¶ Daily Weather and Traffic Update
We are live .
Here's your daily weather report from Tampa and St Pete .
Sunny outside , a cool 76 degrees , with a southwesterly wind coming in off the sea Sunshine coming through your windows and we're feeling good on the highways here .
Traffic is a little light out there . Keep your heads up and your coffees full . This is Privacy , please . Ladies and gentlemen , we got some pretty hot topics , gabe . I'm going to go ahead and share my screen for this one to start us off . Let's see how we think about this . So I'm pretty sure a lot of people saw this , but it's pretty crazy .
So there's a video in China that an AI robot allegedly attacks the crowd at a festival . Everybody's saying so it begins . So let's go ahead and just show the video real quick . In my opinion , gabe , so it begins . Let's go ahead and just show the video real quick . In my opinion , gabe .
In my opinion , as we talked offline , I think , a human in the crowd said something to the robot and the robot got offended and then they had to hold him back . That's what I see in this video .
Let's watch the video . Let's have a look . That's what I see in this video . Let's watch the video .
Let's have a look . Come at me , bro . First of all , he doesn't even have a head . Where's his head ? There's no head . What are your first thoughts ?
on this game . My first thoughts is if he had a head , you'd probably hear him say bite my shiny metal ass . That's my first thought . My second thought is whoever created that robot obviously never read asimov's I robot . There are three very , very , very simple rules , very simple rules in the handbook of robotics , 56 edition , 2058 ad .
They are a robot may not injure a human being or , through inaction , allow a human being to become
¶ AI Robot Incident at a Festival
, come to harm . That's rule number one . It's right there in the rules . Rule number two a robot must destroy the order must obey . Must obey the orders given by human beings , except where such orders would conflict with the first law . See the laws even work in harmony .
Rule number three the third and final law a robot must protect its own existence as long as such protection does not conflict with the first or second law . Pretty straightforward this robot does not seem to have much regards for the law . It's an interesting video . I don't know what to take away from it .
I'm just glad it's not one of those Boston Scientific jammies , you know .
Yeah , seriously .
Somewhere here in the US accidentally shoving someone . I don't know what the difference is really , other than distance in that sentiment I just expressed , like at least it's way over there , not way over here .
Yeah , agreed , I mean . So it seems like it was a .
They're claiming it as a robot , an ai robot , and I I glitched today I saw sorry , forget , identify once , once , once you start wiring in more , and not some , but more electronic prosthetics , so to speak . Right , yeah , what they're called , but all augmented bodies , yeah , why ? Why can't I use that excuse ?
I mean you , I mean there's lots of good reasons why I actually can't use that excuse well , um .
So in in all seriousness , though , what it's not like , it's not surprising . You know , we've seen the movies , and what it makes me think of is , uh , terminator makes me think of iRobot . Like you said , I don't really understand why we're making these kind of robots , like . What was the purpose of that robot at that ? Like , are they supposed to be security ?
Is it just like ? Was it a presentation ? Were they showing something ? I haven't really looked into it that much , but hard to tell .
There's a lot of real world application to those types of humanoid-style robots , especially when it comes to repetitive tasks that involve lifting heavy objects , that certainly seems like the thing that is much , much better suited for those kinds of robots than humans .
Yeah , like warehouse workers .
Yeah , and I know there's a problem there in the context of well , what happens to those people ? Do they lose their jobs ? That's a different conversation for a different podcast . Quite frankly , I'm not even going to touch it right , it just is . I will acknowledge that that is a question to be answered , not by me and not now .
Yeah , fair , and so there's definitely a lot of legitimate use for these types of robots . But your question is the most valid one , like what's it doing out there ? Right , what's the robot doing out there ? I think the answer is . Qa is what it was .
Yeah , like let's just throw them out there in a crowd pool , they would take it into the quality assurance .
run to see how it would do and apparently it glitched , yeah or got offended who knows yeah , or got offended who knows yeah , who knows who knew software could glitch .
Let's just not give them knives or guns , thanks , no weapons .
I think those ships have sailed yeah .
I mean , you know , I think we should treat it as if it's a wild animal , Like think about playing with a cat and how they can just flip on you and just bite you because they're .
