, I had to charge him with mishandling classified information. He also was shipping back Iraqi weapons in a diplomatic pouch. He was getting an Article 15 for that, so they put him out of the Army. But espionage charge didn't stick because I didn't have it. And I say this for a reason because other people, we've got, you'll see in a minute. But I want you to know the charge of espionage is, you have sensitive classified information and you hand it to a foreign entity, friend or foe, that is espionage, and you can be given the death sentence, thank you to Ronald Reagan. You'll get life in prison or the death sentence. This is the reason why John Walker spied 18 years, he was a Navy veteran. He gave his information to Russia. One of his excuses were I can't help it that they shared it with Vietnam that we were fighting against, we weren't fighting with Russia. So why are you charging me with that espionage? We weren't fighting them. One of his other excuses or whatever, he did a 60 minute interview, he got life in prison, it's because of him that Reagan changed the law that now you can get the death sentence. But he said, they were asking him what would you do now that you know what would happen, what would you do differently? And he goes, I wouldn't get caught. His wife unfortunately turned him in three times to the FBI. His daughter turned him in, she was in the Army, tried to recruit her. His son was in the Navy, he recruited him. His son got 25 years, he recruited his best friend, he got life, he tried to recruit his brother. I think he got another 20 years, something like that. But he died in prison. And one of the things that, what you're seeing written up here is what Russia, his KGB handler said about him. He did everything right, we trained him right. His own excessive lifestyle, money is what made him get it up. They told him to quit spending the money, he couldn't help but do it. And so finally they caught him. And unfortunately, like I said, three times his wife turned him into the FBI. I think she was upset at the divorce settlement. And that's what they're saying is she didn't make enough money out of it. So she's turning in. So another lesson learned, ex-wives. I don't know what to do, you know? Aldrich Ames, this is one that's sad, I hate seeing CIA people get caught. But due to his, so what he was doing was so good and he married a Colombian spy. When he and that wife got married, the KGB or the Russians gave them a $2 million wedding present, how nice. They liked what he was doing, he's got life in prison. Ideology, this one's a little hard. I'd normally think most people don't do this by themselves. I think they also do it for other reasons. But these two spied for Cuba. This one you didn't hear about in the news because of the plea bargain. She went ahead and pled guilty, but she had a Facebook page and she was ranting about what she didn't like about what we were doing in Cuba. Sorry, Cuba. So she got a 25 year sentence, five years probation just to avoid the publicity because we were already getting hit pretty hard, we didn't anymore. But unfortunately, this couple was spying for Cuba too. He got life in prison and she got six years. Recognize these two or three? Especially this couple, Bradley, Chelsea now? I honestly believe frequently people who go along a treasonous path do not know they're on a treasonous path until it's too late. I honestly believe that was probably these two. If they're gonna do it solely for ideology, I did not see anywhere where they made any money at their efforts of spying. And her name is Reality Winner. She just pled guilty, NSA, down in Fort Gordon, down in Augusta, Georgia. Yeah. You know, I'd rather you do it more than just for ideology, please. But if you're gonna do it, then I think that's what they did it for. Sex change, if you need it. I'm gonna tell you a story real quick. I went back, I just got through getting a top secret clearance investigation. This was a defining moment in my life. I was asked the question during my security clearance where are you of the male persuasion when you join the military? And I'm like, can we stop for a second? It was a woman that was doing my investigation and I can we stop for a second? Were you asking if I've had a sex change? Is that what you were trying to find out while I joined the military? Because I could get a sex change and be a woman and she goes, yeah, that's what we're trying to find out. I was like, good Lord. And I said, look, I was a woman when I joined. I was a woman when I gave birth to a child in the military and I was a woman when I got out and I'm a woman today. I didn't realize I asked that question now. Just on a side note. So if you wanna join the military, I think you can get what Chelsea Bradley got. Understand they're doing that now. But also be aware if you go through this kind of sex change that makes you vulnerable. How? Are you gonna, do you freely admit it? Are you gonna hide it? I mean, put it this way, if I knew you were a man and you were dressed as a woman, I'm gonna try and blackmail you as a man because that's what you're trying to hide that you are. That's the issue. Is that everybody's hero, right? Huh? I did nothing wrong. I'm gonna tell you something. I've got a man that works for me right now that used to, that was working for DIA when he did his expose. One of his friends who's a US citizen was in another country, a third world country. They went and took him and put him in prison