I'm going to be showing some of the cybercriminals' latest and nastiest creations. So basically, please don't go and download any of the viruses that I show you.
Pokazaću vam neke od najnovijih i najzlonamjernijih kreacija sajber kriminalaca Dakle, molim vas da ne preuzimate ni jedan od virusa koje vam pokažem.
Some of you might be wondering what a cybersecurity specialist looks like, and I thought I'd give you a quick insight into my career so far. It's a pretty accurate description. This is what someone that specializes in malware and hacking looks like.
Poneko od vas se možda pita kako specijalci za sajber bezbijednost izgledaju, i mislio sam da vam na brzinu predstavim svoju dosadašnju karijeru. To je prilično tačan opis. Ovako izgleda neko ko je specijalizovan za malver i hakovanje.
So today, computer viruses and trojans, designed to do everything from stealing data to watching you in your webcam to the theft of billions of dollars. Some malicious code today goes as far as targeting power, utilities and infrastructure.
Danas su kompjuterski virusi i trojanci dizajnirani da urade sve, od krađe vaših podataka, posmatranja kroz vašu veb kameru, do krađe od milijardu dolara. Neki zlonamjerni kod danas ide toliko daleko do ciljanja na pogone i infrastrukturu.
Let me give you a quick snapshot of what malicious code is capable of today. Right now, every second, eight new users are joining the Internet. Today, we will see 250,000 individual new computer viruses. We will see 30,000 new infected websites. And, just to kind of tear down a myth here, lots of people think that when you get infected with a computer virus, it's because you went to a porn site. Right? Well, actually, statistically speaking, if you only visit porn sites, you're safer. People normally write that down, by the way. (Laughter) Actually, about 80 percent of these are small business websites getting infected.
Dozvolite mi da vam dam brz presjek za šta je danas zlonamjerni kod sposoban. Upravo sada, svake sekunde, osam novih korisnika se priključi na internet. Danas, viđećemo 250 000 novih različitih virusa. Viđećemo 30 000 novih inficiranih sajtova. I sada ćemo srušiti mit ovdje, mnogo ljudi misli, kada se inficiraju kompjuterskim virusom, da je to zato što su posjetili pornografski sajt. Tačno? Pa, zapravo, statistički govoreći, ako samo posjećujete pornogorafske sajtove, bezbjedniji ste. Ljudi normalno zapišu to, uzgred. (smijeh) Zapravo, oko 80 odsto malih biznis sajtova biva zaraženo.
Today's cybercriminal, what do they look like? Well, many of you have the image, don't you, of the spotty teenager sitting in a basement, hacking away for notoriety. But actually today, cybercriminals are wonderfully professional and organized. In fact, they have product adverts. You can go online and buy a hacking service to knock your business competitor offline. Check out this one I found.
Kako izgledaju današnji sajber kriminalci? Pa, većina zamisli pjegavog tinejdžera kako sjedi u podrumu i hakuje, zar ne? Ali danas, sajber kriminalci su izvanredno profesionalni i organizovani. U stvari, oni imaju reklame svojih proizvoda. Možete otići na internet i kupiti hakersku uslugu kojom ćete oboriti svog biznis konkurenta. Pogledajte jednog što sam našao.
(Video) Man: So you're here for one reason, and that reason is because you need your business competitors, rivals, haters, or whatever the reason is, or who, they are to go down. Well you, my friend, you've came to the right place. If you want your business competitors to go down, well, they can. If you want your rivals to go offline, well, they will. Not only that, we are providing a short-term-to-long-term DDOS service or scheduled attack, starting five dollars per hour for small personal websites to 10 to 50 dollars per hour.
(Video) Muškarac: Znači ovdje ste zbog jednog razloga, i razlog je taj što želiš da tvoji biznis konkurenti, rivali, hejteri, ili bilo šta ili ko da je razlog, nazaduju. Pa prijatelju moj, došao si na pravo mjesto. Ako zeliš da tvoji biznis konkurenti nazaduju pa, to je moguće. Ako želiš da tvoji rivali budu oflajn, biće. Ne samo to, nudimo kratkoročnu i dugoročnu DDOS uslugu ili isplanirani napad, počev od pet dolara na sat, za male lične veb sajtove, pa do onih od 10 do 50 dolara na sat.
