My WiFi lost connection just as John said “and internet service providers are f...”, I seriously thought it was a gag for about a minute, it kept getting funnier!
Ransomware guy: send a nude. News later that day: In other news Russian ransomware farm employees were found dead earlier, seems they all looked at a photo before dying. Said photo has been classified a weapon of mass destruction.
As somebody in the field of cybersecurity, I'm sooooo glad we're starting to see real mainstream media coverage about just how dangerous ransomware really is. Now we just need to talk about the rest.
I hate having to do that ransomeware training every 2 months, but then I remember that my org was recently hit by an attack that shut down our network for 6 days, and someone definitely lost their job in that situation.
The single greatest tech knowledge I imparted to my Grandma when she became IT independent (aka got her own devices) was how to spot and avoid malicious emails/websites/ads. In the past 10 years I've helped her through various things like installing a new printer, setting up Netflix on a new TV, how to stalk her friends on facebook without them knowing (that one always leads to fun stories about the things she's found), even sending and receiving emails while on the go using a 4G dongle, and also taught my 88yr old Grandpa to navigate solitare/tripeaks games and watch dash cam footage on youtube.. he then figured out all on his own how to find some classic music on youtube that he hadn't heard in almost 50 years And during this time, the number of callouts I've had to help with viruses or malware - zero Parents should teach their kids about safe sex when they come of age, so kids, now it's your turn to teach your grandparents safe internetting.
Agree... I trying to figure out how to educate my parents on IT. My mom doesn't care about security of her computer. She thinks just b/c she has an anti-virus program, she is safe.
@@Lucius8514 most traditional anti virus' are completely useless, if you have windows defender and a vpn and know how to safely browse your completely fine!
Good point--counterpoint to "average Joe isn't a serious target" @fakename. Grandma is the most dangerous thing on the internet right now. My Grand rolled high on all the traits--75 Constitution, 55 Intelligence, a natural 100 in Charisma. But she's the type who rolls snakeyes after 'walking into the dark screaming tomb entrance.'
John overlooked the fact that the attack on Colonial didn’t target the pipeline control and safety systems, it attacked their billing system. They could have continued to deliver oil/gas but opted not to because they didn’t want to lose revenue.
To be fair, an organization with such terrible infrastructure to be the victim of ransomware probably doesn’t do client isolation. Profits were definitely 99% motivation but they had most likely no idea just how much they were comprised.
"If HBO is gonna be publicly humiliated , it'll be by releasing the last season of Game of Thrones, on it's own Terms. Thank You." I almost forgot how much The HBO likes to humiliate itself; on top of that, they paid for this joke and then aired it 😂
My haters throw rocks at me and IT hurts. I hope they don't throw The Rock at me because I like him as an actor. GAGAGAGAGA!!! I am funny!!! I am the funniest RUclipsr EVAH! Please agree, dear dhe
Remember everyone, it wasn't even the ransomware that caused the gas stations to run out, it was the people hoarding gas in plastic bags. Source: I live in North Carolina.
@@viktorvaugndoom It can, don't quote me on this but I think there were people trying to get a refund on the excess they bought. The shortage lasted maybe only 2 weeks tops.
the fact that u think that's a source is amazing... Source: I live in Europe so I am smarter Edit: This comment created some out rage and has show that there is some confusion when it comes to the word "source": The same way one video showing a person filling gas in a plastic bag isn't relevant for the question: “Why were there gas shortages?”, the statement of one person claiming to have seen this happening is nothing else but an anecdote. It tells us nothing about the extend of this practice. To understand this aspect in context of the hole shortage U need statistics. This feels to me like a classic case of “Anecdotal evidence". "Anecdotal evidence is a factual claim relying only on personal observation, collected in a casual or non-systematic manner", and not a good source for any information.
As a developer myself, I can absolutely attest to that. If I ever have to buy a smart appliance, I am going to make sure that I have some kind of physical kill switch just in case.
pretty sure a lot of techs would suggest not having smart devices. Cause let's be real. Does your stuff need to be smart. Your fridge keeps thing cold, thats enough, your oven makes things warm and hot, thats enough. You do not need them to connect to your phone. And for the love of god, nothing is wrong with having a light switch on your wall that you can easily flip rather than some smart system that'll leave you in the dark if someone wants to ransom it.
I’ve watched this show enough to expect that clip with the Russian lady ending with her being arrested for threatening the hackers and the hackers getting away with everything. This show has made me expect the worst in the world and be happily surprised when it’s not that bad.
Funnily enough, if she had made it clear that she is from Russia, the hackers may have let her off without paying. That's because of the "no damage to Russia" policy that they are relying on to stay operation.
As an IT guy, I cannot stress this enough - you need to back up your stuff, and you MUST HAVE AN OFFLINE COPY OF IT. Spending a couple hundred bucks is much cheaper when you need to restore.
I regularly make a backup of the files on my laptop (on a external drive, that I disconnect after the backup), but how about other devices? How can I make an offline backup of, for example, the photos on my mobile phone?
@@timonix2 So, if they encrypt your computer and the external drive is plugged in, they get all of that too? Just checking. This video freaked me out and I need to start learning.
Honestly, they're getting pretty good. What tips me off is the e-mail address. If I'm really concerned, I head to the site independently to check something out.
Always check the address. That will prevent most attacks. Even addresses can be spoofed though (to an extent), so *always* inspect the link before you click it.
The typos, spelling and grammar errors are deliberate. It's an intelligence/education filter. The phishers know that the time they spend on reeling in relatively stupid and uneducated people will be more likely to pay off.
Self-selecting for gullible marks. I'm seeing a few btc scams in RUclips comments recently, comment threads on popular vids that consist of 20 replies from different fake accounts all registered around the same time about how great some imaginary "investment consultant" is and how his trading advice always pays off, someone asking how to contact, someone else responding with a WhatsApp number. The grammar/syntax is laughably poor but I'm inclined to think that's deliberate once again.
I got a poorly composed e-mail from my property management company yesterday and was convinced it was a scam 😂 I almost told the woman sending it that she needed to take a communication class but I like not getting evicted 😂
The funny thing is, they were still pretty much right. They misjudged the specific protocol, but sending images live from a wireless device on the beach _is_ entirely doable, and probably not uncommon at all. It's just not based on facsimile machines.
About companies not telling about getting hacked: some countries like the Netherlands have a law that obligates companies to disclose if they have had any form of cyber breach or data leak and how it happened. When people's data is stolen (or destroyed?), companies are also obligated to notify all possible affected parties
Just because they are supposed to do it, doesn't mean they actually do it. I guarantee you a lot of companies would rather break the law and try to get away with hiding the truth.
As an individual in the Cyber Security field, I want to say thank you for talking about this and brining attention to it. Media really doesnt touch on attack types and how much a cyber attacker can actually damage infrastructure. Thank you sir.
Companies just aren't hiring anyone for cyber security nowadays, they all are far to lazy to actually understand that these attacks could happen to them just as easily. It only takes one fool on their network to click a bad link and then it's game over. When I got my cyber security degree I was told they'd be people lining up to hire us, it never happened. Companies are far too reactive instead of proactive.
@@EpicLatios I definitely see your issue, and i chalk it up to terrible HR alignment with the actual security team. The standards to hire are absolutely ridiculous and need to be changed, I definitely fault the industry for that. I wish you well on your job hunt.
John, you forgot something that everyone needs to do to avoid paying ransomware; Backup Your Data!!! That way you can wipe the computer and restore your important files if they crypto-lock your computer.
As Don said John had mentioned that albeit briefly, what he didn't mention is that its entirely possible for hackers to encrypt your backups as well or the possibility that already exists in the backup and simply dormant until you try and restore that data.
@@BigHeadClan Which is why you should have regular offline/unconnected backups if it's vital data (rotating thumb drives would work for the average user). If my gaming PC gets ransomware, I'm just gonna wipe it anyway.
@@intiorozco5063 nope, that's just down to companies using poor security practices like running servers with weak authentication or unpatched vulnerabilities, or storing unhashed passwords in an unsecured AWS bucket that somebody just happens to stumble over by pure chance (which has happened multiple times).
There was a big part missing in the advice at the end: Backups. Working backups that are physically disconnected most of the time from the live systems make ransomware more of an annoyance than a threat. "You have encrypted my photos? Well I have a copy on that flash drive over there... so... i just re-install my PC and I'm good to go."
They are not the all-out solution, yes they help, but there has been ransomware that takes weeks or even months to learn about it's users on the infected systems only to deploy much later. That external drive you thought would come in handy might have been compromised by that time as well, so it can be tricky to know if it's been infected with the system that encrypts the files.
@@fragdeinpferd Dick pics. If you only keep dick pics, then the joke is on them. If they lock your files, you can tell them, "go ahead, take a look. You can keep those, plenty more where that came from..."
One of the simplest ways to help with cyber Security of our PCs is don't make your main account you use on the PC an admin account. Change it from a Admin to a standard user and every time you need to do something that requires admin rights, just input it.
I work in IT and I have had to explain this to many clients over the years. The number of executives who think they NEED Domain Admin rights on their day-to-day accounts is appalling.
I just wish it had been followed up by explaining those steps because that's the part where a lot of us older folks are literally scratching our heads. Like okay don't click on suspicious email well that's been a thing since email existed so I got that, ok. But first I'm setting up some kind of double authentication. . . Not sure what that is, with what I achieve this, nor what it covers- does that cover my whole computer as I'm using it or just every app one by one on my phone, and also WHAT IS THIS. There's so many things to Google there I feel like a lot of older people are just going to give up and just hope it never happens to them.
@@josephinethornton3823 i think Oliver has an episode about non-intuitive interfacing.. computers are meant to make life easier but as i like to say, technolization in the pursuit of comfort is oxymoronic. And whether the programmers and designers intend this kind of gatekeeping, or the learned use their understanding as a status symbol, or anti-fix-it-yourself corporate interest is in narrowing utility.. i imagine all of the above and so much more that i'll never understand about computrons.
@@josephinethornton3823 you are right this segment stopped at the awareness level without really going into education (sadly I don't have any publicly available education link to provide at the moment) and it would have been great if them to provide some inputs about where to find it. That being said you'd be surprised how many people still click on suspicious and too-good-to-be-true emails.
HONEST QUESTION : do cybersec pros also have cyberattack pro that work in conjunction with them? like in any conflit, a good defense is helped with a good offensive response, no?
"If HBO's going to be publicly humiliated, it'll be by releasing the last season of Game of Thrones on its own terms, thank you very much." That burn was hotter than dragon fire.
Europe gang watching this at 9:00 AM, so we don’t have to stay up late, we just have to wake up “early”. Who gets to call waking up at 9 AM “waking up early”? European programmers. We’re all working remotely, and my job is lucky if I put on pants for our zoom meetings.
Please Hackers. ONLY use Ransomware on corrupt churches, dictators and right-wing assholes And secretly donate some of the money you take from those monsters to the poor!
