1 00:00:00,476 --> 00:00:05,156 . Crime is probably the most social activity in the whole world. 2 00:00:05,586 --> 00:00:10,656 So these offenders are, in most cases, going to connect with each other. 3 00:00:10,966 --> 00:00:14,536 no one is able to hack into a large organization alone. 4 00:00:14,916 --> 00:00:18,216 And so that's where you strike, where you need to be able to 5 00:00:18,216 --> 00:00:19,806 monitor these conversations, 6 00:00:21,956 --> 00:00:26,066 The dark web is one of those terms we throw around a lot. 7 00:00:26,576 --> 00:00:33,146 Usually linked to a crime hacking or shadowy marketplaces, but many people 8 00:00:33,146 --> 00:00:39,146 don't really understand what it is, how it works, or why it matters to cybersecurity. 9 00:00:40,271 --> 00:00:44,831 Today we're gonna dig into that world with someone who spent his career studying it. 10 00:00:45,581 --> 00:00:50,681 David Decary-Hetu is a criminologist at the University of Montreal, one of 11 00:00:50,681 --> 00:00:55,361 Canada's leading experts on the dark web and online criminal networks. 12 00:00:55,751 --> 00:01:00,131 His research looks at how these markets form, how they operate under the cover 13 00:01:00,131 --> 00:01:05,711 of anonymity and how they adapt when law enforcement tries to shut them down. 14 00:01:06,761 --> 00:01:11,621 But I wanna start with the basics, what the dark web is actually, and then 15 00:01:11,621 --> 00:01:15,641 dive deeper into the economics, the players, and the cat and mouse game 16 00:01:15,641 --> 00:01:17,471 between investigators and criminals. 17 00:01:17,741 --> 00:01:20,231 And at the end we'll look at where this is heading next. 18 00:01:20,828 --> 00:01:23,358 Here's my conversation with David Decary-Hetu 19 00:01:24,386 --> 00:01:25,346 Good to meet you first of all. 20 00:01:26,216 --> 00:01:26,816 Likewise. 21 00:01:26,876 --> 00:01:33,076 Likewise, you, I, again, I'm consistently surprised at what's happening in Montreal. 22 00:01:33,256 --> 00:01:35,986 You're a professor at the University of Montreal, but you're affiliated 23 00:01:35,986 --> 00:01:38,986 with the International Center for Comparative Criminology. 24 00:01:39,036 --> 00:01:40,356 I was looking at the website. 25 00:01:40,356 --> 00:01:44,526 That's a pretty large enterprise sitting there, and can you 26 00:01:44,526 --> 00:01:45,426 tell me a little bit about it? 27 00:01:45,936 --> 00:01:48,906 Yeah, it's the biggest research, francophone research 28 00:01:48,906 --> 00:01:50,076 center in criminology. 29 00:01:50,496 --> 00:01:54,576 And, basically we're interested in anything related to crime. 30 00:01:54,816 --> 00:01:59,106 So we have people looking at offenders, people looking at regulators, 31 00:01:59,346 --> 00:02:00,786 people looking at law enforcement. 32 00:02:01,136 --> 00:02:04,076 how do criminal laws get changed? 33 00:02:04,106 --> 00:02:08,566 So across all gambit, everything is interesting to our researchers. 34 00:02:08,596 --> 00:02:10,756 We have, I believe, 80 of them now. 35 00:02:11,086 --> 00:02:14,296 yeah, pretty big center and known throughout the world and 36 00:02:14,296 --> 00:02:15,736 partnerships across the world. 37 00:02:16,111 --> 00:02:16,801 Yeah, of course. 38 00:02:16,801 --> 00:02:16,951 Yeah. 39 00:02:16,951 --> 00:02:21,651 It's been around for 60 years and we try to stay active and yeah, so 40 00:02:21,651 --> 00:02:25,611 we connect with people in Europe, the states, other places in Canada. 41 00:02:25,691 --> 00:02:26,021 Yep. 42 00:02:26,171 --> 00:02:29,551 It's, so I'm the director for the center for the, for this year. 43 00:02:29,581 --> 00:02:33,131 the director is, away on sabbatical and, yeah. 44 00:02:33,131 --> 00:02:37,431 So it's, it's proven a fun challenge to handle and to manage, this big thing. 45 00:02:38,151 --> 00:02:40,911 I have to ask, how did you get into criminology? 46 00:02:40,916 --> 00:02:42,971 What was, what made you so interested in it? 47 00:02:43,711 --> 00:02:46,231 actually I was on a leap year. 48 00:02:46,776 --> 00:02:51,336 And one of my friend, she had one of her homework, she had to go to the library 49 00:02:51,726 --> 00:02:54,306 and watch interviews with serial killers. 50 00:02:54,426 --> 00:02:57,806 And, I was like, that's what your professors have you do at night. 51 00:02:57,806 --> 00:02:58,706 And she was like, yeah. 52 00:02:59,156 --> 00:03:01,996 I was like, okay, maybe that's something that I could, Like doing. 53 00:03:02,326 --> 00:03:05,296 And so I applied to it, got in. 54 00:03:05,716 --> 00:03:10,806 and I was lucky just because, now in our undergrad program, we accept fewer 55 00:03:10,806 --> 00:03:12,966 than 10% of the people who apply. 