James Lyne: Now, I did actually pay one of these cybercriminals to attack my own website. Things got a bit tricky when I tried to expense it at the company. Turns out that's not cool. But regardless, it's amazing how many products and services are available now to cybercriminals. For example, this testing platform, which enables the cybercriminals to test the quality of their viruses before they release them on the world. For a small fee, they can upload it and make sure everything is good.
Džejms Lajn: Zapravo sam platio jednom od ovih sajber kriminalaca da napadnu moj sajt. Stvari su postale malo nezgodne kada sam pokušao da prebacim trošak na firmu. Ispostavilo se da to nije u redu. Ali, bez obzira, nevjerovatno je koliko je sada proizvoda i usluga dostupno sajber kriminalcima. Na primjer, ovo je test platforma, koja omogućava sajber kriminalcima da testiraju kvalitet svojih virusa prije nego što ih objave svijetu. Uz mali ulog, mogu ih postaviti na internet i biti sigurni da je sve u redu.
But it goes further. Cybercriminals now have crime packs with business intelligence reporting dashboards to manage the distribution of their malicious code. This is the market leader in malware distribution, the Black Hole Exploit Pack, responsible for nearly one third of malware distribution in the last couple of quarters. It comes with technical installation guides, video setup routines, and get this, technical support. You can email the cybercriminals and they'll tell you how to set up your illegal hacking server.
Ali to ide dalje. Sajber kriminalci sada imaju kriminalne pakete sa kontrolnim tablama na kojim dobijaju izvještaje o distrubuciji njihovog zlonamjernog koda. Ovo je tržišni lider u distribuciji malvera, "Black Hole Explot Pack", koji je odgovoran za skoro trećinu distribucije malvera u posljednjih nekoliko kvartala. Dolazi sa uputstvom za instalaciju, video procedurama, i vidite ovo, sa tehničkom podrškom. Možete poslati email sajber kriminalcima i oni će vam reći kako da namjestite vaš ilegalni hakerski server.
So let me show you what malicious code looks like today. What I've got here is two systems, an attacker, which I've made look all Matrix-y and scary, and a victim, which you might recognize from home or work. Now normally, these would be on different sides of the planet or of the Internet, but I've put them side by side because it makes things much more interesting.
Dakle, dozvolite mi da vam pokažem kako zlonamjerni kod izgleda danas. Ovdje imam dva sistema, jedan napadač, kojeg sam napravio da izgleda kao u Matrix-u i zastrašujuće, i žrtvu, koju možete primijetiti od kuće ili sa posla. Normalno, oni bi bili na različitim stranama planete ili interneta, ali, ja sam ih postavio jedno pored drugog zato što će to činiti stvari mnogo interesantnijim.
Now, there are many ways you can get infected. You will have come in contact with some of them. Maybe some of you have received an email that says something like, "Hi, I'm a Nigerian banker, and I'd like to give you 53 billion dollars because I like your face." Or funnycats.exe, which rumor has it was quite successful in China's recent campaign against America.
Sada, postoji dosta načina preko kojih možete biti inficirani. Doći ćete u kontakt sa nekim od njih. Možda su neki od vas primili email koji kaže nešto kao: "Zdravo, ja sam nigerijski bankar, i želim da Vam dam 53 milijarde dolara zato što mi se sviđate." Ili funnycats.exe, za koji se priča da je bio veoma uspješan u Kini do kampanje protiv Amerike.
Now there are many ways you can get infected. I want to show you a couple of my favorites. This is a little USB key. Now how do you get a USB key to run in a business? Well, you could try looking really cute. Awww. Or, in my case, awkward and pathetic. So imagine this scenario: I walk into one of your businesses, looking very awkward and pathetic, with a copy of my C.V. which I've covered in coffee, and I ask the receptionist to plug in this USB key and print me a new one. So let's have a look here on my victim computer. What I'm going to do is plug in the USB key. After a couple of seconds, things start to happen on the computer on their own, usually a bad sign. This would, of course, normally happen in a couple of seconds, really, really quickly, but I've kind of slowed it down so you can actually see the attack occurring. Malware is very boring otherwise. So this is writing out the malicious code, and a few seconds later, on the left-hand side, you'll see the attacker's screen get some interesting new text. Now if I place the mouse cursor over it, this is what we call a command prompt, and using this we can navigate around the computer. We can access your documents, your data. You can turn on the webcam. That can be very embarrassing. Or just to really prove a point, we can launch programs like my personal favorite, the Windows Calculator.