Would love John to also do another foreign topic like the imminent collapse in South Africa. There's actually a video that goes into the root causes of South Africa’s decline beyond the recent unrest: ruclips.net/video/eGr_0QukEZs/видео.html&ab_channel=MyTake
This was apart of my high school morning routine. I wake up, get ready for school, and then I watch funny British man remind me that the world outside sucks. (Sigh) Good times
"he's like robin hood, if robin hood had gone around taking money from the poor, and promising the poor that he'd definitely give it back to them later". dog that's just ronald reagan
@White wolf I'm open to hearing many different perspectives/ opinions. I actually enjoy it. But I gotta say that when I hear people use nicknames like "sleepy Joe" I find it very hard to take the accompanying message seriously. Doesn't matter which party the jab is directed towards.
@White wolf Nothing says prosperity like tripling the national debt with military spending and reduced economic mobility... ItS gOnNa TrIcKlE dOwN aNy DaY nOw
Uhm, buttplugs aren't painful, luv. They feel amazing. Yeah, even for guys (arguably more so~ tbh) Well, when you know when you're going to be done with it anyways lol
@@Sebazzz1991 I doubt much could have been done. Insurance won't cover it and all that can be done is to dissolve the company and pay as many people as possible. Alas yes... they got away with it. If you store something dangerous you are required to store it safely. The same should be required for data.
Most of these clowns aren't actually 'hackers' and it's unearned flattery to refer to them as such. If we imagine a hacker as an expert fly-fisher then these guys are the internet equivalent of a tug trawler. They spread a massive net and then tug boat goes brrr
@@SpiderCat420 I'm taking IT security classes now, and I can confirm they still do call them script kiddies. A lot of these guys don't know anything more than "haha, click button and crypto wallet goes brrrrr"
Kinda wish Oliver had mentioned that the Colonial Pipeline hack didn't even affect distribution systems, only payment; Colonial cut off gasoline distribution and caused a panic because they were worried they wouldn't get paid. It's not germane to the main discussion, but it's still super scummy, and Colonial needs to be called out more for it.
@@Emeraldcrystal7E True. But it is refreshing to see Ito brought into a conversation based on such a loose but relevant and funny connecting thread, rather than say, in a conversation about horror or manga or Japanese culture.
My wife’s step-mom called me with a computer problem. Said her screen was stuck. Not changing. I said it sounds like your computer has frozen up. She said, “Probably, it is really cold outside!”
Lmao can't beat my mom. She asked why she can't save files in her laptop and I told her that her memory is full and heavy. She legit carried the laptop with a proud face and told me "it's super light what are you talking about" Can't wait till tech advances tho to the point our kids would say "okay zoomer"
It was cute at first when old people started using computers, but now they are falling for obvious scams, paying ransoms, and making scammers and hackers more common as it becomes more lucrative. Some old person saved my number in their phone downloaded some app and gave it access to their contacts and now I get spam text messages every day.
@@stephpears4012 About 6 years ago my wife (passed away in 2018) wanted to pay $75 to a hacker as her laptop was held ransom. I told her no! I knew how to get it back to normal. So yes, I can see how many seniors could fall for that scam.
Yeah, for all that John says "Nobody asked you that question", I actually thought "They had a really dumb, easy-to-guess password, didn't they?" before he showed the clip.
That would be wrong then. Solarwinds got hacked by someone using a "backdoor". If you want a definition at what a "backdoor" is, then go watch "War Games". Matthew Broderick did it with a "backdoor"
reason why ransomware attacks are so common, is that every company thinks "yea the attacks are common, but it will probably not happen to us" and then proceed to allocate minimal budged to cybersecurity protection measures. great % of critical systems around the world run on WINDOWS XP, some even on MS-DOS
There are some that still probably even run on vista. Actually, I know there are some that still run on vista. Also, I know for a fact that many point of sales (cash register) systems run on old operating systems.
for some bizzare reason the thing that has me shellshocked is that you know have app-controlled sex toys with a "friends" function. What a world we live in. Until i actually checked that it's a real thing I was convinced that Last Week Tonight simply invented it as a joke...
To clarify, the license plate reads "B217OP" which is read "V217OR" in Russian and 217 is not part of the "thief" spelling, it's the "VOR" that means thief, so it's not that blatant. It's like if someone had license plate numbers "TH217IEF"
reminder, the gas pipeline was never in any danger, it was their billing system that was compromised, so rather than risk customers not being billed properly they shut the pipeline down.
@@thisbymaster I'm usually for having a country handle critical infrastructure instead of profit driven companies (less incentives to cut maintenance for short term profits and all that jazz), but did you see the whole video? Cybersecurity at the country level is not any better than at the private level If that's the only problem you want to solve, that's not a solution
As an IT professional this is all true...this mainly happens bc most businesses dont want to invest in decent IT departments...they rather contract out when needed..and it leaves them vulnerable to things like this. Backup is a thing too...that doesnt happen as much as it should...but the cyber war is on.
I remember googling what was happening when I noticed every single gas station around me had lines all the way out into the streets. I saw a couple articles saying “there shouldn’t be too much of a shortage unless everyone goes out to get gas right now” and I immediately knew there would be a huge shortage… ah, the south.
Mob mentality creates self fulfilling prophecies. Exact same thing that happened with TP at start of the pandemic. Everyone worried they would run out and stores wouldn't have enough. Except they did and the shortages were strictly caused by people buying it up. Mobs are only as smart as the dumbest person in it.
We call this the "Boomer Tax" in my company. We're breached a lot because our managers are "in their 60's, haven't grown since the 70s, and force us to use software vendors from the 90s"
@@eponymousIme they *literally* don’t get breached as much. It’s not ageist to know - for a fact - that technology can be bewildering to older people. By your “logic” it’d be ageist to say “millennials don’t know how to use 5.5 soft disks”. You are right, we don’t! Different generations, different skill sets.
The sad thing is, the government wouldn't be doing anything about this, had ransomware not been used against corporations, and only targeted regular people.
To be fair - of the two parties that can run "the" government, only one ignored a deadly pandemic to protect business, until like the fifth wave made it clear that sacrificing people to save business doesn't work. Not saying the others don't care about business, but dems are at least aware that business doesn't work without the little people. And business also kinda profits from money not being moved to russian hackers.
Hacking hospitals = not cool. However, ransomware attacks against police departments might be able to do what the government refuses to do, release IA files for everyone to see.
I find the hack of the gas pipeline to be suspect. who was it that profited from the huge increase in price, and the increased demand (due to panic) of gas at inflated prices
The funny thing is, those of us that actually work in tech fields tend to be Luddites when it comes to these internet connected things. We know what can happen and don't want to be caught like this.
I'm not a Luddite because I'm worried about getting hacked/cryptolocked, it's because I think IoT is a bunch of unnecessary bullshit that I have no need for. Not having a bunch of open ports on my network is a bonus. :)
Newt Gingrich shows up. Me: "Oh, is this going to be one of those 'the worst person you know has a point' moments?" Gingrich: *speaks* Me: "Nope. It is not one of those moments at all."
dont get me wrong: im all for killing those guys, but Newt seems to think you can just "go" to Russia (for example) and start killing Russian folks. that kinda seems like an act of war.
I was also expecting that, lol. Ya let me down, Newt. Also, I can't hear that name without thinking of Harry Potter transfigurations and their end of the year exams.
I was like: Honestly, he made sense (and I loathe to think there are times where Newt makes sense, it's like those times when you actually heard Chris Wallace on FoxNews and had to go: "Darnit...that was true."). So many of these people are really just some of the worst people anyways. It wouldn't be so bad to say...order a drone strike on a ugly-camo paint jobbed Lamborghini being driven by that Russian hacker, would it? I mean...it's a shame for the car...but let's put the really bad ransomware people (the kind that would, say, lock down a freaking hospital or a thermostat) in the same category as what we should do to child molesters and rapists: kill them, leave them for the birds and rot, and walk away whistling.
Can we all just take a moment to admire John Oliver's willpower, sitting there with nearly a straight face and say, " Crucially, the barrier to entry has gotten lower." while discussing hacked internet butt plugs without losing it, this man must be carved from granite.
and don't just use an os backup utility. While they are incredibly helpful most of the time, in this case, some ransomware attacks put in a months long delay before activation to make sure your backup has been infected too. You should manually backup the files you care about once a month.
I have been backing up my computers to external drives, not connected to a network, since the early 2000s. More than a decade ago, my pc was hit with ransomware. I simply found the malicious file, cleaned my computer, deleted the locked files, and restored them from an external drive. I also have redundancy, so that if a drive fails, I have multiple external drives with copies. People still fail to routinely back up their files.
DocuSign is the embodiment of the blond bimbo thinking that electronic signatures is signing the screen with her lipstick. They make all kinds of compliance claims, but in the end, they only verify that messages were signed by whomever they sent an e-mail demanding a signature on some made up legal terms of service.
@@Luvrnetic Quoting badly written laws is the hallmark of crooked lawyers. I have encountered their agreement process in the past, before they added an imitation of PKI.
"Hello, Locksmith and Co.? I lost a very important key and would need your services." "Are you locked out of your home?" "No. I need you to unlock my butt."
@@JAlonge017 I think I feel the same as @luislozano. My mother needed a new laptop. Bought one. But NOW she needs a microsoft account and a microsoft e-mail just to get the ting started !!! ???? Even if all she does is her private bookkeeping and store pictures on it, the big tech COMMANDS you the connect to the internet first in order to be able to use your (personal) computer.
As someone who works in supporting IT teams, it shocks and dismays me how woefully unprepared companies and governments are for these ransomware attacks. A properly set up IT infrastructure should be able to recover from ransomware attacks with minimal downtime. Offsite backups, live backups, file versioning, all of these are part of standard disaster recovery systems that should be employed but aren't. My personal clients computers have better disaster recovery than many of the people I work with in my day job.
Hackers, scammers and thieves using the internet to their advantage to defraud and trick others have skyrocketed while IT-experts and law enforcement hasn't kept up at a linear rate. So it's oversaturated with bad actors and not enough defense forces to keep the bad actors at bay. And companies don't want to pay those extra dollars each month to deal with something relatively rare and difficult.
Yep. In some attacks in my country it turned out pretty critical machines had working USB ports allowing USB sticks to be inserted and used, which I feel should really urge companies to start physically disconnecting those in really critical machines. All sites URL's that give me a weird feeling are opened on a seperate machine that is unable to see other machines in the network, should that get infected, I destroy everything on it, reinstall it and no damage done (would love to have it on a different subnet as well, but that's something our modem-router combination does not provide as an option yet). As for backups, well, practically what you said is what I do, especially off-line backups that are performed on stations switched off so they are only physically accessible unless I put it in a swap-bay.
Most companies are also ran by boomers who don't know or care what cyber security is. Apparently spending a little money to protect alot of money isn't worth it to them.
I mean, at the end of the day, its a team of tech guys vs another team of tech guys using tools made by other tech guys and talent floods to each side. Often times, your team is understaffed and trying to protect the company from the dumbest morons in that company. Even the one that do try could throw everything at the wall and either not find enough staff or find out the opposition is simply better. Honestly, the reality is like breaking into a house, if someone wanted in, they can get in. Gingrich made a lot of sense about the murdering laws if it wasn't so stupid and wouldn't even do anything.
The show's whole bit is not quiiiite connecting the separate topics so that they don't outright SAY "the problem is capitalism" but you can figure it out yourself.