56 00:03:13,026 --> 00:03:16,596 So we have maybe 15, a hundred applicants. 57 00:03:16,896 --> 00:03:18,636 We take about 120. 58 00:03:19,026 --> 00:03:24,156 So the students who get in are amazing students now a plus students. 59 00:03:24,456 --> 00:03:26,526 So it's really hard to get into criminology now. 60 00:03:26,851 --> 00:03:32,291 it's one of the most difficult program to get into, at the university, but the need 61 00:03:32,291 --> 00:03:34,451 was never greater for people in that area. 62 00:03:34,641 --> 00:03:35,331 we, yeah. 63 00:03:35,431 --> 00:03:39,371 it's we're never gonna run outta crime, so that's, and crime keeps changing. 64 00:03:39,371 --> 00:03:42,751 Cyber crime, everything but we'll be talking about today also. 65 00:03:43,126 --> 00:03:47,126 yeah, I think there's a, sadly, I feel the same way about doing a cybersecurity show 66 00:03:47,126 --> 00:03:52,196 is I'm not gonna, I always thought, you're gonna run outta things to say, Nope, no. 67 00:03:52,536 --> 00:03:53,106 it's, let's talk. 68 00:03:54,276 --> 00:03:57,606 I was gonna say, it's many of the same stories that are repeated, but there's 69 00:03:57,606 --> 00:04:00,306 a few new nuggets here and there. 70 00:04:00,516 --> 00:04:04,356 Yeah, there's always a creative twist and I invited you on to 71 00:04:04,356 --> 00:04:06,141 talk about the dark web and Yep. 72 00:04:06,486 --> 00:04:09,246 I, one of the reasons I wanted to do that, a lot of our audience is 73 00:04:09,246 --> 00:04:13,596 fairly sophisticated and I think they probably know about it, but I think 74 00:04:13,596 --> 00:04:16,926 it's one of those topics that people don't know what they don't know. 75 00:04:17,451 --> 00:04:18,311 Yeah, if Yeah. 76 00:04:18,311 --> 00:04:22,991 So can you, can we start with just a description of what the dark web is? 77 00:04:23,681 --> 00:04:24,161 Yeah, sure. 78 00:04:24,191 --> 00:04:29,441 So the Dark web, many people think it's a place that you go to, but it's really not. 79 00:04:29,501 --> 00:04:32,981 You really have to see it as a communication channel. 80 00:04:32,981 --> 00:04:36,581 So basically it's something you use to communicate with someone 81 00:04:36,581 --> 00:04:38,531 else anonymously on the internet. 82 00:04:39,086 --> 00:04:40,856 That's pretty much all it is. 83 00:04:41,246 --> 00:04:46,496 the great thing about the dark web is that you can connect to websites, chat rooms, 84 00:04:46,556 --> 00:04:51,896 any online service without having to disclose who you are, where you come from. 85 00:04:52,286 --> 00:04:55,376 But these services can also use the dark web to hide their 86 00:04:55,376 --> 00:04:56,846 identity, their location. 87 00:04:57,116 --> 00:04:58,826 So I can, for example. 88 00:04:59,216 --> 00:05:03,776 Host a website and say, only people who go through the dark web are gonna 89 00:05:03,776 --> 00:05:05,306 be able to connect to my platform. 90 00:05:05,726 --> 00:05:09,566 And so this means that I don't know who my visitors are and my 91 00:05:09,566 --> 00:05:11,786 visitors have no idea who I am. 92 00:05:12,446 --> 00:05:17,456 And that's been one of the big challenges for law enforcement because there's all 93 00:05:17,456 --> 00:05:22,076 these websites selling illicit drugs, firearms and other things like that. 94 00:05:22,436 --> 00:05:26,306 And you can connect to the platform very easily, and yet 95 00:05:26,306 --> 00:05:27,986 there's no way for you to know. 96 00:05:28,361 --> 00:05:29,291 Who's behind it? 97 00:05:29,561 --> 00:05:32,561 Where is that server located and how do you take it down? 98 00:05:32,591 --> 00:05:33,826 So that's been the big challenge of it. 99 00:05:34,856 --> 00:05:38,396 And that's largely the technology for the, and I think most of our audience 100 00:05:38,396 --> 00:05:43,226 will know, but there's a Tor browser and I think the onion, you just explain 101 00:05:43,226 --> 00:05:46,756 a little bit about the technology for those who don't know what powers this? 102 00:05:46,756 --> 00:05:51,466 Yeah, so the dark web or the dark net, whatever name you, you use is. 103 00:05:52,176 --> 00:05:55,836 The label that we apply to a number of technologies that can 104 00:05:55,836 --> 00:05:58,446 be used to stay anonymous online. 105 00:05:58,906 --> 00:06:03,076 so we've all heard of the Tour Network, which is probably the 106 00:06:03,076 --> 00:06:05,186 biggest, part of the dark web. 107 00:06:05,466 --> 00:06:08,166 just because the Tour Network has the most funding. 108 00:06:08,466 --> 00:06:10,596 It's been around for over 20 years. 