Postoji mnogo načina da se zarazite. Želim da vam pokažem neke od mojih omiljenih. Ovo je mali USB stik. Kako ćete omogućiti da USB stik obaviti posao? Pa, možete pokušati da izgledate veoma slatko. avvvvv Ili, u mom slučaju, nespretan i patetičan. Pa zamislite scenario: Ušao sam u neku od vaših poslovnica, izgledam veoma nespretno i jadno, sa kopijom svog CV-a koji sam prelio kafom, i pitam na recepciji da li mogu da povežem svoj USB stik i da mi odštampaju novi. Pa hajde da pogledamo šta ovdje imamo na žrtvinom računaru. Ono što ću uraditi jeste da povežem svoj USB stik. Nakon nekoliko sekundi, na računaru stvari počinju da se odvijaju same, obično loš znak. Ovo bi se naravno dešavalo u par sekundi, stvarno, stvarno brzo, ali sam ga malo usporio da biste mogli vidjeti odvijanje napada. Malver je veoma dosadan inače. Dakle, ovo je pisanje neprijateljskog koda, i poslije nekoliko sekundi, na lijevoj strani, viđećete napadačev ekran i na njemu se pojavljuje neki interesantan tekst. I sada ako postavim kursor preko, to je ono što zovemo komandnom linijom, koristeći to možemo se kretati po računaru. Možemo pristupiti vašim dokumentima, vašim podacima Možete upaliti veb kameru. To može da bude veoma neprijatno. Ili samo da dokažemo, možemo pokretati programe, moj omiljeni, Windows Calculator.
So isn't it amazing how much control the attackers can get with such a simple operation? Let me show you how most malware is now distributed today. What I'm going to do is open up a website that I wrote. It's a terrible website. It's got really awful graphics. And it's got a comments section here where we can submit comments to the website. Many of you will have used something a bit like this before. Unfortunately, when this was implemented, the developer was slightly inebriated and managed to forget all of the secure coding practices he had learned. So let's imagine that our attacker, called Evil Hacker just for comedy value, inserts something a little nasty. This is a script. It's code which will be interpreted on the webpage. So I'm going to submit this post, and then, on my victim computer, I'm going to open up the web browser and browse to my website, www.incrediblyhacked.com. Notice that after a couple of seconds, I get redirected. That website address at the top there, which you can just about see, microshaft.com, the browser crashes as it hits one of these exploit packs, and up pops fake antivirus. This is a virus pretending to look like antivirus software, and it will go through and it will scan the system, have a look at what its popping up here. It creates some very serious alerts. Oh look, a child porn proxy server. We really should clean that up. What's really insulting about this is not only does it provide the attackers with access to your data, but when the scan finishes, they tell you in order to clean up the fake viruses, you have to register the product. Now I liked it better when viruses were free. (Laughter) People now pay cybercriminals money to run viruses, which I find utterly bizarre.