@@ImpudentInfidel my take away is unchecked government not capitalism. Maybe capitalism allows it to be unchecked but I will say the same thing about Soviet Russia. Unchecked government not communism. However they used communism really well to be an unchecked capitalist government.
@@treebeard8475 unchecked everything, not government Capitalism without any restraints is as bad as unaccountable state institutions All the episodes in companies exploiting poorly implemented social programs are a merge of the 2
@@Daniel-yy3ty absolutely agree. I guess it breaks down to a lot of unchecked money which can audit and investigate itself. It’s more complex than that but have a great day man!
Also good advice: Always make full backups on external harddrives or flashsticks. So when the Ransomeware strikes, just delete the harddrive and reload the last backup. If everyone would be doing that, there would be no Ransomware.
I don't understand why you wouldn't be able to just... take it out normally. Unless that animation was accurate in which case... what the fuck!? Wouldn't that cause damage? Your putting a god damn wing nut into your asshole! What are you thinking?! I don't care what you may be into you do not need the equivalent of a drywall anchor for your asshole! What are you planning on doing? Hanging a TV on it?
The funny and sad part of the pipeline hack is that even though the company paid the money, Colonial restored their own systems from backups because "it's just faster." Also, the hack didn't stop the flow of gas, it stopped the software that Colonial was using to process payments. If it had used old fashioned methods to track customers, it would never have had to shutdown at all. Now after hearing something horrible, imagine trying to fit a key in your hacked remote control buttplug.
Just adding another reply because it's important to reiterate that Colonial never had to shut down the gas. They chose to disrupt a vital resource and cause mass chaos rather than let a few pennies slip through their fingers, and all corporations are like this.
@@deborahlimby5549 et.al. No... Just no. Colonial, at the time, didn't know how deep the attack was. They shut down the pipes in the off-chance there was some malware-thing that crossed the air-gap and was going to go 'boom!' IRL & actually kill people. I'd (I do CyberSec for a living) order the same thing from a safety perspective.
Lol I have been in audit over 10 years and IT audit over 5 years...and this episode is probably 3X better than the typical IT security training course that cost $100 per hour...much funnier too.
I love this show!! John, please do an episode about the trucking industry. My dad is a long-haul trucker, I've been thinking about going into it (to pay off my fucking student loans which I've been paying into for 20 years already!), but there is clearly a shit-ton of predatory business going on in that industry and I'm afraid to even start. Would love to hear your thorough and inevitably hilarious take on it.
I don't know anything about trucking but I know there are startup companies like Lane Axis using block chain to cut out the problems with brokers & directly matching jobs.
I've got an English degree, about 20 thousand dollars of debt if I'm doing my math right, and two jobs that combine to $42,000 USD a year, assuming everything stays stable enough for me to work 60 hours a week, and my "weekend" being a mere 6-hour shift. Yeah. I'm honestly looking at long-haul as a rescue from what I'm doing. At least long-haul is mostly highway...
Also, "death sentences" can mean people are LESS LIKELY to be found guilty, even if they obviously are. Like, if you could be sentenced to death for obstructing traffic, almost no one's would be found guilty of obstructing traffic.
@@CatHasOpinions734 Say that to the gross nummer of people wrongly convicted and were killed by the state. Some have been fortunate enough to be released due to new DNA-tech, but this is an ongoing issue.
@@idalarsen2540 just in case it's unclear, I'm opposed to the death penalty, and the fact that it's killed a number of innocent people is one of the major reasons. The fact that it can influence juries to not convict someone of a crime even when overwhelming evidence has been presented is just another reason to get rid of it. It makes perfect sense to me that a jury would fail to convict someone they know to be guilty because they don't feel that death is a fair punishment, the problem here isn't them, it's the system, for making them choose between two wrong answers. The fact that people have been let off as a result of bad policy doesn't mean the innocent people who've been killed are any less tragic. If you're interested, I actually borrowed some of these analogies from a PhilosophyTube video on the death penalty, you might like it, it's really interesting.
IT as a whole, the branch under which cybersecurity responsibility tends to fall, is a criminally underfunded branch of most businesses, because business people are often so disconnected from reality that they truly believe the old joke: "When everything is working: What do we pay you for? When everything is broken: What do we pay you for?" The world is becoming increasingly tech dependent, and yet the people in charge of everything are basically technophobic. It's insane.
It's actual insanity that IT aren't paid more to keep up to date with the most important aspect of today's life for sure. I do not understand, for the life of me, why it's so hard to believe it's an actual job.
The issue is 99% of the people you work for, dont even know what you do. Let alone know what they should do to protect themselves. And even when the company had a course on cybersecuity guidelines, pentesters very frequently manage to find employees who either forgot everything, didnt understand it right or just lack awareness still I feel like pentesters are the only way to get through company leaders thick skulls and make them aware of the issue and why they really need to pay their IT department and train their employees ...but they are also the ones having to hire pentesters in the first place so...
Yeah, exactly. I work as a developer, and I can't tell you how many out of touch suits are out there who cut the funding on these preventative measures just because they don't understand why they have to pay them.
4:53 "Robin Hood, if Robin Hood had gone around taking money from the poor and promising the poor that he'd definitely give it back later." Isn't that just all rich people?
Funny thing. My stepdad once clicked on something unsavory, and ended up with a cheapo ransomware message flashing on the screen and making god-awful noises. I went over to the house on my mother's desperate request, saw it was nothing more than a browser-based prank, started the computer in safe mode, and deleted the installer and folder that was causing the issue. Problem solved. Meanwhile, they were freaking out, thinking some hacker was trying to steal their piddling amount of money from their bank account. Even after that, I still can't get them to use multi-factor verification. They say it's "too annoying" and "doesn't work". Guess I better teach them how to buy bitcoin.
Somewhere in Ohio, my mom’s crazy old family practice partner is throwing her hands in the air, shouting *I TOLD YOU SO!* in celebration of the fact that she’s refused to use medical record software for the past 20-odd years… (in favor of old-fashioned paper charts) Good job, Annette, but I really hope you’ve given into peer-pressure and let the nurses use air conditioning in the exam rooms again.
The chance of a ransomeware attack on a private doctor's office where employees follow basic security measures (or even one where they don't) is much lower than the chance of her patients ending up in the emergency room and suffering harm due to the hospital not knowing their full medical history and what medications they're taking because all that info is sitting in a stack of papers in an office. To make matters worse, there's a high likelihood that no one will even be in the office to send over those records (most family doctor practices are closed more than 100 hrs/week) and even if the patient goes to the hospital during office hours there will still be a long delay while the hospital obtains those records via fax machine and enters them into the database.
I love John's new take on the old joke, "Opinions are like a** holes: everyone has one and they all smell." Updated to, "A** holes are like opinions: letting the internet to be in charge of yours is a really bad idea." I'm looking at you, QANON followers.
Joke fail if you believe climate change is only warming. My error. Reptiles like insects speed up in heat (see basking turtles & snakes) so we lizards would be happy! (And better at plotting)
This just happened to the Toronto Public Library. Goes to show what happens when funding is cut from libraries. Hackers don't have morals about who they target.
@@Lemana28021989 it’s announced that the business daddy will change… it just hasn’t yet. Company sales, especially big ones take time to finally close.
This segment really missed the boat in talking about how insecure so many products are out of the gate. If computer and device security wasn't such a joke, they wouldn't be trivially hackable.
Indeed. I was looking forward to see John address root causes (reckless negligence by software/IT suppliers, incompetent IT procurement in companies and lack of resources in IT departments) but it seems he was advised by the same "experts" that contribute to this insecure ecosystem. I'm just waiting for people downloading a fraudulent "authenticator" app in which they will share all their 2FA tokens...
Totally agree with you. No matter how tech-savvy or untraceable are these hackers, these tech and manufacturing companies can at least bind the two factor authentication by default with every product or service of theirs. Regarding the fraudulent "authenticator" app stealing all 2FA (two factor password authentication) tokens, its hard, if not impossible to create such a software to over-ride security built right inside the manufactured product or a service (software). The harder we make it for hackers, the easier and more worry-free lives of ours become.
There's an endless list of reasonable measures that can be taken to improve security. Bugs can be fixed. Development safety measures can be implemented. Safer languages can be used. Audits can be made less jokey. Defense in depth can be improved. Some things have improved in the last decade or so, but for the most part security is done merely for show and collecting approvals, not a serious effort to make things better. One need only look at the "internet of things" space where things are getting recklessly worse for little to no benefit to anyone.
Ultimately security will not improve until it is more economically efficient to make secure products and software than it is to foist the consequences of insecure products and software onto the customers or simply pay the ransoms. There are few if any penalties for companies that are compromised beyond the immediate monetary ones.
@@joedillian indeed, I had hoped for the show to talk about how costs can be internalized again. Defect rate tracking, time to fix tracking indices for vendors might help. Case law establishing a bar gross negligence might change things. Certainly light bulbs that form mesh networks on their own as side channels to ethenet with known security flaws and zero provision for updates should be beyond the pale. But they are on the shelves.
Even better, let's force all of our products to live-stream their use information, have pathways for us to shut down any of our products being used in a way we don't like (even though we no longer own them) and not secure any of our data! - John Deere
As long as there is no angry mob of customers with forks and torches threatening to burn down HQ, don't expect a monopolist company to change their behaviour.
Evil Corp? How many Mr Robot references does this video have?! Everything from hospitals with crappy cyber security to people hacking household electronics.
Others have said this, but it bears repeating. A lot. *_1)_* *Make regular backups that are stored offline* *_2)_* Keep _multiple_ backups. One you update every week, and another you update every 2 wks or each month, stored at another location. If you are a business, you should know how you need to adjust those schedules so you never lose much in case of flood, fire, or ransomware. If you are not running a business, *you are an easier target!* Do backups too, so you don't get trapped.
Would like to add, if possible, use one device for important buisness only (like e-banking etc.) and one where you browse around and watch porn. Your horny mind is much more likley to click on a dangerous link.
Our local hospital got hit with ransomware a few years ago. My husband works there and all the charts were locked. They went back to paper for over a month and reworked everything instead of paying. it was a huge deal.
3:51 "She's REALLY Russian ... Not the first time she's wished death on someone." Yeah, the important part is that she's Russian, not that she lives in Boston...
@@marquisdelafayette1929 No one knows anything until they learn. It's not like they cover it in school. It's also, truly, not very difficult. If grandma can already use a computer successfully, then you've already climbed 95% of the hill to owning/using BTC, because that's way, way, WAY more difficult, both to learn, and to explain. As a person who has taught many an old fogey how to use a PC, teaching someone to use BTC seems like a fucking walk in the park.
@@marquisdelafayette1929 I own like $5 worth of BTC and I have no idea why or what to do with it haha I just kinda bought it on a whim. Crypto is so weird.
I kinda thought the episode would end with the Russian granny going beyond Bitcoin education to learn how to backtrace the hackers and go all Sopranos on them.
There's a weird juxtaposition between the cheery voice backed by innocent music and the concept of a wifi-enabled butt plug that is profoundly unsettling.
Cold storage backups, I tell all my clients to do it. Once you pay a ransom ware once, they know you'll probably do it again so it makes you a bigger target.