in a third world country's prison for six months. We had to go get him out because of what Snowden released. Once you understand something about classified information or sensitive information, sometimes it's not the information that's so sensitive. Sometimes it's the person who gave it to us or the source. He gave up sources of information and those people who have died have been put in prison. Now, remember what I said about the charge of espionage? If I have you given that information to another entity outside of the US or an unclear entity, espionage. So he steps foot on this country again. He'll be charged with espionage plain and simple and I don't have to prove a thing about it because he's sitting there. I freely admitted it, I gave it to them and the country is saying he's freely given it to me. I don't have to prove and investigate anything just to let you know. He probably will never come back. He wants to, he wants to have the charges removed, reduced. No, personally I tell you what, if he comes back and gets that, I think every single person in prison that is currently today serving a life prison and I've seen some, they're in there right now, they're making big rocks into gravel, I watched them do it. If you've been in the military, the military prison, they do have a cement rock, I watched them out there making rocks with a hammer and those guys are in there for life doing the same thing he did. I think every one of them should have a retrial if he gets off, that's my opinion. Oh, quit, come on baby, give it a second. Compromise or coercion, this is my favorite, this is the one you mostly see and hear about. Mostly if you, it's sex, money, drugs, or all of them. Probably start you off with the drugs and the money or probably, I was talking like that, I said that I'd start you off with the sex, put you drugged up and get the money. I wanna tell you something, I've seen, I've got a picture of her. There's a beautiful Russian woman right now that is working her way through the hacker community and I've seen her at DEF CON. I've turned her in, they're investigating her but she is working, she's beautiful. She gets you guys to fall in love with her. I'm sorry, it works. She's good, she's about 30. She says she's a computer programmer, she knows about five or six languages. She's a stripper at night and sells drugs on the side. Now if you're such a good computer programmer why do you need to be your own hack? Why don't you hook up with you? But I honestly believe what she is as a scout. So what she does is she gets to know you and finds your vulnerability and she turns that over to her handler. She might not be the one who turns you but she might be giving your information to somebody else. So just be aware, let's see if I can get this real quick. These are all famous women spies during World War II for our side. So we're not above doing the same thing, it's not even wrong, it's we're all doing it. She's North Korean and that's what she looks like in South Korea and this is Ann Chapman. Our vice president, he was our vice president when she was sent back to Russia, he said he would miss her. Missing her around. And this is also a sign for World War II. This is how long this has been going on and have been around. We have another term for honeypots that most of you do. And it is really this, it really is a beautiful woman like I just described. Have it swallow, seduce a spy, government employer, politician, take the pictures. Just like I said about the pen testing, right? Pen testers are not above doing this. You guys are not gonna win. There's Miss Anna, she's beautiful. She's a hero in Russia, I think she has her own talk show. But that's where she's coming from. I wanna show you something, trying to make this quick. You ever see the movie Red Sparrow? Anybody watch that? No struggle. Every human being is a puzzle of need. You must learn to ensure it when it's missing, come on the missing piece, and they will give you anything. Take off your clothes. Look who started first. Your body belongs to the state. Since your birth, the state nourished it, now the state asks something in return. Learn to sacrifice for the higher place. To push yourself beyond all limitation and forget the sentimental morality with which you were raised. I firmly believe that's true. When I did give this speech a couple months ago, I had a young woman come and she goes, I can't believe a woman would just do this. Watch this. They talked them, told them, the state owns you, you own the state, you'll do what needs to be done, that's how it is. That's how they're brought up. We're not taught that in our country, that's why we think it's so wrong to do certain things, or we think it's, nobody would do that to us. That's not how they think. Just to let you know. It's just interesting, her former British husband that married her, he died at 36. And what a lot of the women do, Russian, they'll go over to Britain, marry British men, and then a divorce them within months after they got their British citizenship. I got another one, an example of that that's going on. And Sergei, he was one of the Russian spies that we traded with her, and they're the ones that got there, you know, they're trying to kill him, because they think he's a traitor. Real quick, the embassy, our Russian, our American embassy in Russia, we had to go build another one, because Longtree and Marine gave the architect schematics of our embassy to a person he met on the train