That's why I don't keep big cats in my house . House cats are the limit to age . But it's a good analogy , though it's different than when you play with a little rock and sock and robot , but now you've got a life-size . Yes .
Exactly . We should probably keep them behind . If , if anything , let's just create a robot .
Cameron wants to round them all up and put them in work camp well , I mean robots . Replay this episode of privacy , please . 100 years from now , we won't be here . Your great-great-grandchildren are safe now . I hope so too .
Don't know , leave a message behind for them that the robots might come looking for them , because cam said no judgment to the robots if you're hearing this 100 years later , but we should test it out in like a you know , not quite a work camp .
Just , you still can't leave and there's still bars and boundaries . We're going to keep you here .
Right , right . I mean , that's an idea right there .
You could just power them off at night . But then you get into like that whole severance territory of like yeah , what about ?
Do you remember ? This reminds me , do you remember that movie Passengers now ?
I'm not sure I've heard of it .
Tell me it's the one with Chris Pratt , and I know who that guy is . And uh , lawrence , the girl from . Uh , the girl from um the that one series the book the Hunger Games that girl .
Basically it's about like .
it's about like the girl from that one series , the book the Hunger Games , that girl . Basically it's about a malfunction in a sleeping pod on a spacecraft traveling to a distant colony planet wakes one passenger 90 years early .
So they're basically stuck on this thing between just them two and robots .
That's interesting . Yeah , yeah , it's pretty cool it was . It was a . It was an okay movie , um , but there was a quote in the movie that I was trying to find that I really liked let me see if I can find it , because the the bartender in the movie was a robot and he said something to chris pratt's character . That was let me see .
Yeah , he said , um , he said something to Chris Pratt's character . That was , let me see , he said . He said a friend once said you can't get so hung up on where you'd rather be that you forget to make the most of where you are . We get lost along the way , but we find each other and we made a life , a beautiful life , together .
I don't know that that first quote was not certain how we got from robots pummeling humans to this quote , but I love it . Yeah , it got a little random .
I like it . It was just a little squirrel moment for me . I like it , squirrel .
I'm here for it .
But if anything , that was an insightful quote . You brought it back to the peace and love train . I'm here for it . Right , okay , yeah , which is ? I thought that was fascinating about the AI robot I'm sure a lot of people have seen it and everybody's freaking out about it .
We got two good quotes today . We got that quote and we got bite my shiny metal ass from Bender .
You can't go wrong , it's a quotable day and I'll tell you what Futurama was . That was more of my favorite than the the simpsons be honest tough call , they're both good . They're both good , yeah I can't , I can't choose , I can't choose . But bender is a really great character .
He's my , he's my spirit robot yeah , he's fantastic , so shout out to bender shout out , um , and if you know futurama wants to sponsor this show , that'd be great yeah , or sue us because we played an entire episode without your . Sue us . Yeah , that works too , don't say that .
Or don't , allegedly , allegedly , allegedly Don't do that , anyways , because we don't have the show . Everything's all left in , unless you know it's rare , but anyways , let's talk about another topic . Gabe , you had brought this up
¶ Asimov's Laws: A Discussion on Robot Ethics
on your socials , so people can't at you there on this one .
Yeah , we'll allow it , the judges will . You can at me .
You can at me in the socials , where I posted this in particular yeah , it was some like a ghost ransomware attack , something revolt like resolved , I think the real news here is that right that the fbi issued a joint announcement about a ransomware group , and what's news there is that there are a lot of ransomware attacks every day .
I think I've seen the numbers right , you know around 1.7 million attacks a day . For the FBI to issue a critical advisory notice about a ransomware group you know suggests that there is something certainly uniquely worth paying attention to , because all the other ransomware groups haven't magically disappeared and ransomware hasn't magically gone anywhere .
But this group known as Ghost is carrying out a series of ransomware attacks , a significant number of them targeting multiple industries and across more than 70 countries , which is also not unique , but it is different than a lot of ransomware patterns . A lot of ransomware patterns are fairly concentrated For what it's worth .
A lot of them are fairly concentrated , like at the US , but others are regionally concentrated , right like they're intentionally targeting folks , you know , maybe in the Middle East or Europe . Another quote for you . Yeah , yeah , hit me , quote me . I ain't afraid of no ghosts .