"Life just wouldn't be the same without you. And I really wished that life weren't always the same." Thanks John, I think I just found my new catchphrase
Some of those things have been advertised by using arguments that made me go "If you program your "old" (or not-smart) thermostat correctly it will be warm when you enter home from work in the exact same way, no "smart" thermostat needed." (For me, the privacy-factor also plays into this: if a smart thermostat can warm up your home because it knows you are on your way there, who has the possibility to look into that data?)
@@Dutch3DMaster yeah my semi smart thermostat is all I need no wifi connection needed I just look at the weather for the week and set my temperatures accordingly
The gas shutdown was done because Colonial turned off the flow when they couldn't track how much to bill clients. The hackers didn't close the valve, the company did.
Technically the company may have closed the gas line, as a DIRECT result of the hack. Whose fault it is, can of course be debated, but let's not forget the major contributor here.
@@reshhaverstahm7729 Well, I'm sure you can assign a part of the blame to greed if you like. But it also doesn't serve anyone's interest if the company goes tits up because it gave all its product away for free. Let's not get too deep into defending russian hackers here.
@@TimoRutanen It's hard to figure out if these people are serious or not. I mean, do they really think if a grocery store loses power or their check-out system goes down they are supposed to just wave people through with free items? How in the hell do these people think businesses actually function, from the smallest mom & pop stores to the "biggest evil corporations"?
"The Max Power Way," would ALSO be an appropriate enough title. (Some comment elsewhere reminded me of the appropriate Simpsons clip within the past year/couple months, so I looked up said clip, shared the link to it, and got a recent waaaaay-after-the-fact Like on said link-share.) :P
My WiFi lost connection just as John said “and internet service providers are f...”, I seriously thought it was a gag for about a minute, it kept getting funnier!
i wish my shitty internet had that kind of comedic timing
And then the laughing slowly turns into crying, when you realize your Internet still doesn't work properly in 2021 😭
Major L😂
When your ethernet somehow drops the connection like a corded phone in 1995
My computer died once while I was watching a video about Anonymous. I kinda freaked for a second.
Ransomware guy: "Pay me or your chastity cage stays locked."
Chastity Guy: "I'm so into this. Do my buttplug too, please."
“jokes on you, i’m into that shit”
Oh, god... Financial Domination just took a turn for the cyberpunk...
lol
Wasn’t that exposed as a hoax by Lewis spears?
Ransomware guy: send a nude.
News later that day: In other news Russian ransomware farm employees were found dead earlier, seems they all looked at a photo before dying. Said photo has been classified a weapon of mass destruction.
As somebody in the field of cybersecurity, I'm sooooo glad we're starting to see real mainstream media coverage about just how dangerous ransomware really is. Now we just need to talk about the rest.
I hate having to do that ransomeware training every 2 months, but then I remember that my org was recently hit by an attack that shut down our network for 6 days, and someone definitely lost their job in that situation.
Same
I work in hospital IT. I agree with this comment. Ppl so thin skinned over necessary measures
Exactly. Have a table top exercise Wednesday on randomware.
Just an fyi, a half hour weekly show hosted by a comedian is in no way mainstream media
The single greatest tech knowledge I imparted to my Grandma when she became IT independent (aka got her own devices) was how to spot and avoid malicious emails/websites/ads.
In the past 10 years I've helped her through various things like installing a new printer, setting up Netflix on a new TV, how to stalk her friends on facebook without them knowing (that one always leads to fun stories about the things she's found), even sending and receiving emails while on the go using a 4G dongle, and also taught my 88yr old Grandpa to navigate solitare/tripeaks games and watch dash cam footage on youtube.. he then figured out all on his own how to find some classic music on youtube that he hadn't heard in almost 50 years
And during this time, the number of callouts I've had to help with viruses or malware - zero
Parents should teach their kids about safe sex when they come of age, so kids, now it's your turn to teach your grandparents safe internetting.
Very good advice indeed!
Definitely a positive karma there
Agree... I trying to figure out how to educate my parents on IT. My mom doesn't care about security of her computer. She thinks just b/c she has an anti-virus program, she is safe.
@@Lucius8514 most traditional anti virus' are completely useless, if you have windows defender and a vpn and know how to safely browse your completely fine!
Good point--counterpoint to "average Joe isn't a serious target" @fakename. Grandma is the most dangerous thing on the internet right now. My Grand rolled high on all the traits--75 Constitution, 55 Intelligence, a natural 100 in Charisma. But she's the type who rolls snakeyes after 'walking into the dark screaming tomb entrance.'
John overlooked the fact that the attack on Colonial didn’t target the pipeline control and safety systems, it attacked their billing system. They could have continued to deliver oil/gas but opted not to because they didn’t want to lose revenue.
A VERY good point. This comment UTTERLY deserves to be more widely seen and absorbed.
Algorithm! Algorithm! Algorithm!
Bump bump bump!!!
To be fair, an organization with such terrible infrastructure to be the victim of ransomware probably doesn’t do client isolation. Profits were definitely 99% motivation but they had most likely no idea just how much they were comprised.
There also wasn't a fuel shortage. Just a run on gas like it was toilet paper.
Interesting. This open mind goes to read and educate herself
"If HBO is gonna be publicly humiliated , it'll be by releasing the last season of Game of Thrones, on it's own Terms. Thank You." I almost forgot how much The HBO likes to humiliate itself; on top of that, they paid for this joke and then aired it 😂
My haters throw rocks at me and IT hurts. I hope they don't throw The Rock at me because I like him as an actor. GAGAGAGAGA!!! I am funny!!! I am the funniest RUclipsr EVAH! Please agree, dear dhe
@@AxxLAfriku im throwing a digital rock at you rn
@@jmarch_503 throw it hard! 😂
I just finished watching this episode on HBO Max. I came here just looking for this comment.
That's pretty based of HBO, I like that
Remember everyone, it wasn't even the ransomware that caused the gas stations to run out, it was the people hoarding gas in plastic bags. Source: I live in North Carolina.
I have given up hoarding gas in plastic bags for the environment's sake. Plus, I'm no longer a child and don't need balloons at parties.
I actually learned that gas can expire.
@@viktorvaugndoom It can, don't quote me on this but I think there were people trying to get a refund on the excess they bought. The shortage lasted maybe only 2 weeks tops.
the fact that u think that's a source is amazing...
Source: I live in Europe so I am smarter
Edit: This comment created some out rage and has show that there is some confusion when it comes to the word "source":
The same way one video showing a person filling gas in a plastic bag isn't relevant for the question: “Why were there gas shortages?”, the statement of one person claiming to have seen this happening is nothing else but an anecdote. It tells us nothing about the extend of this practice. To understand this aspect in context of the hole shortage U need statistics. This feels to me like a classic case of “Anecdotal evidence". "Anecdotal evidence is a factual claim relying only on personal observation, collected in a casual or non-systematic manner", and not a good source for any information.
Most American response possible... 'theyre saying its gonna run out, better get mine'
People who are enthusiastic about tech: "I have a smart fridge!" People who use/work tech: *have a stash of scissors and hammers, just in case*
As a developer myself, I can absolutely attest to that. If I ever have to buy a smart appliance, I am going to make sure that I have some kind of physical kill switch just in case.
@@draakisback stab the problem away. history has proven that to work great
pretty sure a lot of techs would suggest not having smart devices. Cause let's be real. Does your stuff need to be smart. Your fridge keeps thing cold, thats enough, your oven makes things warm and hot, thats enough. You do not need them to connect to your phone. And for the love of god, nothing is wrong with having a light switch on your wall that you can easily flip rather than some smart system that'll leave you in the dark if someone wants to ransom it.
Remember people, the best way to prevent people from accessing your computer's porn stash is fire. Specifically, lighting your computer on fire.
@@jiminbang5822 That's why I have a "healthy" supply of swords, couple of shields, and helmets, and "gobs" of knives.
I’ve watched this show enough to expect that clip with the Russian lady ending with her being arrested for threatening the hackers and the hackers getting away with everything. This show has made me expect the worst in the world and be happily surprised when it’s not that bad.
It is also my weekly dose of depression
Funnily enough, if she had made it clear that she is from Russia, the hackers may have let her off without paying. That's because of the "no damage to Russia" policy that they are relying on to stay operation.
Yeahhh but he funny though
@@pkramer962 nah, they probably knew where she is originally from, her name is VERY Russian.
You're slowly becoming British!
As an IT guy, I cannot stress this enough - you need to back up your stuff, and you MUST HAVE AN OFFLINE COPY OF IT. Spending a couple hundred bucks is much cheaper when you need to restore.
@cw5001 I hope your external drive is actually disconnected. Would be a shame if your backup was encrypted too
I regularly make a backup of the files on my laptop (on a external drive, that I disconnect after the backup), but how about other devices? How can I make an offline backup of, for example, the photos on my mobile phone?
@@rvdb7363 Uhm, can't you just connect your phone to your computer and copy the photos over it?
@@timonix2 So, if they encrypt your computer and the external drive is plugged in, they get all of that too? Just checking. This video freaked me out and I need to start learning.
@@HARLANP Thank you so much. Valuable information.
If phishing emails and texts didn’t almost reliably include typos or mistakes somewhere, i probably would have fallen victim to a bunch by now
Honestly, they're getting pretty good. What tips me off is the e-mail address. If I'm really concerned, I head to the site independently to check something out.
Always check the address. That will prevent most attacks.
Even addresses can be spoofed though (to an extent), so *always* inspect the link before you click it.
The typos, spelling and grammar errors are deliberate. It's an intelligence/education filter. The phishers know that the time they spend on reeling in relatively stupid and uneducated people will be more likely to pay off.
Self-selecting for gullible marks.
I'm seeing a few btc scams in RUclips comments recently, comment threads on popular vids that consist of 20 replies from different fake accounts all registered around the same time about how great some imaginary "investment consultant" is and how his trading advice always pays off, someone asking how to contact, someone else responding with a WhatsApp number. The grammar/syntax is laughably poor but I'm inclined to think that's deliberate once again.
I got a poorly composed e-mail from my property management company yesterday and was convinced it was a scam 😂 I almost told the woman sending it that she needed to take a communication class but I like not getting evicted 😂
LOL the people who made that ad could have never imagined the incredible staying power of the god damned fax machine
The funny thing is, they were still pretty much right. They misjudged the specific protocol, but sending images live from a wireless device on the beach _is_ entirely doable, and probably not uncommon at all. It's just not based on facsimile machines.
They had already been around for like a century
I recently did send a fax from the beach. Used a e-fax which lets u send any pdf as fax to a fax machine address :D
I mean the semantics were off some but they pretty much nailed it, instead of fax we send photos and pdf. And fax apps exist.
@@JosephDavies exactly
About companies not telling about getting hacked: some countries like the Netherlands have a law that obligates companies to disclose if they have had any form of cyber breach or data leak and how it happened. When people's data is stolen (or destroyed?), companies are also obligated to notify all possible affected parties
Its called GDPR and its EU wide.
Data isn't stolen. That implies something was removed. Data is copied.
@@theannoyedmrfloyd3998 A product was obtained without the permission and/or knowledge of the owner = stolen.