Zar nije nevjerovatno koliku kontrolu napadač može dobiti sa tako jednostavnom operacijom? Dozvolite mi da vam pokažem kako su većina malvera danas rasprostranjeni. Ono što ću uraditi jeste, otvoriću veb sajt koji sam ja kodirao. Sajt je užasan, loše je dizajniran. I ima sekciju za komentare ovdje gdje možemo postaviti komentar na sajt. Mnogi od vas su koristili nešto slično ranije. Nažalost, kada se ovo realizovalo, programer je bio malo pijan i uspio je da zaboravi svo sigurnosno kodiranje koje je naučio. Pa zamislimo da naš napadač, zvani Evil Hacker, čisto iz zezanja, unese nešto malo gadno. Ovo je skripta. To je kod koji će se interpretirati na veb stranici. Poslaću ovaj post, a zatim, na mom zaraženom kompjuteru, otvoriću pretraživač i doći do mog sajta, www.incrediblyhacked.com. Obratite pažnju da sam poslije nekoliko sekundi preusmjeren. Ta adresa koju vidite tu na vrhu, koju sada vidite, microshaft.com, pretraživač se srušio jer je pogođen jednim od eksploit paketa, i iskočio je lažni antivirus. Ovo je virus koji izgleda kao antivirusni program. i proći će, i skenirati sistem, pogledajmo šta se pojavljuje ovdje. Prikazuje neka veoma ozbiljna upozorenja. Oh pogledajte, server sa dječjom pornografijom. Stvarno bi trebalo obrisati ovo. Ono što je zaista uvrjedljivo oko ovoga jeste da ne pruža napadaču samo pristup vašim podacima, već kada se skeniranje završi, reći će vam da biste očistili lažne viruse, morate registrovati ovaj proizvod. Više mi se dopadalo kada su virusi bili besplatni. (smijeh) Ljudi sada plaćaju sajber kriminalcima da pokreću viruse što smatram potpuno bizarnim.
So anyway, let me change pace a little bit. Chasing 250,000 pieces of malware a day is a massive challenge, and those numbers are only growing directly in proportion to the length of my stress line, you'll note here. So I want to talk to you briefly about a group of hackers we tracked for a year and actually found -- and this is a rare treat in our job. Now this was a cross-industry collaboration, people from Facebook, independent researchers, guys from Sophos. So here we have a couple of documents which our cybercriminals had uploaded to a cloud service, kind of like Dropbox or SkyDrive, like many of you might use. At the top, you'll notice a section of source code. What this would do is send the cybercriminals a text message every day telling them how much money they'd made that day, so a kind of cybercriminal billings report, if you will. If you look closely, you'll notice a series of what are Russian telephone numbers. Now that's obviously interesting, because that gives us a way of finding our cybercriminals. Down below, highlighted in red, in the other section of source code, is this bit "leded:leded." That's a username, kind of like you might have on Twitter.
U svakom slučaju, dozvolite mi da promijenim malo tempo. Jurenje 250 000 komada malvera na dan je ogroman izazov, a ti brojevi samo rastu direktno srazmjerno dužini moje linije stresa, primijetićete to ovdje. Želim da vam ukratko kažem nešto o grupi hakera koju smo pratili godinu dana i čak ih našli a to je rijetka poslastica u našem poslu. Ovo je bila unakrsno industrijska saradnja, ljudi sa Facebook-a, nezavisnih istraživača, momaka iz Sophos-a. Dakle, ovdje imamo nekoliko dokumenata koje su sajber kriminalci postavili na servis, kao sto je Dropbox ili SkyDrive, ili neki koji možda koristite. Na vrhu, primijetićete dio izvornog koda. Ovo bi slalo sajber kriminalcima tekstualnu poruku svaki dan, obavještavajući ih koliko novca su zaradili tog dana, kao neka vrsta sajber izvještaja. Ako pogledate bliže, primijetićete niz ruskih telefonskih brojeva. Sada je očigledno interesantno, jer to nam daje način za pronalaženje naših sajber kriminalaca. Ispod, označeno crvenom bojom, u drugom dijelu izvornog koda, ovo malo je "leded : leded ." To je korisničko ime, nešto kao što imate na tviteru.
So let's take this a little further. There are a few other interesting pieces the cybercriminals had uploaded. Lots of you here will use smartphones to take photos and post them from the conference. An interesting feature of lots of modern smartphones is that when you take a photo, it embeds GPS data about where that photo was taken. In fact, I've been spending a lot of time on Internet dating sites recently, obviously for research purposes, and I've noticed that about 60 percent of the profile pictures on Internet dating sites contain the GPS coordinates of where the photo was taken, which is kind of scary because you wouldn't give out your home address to lots of strangers, but we're happy to give away our GPS coordinates to plus or minus 15 meters. And our cybercriminals had done the same thing. So here's a photo which resolves to St. Petersburg. We then deploy the incredibly advanced hacking tool. We used Google. Using the email address, the telephone number and the GPS data, on the left you see an advert for a BMW that one of our cybercriminals is selling, on the other side an advert for the sale of sphynx kittens. One of these was more stereotypical for me. A little more searching, and here's our cybercriminal. Imagine, these are hardened cybercriminals sharing information scarcely. Imagine what you could find about each of the people in this room. A bit more searching through the profile and there's a photo of their office. They were working on the third floor. And you can also see some photos from his business companion where he has a taste in a certain kind of image. It turns out he's a member of the Russian Adult Webmasters Federation.