Oh , this is good , this is good , I ain't afraid of no ghosts bite my shiny metal ass , that's right that's right no , it's bite my shiny metal ass . I ain't afraid of no ghosts . There it is , there it is . That's the quote , that's it .
That's a , this is , this is . This is the theme of the episode . We'll see how many more quotes we can get out of this content .
Yes , yes .
So what does this mean , Gabe ? What is this ghost ransomware ?
Well , one of the other things that's different about this ransomware in particular and it's not unique , but it's different than many of the others is it is leveraging a primarily non-phishing style attack . What does it mean by that ? So yeah , it's not phishing its way into organizations .
Ultimately , any ransomware has to get inside the boundaries of your business , right , whatever set boundaries might look like , and phishing is , for certain , one of the number one entry points for that kind of activity . But this one , it's a good reminder that there are know there are lots of different tactics that Ransomware uses .
There's no shortage of tactics that Ransomware uses , and it's not always going to come in through the front door , so to speak , like these guys , like Ghost . It's going to come in through , you know , the side door . Don't leave it unlocked . Don't leave it unlocked , don't leave it unlocked .
I think one of the other very interesting things about this group , the Ghost group , that's worth noting is they're using Cobalt Strike , which is completely freely available . You know , it's open source software . You can get paid versions of this too , but it's an adversary simulator , right .
It simulates what a red team does inside of an organization , does inside of an organization , and so it's using these readily available tools off the shelf to complete its mission , which , for me , is kind of two ways to look at this .
The first is that should make it easier for organizations to identify , certainly , but it also is like , yeah , this should have made it . Our networks , to some degree , shouldn't allow these types of toolings to exist on systems in the first place . But I'm not going to pretend that's easy for everyone to do .
The last thing I think that's noticeable about the FBI's announcement is that they call for organizations to ensure they have backups and secured backups , a topic that is obviously near and dear to me , and what I take away from this is the FBI has always suggested that you have backups as part of your plan , and the reason for that is because and what looks like
to be the case in this scenario is these adversaries are pretty aggressive and fairly persistent , and my read into that is yeah , you can expect that they will get in if you have these issues , and you can expect that you're going to have a better chance of recovery than stopping it and cleaning up .
I mean , it's a stark reminder to everyone what needs to be done about our business continuity , planning our disaster recovery capabilities . We have to be resilient to ransomware . Simply trying to stop it isn't going to win the day . It doesn't really stop there , though .
I mean we talked about this before , but one of the things that ransomware tends to do today is goes after those very backups , because the ransomware groups know that you are going to go to those backups to restore your business . So Ghost also does those things . It exploits lack of isolation in between where backups are and where operating networks are .
It destroys those on-network backups . It moves laterally to cloud networks where they are integrated . It disables shadow copy of data . It intentionally goes out of its way to hamper your recovery capabilities . That is by design .
It makes it more difficult for you to recover by design , and that's more reasons why having the backups is just half of the resiliency solution , whatever percentage you want to put on it . But the other side of the have the backups is the protect the backups right .
So is it like have a backup of a backup .
Well , that's the strategy that is employed today . I mean it's called the 3-2-1 strategy . I mean it's called the 3-2-1 strategy , 3-2-1-1-1 , once you start including immutable copies , right ? So the strategy as it is outlined requires you to have three copies of your data on at least two types of media , at least one of them off-site and immutable .
And so , yeah , the answer to your question is have a backup of some of your backups and a backup of those backups and then secure them . That's the only way you can do it . That does become a problem , though . That gets expensive , it's like . So now I got to make three copies of the same thing , especially if I have a lot of it . The answer is yes .
The answer is there's also people that will help you take care of those things , lower those costs . There is Shout out .
Back up those that Myota , okay , okay , so let me take it back . So , ghosts , are they the only ones out there doing this unique approach ? Not at all .
That's the thing it's not unique so much that it's a bit different amongst the majority of groups operating the usual tactics that we see . Operating the usual tactics that we see .