@@BuriBuster ah I wasn't sure about that, so kept it at "some countries like..". But thanks for clarifying
Just because they are supposed to do it, doesn't mean they actually do it. I guarantee you a lot of companies would rather break the law and try to get away with hiding the truth.
As an individual in the Cyber Security field, I want to say thank you for talking about this and brining attention to it. Media really doesnt touch on attack types and how much a cyber attacker can actually damage infrastructure. Thank you sir.
Oh, they will, they will be talking soon. Cyber warfare is still in its infancy
@@LightSourceTemple I guess it is time to learn cyber security.
Companies just aren't hiring anyone for cyber security nowadays, they all are far to lazy to actually understand that these attacks could happen to them just as easily. It only takes one fool on their network to click a bad link and then it's game over. When I got my cyber security degree I was told they'd be people lining up to hire us, it never happened. Companies are far too reactive instead of proactive.
@@EpicLatios I definitely see your issue, and i chalk it up to terrible HR alignment with the actual security team. The standards to hire are absolutely ridiculous and need to be changed, I definitely fault the industry for that. I wish you well on your job hunt.
@Jay G Question is: how does the initial attack usually happen? I figure it's gotta be more than just clicking on suspicious e-mails.
John, you forgot something that everyone needs to do to avoid paying ransomware; Backup Your Data!!! That way you can wipe the computer and restore your important files if they crypto-lock your computer.
He mentioned that and the problem that the hackers can still make your data public.
As Don said John had mentioned that albeit briefly, what he didn't mention is that its entirely possible for hackers to encrypt your backups as well or the possibility that already exists in the backup and simply dormant until you try and restore that data.
@@BigHeadClan Which is why you should have regular offline/unconnected backups if it's vital data (rotating thumb drives would work for the average user). If my gaming PC gets ransomware, I'm just gonna wipe it anyway.
@@donteddy1858 Makes me wonder if whenever we see a headline about "data of millions of users leaked" it was just a firm who didn't pay.
@@intiorozco5063 nope, that's just down to companies using poor security practices like running servers with weak authentication or unpatched vulnerabilities, or storing unhashed passwords in an unsecured AWS bucket that somebody just happens to stumble over by pure chance (which has happened multiple times).
"I could give two shits about the life of any big snake"
Them's strong words for a bird, John...
LOL!
Haha.
That guy is going to put on his acting resume, "Played a role of a victim of a butt plug hacker on Last Week Tonight."
And be type cast for all eternity 😂
He done fcked it up! 😊
🤣😂🤣
Especially during "credits" part in full episode, you can see moments when he is into it. xD
So, just... a normal HBO role.
He's actually a very respected improviser. So funny. en.wikipedia.org/wiki/Connor_Ratliff
There was a big part missing in the advice at the end: Backups. Working backups that are physically disconnected most of the time from the live systems make ransomware more of an annoyance than a threat. "You have encrypted my photos? Well I have a copy on that flash drive over there... so... i just re-install my PC and I'm good to go."
They are not the all-out solution, yes they help, but there has been ransomware that takes weeks or even months to learn about it's users on the infected systems only to deploy much later. That external drive you thought would come in handy might have been compromised by that time as well, so it can be tricky to know if it's been infected with the system that encrypts the files.
@@fragdeinpferd Dick pics. If you only keep dick pics, then the joke is on them. If they lock your files, you can tell them, "go ahead, take a look. You can keep those, plenty more where that came from..."
That doesn't solve the problem of their having access to all your documents. Some of which may be leaked publically
@@aldobonaso3481 This made me laugh :D !!!!!
@@aldobonaso3481 Wait a minute. That sounds exactly like the kind of reverse psychology a hacker looking for dick pics would use on people...!
One of the simplest ways to help with cyber Security of our PCs is don't make your main account you use on the PC an admin account. Change it from a Admin to a standard user and every time you need to do something that requires admin rights, just input it.
I work in IT and I have had to explain this to many clients over the years. The number of executives who think they NEED Domain Admin rights on their day-to-day accounts is appalling.
Good thing I'm so inept at electronics I did this by accident
"Honestly, I wish my internet service provider had customer service the way these guys do" that's so fucking funny lolololol
And always remember: The S in "IoT" stands for: Security
This is the exact sense of humor I expect computer science guys to have
This is perfect. I might just cross-stitch it on a pillow.
Exactly... that ish goes on a guest WLAN with no access to network resources.
SloT?
Internet of Things [That Shouldn't Be On the Internet]
Speaking as a cybersec professional: that was a really good educational segment. Knowing how hard it is to make people listen to us, thank you.
I just wish it had been followed up by explaining those steps because that's the part where a lot of us older folks are literally scratching our heads. Like okay don't click on suspicious email well that's been a thing since email existed so I got that, ok. But first I'm setting up some kind of double authentication. . . Not sure what that is, with what I achieve this, nor what it covers- does that cover my whole computer as I'm using it or just every app one by one on my phone, and also WHAT IS THIS.
There's so many things to Google there I feel like a lot of older people are just going to give up and just hope it never happens to them.
@@josephinethornton3823 i think Oliver has an episode about non-intuitive interfacing.. computers are meant to make life easier but as i like to say, technolization in the pursuit of comfort is oxymoronic. And whether the programmers and designers intend this kind of gatekeeping, or the learned use their understanding as a status symbol, or anti-fix-it-yourself corporate interest is in narrowing utility.. i imagine all of the above and so much more that i'll never understand about computrons.
Best way to combat this is one of two things number 1 teach people to hack or two remove internet out of our lives
@@josephinethornton3823 you are right this segment stopped at the awareness level without really going into education (sadly I don't have any publicly available education link to provide at the moment) and it would have been great if them to provide some inputs about where to find it.
That being said you'd be surprised how many people still click on suspicious and too-good-to-be-true emails.
HONEST QUESTION : do cybersec pros also have cyberattack pro that work in conjunction with them? like in any conflit, a good defense is helped with a good offensive response, no?
"If HBO's going to be publicly humiliated, it'll be by releasing the last season of Game of Thrones on its own terms, thank you very much."
That burn was hotter than dragon fire.
And yet, like the Night King, HBO somehow survived it 🤷
Well that doesn't mean to much, because dragon fire can't fucking kill the night king
I enjoy staying awake on Sunday nights, just to be the first to see a video that will ultimately make me more depressed.
While also making you laugh!
*Watch John Oliver on Mock The Week, if you want to see his early days*
you mean wakeing up early on monday to get your weekly dose of depression.
Watch the 14-minute 1942 USDA film *Hemp For Victory* that encouraged American farmers to grow "Marihuana" to defend our country during World War II.
Europe gang watching this at 9:00 AM, so we don’t have to stay up late, we just have to wake up “early”.
Who gets to call waking up at 9 AM “waking up early”? European programmers. We’re all working remotely, and my job is lucky if I put on pants for our zoom meetings.
10 seconds in: “Fuck the internet!”
This is about to be a good episode
Please Hackers. ONLY use Ransomware on corrupt churches, dictators and right-wing assholes
And secretly donate some of the money you take from those monsters to the poor!
Use the internet to change the world.
Watch the 1942 USDA film *Hemp For Victory* and grow fields of Cannabis Sativa to stop climate change.
Would love John to also do another foreign topic like the imminent collapse in South Africa. There's actually a video that goes into the root causes of South Africa’s decline beyond the recent unrest:
ruclips.net/video/eGr_0QukEZs/видео.html&ab_channel=MyTake
2 years later, and still not a peep about Afghanistan.
This is gonna be a good MSM toadie.
I love that John Oliver instills me with a dose of terror every Monday morning before work😐
Me too. It’s a little ritual where I make my Monday even less appealing.
Same. 😬
This was apart of my high school morning routine. I wake up, get ready for school, and then I watch funny British man remind me that the world outside sucks. (Sigh) Good times
If you're not afraid, you're not paying attention.
likewise
The lesson here: You never really know who might be wearing a butt plug.
"he's like robin hood, if robin hood had gone around taking money from the poor, and promising the poor that he'd definitely give it back to them later". dog that's just ronald reagan
Robbin da hood
@White wolf You know what he did take? Took your guns. Ban on new automatic firearms in Firearm Owners Protection Act, and also The Mulford Act
@White wolf Well that's just objectively not true but far be it for me to take you out of your delusion.
@White wolf I'm open to hearing many different perspectives/ opinions. I actually enjoy it.
But I gotta say that when I hear people use nicknames like "sleepy Joe" I find it very hard to take the accompanying message seriously. Doesn't matter which party the jab is directed towards.
@White wolf Nothing says prosperity like tripling the national debt with military spending and reduced economic mobility... ItS gOnNa TrIcKlE dOwN aNy DaY nOw
Jesus! That graphic for the buttplug looks like the historic "pear of anguish." The inquisition is alive and well in the cybersex industry.
Uhm, buttplugs aren't painful, luv. They feel amazing. Yeah, even for guys (arguably more so~ tbh)
Well, when you know when you're going to be done with it anyways lol
But, the buttpulg is called PEAR flower, so maybe they took some inspiration from the torture device.
have you never heard about BDSM? XD
@@Krystalmyth Well good for you, that you have such a boring life that you can focus on your rectum instead of something else.
@@nancyaustin9516 Did you just admonish someone for using butt plugs? lol ok ya prude
The equifax breach should have taught everybody that lesson, their business is data and they lost it.
The Equifax breach learned everyone you can get away with it.
@@Sebazzz1991 I doubt much could have been done. Insurance won't cover it and all that can be done is to dissolve the company and pay as many people as possible. Alas yes... they got away with it.
If you store something dangerous you are required to store it safely. The same should be required for data.
These days, literally every business is data.
Most of these clowns aren't actually 'hackers' and it's unearned flattery to refer to them as such. If we imagine a hacker as an expert fly-fisher then these guys are the internet equivalent of a tug trawler. They spread a massive net and then tug boat goes brrr
back in my day we called em script kiddies
@Viviana Serena That would pretty much kill the software industry over night. There is no such thing as an impervious program
@@SpiderCat420 I'm taking IT security classes now, and I can confirm they still do call them script kiddies. A lot of these guys don't know anything more than "haha, click button and crypto wallet goes brrrrr"
@@SpiderCat420 back in my day "hacker" meant something completely different and had a positive connotation.
@@rgderen88 Admittedly though, they don't exactly NEED to know much more than that to get results.
The fact that Last Week Tonight got J.K. Simmons for that last part is freaking perfection.
They know that everybody listens to what JK Simmons tells you to do, or else...
My brain's trying to recompile Gaston's song to be about J.K. Simmons reading copy. She's crashing
It was Tom Selleck in the original 1993 AT&T commercial.
as narrator, right?
Oh my God, it is his voice! How did I not notice?!
Kinda wish Oliver had mentioned that the Colonial Pipeline hack didn't even affect distribution systems, only payment; Colonial cut off gasoline distribution and caused a panic because they were worried they wouldn't get paid. It's not germane to the main discussion, but it's still super scummy, and Colonial needs to be called out more for it.
Omg!
I mean would we expect anything less from a company called Colonial Pipeline lmao
yeah, they should have given the Gas for free because.. its your right and who cares if some people have to work for free for sometime.
