1
00:00:00,000 --> 00:00:00,000


2
00:00:11,119 --> 00:00:13,409
Good morning , Joel . Good morning . 

3
00:00:13,909 --> 00:00:15,729
Hey Joel . Hey there . 

4
00:00:27,290 --> 00:00:28,959
Yeah . Uh 

5
00:00:32,529 --> 00:00:34,689
Joel , get in here . 

6
00:00:38,689 --> 00:00:40,580
We've been hacked , hacked 

7
00:00:49,669 --> 00:00:53,029
Joel . Joel . 

8
00:00:53,849 --> 00:00:57,790
Snap out of it . Get to your station . 

9
00:00:58,049 --> 00:00:59,680
Sorry , sorry . 

10
00:01:07,059 --> 00:01:10,080
My project , I work all week on that . 

11
00:01:17,370 --> 00:01:19,910
What was that ? What's going on ? 

12
00:01:25,970 --> 00:01:26,809
Oh , no . 

13
00:01:35,629 --> 00:01:36,629
Yeah , 

14
00:01:40,040 --> 00:01:42,080
you shall not pass . 

15
00:01:51,379 --> 00:01:53,800
And our I T team was able to find some 

16
00:01:53,809 --> 00:01:55,698
malicious code and shut it down . 

17
00:01:55,910 --> 00:01:57,966
Initial forensics seemed to indicate 

18
00:01:57,966 --> 00:02:01,139
that no data was taken . What was the 

19
00:02:01,150 --> 00:02:02,949
goal ? Then any ideas 

20
00:02:06,209 --> 00:02:08,265
could be just testing our response , 

21
00:02:08,265 --> 00:02:10,320
but we won't be sure for a couple of 

22
00:02:10,320 --> 00:02:12,630
days when forensics wraps up . Are we 

23
00:02:12,639 --> 00:02:14,919
doing anything to enhance security on 

24
00:02:14,929 --> 00:02:17,410
our systems ? In case it happens again , 

25
00:02:17,759 --> 00:02:20,399
the team is working that now additional 

26
00:02:20,410 --> 00:02:22,743
anti intrusion measures are being added . 

27
00:02:22,860 --> 00:02:25,259
Software updates are being pushed short 

28
00:02:25,270 --> 00:02:27,326
term . Everybody should change their 

29
00:02:27,326 --> 00:02:29,326
passwords . A hardware update would 

30
00:02:29,326 --> 00:02:31,214
help us as well . But I know that 

31
00:02:31,214 --> 00:02:33,381
wasn't prioritized this year . Do what 

32
00:02:33,381 --> 00:02:35,492
you can for now and we'll take a look 

33
00:02:35,492 --> 00:02:37,659
at the budget immediately to see where 

34
00:02:37,659 --> 00:02:39,881
we can adjust . How bad could this have 

35
00:02:39,881 --> 00:02:42,048
been ? Remember when that fishing scam 

36
00:02:42,048 --> 00:02:44,048
happened a few years back ? Fishing 

37
00:02:44,048 --> 00:02:46,103
Pete opened that email and was duped 

38
00:02:46,103 --> 00:02:48,326
into revealing personal or confidential 

39
00:02:48,326 --> 00:02:50,214
information and a scammer used it 

40
00:02:50,214 --> 00:02:52,479
illicitly . Right . The Pete thing . 

41
00:02:52,960 --> 00:02:55,127
I'm sorry . It's been a long morning . 

42
00:02:55,850 --> 00:02:58,330
Look , that was just Pete's information 

43
00:02:58,339 --> 00:03:00,419
that got taken . It could get a lot 

44
00:03:00,429 --> 00:03:02,550
worse than that . Imagine what would 

45
00:03:02,559 --> 00:03:04,670
happen if everybody's information had 

46
00:03:04,670 --> 00:03:06,837
been stolen . Like the whole company's 

47
00:03:06,837 --> 00:03:09,003
information . Absolutely . These cyber 

48
00:03:09,003 --> 00:03:11,259
threats can be innate or man made , 

49
00:03:11,270 --> 00:03:12,770
they can be intentional or 

50
00:03:12,770 --> 00:03:15,070
unintentional , but they are always 

51
00:03:15,080 --> 00:03:17,210
detrimental to systems that are 

52
00:03:17,220 --> 00:03:19,179
dependent on or operate through 

53
00:03:19,190 --> 00:03:22,089
cyberspace or cyber domain . This 

54
00:03:22,100 --> 00:03:24,433
doesn't seem like fishing Joel . I know . 

55
00:03:24,433 --> 00:03:26,770
And that worries me . You see this kind 

56
00:03:26,779 --> 00:03:28,557
of thing a lot with attempts at 

57
00:03:28,557 --> 00:03:29,946
intrusion and sabotage . 

58
00:03:33,330 --> 00:03:35,529
Yeah . Pushed 

59
00:03:39,350 --> 00:03:42,309
Mr Frank that 

60
00:03:45,160 --> 00:03:48,360
even this uh 

61
00:03:52,330 --> 00:03:53,497
keep away from her . 

62
00:04:13,839 --> 00:04:17,789
Now choose this certificate . Ok . Now , 

63
00:04:17,799 --> 00:04:21,440
try to open your email . Ah , 

64
00:04:21,450 --> 00:04:23,920
great . Sorry about that . Non , thanks 

65
00:04:23,929 --> 00:04:25,540
for your help . No problem . 

66
00:04:28,529 --> 00:04:32,269
Wait , that's not right . Non . 

67
00:04:32,779 --> 00:04:34,168
Non , what's happening . 