Pa hajde da to pogledamo malo bolje. Postoji nekoliko drugih zanimljivih djelova koje su sajber kriminalci postavili. Mnogo vas ovdje će koristiti pametne telefone da fotografišete i postavite slike sa konferencije. Interesantna karakteristika većine modernih pametnih telefona je da kada fotografišete, ugrađuje GPS podatke o tome gdje je fotografija snimljena. U stvari sam proveo dosta vremena na internet dejting sajtovima nedavno, očigledno za istraživačke svrhe, i primijetio sam da oko 60 odsto profilnih slika na internet dejting sajtovima sadrže GPS koordinate gdje je fotografija snimljena, što je nekako strašno jer ne biste dali svoju kućnu adresu mnogim strancima, ali mi rado dajemo svoje GPS koordinate na plus ili minus 15 metara. A naši sajber kriminalci su uradili istu stvar. Dakle, ovdje je slika koja sve rješava, u Sankt Petersburgu. Zatim smo primijenili nevjerovatno naprednu hakersku alatku. Koristili smo Google. Koristeći email, broj telefona i GPS podatke, sa lijeve strane vidite reklamu za BMW koji jedan od sajber kriminalaca prodaje, na drugoj strani postoji reklama za prodaju sfinks mačića. Jedna od njih bila je više stereotipna za mene. Malo više pretraživanja, i evo naših sajber kriminalaca. Zamislite, to su okorjeli sajber kriminalci koji rijetko objavljuju informacije. Zamislite šta možete naći o svakoj osobi u ovoj prostoriji. Malo više pretrage kroz profil i eto je slika njihove kancelarije. Radili su na trećem spratu. I takođe možete vidjeti neke fotografije njegovog poslovnog kolege gdje ima poseban ukus za određenu vrstu slike. Ispostavilo se da je on član Ruske Webmasters federacije.
But this is where our investigation starts to slow down. The cybercriminals have locked down their profiles quite well. And herein is the greatest lesson of social media and mobile devices for all of us right now. Our friends, our families and our colleagues can break our security even when we do the right things. This is MobSoft, one of the companies that this cybercriminal gang owned, and an interesting thing about MobSoft is the 50-percent owner of this posted a job advert, and this job advert matched one of the telephone numbers from the code earlier. This woman was Maria, and Maria is the wife of one of our cybercriminals. And it's kind of like she went into her social media settings and clicked on every option imaginable to make herself really, really insecure. By the end of the investigation, where you can read the full 27-page report at that link, we had photos of the cybercriminals, even the office Christmas party when they were out on an outing. That's right, cybercriminals do have Christmas parties, as it turns out. Now you're probably wondering what happened to these guys. Let me come back to that in just a minute.
Ali, ovo je mjesto gdje naša istraga počinje da usporava. Sajber kriminalci su zaključali svoje profile prilično dobro. I ovdje je najveća lekcija o društvenim medijima i mobilnim uređajima za sve nas u ovom trenutku. Naši prijatelji, naše porodice i naše kolege mogu razbiti našu sigurnost čak i kada radimo prave stvari. Ovo je MobSoft, jedna od kompanija koju je sajber kriminalna banda preuzela, i zanimljiva stvar u vezi MobSoft-a je da je njegov 50 - procentni vlasnik postavio oglas za posao, i ovom oglasu za posao odgovara jedan od telefonskih brojeva iz ranijeg koda. Ova žena je bila Maria, i Maria je žena jednog od sajber kriminalaca I to je nešto kao da je otišla u podešavanja svojih društvenih medija i kliknula na svaku opciju koju je zamislila da bi sebe učinila stvarno nesigurnom. Na kraju istrage, gdje možete pročitati izvještaj od 27 strana na tom linku, imamo slike sajber kriminalaca, čak i Božićne žurke u kancelariji kada su izlazili. Tačno tako, sajber kriminalci imaju Božićne žurke kako se ispostavilo. Sada se vjerovatno pitate šta se desilo sa ovim momcima. Dozvolite mi da se vratim na to samo na minut.