@@sorchaoconnor3750 colon pipes
I mean, that's just a proper capitalist mindset now isn't it. They ain't no commies /s
John Oliver: “Here are human-shaped bathtubs.”
Junji Ito: “Go on…”
Nice to see someone who knows his works
@@sbk1398 Ah yes, how could anyone know one of the most prolific horror manga artists out there?
@@Emeraldcrystal7E True. But it is refreshing to see Ito brought into a conversation based on such a loose but relevant and funny connecting thread, rather than say, in a conversation about horror or manga or Japanese culture.
@@gbrinkert agreed.
This is my jacuzzi tub, it was made for me
My wife’s step-mom called me with a computer problem. Said her screen was stuck. Not changing. I said it sounds like your computer has frozen up. She said, “Probably, it is really cold outside!”
That's really sweet. lmao. It's an understandable misunderstanding to have!
@@kellyriddell5014 Except I doubt it was freezing in her house. In fact, I know it wasn’t.
Lmao can't beat my mom. She asked why she can't save files in her laptop and I told her that her memory is full and heavy. She legit carried the laptop with a proud face and told me "it's super light what are you talking about"
Can't wait till tech advances tho to the point our kids would say "okay zoomer"
It was cute at first when old people started using computers, but now they are falling for obvious scams, paying ransoms, and making scammers and hackers more common as it becomes more lucrative. Some old person saved my number in their phone downloaded some app and gave it access to their contacts and now I get spam text messages every day.
@@stephpears4012 About 6 years ago my wife (passed away in 2018) wanted to pay $75 to a hacker as her laptop was held ransom. I told her no! I knew how to get it back to normal. So yes, I can see how many seniors could fall for that scam.
Meanwhile me, a Russian citizen, trying to donate sm money to opposition: mmm cryptocurrency for criminals that what might help me to not be fined
John Oliver: "Ransomware is a typical business but staffed by criminals"
Me: "So, like the healthcare insurance industry?"
Have you ever tried using your health insurance's customer service line? It's not remotely as good.
Exactly. You willfully pay them thousands of dollars and there is no guarantee that they will give you treatment.
It is not friday, but this needs a CORRECTION: "So, like the _US_ healthcare insurance industry?"
@White wolf They were talking about the insurance industry specifically, not doctors...
@White wolf Um, doctors run the insurance companies? That's new to me.
The “colonial123” password remark was probably a jab at Solarwinds and their getting hacked
Yeah, for all that John says "Nobody asked you that question", I actually thought "They had a really dumb, easy-to-guess password, didn't they?" before he showed the clip.
That would be wrong then. Solarwinds got hacked by someone using a "backdoor". If you want a definition at what a "backdoor" is, then go watch "War Games". Matthew Broderick did it with a "backdoor"
@@Olivman7 yeah, every IT security professional watching this probably expected that.
Or the suitcase password in Spaceballs
Equifax hack was them using admin for the username and password
reason why ransomware attacks are so common, is that every company thinks "yea the attacks are common, but it will probably not happen to us" and then proceed to allocate minimal budged to cybersecurity protection measures.
great % of critical systems around the world run on WINDOWS XP, some even on MS-DOS
Think that DOS would be even more secure as ransomware are built on todays standards
^This 100%
Windows XP is run on computers that aren't connected to the internet most often
And those that are on XP & DOS are easily destroyed by those attacks. Most of these ransomware attacks happen due to 100%, Grade A, human stupidity.
There are some that still probably even run on vista. Actually, I know there are some that still run on vista.
Also, I know for a fact that many point of sales (cash register) systems run on old operating systems.
for some bizzare reason the thing that has me shellshocked is that you know have app-controlled sex toys with a "friends" function. What a world we live in. Until i actually checked that it's a real thing I was convinced that Last Week Tonight simply invented it as a joke...
To clarify, the license plate reads "B217OP" which is read "V217OR" in Russian and 217 is not part of the "thief" spelling, it's the "VOR" that means thief, so it's not that blatant. It's like if someone had license plate numbers "TH217IEF"
+
Farfetched but I’ll take it
where did you learn russian ?
@@serioussam209
Much like most Russian-speakers, I was born with it 😋
@@serioussam209 I mean, his name is 'Peter'. Have you ever met a Russian who _wasn't_ named Peter?
The fact that they got J.K. Simmons to do the voiceover for the "advertisement" at the end of this makes it that much better
He knows a thing or two because he's seen a thing or two. Terrible, awful things.
I'm sure butt plug guy did not like HIS TEMPO!
@@paineoftheworld 😆😆😆🤣🤣🤣
@@paineoftheworld I'm also curious about your username.
@@looking4therealrepairmanjack , just a portmanteau.
reminder, the gas pipeline was never in any danger, it was their billing system that was compromised, so rather than risk customers not being billed properly they shut the pipeline down.
lmfao thank you for reminding us
So this evil can be used for good?
There was a risk of the ransomware spreading to their SCADA network. It’s SOP to bring systems offline to contain the threat.
Which calls for nationalization of the whole pipeline, if the system to critical to the country then it can't be trusted in private hands.
@@thisbymaster I'm usually for having a country handle critical infrastructure instead of profit driven companies (less incentives to cut maintenance for short term profits and all that jazz), but did you see the whole video? Cybersecurity at the country level is not any better than at the private level
If that's the only problem you want to solve, that's not a solution
As an IT professional this is all true...this mainly happens bc most businesses dont want to invest in decent IT departments...they rather contract out when needed..and it leaves them vulnerable to things like this. Backup is a thing too...that doesnt happen as much as it should...but the cyber war is on.
I remember googling what was happening when I noticed every single gas station around me had lines all the way out into the streets. I saw a couple articles saying “there shouldn’t be too much of a shortage unless everyone goes out to get gas right now” and I immediately knew there would be a huge shortage… ah, the south.
Mob mentality creates self fulfilling prophecies. Exact same thing that happened with TP at start of the pandemic. Everyone worried they would run out and stores wouldn't have enough. Except they did and the shortages were strictly caused by people buying it up.
Mobs are only as smart as the dumbest person in it.
That's just America. I know because recently TP was always out due to the same reason, and I'm just about as far north as can be.
People don't realize how much inventory is actually available. Most gas stations have a min of 3days standard sales in storage on-site.
@@ashtonhoward5582 Naw. The same TP-crisis was happening in Germany and other European countries, too. Not "just America".
It's just like the "prisoner's dilemma".
We call this the "Boomer Tax" in my company. We're breached a lot because our managers are "in their 60's, haven't grown since the 70s, and force us to use software vendors from the 90s"
Damn. Ageist much? You think companies with Millennials and Gen-X/Y'ers in charge don't get breached?
@@eponymousIme they *literally* don’t get breached as much. It’s not ageist to know - for a fact - that technology can be bewildering to older people.
By your “logic” it’d be ageist to say “millennials don’t know how to use 5.5 soft disks”. You are right, we don’t! Different generations, different skill sets.
@@eponymousIme not nearly as much, no.
Interesting.
@@eponymousIme Making fun of Boomers isn't ageist. It's the Lord's work.
The sad thing is, the government wouldn't be doing anything about this, had ransomware not been used against corporations, and only targeted regular people.
To be fair - of the two parties that can run "the" government, only one ignored a deadly pandemic to protect business, until like the fifth wave made it clear that sacrificing people to save business doesn't work.
Not saying the others don't care about business, but dems are at least aware that business doesn't work without the little people. And business also kinda profits from money not being moved to russian hackers.
Remember the attack on the meatpacking company? Fujifilm was attacked too but they were able to solve it themselves, without paying.
Hacking hospitals = not cool. However, ransomware attacks against police departments might be able to do what the government refuses to do, release IA files for everyone to see.
I find the hack of the gas pipeline to be suspect. who was it that profited from the huge increase in price, and the increased demand (due to panic) of gas at inflated prices
@@htopherollem649 Hmm, but even if you're wrong, they'll certainly learn from it.
The funny thing is, those of us that actually work in tech fields tend to be Luddites when it comes to these internet connected things. We know what can happen and don't want to be caught like this.
I'm not a Luddite because I'm worried about getting hacked/cryptolocked, it's because I think IoT is a bunch of unnecessary bullshit that I have no need for. Not having a bunch of open ports on my network is a bonus. :)
Newt Gingrich shows up.
Me: "Oh, is this going to be one of those 'the worst person you know has a point' moments?"
Gingrich: *speaks*
Me: "Nope. It is not one of those moments at all."
I already knew he would suggest deranged idea like many gop
17:43
dont get me wrong: im all for killing those guys, but Newt seems to think you can just "go" to Russia (for example) and start killing Russian folks.
that kinda seems like an act of war.
I was also expecting that, lol. Ya let me down, Newt. Also, I can't hear that name without thinking of Harry Potter transfigurations and their end of the year exams.
I was like: Honestly, he made sense (and I loathe to think there are times where Newt makes sense, it's like those times when you actually heard Chris Wallace on FoxNews and had to go: "Darnit...that was true."). So many of these people are really just some of the worst people anyways. It wouldn't be so bad to say...order a drone strike on a ugly-camo paint jobbed Lamborghini being driven by that Russian hacker, would it? I mean...it's a shame for the car...but let's put the really bad ransomware people (the kind that would, say, lock down a freaking hospital or a thermostat) in the same category as what we should do to child molesters and rapists: kill them, leave them for the birds and rot, and walk away whistling.
Can we all just take a moment to admire John Oliver's willpower, sitting there with nearly a straight face and say, " Crucially, the barrier to entry has gotten lower." while discussing hacked internet butt plugs without losing it, this man must be carved from granite.
He’s English, we’re like that lol
That's just called "British."
No, he's just British
In hindsight maybe I should have looked at the other replies first
@@Ashesisemocutcutcut No worries I forgive you, you're British you're just like that.
man, opening the day with an attack on business daddy.
Seems legit
Replying so that you’re not alone with a bunch of spammers 😅
I’m here for it.
Try to imagine how much harm ransomware is doing everywhere else in the world. In poorer countries, states, small, medium and bigger companies etc..
How to scare Americans: have the media say "there will be a shortage of..."
How to ensure your sales will go up: declare that "there will be a shortage of..."
“...butt plugs.”
"There will be a shortage of Covid vaccines"
@@antoniof.8614 unfortunately that doesn't scare enough Americans
@@thegreatwillthethrill thatsthejoke.jpg
On a personal level, also do both a physical and digital backup of files you'd be willing to pay a ransom for.
and don't just use an os backup utility. While they are incredibly helpful most of the time, in this case, some ransomware attacks put in a months long delay before activation to make sure your backup has been infected too.
You should manually backup the files you care about once a month.
+
And don't leave your backup drive plugged in to your computer. Unplug it when not in use or else they'll get that too.
I have been backing up my computers to external drives, not connected to a network, since the early 2000s. More than a decade ago, my pc was hit with ransomware. I simply found the malicious file, cleaned my computer, deleted the locked files, and restored them from an external drive. I also have redundancy, so that if a drive fails, I have multiple external drives with copies. People still fail to routinely back up their files.
Regarding beach faxes: DocuSign is basically this.