109 00:06:10,896 --> 00:06:15,516 and they were lucky because they were actually funded by the US government who 110 00:06:15,516 --> 00:06:17,646 still funds the operations to this day. 111 00:06:18,076 --> 00:06:22,516 and because they got this funding, they were able to develop, for example, 112 00:06:22,516 --> 00:06:24,076 what you mentioned, the tour browser. 113 00:06:24,496 --> 00:06:29,806 So when you use a dark web, there's a whole lot of cryptography that's 114 00:06:29,806 --> 00:06:33,136 happening, a whole lot of things that are happening in the background. 115 00:06:33,556 --> 00:06:36,346 And the tour people, because of this funding, we're able to 116 00:06:36,346 --> 00:06:40,606 hire programmers who could make it absolutely seamless to use. 117 00:06:40,876 --> 00:06:45,016 So that's how they've developed the tour browser, which is a modified 118 00:06:45,016 --> 00:06:46,426 version of the Firefox browser. 119 00:06:46,951 --> 00:06:50,851 Which enables you to connect to resources that are only 120 00:06:50,851 --> 00:06:52,771 accessible through the dark web. 121 00:06:53,361 --> 00:06:57,421 when you are using this, it looks like just another website, but it's actually a 122 00:06:57,421 --> 00:07:00,211 lot of crypto hiding everyone's identity. 123 00:07:00,731 --> 00:07:05,291 the other dark web, so I two P for example, they don't have the same budgets. 124 00:07:05,321 --> 00:07:07,991 They don't have the same number of developers and. 125 00:07:08,456 --> 00:07:11,546 It's very easy to say, ah, we're gonna take Firefox, and then 126 00:07:11,546 --> 00:07:14,966 we're gonna modify it so that you can connect to these platforms. 127 00:07:15,326 --> 00:07:20,306 Problem is Firefox gets updated every week, if not every day, so every 128 00:07:20,306 --> 00:07:21,896 time there's a change in Firefox. 129 00:07:22,721 --> 00:07:26,261 You have to update the browser that you made that allows you 130 00:07:26,261 --> 00:07:27,431 to connect to your network. 131 00:07:27,761 --> 00:07:30,131 And so that requires a lot of engineering time. 132 00:07:30,391 --> 00:07:32,981 if you wanna stay, safe and anonymous. 133 00:07:33,191 --> 00:07:34,721 So that's been the main challenge. 134 00:07:35,321 --> 00:07:38,801 And who, you said that the American government initially funded this. 135 00:07:38,801 --> 00:07:40,391 Who supports this? 136 00:07:40,391 --> 00:07:40,751 Now? 137 00:07:40,751 --> 00:07:42,591 I'm, first, I'm shocked that I didn't know that. 138 00:07:42,591 --> 00:07:44,571 But the second thing is who supports it now? 139 00:07:45,121 --> 00:07:48,211 so to the best of my knowledge, the US government, maybe it's changed 140 00:07:48,211 --> 00:07:49,741 since the last administration. 141 00:07:49,771 --> 00:07:51,451 maybe these budgets have been cut. 142 00:07:51,791 --> 00:07:56,201 but traditionally it's been donations and the US government who paid the 143 00:07:56,201 --> 00:08:02,531 majority of this and this network was developed so that the US military and 144 00:08:02,531 --> 00:08:07,331 the Navy could communicate with their spies all over the world anonymously. 145 00:08:07,511 --> 00:08:11,941 And so if you have a spy in Iran. 146 00:08:12,331 --> 00:08:17,461 And he's connecting to a server in the states, the Iranian government's gonna 147 00:08:17,461 --> 00:08:20,371 see this connection and they're gonna say, maybe we should go and knock on 148 00:08:20,371 --> 00:08:22,651 that door, see what that person is doing. 149 00:08:23,091 --> 00:08:27,741 if they're using the tour network, there's no way for these governments to 150 00:08:27,741 --> 00:08:29,811 know to what website you're connecting. 151 00:08:30,141 --> 00:08:31,641 So that's great. 152 00:08:31,671 --> 00:08:32,721 But at the same time. 153 00:08:33,171 --> 00:08:38,511 If only spies use these networks, then it's very easy to just flag them 154 00:08:38,571 --> 00:08:42,381 in your network and go and see the people who use this tour network. 155 00:08:42,831 --> 00:08:48,441 And so that's why the Tour Network was funded by the US government, but also 156 00:08:48,651 --> 00:08:54,021 open to everyone, because basically we're providing cover for spies all 157 00:08:54,021 --> 00:08:59,406 over the world, basically inadvertently creating a. A, a network that would 158 00:08:59,406 --> 00:09:01,536 come back to bite us in many cases. 159 00:09:02,226 --> 00:09:04,506 but then that to hide spies Exactly. 160 00:09:04,536 --> 00:09:08,496 and provide a tool for freedom fighters and journalists. 161 00:09:08,556 --> 00:09:08,736 Yep. 162 00:09:08,826 --> 00:09:09,786 And whistleblowers. 