68
00:04:37,059 --> 00:04:37,899
No , 

69
00:04:43,010 --> 00:04:46,209
Joel , we know , I don't know how they 

70
00:04:46,220 --> 00:04:48,220
got through the new firewalls . Did 

71
00:04:48,220 --> 00:04:50,387
they gain access to anything ? I don't 

72
00:04:50,387 --> 00:04:51,387
know yet . We , 

73
00:05:01,299 --> 00:05:03,299
but we still don't know who's doing 

74
00:05:03,299 --> 00:05:05,243
this . Not yet . How much are they 

75
00:05:05,243 --> 00:05:08,260
asking for ? 600 stick coin dix coin ? 

76
00:05:08,369 --> 00:05:11,250
It's a Cryptocurrency . How much is 

77
00:05:11,260 --> 00:05:14,649
that ? About $30 

78
00:05:14,880 --> 00:05:17,630
million ? Oh , no , that's crazy . 

79
00:05:17,640 --> 00:05:20,380
Sarah . That will put us deep and red 

80
00:05:20,390 --> 00:05:23,779
this quarter boss . She's right . We'll 

81
00:05:23,790 --> 00:05:25,957
be cash negative for a long time if we 

82
00:05:25,957 --> 00:05:27,957
pay . Not to mention that once this 

83
00:05:27,957 --> 00:05:30,068
went viral , our stock took a massive 

84
00:05:30,068 --> 00:05:32,068
hit . Look , I know nobody wants to 

85
00:05:32,068 --> 00:05:34,179
hear this but we're way beyond damage 

86
00:05:34,179 --> 00:05:36,679
control . I think we should just pay . 

87
00:05:37,029 --> 00:05:39,149
It's the path of least resistance . 

88
00:05:39,160 --> 00:05:41,489
Sure . But I've read about these types 

89
00:05:41,500 --> 00:05:43,722
of attacks and we could be dealing with 

90
00:05:43,722 --> 00:05:46,380
this for months , paying the ransom 

91
00:05:46,390 --> 00:05:48,600
would solve this right away . But I 

92
00:05:48,609 --> 00:05:51,450
know Sarah , I know this might not stop 

93
00:05:51,459 --> 00:05:53,809
another attack or they may not even 

94
00:05:53,820 --> 00:05:56,589
decrypt everything in the short term . 

95
00:05:56,600 --> 00:05:58,559
It's the right thing to do . I've 

96
00:05:58,570 --> 00:06:00,500
already reached out to the FBI . 

97
00:06:01,029 --> 00:06:03,029
They're the lead federal agency for 

98
00:06:03,029 --> 00:06:04,807
investigating cyber attacks and 

99
00:06:04,807 --> 00:06:07,940
intrusions . The FBI . You don't think 

100
00:06:07,950 --> 00:06:10,269
that's a little premature . Now we 

101
00:06:10,279 --> 00:06:12,446
alert them any time this sort of thing 

102
00:06:12,446 --> 00:06:14,446
happens . I don't know who is doing 

103
00:06:14,446 --> 00:06:16,612
this , but any adversary would look to 

104
00:06:16,612 --> 00:06:18,501
exploit gaps in our information , 

105
00:06:18,501 --> 00:06:20,839
security networks and intelligence . 

106
00:06:21,339 --> 00:06:22,980
The FBI collects and shares 

107
00:06:22,989 --> 00:06:25,100
intelligence and engages with victims 

108
00:06:25,100 --> 00:06:27,267
while working to unmask the people and 

109
00:06:27,267 --> 00:06:29,359
groups that commit cybercrimes . The 

110
00:06:29,369 --> 00:06:31,200
FBI will also work with federal 

111
00:06:31,209 --> 00:06:33,480
counterparts , foreign partners and the 

112
00:06:33,489 --> 00:06:35,711
private sector to make sure that we can 

113
00:06:35,711 --> 00:06:37,839
close any gaps to protect ourselves 

114
00:06:37,850 --> 00:06:40,072
better . I'm sure we'll be hearing from 

115
00:06:40,072 --> 00:06:42,070
them soon . I'll call an emergency 

116
00:06:42,079 --> 00:06:44,301
session and see what the board wants to 

117
00:06:44,301 --> 00:06:46,523
do . Mark , why don't you work with non 

118
00:06:46,523 --> 00:06:48,635
Joel and I T in order to come up with 

119
00:06:48,635 --> 00:06:50,579
short term plans to implement more 

120
00:06:50,579 --> 00:06:52,579
security measures to make sure this 

121
00:06:52,579 --> 00:06:53,857
doesn't happen again . 

122
00:07:04,839 --> 00:07:06,980
We need to upgrade all of this . Not 

123
00:07:06,989 --> 00:07:09,045
all of it . Most countermeasures are 

124
00:07:09,045 --> 00:07:11,267
software based , but a lot of these are 

125
00:07:11,267 --> 00:07:13,211
outdated and could be replaced are 

126
00:07:13,211 --> 00:07:15,267
older systems more vulnerable . They 

127
00:07:15,267 --> 00:07:17,190
can be . But what we do here is 

128
00:07:18,980 --> 00:07:21,091
sorry , Mark , wait just one minute . 

129
00:07:21,510 --> 00:07:22,329
No worries . 

130
00:07:47,290 --> 00:07:47,750
Hm . 

131
00:07:51,149 --> 00:07:53,420
For more information on cyber threats , 

132
00:07:53,429 --> 00:07:56,880
visit our website at C dot edu 

133
00:07:59,929 --> 00:08:01,873
if you or someone , you know , has 

134
00:08:01,873 --> 00:08:04,100
experienced a cyber threat detail , the 

135
00:08:04,109 --> 00:08:06,331
incident in writing , report it to your 

136
00:08:06,331 --> 00:08:08,929
direct supervisor and your security and 

137
00:08:08,940 --> 00:08:10,640
insider threat offices .