Wikileaks has announced Vault 7, a massive collection of documents that show how the CIA uses malware and other hacking techniques to spy online. Some of the techniques includes using smartTVs as a spying device since they use cameras and microphones built into the TVs. Samsung warned of this in their terms of service for their TVs last year. But Leo says that the CIA doesn't really have a switch to turn on all TVs, and if they did, the data they'd receive would be so massive and 99.9% of it would be useless. It could be used for targeted eavesdropping, though.
Ryan wants to know how would he know if his computer had been hacked. Leo says that he can always scan his computer with antivirus software and with Microsoft's Malicious Software Removal Tool. In many cases, hackers are getting around that by moving their malware into routers and other "internet of things" devices. This is why updating the router's firmware is vital.
Pwn2Own is an annual competition held at CanSacWest in Canada. Prizes are awarded to the hackers who can most quickly hack various operating systems and programs. This year a million dollars in prizes will be awarded, meaning it attracts the best hackers in the world. The money awarded is directly related to the difficulty in hacking the target. The most money goes to anyone who can hack an Apache web server.
The Russian hacking story is now all over the news, especially after the joint agency report about the hacking. Many security experts aren't basing their assessment on that report, and it was most likely misdirection for public consumption having nothing to do with the actual information. In the report, they listed about a hundred IP addresses that they believe were used by Russian government hackers. The problem with those IP addresses is that a lot of them are TOR exit nodes, which could have been used by anyone.
Leo says that the alleged hacking by the Russians in our election was a "bush league" spear phishing attack that allowed hackers to gain access to emails from the Democrat National Committee. Leo says we need to know more about it. It seems to Leo that this attack was more like North Korea hacking Sony.
In this election season, Leo says that touch screen voting machines are simply a bad idea. Technology can be a great thing, but not everything needs to be high tech. Voting machines need to be highly secure, must be constantly calibrated, and are ripe for hacking. Just because we can do it, doesn't mean we should, and voting machines are a great example of that. By keeping paper ballots, there's also a paper trail, so it's harder for someone to falsify them.
President Obama has ordered the CIA to develop a "proportional response" to the reported Russian hacking of the DNC which exposed emails about the Clinton campaign. But Leo says what could the CIA expose by hacking the Kremlin? Putin posts bare chested pictures of himself on Instagram? The man is embarrassed by nothing! And could such a response cause an escalation? Leo says that our utility infrastructure is vulnerable to hacking and such a cyber war could devolve into crippling our electrical grid ... or worse.
An obscure committee wants to grant the government with more hacking abilities. It comes from the advisory committee on criminal rules for the Judicial Conference of the United States. The amendment would update Rule 41 of the Federal Rules of Criminal Procedure.
Bob (aka Flob) has come across Kevin Mitnick's site called KnowBe4. Leo says that Kevin is an old friend and he's followed his life since being a hacker and being arrested. Leo had him on the show and he's reformed and created a business to train businesses and employees to not be victim's of hackers and social engineering. It's about time to get him back on the air.
A British teenager has hacked both the FBI and the Department of Homeland Security. Using the tried and true method of social engineering, the teen managed to hack into an email account of a DOJ employee and then used that information to call in and gain access. Then he published the names and addresses of FBI and Department of Homeland Security agents online. Though the teen has been arrested, he claims to have over 300GB of more data that he plans to publish online.