163 00:09:09,786 --> 00:09:12,516 So there's many use cases for this, of course. 164 00:09:12,546 --> 00:09:15,206 But that was the reasoning for creating this network. 165 00:09:15,326 --> 00:09:17,966 So where does the onion fit into this? 166 00:09:18,836 --> 00:09:22,766 Yeah, so basically what you have when you're using the Tour Network in this 167 00:09:22,766 --> 00:09:25,256 example is you have multiple layers. 168 00:09:25,256 --> 00:09:30,866 So they've updated a protocol, and now it's not as simplistic as this, but in 169 00:09:30,866 --> 00:09:37,526 the original kind of design, you had three computers between you and whatever 170 00:09:37,526 --> 00:09:38,996 platform you wanted to connect to. 171 00:09:39,476 --> 00:09:44,096 And basically the first platform that you connect to knows who you are, but 172 00:09:44,096 --> 00:09:46,376 they have no idea where you want to go. 173 00:09:46,946 --> 00:09:50,906 The last platform in this chain knows where you want to go, but 174 00:09:50,906 --> 00:09:52,316 they have no idea who you are. 175 00:09:52,676 --> 00:09:56,246 And you need someone in the middle that connect your entry 176 00:09:56,246 --> 00:09:58,046 guard and your exit relay. 177 00:09:58,436 --> 00:10:03,566 And so you tell the first relay, I would like to go somewhere, but I'm 178 00:10:03,566 --> 00:10:07,826 not gonna tell you where the second relay passes on your information 179 00:10:07,826 --> 00:10:09,476 to the last one in the chain. 180 00:10:09,776 --> 00:10:13,406 And then this exit relay is gonna go and fetch the content for you. 181 00:10:13,886 --> 00:10:19,256 So that's why we have this peeling of layers basically, where when I 182 00:10:19,256 --> 00:10:24,836 send my request to the first relay, all they know is they have to forward 183 00:10:25,166 --> 00:10:28,406 my request to someone else, but they have no idea what my packet's 184 00:10:28,406 --> 00:10:29,906 contained because that's all encrypted. 185 00:10:30,206 --> 00:10:31,536 So that's why you have this, this. 186 00:10:33,876 --> 00:10:34,626 Interesting. 187 00:10:35,106 --> 00:10:38,876 So you, for the all intents and purposes. 188 00:10:38,876 --> 00:10:42,176 and I asked to tell our listeners, you, if you don't know what you're 189 00:10:42,176 --> 00:10:43,616 doing, you shouldn't be there anyway. 190 00:10:43,616 --> 00:10:45,956 So many of us have not been on the dark web. 191 00:10:45,956 --> 00:10:46,016 No. 192 00:10:46,436 --> 00:10:49,346 but what, but how do you find your way around? 193 00:10:49,526 --> 00:10:50,486 There's no search. 194 00:10:50,516 --> 00:10:51,326 Is there a search? 195 00:10:51,326 --> 00:10:54,446 What do you If regular internet. 196 00:10:55,106 --> 00:10:55,286 Yeah. 197 00:10:55,286 --> 00:10:56,241 so no one is. 198 00:10:56,636 --> 00:11:00,776 Indexing the content that is accessible through the dark web. 199 00:11:00,776 --> 00:11:04,436 So once again, you can't really go on the dark web, even though I say it all 200 00:11:04,436 --> 00:11:06,536 the time, but you can't really go on it. 201 00:11:06,836 --> 00:11:08,666 You can just use it to go somewhere. 202 00:11:09,086 --> 00:11:13,566 and, the traditional search engines are not really interested by the content 203 00:11:13,596 --> 00:11:17,006 that's accessible through the back web, because in most cases, It's gonna be 204 00:11:17,006 --> 00:11:19,676 sex, drugs, illicit firearms, whatever. 205 00:11:20,006 --> 00:11:22,826 So nothing that you can monetize that easily. 206 00:11:23,216 --> 00:11:27,786 so there are some search engines, but the whole point of the 207 00:11:27,786 --> 00:11:29,406 tour network is word of mouth. 208 00:11:29,466 --> 00:11:34,266 So basically you shouldn't publish the URLs for these 209 00:11:34,266 --> 00:11:36,696 resources openly on the internet. 210 00:11:36,696 --> 00:11:37,941 You're supposed to share it among. 211 00:11:38,631 --> 00:11:40,071 Friends, small groups. 212 00:11:40,461 --> 00:11:44,961 And so this is where you go back to the good old days of the nineties and the 213 00:11:44,961 --> 00:11:47,481 search engines where we had directories. 214 00:11:47,511 --> 00:11:50,601 And so basically you have all these websites that you have 215 00:11:50,601 --> 00:11:53,331 to know and they have lists. 216 00:11:53,331 --> 00:11:57,981 if you wanna buy drugs, here's a list of markets that you can connect to and 217 00:11:57,981 --> 00:11:59,601 they're gonna provide to you the service. 218 00:11:59,841 --> 00:12:03,101 If you're looking for, Porn content, here's a list. 219 00:12:03,101 --> 00:12:06,731 So it's the good old days of the directories that have to be maintained 220 00:12:06,911 --> 00:12:09,091 and just taken care of by individuals. 