I want to change pace to one last little demonstration, a technique that is wonderfully simple and basic, but is interesting in exposing how much information we're all giving away, and it's relevant because it applies to us as a TED audience. This is normally when people start kind of shuffling in their pockets trying to turn their phones onto airplane mode desperately.
Želim da promijenim ritam za posljednju malu demonstraciju, tehnike koja je predivno jednostavna, ali je zanimljiva za otkrivanje koliko informacija odajemo, i to je relevantno jer se odnosi na nas kao TED publiku. To je normalno kada ljudi počnu da šunjaju po svojim džepovima pokušavajući da svoje telefone prebace na režim letjenja, očajnički.
Many of you all know about the concept of scanning for wireless networks. You do it every time you take out your iPhone or your Blackberry and connect to something like TEDAttendees. But what you might not know is that you're also beaming out a list of networks you've previously connected to, even when you're not using wireless actively. So I ran a little scan. I was relatively inhibited compared to the cybercriminals, who wouldn't be so concerned by law, and here you can see my mobile device. Okay? So you can see a list of wireless networks. TEDAttendees, HyattLB. Where do you think I'm staying? My home network, PrettyFlyForAWifi, which I think is a great name. Sophos_Visitors, SANSEMEA, companies I work with. Loganwifi, that's in Boston. HiltonLondon. CIASurveillanceVan. We called it that at one of our conferences because we thought that would freak people out, which is quite fun. This is how geeks party.
Mnogi od vas znaju za koncept skeniranja wireless mreže. Radite to kad god uzmete vaš iPhone ili Blackberry i konektujete se na nešto kao TEDAttendees. Ali ono što možda ne znate jeste da takođe odajete i listu mreža na koje ste se ranije konektovali, čak i kad ne koristite wireless aktivno. Pokrenuo sam malo skreniranje. Bio sam relativno inhibiran u odnosu na sajber kriminalce koje nije toliko brinuo zakon, i ovdje možete vidjeti moj mobilni telefon. U redu? Dakle možete vidjeti listu wireless mreža. TEDAttendees, HyattLB. Šta mislite gdje sam? Moja mreža kod kuće, PrettyFlyForAWifi, za koju mislim da ima odlično ime. Sophos_Visitors, SANSEMEA, kompanije u kojima radim, Loganwifi, koji je u Bostonu. HiltonLondon. CIASurveillanceVan. Tako smo ga zvali na nekoj od naših konferencija zato što smo mislili da ćemo zaluđeti ljude, što je malo zabavno. Ovako stručnjaci slave.
So let's make this a little bit more interesting. Let's talk about you. Twenty-three percent of you have been to Starbucks recently and used the wireless network. Things get more interesting. Forty-six percent of you I could link to a business, XYZ Employee network. This isn't an exact science, but it gets pretty accurate. Seven hundred and sixty-one of you I could identify a hotel you'd been to recently, absolutely with pinpoint precision somewhere on the globe. Two hundred and thirty-four of you, well, I know where you live. Your wireless network name is so unique that I was able to pinpoint it using data available openly on the Internet with no hacking or clever, clever tricks. And I should mention as well that some of you do use your names, "James Lyne's iPhone," for example. And two percent of you have a tendency to extreme profanity.
Hajde da ovo učinimo malo interesantnijim. Pričajmo o vama. 23 odsto vas je skorije bilo u Starbucks-u i koristili ste wireless mrežu. Stvari postaju zanimljivije. 46 odsto vas mogu povezati sa poslom, XYZ Zaposleni mreža. Ovo nije neka nauka, ali postaje prilično tačno. 761 vas mogu identifikovati hotel u kojem ste skoro boravili, sa velikom preciznošću negdje na planeti. 234 vas, pa, znam gdje živite. Naziv vaše wireless mreže je toliko jedinstven da sam u mogućnosti da vas lociram koristeći dostupne podatake na Internetu bez hakovanja ili prepametnih trikova. I mogu pomenuti da neki od vas koriste sopstvena imena, na primjer: "James Lyne's iPhone". I 2 odsto vas ima tendenciju za ekstremnim psovkama.