We see far more phishing attacks as the primary vector when , in the case of Ghosts , what we see is a series of CVEs being exploited , that they're leveraging vulnerabilities in Fortinet , the 40OS appliances , servers that are running Adobe , coldfusion , microsoft SharePoint , microsoft Exchange . This is commonly referred to as the proxy shell attack chain .
All right , so tell me if I'm on the right track here . So , basically , they focus or they don't focus on data exfiltration , but they do demand payment for decrypting data .
Yeah , what does that ?
mean At a high level .
So the FBI has not observed a lot of activity going back to any known Cobalt servers or any activity out of the breached entities that have been looked at . It doesn't look like there's a lot of data being exfiltrated . This group doesn't seem to be super interested in the .
We're going to take your data and sell your data , so that's the other side of ransomware right . Yeah , that's more of the double ransomware , so to speak . Encrypt your data and force you to pay for it , then go sell it again , or tell you to pay me some more or I will sell it . And then they sell it anyway . Because what are you going to trust ?
Are you going to trust a ransomware group to hold their word Like come on guys .
So it looks like they use a couple different tactics to make it very challenging to defend against , compared to just using one way in . Yes , is that the assumption ? So they exploit lack of isolation , they destroy on-network backups , cloud network vulnerability , disabling shadow copies , and I mean , does that sound right ? Is that on ? Yeah , that's all .
What are shadow copies ? Are those ?
They are copies of data that's kept inside of an operating system . For a copy of an application , data that's kept Like local recoveries yeah , it's a local recovery .
Okay okay , okay , that's the best way to put it I'm kind of stumbling on my words here but , like Active Directory , for example , keeps a volume shadow copy of its database that is locked and that can't be accessed during runtime . But if something fails you can recover from that volume shadow copy .
But there's also attacks , using tools like Mimikatz , that will make it very easy that allows you to steal that volume shadow copy . Very easy , that allows you to steal that volume shadow copy . And in the case of the attackers , they like to disable and destroy those volume shadow copies because you can just use them through Right .
So I'm a little confused . I mean , it sounds like they go after the backups , but the FBI is advising to prioritize backup security . Oh , I see I read it wrong . So prioritize backup security yes , not just the backups .
That's the thing . If I told you , hey , I encrypted your data , you might think to yourself next , huh , I wonder how he protects my encryption keys . It's the same thing . Like you backed up the data , well , how do you protect the backup data , right ? Like you made it immutable , how do you protect the immutability capability ?
You put a big steel door on the front of your house , well , how do you protect the door ? Right ? Like you know , okay , is it ?
yeah , it's fascinating though it's , it's interesting though , but why ? Why this all ? Maybe maybe I don't know if you covered this , but why is this all of a sudden coming up ? I guess ? Is it just because ghost is new ? Nobody's ever heard of them .
I I don't know the the answer , that one as to why the fbi is putting this out now . My , my guess is just a widespread impact of it seems to be moving fast and hard and and hitting 70 countries is a lot right like it's super active , that's very active , that is very , very , very active .
So more of like an awareness campaign kind of thing .
Yeah , for sure . Yeah , and it's exploiting CVEs that go all the way back to 2009, . Right ? So that's another problem , right ? These are issues that hell we've known about for a long time . What's up with that ?
So that makes sense . Yeah , let's let them know now you know , 20 years later , almost 20 years later , yeah , and take any takeaways before dropping off on this .
I mean we certainly should . Because it's a quotable kind of day , we should share a couple of quotes from some of the other folks around the industry . So you know Juliet Hudson , the CTO at Cyberverse , you know she's quoted as stating Ghost is a dangerous nation state actor which organizations must make effort to protect against .
So if this is a nation-state actor hitting that many nations , just like 70 different countries all over the place , it suggests that there's really no boundaries to what activity they're willing to get into .
Okay , Well , lots of stuff going on AI , robots , ransomware , attacks , which are always going on but that's a pretty interesting story , though , in itself . I mean it's nice to see someone bringing awareness to it , but I guess it's never too late , the best time was yesterday .
The second best time is today .
Yeah , Well , if anybody has any questions more on , you know , data backups and data backup security and anything like that , or anyone that knows more on these topics that want to come on the show or just uh chat with us , hit us up . Yeah , yeah , um , that'll be all for this week and , uh , we'll see you guys next week .