221 00:12:10,021 --> 00:12:10,531 Interesting. 222 00:12:10,981 --> 00:12:14,371 So it's actually a lot like the old days where you had, you don't have 223 00:12:14,461 --> 00:12:16,361 search, you had lists, Exactly. 224 00:12:17,061 --> 00:12:18,501 yahoos, yeah. 225 00:12:18,501 --> 00:12:20,181 You think Yahoo started as a list? 226 00:12:20,421 --> 00:12:22,176 So that's how they circulate these addresses. 227 00:12:22,716 --> 00:12:25,516 Between the people who want to be on the dark web . Yeah. 228 00:12:25,516 --> 00:12:30,826 and so the URLs, anyone can just, set up their own URL. 229 00:12:30,826 --> 00:12:33,496 You don't need to register it with a registrar. 230 00:12:33,496 --> 00:12:37,036 You just create, your own, your own domain name, and then you 231 00:12:37,036 --> 00:12:38,416 just publish content thread. 232 00:12:38,836 --> 00:12:41,366 I sometimes teach, wait a minute, you don't have to. 233 00:12:42,851 --> 00:12:45,281 You don't have to put it through a registrar, but you 234 00:12:45,281 --> 00:12:46,751 still have your domain name. 235 00:12:47,021 --> 00:12:47,201 Yeah. 236 00:12:47,201 --> 00:12:49,961 Because if you had to register your domain, then you know 237 00:12:50,021 --> 00:12:51,431 you have to show who you are. 238 00:12:51,431 --> 00:12:51,491 Yeah. 239 00:12:51,731 --> 00:12:53,621 So that would create its whole host of problem. 240 00:12:53,891 --> 00:12:57,041 So you basically just publish on the internet. 241 00:12:57,581 --> 00:13:01,161 There's this URL and if you guys are interested by it, go 242 00:13:01,161 --> 00:13:04,341 to this relay and they'll feed you and I'll get your request. 243 00:13:04,641 --> 00:13:08,971 And they're gonna be my proxy or my presence online, so that you can find me. 244 00:13:09,616 --> 00:13:13,806 So the relays are like our DNS servers, is that Yeah, And, yeah. 245 00:13:13,806 --> 00:13:19,826 And in the, sometimes I teach to law enforcement and within 15 or 20 minutes, 246 00:13:20,336 --> 00:13:24,446 all the law enforcement officers in my class, they can be hosting, 247 00:13:24,836 --> 00:13:28,376 drug dealing website that's hosted or accessible through the dark web. 248 00:13:28,656 --> 00:13:31,176 I usually go for fake watches, so I just. 249 00:13:31,596 --> 00:13:35,406 Clone a website that's, selling counterfeit watches and 250 00:13:35,406 --> 00:13:40,476 everyone in the room is hosting their own fake watch website. 251 00:13:40,716 --> 00:13:43,596 Of course, we're not shipping or sending anything illegal. 252 00:13:43,886 --> 00:13:45,386 but yeah, it's extremely easy to do. 253 00:13:45,971 --> 00:13:48,401 Yeah, and that's the concept. 254 00:13:48,401 --> 00:13:53,171 That's how you can have a server that is operating out there that 255 00:13:53,171 --> 00:13:57,441 people can't find and or law enforcement can't necessarily tackle. 256 00:13:57,591 --> 00:14:00,471 Yeah, so basically the whole point of the tour network is 257 00:14:00,531 --> 00:14:02,361 it's gonna hide your IP address. 258 00:14:02,361 --> 00:14:06,411 If I don't have your IP address, I cannot locate you in the world. 259 00:14:06,681 --> 00:14:11,211 So the server that's distributing child pornography can be five feet 260 00:14:11,211 --> 00:14:16,161 from now for me, or it can be 5,000 kilometers from me, and I have 261 00:14:16,161 --> 00:14:17,721 no idea where it is in the world. 262 00:14:18,711 --> 00:14:20,631 And people rent these servers. 263 00:14:20,731 --> 00:14:24,451 if I wanna be out there, people, somebody must be, have data 264 00:14:24,451 --> 00:14:26,311 centers that provide these things. 265 00:14:26,641 --> 00:14:26,681 Oh yeah. 266 00:14:26,736 --> 00:14:27,421 That, yeah. 267 00:14:27,421 --> 00:14:31,961 And we've seen this content hosted and, many large data centers. 268 00:14:31,961 --> 00:14:33,131 Sometimes it's gonna be. 269 00:14:33,461 --> 00:14:35,801 Computers that they run at their own home. 270 00:14:35,891 --> 00:14:39,701 So you can host it from your place, from a data center no matter where you want to. 271 00:14:40,051 --> 00:14:44,491 there are a series of people who will not look too closely 272 00:14:44,491 --> 00:14:46,201 at what's on your hard drives. 273 00:14:46,531 --> 00:14:50,131 And because everything's encrypted in transit, it's more difficult for them 274 00:14:50,131 --> 00:14:54,431 to realize that, you're running this thing within their infrastructure. 275 00:14:55,601 --> 00:14:55,871 Wow. 276 00:14:56,996 --> 00:14:58,526 And who are the main players? 