and developed a relationship with her. They bugged the crap out of our embassy who was being built, we had to go build another one. Just because he finally admitted it a few months later, or a year later when he was in Austria, he goes, I think I made a boo-boo, I think I need to tell you what I did. They can't use the embassy that we built because of what he did, it was so full of bugs, there was like three and four in every wall. And so we had to go build another one. Iranian hackers, they're not above using Facebook women to do what they want. If you've read this article, I think it was early this year, Mia Ash, they bawled a young woman's Facebook pictures and her personality to Coors and Blackmail, Middle Eastern men, middle-aged men that were working for these entities over in that country. Just what they did is, came friends with them, sent pictures, they clicked on the picture and that downloaded the, right? So it was really easy. So just because, I didn't ever think that they would do that, but that was pretty cool. It was a really good way to do things, I don't like it, but you know. This is one of my favorites, Patrice. This woman right here, this woman is the one that hooked up with him. All right, if you've ever followed this, these two had a relationship. They shared emails with each other, but never had send. They had the same, you know, they knew the account, never sent it, right? She got jealous of her, so she got mad at her and said, leave my man alone. She got upset by the threatening email she got from her and told her FBI friend. The FBI friend started the investigation and broke the whole thing up. The part that's interesting is there was, I don't know how much secrets were given away, but she's first-generation Lebanese. She's down at Tampa, unofficial liaison. She hosts parties and invites all the big wigs of the military to her house. That's how she knows these two men. And one thing that's obvious, well, one thing that's interesting about them all, even though this all came out in the news, every one of them is married. When I mention that to a friend of mine, he goes, what do you think that is? They're swingers. Not one of them got a divorce because of what happened. I just thought it was interesting what's scary is she's first-generation Lebanese and she has access to posts. She's not even employed, neither is her husband. Can't even have, I don't think she'd have a tag on her car to get on posts. They just know who she is and let her on because I'm the unofficial liaison. This is the other one that's really good. Madam Butterfly, you recognize? You ever hear the story? This is a man. That's him right there. He was his lover for 18 years and convinced him he gave birth to a child that she adopted. He never had a sex change. Yes, the sex was weird. They said it was, but he thought, you know, 18 years of relationship, he thought that was his son, he adopted him. But that's, yeah, I don't know. So we're gonna keep going. It's Ego, that's the same thing. They're telling me I'm running out of time, but the Ego thing, Don Walker, his handler said that was one of his biggest things. He thought it was better than anybody else. Come find me. You won't find me, I'm better than you. His Ego is also what got him in trouble because they warned him and told him not to spend the money. He couldn't help it. He couldn't help what he was doing. Like he said, I would do it again as long as I didn't get caught. Hanson, he fairly admits he's an FBI agent. I was passed over promotion. Nobody appreciated me, so I'm gonna spy and show you how good I am. Life in prison. Here's the guy that I was talking about. And Brooks X, Aaron Banks, looking up. He had gazillions of dollars a few years ago, lost it all. He married this woman. She was a Russian woman who came and married a 40-year-old British man. Two months later, I can't live with him, divorcing. This man gave her the divorce. He's had relationships with many other women to do this. She's now his spouse. He now has all gazillions of dollars back and he's supporting Brooks X right now. If you'll watch it, everyone's upset with him because he's funding Brooks X over there. And no one can explain where he's getting his gazillions of dollars from. Yeah. See that? See that? It's obvious, right? Reflection will hide it. We'll keep you from looking and seeing what really is going on. What I wanted you to be aware of is that if you think something is going on around you, I talk to CISOs and ask them, hey, is a pen tester coming after me? Do you want me to tell you or what are in the CISOs? Like, please do not come and ask me. Do not tell me. If you think somebody is targeting you, you think this activity is going on or you think a co-worker is doing it. When I was in the Army, I told people you needed to come tell me and I would start the investigation. Please don't do that. Don't tell me, want me, don't tell me. Go to the FBI. And if it's a pen tester, turn their ass in. If they're gonna go to the extreme of taking me to a hotel room and compromising me that way, turn their ass in. And he'll get out of free jail, free card because they have the contract where the company said, you know, do the pen test. But the pen test didn't say compromise me or my beliefs or my whatever, right? Turn them in, call the FBI. They gotta have free out of jail card. They'll get out of it. But turn them in, call the FBI if you suspect any of this is happening. Any questions real quick?