DocuSign is the embodiment of the blond bimbo thinking that electronic signatures is signing the screen with her lipstick. They make all kinds of compliance claims, but in the end, they only verify that messages were signed by whomever they sent an e-mail demanding a signature on some made up legal terms of service.
@@johndododoe1411 you clearly have no understanding of esignature law or DocuSign verification functionality.
@@Luvrnetic Quoting badly written laws is the hallmark of crooked lawyers. I have encountered their agreement process in the past, before they added an imitation of PKI.
@@johndododoe1411
You don't look like the informed one here.
@@johndododoe1411 you correctly used Whomever. You are banned from RUclips
"Hello, Locksmith and Co.? I lost a very important key and would need your services."
"Are you locked out of your home?"
"No. I need you to unlock my butt."
Shout-out to the guy who made the "Ransom-warehouse" graphic. It was on screen for all of three seconds but I do appreciate it.
Here we are, in August of 2021, STILL ripping on Game of Thrones Season 8.
Godspeed, John
HBO has earned it...
Anything to get back at his business Daddy. 🤣
@@andreadehoyos9910 underrated comment !
Pretty sure one of his writers wrote that joke...
We actually need that big IT companies create products that does not need to connect to the internet. That's all I'm asking for
Sorry I’m a year late but what exactly were you asking for with this reply?
@@JAlonge017 I think I feel the same as @luislozano. My mother needed a new laptop. Bought one. But NOW she needs a microsoft account and a microsoft e-mail just to get the ting started !!! ???? Even if all she does is her private bookkeeping and store pictures on it, the big tech COMMANDS you the connect to the internet first in order to be able to use your (personal) computer.
As someone who works in supporting IT teams, it shocks and dismays me how woefully unprepared companies and governments are for these ransomware attacks. A properly set up IT infrastructure should be able to recover from ransomware attacks with minimal downtime. Offsite backups, live backups, file versioning, all of these are part of standard disaster recovery systems that should be employed but aren't. My personal clients computers have better disaster recovery than many of the people I work with in my day job.
Hackers, scammers and thieves using the internet to their advantage to defraud and trick others have skyrocketed while IT-experts and law enforcement hasn't kept up at a linear rate. So it's oversaturated with bad actors and not enough defense forces to keep the bad actors at bay. And companies don't want to pay those extra dollars each month to deal with something relatively rare and difficult.
I was part of BMW's CERT team, you would be amazed....
Yep. In some attacks in my country it turned out pretty critical machines had working USB ports allowing USB sticks to be inserted and used, which I feel should really urge companies to start physically disconnecting those in really critical machines.
All sites URL's that give me a weird feeling are opened on a seperate machine that is unable to see other machines in the network, should that get infected, I destroy everything on it, reinstall it and no damage done (would love to have it on a different subnet as well, but that's something our modem-router combination does not provide as an option yet).
As for backups, well, practically what you said is what I do, especially off-line backups that are performed on stations switched off so they are only physically accessible unless I put it in a swap-bay.
Most companies are also ran by boomers who don't know or care what cyber security is. Apparently spending a little money to protect alot of money isn't worth it to them.
I mean, at the end of the day, its a team of tech guys vs another team of tech guys using tools made by other tech guys and talent floods to each side. Often times, your team is understaffed and trying to protect the company from the dumbest morons in that company. Even the one that do try could throw everything at the wall and either not find enough staff or find out the opposition is simply better. Honestly, the reality is like breaking into a house, if someone wanted in, they can get in. Gingrich made a lot of sense about the murdering laws if it wasn't so stupid and wouldn't even do anything.
"Companies run by criminals"
Do you even remember half of the episodes you do?
The show's whole bit is not quiiiite connecting the separate topics so that they don't outright SAY "the problem is capitalism" but you can figure it out yourself.
What's the problem? Cringe
@@ImpudentInfidel my take away is unchecked government not capitalism. Maybe capitalism allows it to be unchecked but I will say the same thing about Soviet Russia. Unchecked government not communism. However they used communism really well to be an unchecked capitalist government.
@@treebeard8475 unchecked everything, not government
Capitalism without any restraints is as bad as unaccountable state institutions
All the episodes in companies exploiting poorly implemented social programs are a merge of the 2
@@Daniel-yy3ty absolutely agree. I guess it breaks down to a lot of unchecked money which can audit and investigate itself. It’s more complex than that but have a great day man!
Give that actor playing the guy with the buttplug an award, he's the real mvp here
plot twist: he wasn't pretending.
His name is Connor Ratliff. He's one of the greatest improv comics in NYC.
His turtle head walk at the end was spot on.
MVP? Most Vulnerable Plug?
Actor?
Also good advice:
Always make full backups on external harddrives or flashsticks. So when the Ransomeware strikes, just delete the harddrive and reload the last backup.
If everyone would be doing that, there would be no Ransomware.
“that product can give the internet control of your anus, which doesn’t seem great.” that is the single best understatement i’ve ever heard.
Is that thing actually real? That sounds so weird...
I don't understand why you wouldn't be able to just... take it out normally. Unless that animation was accurate in which case... what the fuck!? Wouldn't that cause damage? Your putting a god damn wing nut into your asshole! What are you thinking?! I don't care what you may be into you do not need the equivalent of a drywall anchor for your asshole! What are you planning on doing? Hanging a TV on it?
@@illwill1991: Hey man, stop kinkshaming. Some people just happen to like watching AssTV™.
The funny and sad part of the pipeline hack is that even though the company paid the money, Colonial restored their own systems from backups because "it's just faster." Also, the hack didn't stop the flow of gas, it stopped the software that Colonial was using to process payments. If it had used old fashioned methods to track customers, it would never have had to shutdown at all.
Now after hearing something horrible, imagine trying to fit a key in your hacked remote control buttplug.
Old fashioned isn't feasible or robust. They stopped the gas line because they're greedy, not because they need the "old fashion way"
Just adding another reply because it's important to reiterate that Colonial never had to shut down the gas. They chose to disrupt a vital resource and cause mass chaos rather than let a few pennies slip through their fingers, and all corporations are like this.
@@deborahlimby5549 et.al.
No... Just no. Colonial, at the time, didn't know how deep the attack was. They shut down the pipes in the off-chance there was some malware-thing that crossed the air-gap and was going to go 'boom!' IRL & actually kill people.
I'd (I do CyberSec for a living) order the same thing from a safety perspective.
Lol I have been in audit over 10 years and IT audit over 5 years...and this episode is probably 3X better than the typical IT security training course that cost $100 per hour...much funnier too.
Are you saying there is money to be made in creating IT Security Training courses?
@@Belioyt Yes, that is 100% correct. 1) create courses 2) then qualify each course as eligible CPE for professional certifications 3) collect money.
@@darrellstevenson5364 expound on step 2. Please
@@ichijofestival2576: Have you seen the training videos John Cleese did for a business? I think it was either a hotel chain or a grocery store chain.
I work in IT Sec since 2010 and this is indeed a great piece for awareness.
7:56 - People treat cybersecurity as an afterthought. A lot of institutions treat IT as an add-on and not integral infrastructure. This is the result.
I love this show!! John, please do an episode about the trucking industry. My dad is a long-haul trucker, I've been thinking about going into it (to pay off my fucking student loans which I've been paying into for 20 years already!), but there is clearly a shit-ton of predatory business going on in that industry and I'm afraid to even start. Would love to hear your thorough and inevitably hilarious take on it.
I've also been debating being a trucker to pay off my loans 🤣😭🤣
I don't know anything about trucking but I know there are startup companies like Lane Axis using block chain to cut out the problems with brokers & directly matching jobs.
@@KLondike5 one big issue is to get into you need to have your own truck, which is not the most reasonable expense gor a lot of people
@@skoomakity8769 How does the cost compare to a student loan for a worthless liberal arts degree? Might be a better investment.
I've got an English degree, about 20 thousand dollars of debt if I'm doing my math right, and two jobs that combine to $42,000 USD a year, assuming everything stays stable enough for me to work 60 hours a week, and my "weekend" being a mere 6-hour shift.
Yeah. I'm honestly looking at long-haul as a rescue from what I'm doing. At least long-haul is mostly highway...
"Most punishments-and this is true-fall somewhere between 'death sentence' and 'a cash reward'."
Also, "death sentences" can mean people are LESS LIKELY to be found guilty, even if they obviously are. Like, if you could be sentenced to death for obstructing traffic, almost no one's would be found guilty of obstructing traffic.
@@CatHasOpinions734 Say that to the gross nummer of people wrongly convicted and were killed by the state. Some have been fortunate enough to be released due to new DNA-tech, but this is an ongoing issue.
@@idalarsen2540 just in case it's unclear, I'm opposed to the death penalty, and the fact that it's killed a number of innocent people is one of the major reasons. The fact that it can influence juries to not convict someone of a crime even when overwhelming evidence has been presented is just another reason to get rid of it. It makes perfect sense to me that a jury would fail to convict someone they know to be guilty because they don't feel that death is a fair punishment, the problem here isn't them, it's the system, for making them choose between two wrong answers.
The fact that people have been let off as a result of bad policy doesn't mean the innocent people who've been killed are any less tragic.
If you're interested, I actually borrowed some of these analogies from a PhilosophyTube video on the death penalty, you might like it, it's really interesting.
IT as a whole, the branch under which cybersecurity responsibility tends to fall, is a criminally underfunded branch of most businesses, because business people are often so disconnected from reality that they truly believe the old joke: "When everything is working: What do we pay you for? When everything is broken: What do we pay you for?"
The world is becoming increasingly tech dependent, and yet the people in charge of everything are basically technophobic. It's insane.
It's actual insanity that IT aren't paid more to keep up to date with the most important aspect of today's life for sure. I do not understand, for the life of me, why it's so hard to believe it's an actual job.
The answer to the questions is 'You don't pay me to fix this or keep it running, you pay me to know how to do it'
The issue is
99% of the people you work for, dont even know what you do.
Let alone know what they should do to protect themselves.
And even when the company had a course on cybersecuity guidelines, pentesters very frequently manage to find employees who either forgot everything, didnt understand it right or just lack awareness still
I feel like pentesters are the only way to get through company leaders thick skulls and make them aware of the issue and why they really need to pay their IT department and train their employees
...but they are also the ones having to hire pentesters in the first place so...
Yeah, exactly. I work as a developer, and I can't tell you how many out of touch suits are out there who cut the funding on these preventative measures just because they don't understand why they have to pay them.
@@draakisback Yes, this. But they always have to have the latest iToy.
Good lord I love this man…that Santa Claus analogy was so good. 😂
I knew this was going to be a good episode when the first victim was Business Daddy.🤣
4:53 "Robin Hood, if Robin Hood had gone around taking money from the poor and promising the poor that he'd definitely give it back later."
Isn't that just all rich people?
It's called TAX
Yep
I was looking for that comment
Funny thing. My stepdad once clicked on something unsavory, and ended up with a cheapo ransomware message flashing on the screen and making god-awful noises. I went over to the house on my mother's desperate request, saw it was nothing more than a browser-based prank, started the computer in safe mode, and deleted the installer and folder that was causing the issue. Problem solved. Meanwhile, they were freaking out, thinking some hacker was trying to steal their piddling amount of money from their bank account. Even after that, I still can't get them to use multi-factor verification. They say it's "too annoying" and "doesn't work".