277 00:14:58,526 --> 00:15:00,056 Who are the people who are out there? 278 00:15:00,056 --> 00:15:01,966 What are, you've mentioned drugs. 279 00:15:02,416 --> 00:15:04,276 Certainly sex and drugs. 280 00:15:04,276 --> 00:15:07,366 No rock and roll, but that, the rock and roll could stand the main web, 281 00:15:07,366 --> 00:15:13,276 But yeah, the, there's a lot of debate as to what is the Tour Network or the 282 00:15:13,276 --> 00:15:15,016 dark web in general being used to. 283 00:15:15,366 --> 00:15:17,846 there was a study, over 10 years ago, which. 284 00:15:18,431 --> 00:15:23,021 Was really interesting because they looked, they indexed as many 285 00:15:23,021 --> 00:15:26,471 website as they could that were accessible through the dark web. 286 00:15:26,861 --> 00:15:30,131 And what they found was that these websites were being used for many things. 287 00:15:30,181 --> 00:15:34,181 innocent markets to buy drugs, whatever this thing you want. 288 00:15:34,691 --> 00:15:40,031 but when they looked at the traffic and so the flow of packets and what people 289 00:15:40,031 --> 00:15:42,071 were actually using this platform for. 290 00:15:42,506 --> 00:15:45,746 I think like 95% was full child pornography. 291 00:15:45,836 --> 00:15:48,476 So basically just downloading child porn. 292 00:15:48,986 --> 00:15:49,046 yeah. 293 00:15:49,046 --> 00:15:52,256 And then Tour Network came back and they said, you're only 294 00:15:52,256 --> 00:15:53,876 analyzing part of our flow. 295 00:15:54,116 --> 00:15:55,316 You can't really say that. 296 00:15:55,606 --> 00:16:00,026 but the point is, many services are accessible through the dark web. 297 00:16:00,326 --> 00:16:04,436 Facebook, for example, you can use it through the regular internet or you can 298 00:16:04,436 --> 00:16:06,031 actually just go through the dark web. 299 00:16:06,716 --> 00:16:10,676 To log into Facebook, you can connect to the CIA's website. 300 00:16:10,946 --> 00:16:13,886 They have a version of it that's only accessible through the dark web. 301 00:16:14,266 --> 00:16:19,846 but I would say I would not be surprised if a large portion of the 302 00:16:19,846 --> 00:16:25,576 network was dedicated used by people who wanna exchange child pornography. 303 00:16:26,056 --> 00:16:30,376 just because, these people have a vested interest in remaining hi hidden. 304 00:16:30,686 --> 00:16:30,866 yeah. 305 00:16:31,166 --> 00:16:31,496 Yeah. 306 00:16:32,676 --> 00:16:34,056 we all think about the hackers. 307 00:16:34,056 --> 00:16:39,186 we all think about hackers, but then hackers have, their disclosure sites 308 00:16:39,236 --> 00:16:44,236 are pretty much on the regular web, and then you, and, but they have their 309 00:16:44,236 --> 00:16:48,856 own sites as well for recruiting, I would guess on the dark web. 310 00:16:49,456 --> 00:16:53,866 So the, it's difficult to say is something on the internet 311 00:16:53,896 --> 00:16:56,086 or on the dark web, because. 312 00:16:57,196 --> 00:17:01,546 A lot of the websites that you can access through the dark web, you can also 313 00:17:01,546 --> 00:17:03,316 access just through the regular internet. 314 00:17:03,586 --> 00:17:07,876 So it's not like there's two sets of content, there's just two methods for 315 00:17:07,876 --> 00:17:10,966 accessing the same content in most cases. 316 00:17:10,966 --> 00:17:15,016 as I said, Facebook for example, you have exactly the same experience, 317 00:17:15,196 --> 00:17:17,056 but in one case, Facebook knows. 318 00:17:17,401 --> 00:17:20,551 Where you're connecting from and with the other, Facebook has no 319 00:17:20,551 --> 00:17:22,231 idea where you're connecting from. 320 00:17:22,681 --> 00:17:25,771 So these are just two methods to access the same content. 321 00:17:26,141 --> 00:17:30,351 but of course, in addition to child pornography, I would say the dark web is 322 00:17:30,351 --> 00:17:32,841 mostly known for the ransomware blogs. 323 00:17:32,841 --> 00:17:37,341 So basically all the ransomware groups, that's where they host their content. 324 00:17:37,881 --> 00:17:42,141 And because it's only accessible through the dark web, it adds 325 00:17:42,141 --> 00:17:45,471 a layer of difficulty for law enforcement to determine. 326 00:17:45,966 --> 00:17:49,446 Where these servers are and to take down the content that was 327 00:17:49,446 --> 00:17:51,006 stolen by these ransomware groups. 328 00:17:51,276 --> 00:17:51,576 yeah. 329 00:17:52,536 --> 00:17:52,866 Yeah. 330 00:17:52,926 --> 00:17:55,176 No, I, and I don't want to, I don't wanna fixate on it because of the. 331 00:17:55,866 --> 00:17:59,286 the visceral reaction I have to child pornography is I think like 332 00:17:59,286 --> 00:18:03,306 everybody, but how do you steal yourself if that's what you're studying? 