So something for you to think about: As we adopt these new applications and mobile devices, as we play with these shiny new toys, how much are we trading off convenience for privacy and security? Next time you install something, look at the settings and ask yourself, "Is this information that I want to share? Would someone be able to abuse it?"
Nešto o čemu bi trebalo da razmislite: Kao što smo prisvojili nove aplikacije i telefone, kao što se igramo sjajnim novim igračkama, koliko pogodnosti kupujemo za privatnost i bezbjednost? Sljedeći put kada instalirate nešto, pogledajte podešavanja i zapitajte se, "Da li je ovo informacija koju želim da podijelim? Da li bi neko mogao da je zloupotrijebi?"
We also need to think very carefully about how we develop our future talent pool. You see, technology's changing at a staggering rate, and that 250,000 pieces of malware won't stay the same for long. There's a very concerning trend that whilst many people coming out of schools now are much more technology-savvy, they know how to use technology, fewer and fewer people are following the feeder subjects to know how that technology works under the covers. In the U.K., a 60 percent reduction since 2003, and there are similar statistics all over the world.
Takođe treba pažljivo da razmislimo o tome kako ćemo u budućnosti razviti naš talenat. Vidite, tehnologija se mijenja nevjerovatnom brzinom, i tih 250 000 malvera neće dugo ostati isti. Postoji jedan veoma zanimljiv trend da iako mnogo ljudi dolazi iz škola i tehnološki su obrazovani, znaju da koriste tehnologiju, sve manje i manje ljudi prati uputstva proizvođača da bi znali kako tehnologija zaista radi. U UK, 60 odsto je smanjenja od 2003. i slična je statistika širom svijeta.
We also need to think about the legal issues in this area. The cybercriminals I talked about, despite theft of millions of dollars, actually still haven't been arrested, and at this point possibly never will. Most laws are national in their implementation, despite cybercrime conventions, where the Internet is borderless and international by definition. Countries do not agree, which makes this area exceptionally challenging from a legal perspective.
Takođe treba razmisliti o pravnim pitanjima iz ove oblasti. Sajber kriminalci o kojima sam pričao, uprkos krađi od milion dolara, zapravo još nijesu uhapšeni, a vjerovatno nikada i neće. Većina zakona su nacionalni u njihovoj realizaciji, uprkos konvencijama o visokotehnološkom kriminalu, gdje je internet bezgraničan i međunarodan po definiciji. Države se ne slažu, što čini ovu oblast izuzetno izazovnom sa pravne tačke gledišta.
But my biggest ask is this: You see, you're going to leave here and you're going to see some astonishing stories in the news. You're going to read about malware doing incredible and terrifying, scary things. However, 99 percent of it works because people fail to do the basics. So my ask is this: Go online, find these simple best practices, find out how to update and patch your computer. Get a secure password. Make sure you use a different password on each of your sites and services online. Find these resources. Apply them.
Ali moje najveće pitanje je: Vidite, napuštićete ovo mjesto i viđećete neke zapanjujuće priče u vijestima. Pročitaćete kako malver radi nevjerovatne i zastrašujuće stvari. Međutim, 99 odsto ovoga radi zato što ljudi ne urade osnovno. Dakle, ono što tražim je sljedeće: Otiđite na mrežu, pronađite najbolje rješenje, saznajte kako da ažurirate i zakrpite računar. Napravite sigurnu šifru. Budite sigurni da koristite različite šifre na svakom od sajtova i onlajn usluga. Nađite ove resurse. Primijenite ih.
The Internet is a fantastic resource for business, for political expression, for art and for learning. Help me and the security community make life much, much more difficult for cybercriminals.
Internet je fantastično mjesto za biznis, za političko oglašavanje, za umjetnost i učenje. Pomozite mi, i bezbjednosne zajednice će učiniti život mnogo, mnogo težim sajber kriminalcima.
Thank you.
Hvala vam.
(Applause)
(Aplauz)