Guess I better teach them how to buy bitcoin.
Ok, but then they have to learn to use 2FA to buy Bitcoin lol
@@rgderen88 lmao
i love this comment
The same thing happened to a guy I worked with except all I had to do was Control-Alt-Delete out of his browser.
You're not alone. Exact same thing happened with my elder.
Somewhere in Ohio, my mom’s crazy old family practice partner is throwing her hands in the air, shouting *I TOLD YOU SO!* in celebration of the fact that she’s refused to use medical record software for the past 20-odd years… (in favor of old-fashioned paper charts)
Good job, Annette, but I really hope you’ve given into peer-pressure and let the nurses use air conditioning in the exam rooms again.
The chance of a ransomeware attack on a private doctor's office where employees follow basic security measures (or even one where they don't) is much lower than the chance of her patients ending up in the emergency room and suffering harm due to the hospital not knowing their full medical history and what medications they're taking because all that info is sitting in a stack of papers in an office.
To make matters worse, there's a high likelihood that no one will even be in the office to send over those records (most family doctor practices are closed more than 100 hrs/week) and even if the patient goes to the hospital during office hours there will still be a long delay while the hospital obtains those records via fax machine and enters them into the database.
@@nowandaround312That makes perfect sense. Dr Annette is just a paranoid old woman with the social graces of a badger.
"don't click on suspicious links in your email"
haha jokes on you I NEVER check my email.
Are you my husband? His inbox scares me haha
I almost never check mine so I can relate.
lol me
I love John's new take on the old joke, "Opinions are like a** holes: everyone has one and they all smell." Updated to, "A** holes are like opinions: letting the internet to be in charge of yours is a really bad idea." I'm looking at you, QANON followers.
Do not look. Global warming is to make we lizard people slow down
@@DARWINZOO LoL!
So people shouldn't have opinions according to the old joke?
Joke fail if you believe climate change is only warming. My error. Reptiles like insects speed up in heat (see basking turtles & snakes) so we lizards would be happy! (And better at plotting)
@@DARWINZOO Wut?
I like how they're doing donuts in the video, but the reporter says they were "allegedly" doing donuts.
The "allegedly" referred to the person doing donuts being a member of Evil Corp.
I allegedly replied to you comment
They also got the cub wrong, it was a leopard cub lol
To be fair, maybe it was an invisible roundabout?
This just happened to the Toronto Public Library. Goes to show what happens when funding is cut from libraries. Hackers don't have morals about who they target.
Kinda disappointed John didn't say "got you again business daddy" after burning AT&T
Hasn't business daddy changed...?
@@Lemana28021989 it’s announced that the business daddy will change… it just hasn’t yet. Company sales, especially big ones take time to finally close.
This segment really missed the boat in talking about how insecure so many products are out of the gate. If computer and device security wasn't such a joke, they wouldn't be trivially hackable.
Indeed. I was looking forward to see John address root causes (reckless negligence by software/IT suppliers, incompetent IT procurement in companies and lack of resources in IT departments) but it seems he was advised by the same "experts" that contribute to this insecure ecosystem. I'm just waiting for people downloading a fraudulent "authenticator" app in which they will share all their 2FA tokens...
Totally agree with you. No matter how tech-savvy or untraceable are these hackers, these tech and manufacturing companies can at least bind the two factor authentication by default with every product or service of theirs. Regarding the fraudulent "authenticator" app stealing all 2FA (two factor password authentication) tokens, its hard, if not impossible to create such a software to over-ride security built right inside the manufactured product or a service (software). The harder we make it for hackers, the easier and more worry-free lives of ours become.
There's an endless list of reasonable measures that can be taken to improve security. Bugs can be fixed. Development safety measures can be implemented. Safer languages can be used. Audits can be made less jokey. Defense in depth can be improved. Some things have improved in the last decade or so, but for the most part security is done merely for show and collecting approvals, not a serious effort to make things better.
One need only look at the "internet of things" space where things are getting recklessly worse for little to no benefit to anyone.
Ultimately security will not improve until it is more economically efficient to make secure products and software than it is to foist the consequences of insecure products and software onto the customers or simply pay the ransoms. There are few if any penalties for companies that are compromised beyond the immediate monetary ones.
@@joedillian indeed, I had hoped for the show to talk about how costs can be internalized again.
Defect rate tracking, time to fix tracking indices for vendors might help. Case law establishing a bar gross negligence might change things. Certainly light bulbs that form mesh networks on their own as side channels to ethenet with known security flaws and zero provision for updates should be beyond the pale. But they are on the shelves.
Companies: "Let's use complex networked software!"
Also companies: "Let's never bother to actually protect our mission critical software."
"Let's allow updates at the drop of a hat."
*parent company of said software gets hacked and ransomware is distributed*
Remember, always stay updated.
That, sadly, is the attitude. Cyber security is expensive and doesn't generate revenue. "If we get hacked, the government will step in and help".
Even better, let's force all of our products to live-stream their use information, have pathways for us to shut down any of our products being used in a way we don't like (even though we no longer own them) and not secure any of our data! - John Deere
As long as there is no angry mob of customers with forks and torches threatening to burn down HQ, don't expect a monopolist company to change their behaviour.
Evil Corp? How many Mr Robot references does this video have?!
Everything from hospitals with crappy cyber security to people hacking household electronics.
“Just picture the last time you searched for your keys around the house and then raise the stakes SIGNIFICANTLY” 🤣🤣
Others have said this, but it bears repeating. A lot. *_1)_* *Make regular backups that are stored offline*
*_2)_* Keep _multiple_ backups. One you update every week, and another you update every 2 wks or each month, stored at another location.
If you are a business, you should know how you need to adjust those schedules so you never lose much in case of flood, fire, or ransomware. If you are not running a business, *you are an easier target!* Do backups too, so you don't get trapped.
Don't have to back anything up if all you have is shitty games on your hard drive 😉
Would like to add, if possible, use one device for important buisness only (like e-banking etc.) and one where you browse around and watch porn. Your horny mind is much more likley to click on a dangerous link.
Our local hospital got hit with ransomware a few years ago. My husband works there and all the charts were locked. They went back to paper for over a month and reworked everything instead of paying. it was a huge deal.
3:51 "She's REALLY Russian ... Not the first time she's wished death on someone."
Yeah, the important part is that she's Russian, not that she lives in Boston...
Fitting that the malware spam bots are targeting this video a month after release...
lmao that combination explains a lot
I’d totally watch a Gameshow with the “teach a grandma how to buy Bitcoin” premise.
Replace Bitcoin with "Unlisted BSC Shitcoin" and I'm in.
I don’t even know how to use Bitcoin and I’m a millennial. I actually saw a Bitcoin MAC (ATM) machine in a gas station like wtf?
@@marquisdelafayette1929 No one knows anything until they learn. It's not like they cover it in school. It's also, truly, not very difficult.
If grandma can already use a computer successfully, then you've already climbed 95% of the hill to owning/using BTC, because that's way, way, WAY more difficult, both to learn, and to explain. As a person who has taught many an old fogey how to use a PC, teaching someone to use BTC seems like a fucking walk in the park.
@@marquisdelafayette1929 I own like $5 worth of BTC and I have no idea why or what to do with it haha I just kinda bought it on a whim. Crypto is so weird.
@@cinnamonsparrowdesigns Wait until the price goes up, then sell it. Its the only thing that its good for.
At this point in my LWT experience I was kind of expecting John to have ransomwared the russians at the end of the video.
Same here. He missed a perfect opportunity to do a collab with Mark Rober.
I kinda thought the episode would end with the Russian granny going beyond Bitcoin education to learn how to backtrace the hackers and go all Sopranos on them.
@@WanderingYankee Oohh, now that would be deviously awesome 😈
There's a weird juxtaposition between the cheery voice backed by innocent music and the concept of a wifi-enabled butt plug that is profoundly unsettling.
Cold storage backups, I tell all my clients to do it. Once you pay a ransom ware once, they know you'll probably do it again so it makes you a bigger target.
"Life just wouldn't be the same without you. And I really wished that life weren't always the same."
Thanks John, I think I just found my new catchphrase
WAKE UP BABE NEW JOHN OLIVER
I’m up I’m upppp
*Watch John Oliver on Mock The Week, if you want to see his early days*
STOP CALLING YOUR DAD BABE
Bon Joliver
It's 2AM... oh wait, John Oliver?? I'll put the coffee on
As an owner of a big snake:
My boa constrictor Kevin Snacon is doing great and has a wonderful quality of life.
Your snake has an awesome name! 😀👍
I'm gonna have to ask how long is Kevin Snacon 🐍
your snake sounds like the coolest snake EVER 😃
@@EpwnaExeter he's only about 10 months old and over 3ft. He'll be over 8ft as an adult male. Females get bigger.
I'd prefer Kevin Snacey, but to each his own... 😆
It happened to me at work a couple of years ago!
Definitely sold on never buying a smart thermostat.
You could just uninstall the smart thermostat and reinstall a dumb thermostat though.
Some of those things have been advertised by using arguments that made me go "If you program your "old" (or not-smart) thermostat correctly it will be warm when you enter home from work in the exact same way, no "smart" thermostat needed."
(For me, the privacy-factor also plays into this: if a smart thermostat can warm up your home because it knows you are on your way there, who has the possibility to look into that data?)
Here in Texas, we don't need hackers for our smart thermostats. The electric company does that job for them.
@@Dutch3DMaster yeah my semi smart thermostat is all I need no wifi connection needed I just look at the weather for the week and set my temperatures accordingly
Just get one that cannot access the web
21:30 This man deserves an emmy for that performance. The look he shoots at the end had me shook.
Are you sure he is acting? The technology actually exists. (:
Best skit of the segment.
The gas shutdown was done because Colonial turned off the flow when they couldn't track how much to bill clients. The hackers didn't close the valve, the company did.
Yup. All because they could charge people money for shit that taxpayers helped create.
Technically the company may have closed the gas line, as a DIRECT result of the hack. Whose fault it is, can of course be debated, but let's not forget the major contributor here.
@@TimoRutanen The major contributor? I'm guessing that you're referring to corporate greed, right?
@@reshhaverstahm7729 Well, I'm sure you can assign a part of the blame to greed if you like. But it also doesn't serve anyone's interest if the company goes tits up because it gave all its product away for free.
Let's not get too deep into defending russian hackers here.
@@TimoRutanen It's hard to figure out if these people are serious or not. I mean, do they really think if a grocery store loses power or their check-out system goes down they are supposed to just wave people through with free items? How in the hell do these people think businesses actually function, from the smallest mom & pop stores to the "biggest evil corporations"?
Newt Gingrich is hilarious lol
“The Faster Idiot” will be a book title in the next year, with no credit given.
"The Max Power Way," would ALSO be an appropriate enough title. (Some comment elsewhere reminded me of the appropriate Simpsons clip within the past year/couple months, so I looked up said clip, shared the link to it, and got a recent waaaaay-after-the-fact Like on said link-share.) :P
Its a well known type of phrase (in economics) just like the “bigger idiot” etc.
The title works for all kinds of books from safari guides for families to the zombie apocalypse survival tips.