333 00:18:03,636 --> 00:18:05,046 How do you deal with that? 334 00:18:05,766 --> 00:18:09,006 I don't watch, so I'm not too interested into the content. 335 00:18:09,086 --> 00:18:11,366 I do a lot of, social network analysis. 336 00:18:11,741 --> 00:18:14,621 And in that case, you don't really care what people are saying. 337 00:18:14,621 --> 00:18:18,791 You're more interested in who's talking to whom, who's connected to whom. 338 00:18:19,121 --> 00:18:25,091 So looking at, actors and ties rather than actual content was probably 339 00:18:25,091 --> 00:18:26,711 a very good decision on my part. 340 00:18:27,111 --> 00:18:29,241 but some people are interested in the content. 341 00:18:29,621 --> 00:18:32,051 and even then, one of my students, for example. 342 00:18:32,426 --> 00:18:37,136 She looked at a child porn forum where people were just discussing, their 343 00:18:37,136 --> 00:18:38,546 feelings, experience and everything. 344 00:18:39,146 --> 00:18:42,916 And, we couldn't really, for ethical reasons, go through all the content, 345 00:18:43,426 --> 00:18:48,326 but we could use tools, for example, to determine if these messages, they, 346 00:18:48,416 --> 00:18:54,596 were they happy, sad, angry, and we looked at, before and after COD. 347 00:18:54,956 --> 00:18:55,346 To see. 348 00:18:55,346 --> 00:18:57,936 we all said, COVID isolated us. 349 00:18:58,026 --> 00:19:02,856 If people were isolated, they were more sad, more angry, and maybe that led to 350 00:19:02,856 --> 00:19:08,056 more child, being abducted, attacked, raped and everything, and abused. 351 00:19:08,326 --> 00:19:11,476 And basically, in this case, we found no difference. 352 00:19:11,536 --> 00:19:15,796 It was the most boring master's thesis ever because everything was flat. 353 00:19:16,156 --> 00:19:20,296 But so you can analyze pretty much anything and there are tools that will 354 00:19:20,296 --> 00:19:23,296 just read the content for you, give. 355 00:19:23,821 --> 00:19:26,881 Give you out numbers and then you can play with these numbers pretty six way. 356 00:19:27,751 --> 00:19:27,991 Yeah. 357 00:19:28,751 --> 00:19:32,381 look, let's focus on our hackers, which are really the bane of 358 00:19:32,381 --> 00:19:34,271 our corporate existence there. 359 00:19:34,331 --> 00:19:39,101 And so they gather on the dark net or dark web. 360 00:19:39,101 --> 00:19:42,731 I understand that the nuance, but it's so much easier to just conceive of it 361 00:19:43,121 --> 00:19:44,801 about, they gather on the dark web. 362 00:19:45,011 --> 00:19:46,991 How do they find each other? 363 00:19:47,966 --> 00:19:48,536 These? 364 00:19:48,626 --> 00:19:52,526 Yeah, it's these directories, it's links that are gonna be shared 365 00:19:52,526 --> 00:19:55,976 on x, on discord, on telegram. 366 00:19:55,976 --> 00:19:59,576 So it's basically just knowing where to go. 367 00:19:59,636 --> 00:20:03,616 And, the hacker forms are still very active. 368 00:20:03,676 --> 00:20:08,656 Most of them are accessible through the internet or through the dark web, 369 00:20:08,656 --> 00:20:10,306 and you often have the same content. 370 00:20:10,706 --> 00:20:13,166 but once again, it's mostly word of mouth. 371 00:20:13,196 --> 00:20:13,706 It's just. 372 00:20:14,606 --> 00:20:17,396 Talking to people and people are gonna say, Hey, there's this 373 00:20:17,396 --> 00:20:18,656 new platform, you should try it. 374 00:20:19,016 --> 00:20:19,796 Here's the link. 375 00:20:20,076 --> 00:20:25,956 you can't really guess the tour URLs because they're what, 64 characters long. 376 00:20:26,266 --> 00:20:30,406 so they're, and they're all kind of random numbers and letters, so it's 377 00:20:30,406 --> 00:20:31,966 very difficult to just guess them. 378 00:20:31,966 --> 00:20:35,926 You actually have to have someone take you by the hand and bring you 379 00:20:35,926 --> 00:20:38,986 there, which is the whole point of the network to keep it more secure. 380 00:20:40,171 --> 00:20:43,561 But that's the thing that just, I, you pointed out there's so many police 381 00:20:43,561 --> 00:20:47,721 on the dark web or watching, or in these forums, I'm sure that every 382 00:20:47,721 --> 00:20:51,441 forum has at least one officer in it. 383 00:20:52,041 --> 00:20:56,091 but how do they build the enough trust to talk to each other? 384 00:20:56,701 --> 00:20:57,781 that's a big question. 385 00:20:57,831 --> 00:21:00,891 so trust doesn't come easy, that's for sure. 386 00:21:01,211 --> 00:21:02,266 and there's been many studies. 387 00:21:02,881 --> 00:21:08,536 on this, I would say one of my PhD student, SMUs Skar did his PhD thesis 388 00:21:08,596 --> 00:21:12,976 on this very topic, and that was very interesting because, for example, he 389 00:21:12,976 --> 00:21:17,956 looked at people who sell drugs and he showed that when someone would buy 390 00:21:17,956 --> 00:21:21,886 drug from someone else, they would buy a very small amount and then they 391 00:21:21,886 --> 00:21:26,086 would see, can I buy drugs through this website and am I gonna receive 392 00:21:26,086 --> 00:21:28,276 this drug in my place by the mail? 393 00:21:28,791 --> 00:21:32,391 And if they do, then they maybe order another time, but 394 00:21:32,391 --> 00:21:33,861 this time it's twice as much. 395 00:21:34,101 --> 00:21:38,871 And so you would see this trust building where people would say, I'll trust 396 00:21:38,871 --> 00:21:44,811 you for $5 of illicit drugs, then I'll trust you for $20 of illicit drugs, 397 00:21:45,111 --> 00:21:47,991 and then maybe I'll trust you for a hundred dollars if everything goes well. 398 00:21:48,261 --> 00:21:54,341 So it's a lot, based on people's experience as well as their 399 00:21:54,341 --> 00:21:55,961 friends' experiences as well. 400 00:21:56,516 --> 00:21:58,146 and it's the same for restaurants. 401 00:21:58,196 --> 00:22:02,636 if you go online and you can see, for example, on Yelp it says, 402 00:22:02,636 --> 00:22:05,946 that restaurant is great, are you gonna trust that Yelp, number. 403 00:22:06,396 --> 00:22:07,446 Maybe not so much. 404 00:22:07,476 --> 00:22:10,116 If you ask me and I'm like, you have to try this restaurant 405 00:22:10,506 --> 00:22:13,866 because you know me, then maybe you're gonna trust this even more. 406 00:22:14,046 --> 00:22:17,376 But if you've been to this restaurant before and you had a great time, then. 407 00:22:18,186 --> 00:22:20,166 You actually know that, it's a great restaurant. 408 00:22:20,466 --> 00:22:24,366 So you have these three layers that build towards trust and you're 409 00:22:24,366 --> 00:22:28,626 using all these signals, your own experience, your friend's experience. 410 00:22:28,896 --> 00:22:32,906 And then if you have nothing else, just a regular internet and 411 00:22:32,906 --> 00:22:34,546 you're like, you only live once. 412 00:22:34,576 --> 00:22:35,056 Let's try. 413 00:22:35,056 --> 00:22:37,126 This place has great Yelp review. 414 00:22:37,516 --> 00:22:39,316 Probably bad, but you never know. 415 00:22:40,501 --> 00:22:42,421 Yeah, Yolo gets you into trouble, 416 00:22:44,571 --> 00:22:48,681 but right now, I know for instance that a lot of, young people are being 417 00:22:48,681 --> 00:22:53,061 recruited and particularly we've done stuff on the ransomware gangs. 418 00:22:53,181 --> 00:22:53,271 Yeah. 419 00:22:53,271 --> 00:22:57,891 And they really do focus on younger people, particularly unemployed people, 420 00:22:58,341 --> 00:22:59,516 unemployed young people who have. 421 00:22:59,951 --> 00:23:04,731 Computer or computer savvy, as well, and managed to recruit them. 422 00:23:04,731 --> 00:23:09,501 But have, do you under, have you studied the structure of how that happens? 423 00:23:10,091 --> 00:23:15,621 not so much because a lot of, so some of it happens, quite, simply 424 00:23:15,621 --> 00:23:20,411 people going on, Upwork and other platforms where you can just advertise 425 00:23:20,411 --> 00:23:23,201 your services and in some cases. 426 00:23:23,631 --> 00:23:27,501 Either people turn a blind eye, they don't ask too many questions, they'll 427 00:23:27,501 --> 00:23:32,691 be recruited to develop malware, develop graphics for certain things, so they'll 428 00:23:32,691 --> 00:23:37,581 be enlisted into these criminal gangs and they'll get paid without necessarily 429 00:23:37,581 --> 00:23:39,351 knowing what they're getting into. 430 00:23:39,831 --> 00:23:41,601 and so that happens. 431 00:23:41,821 --> 00:23:46,371 and there's also the people who see all these blog posts that we publish 432 00:23:46,371 --> 00:23:50,321 in the cybersecurity industry or These Ransom gang, they infiltrated that 433 00:23:50,321 --> 00:23:54,701 hospital and they got a $15 million payment and it looks easy enough 434 00:23:54,791 --> 00:23:56,261 and it looks like so much money. 435 00:23:56,936 --> 00:23:58,646 You like, you can earn so much money. 436 00:23:58,646 --> 00:24:01,326 So we're creating our own problem. 437 00:24:01,326 --> 00:24:06,036 I feel many times because we make it look as this dream job where 438 00:24:06,246 --> 00:24:09,696 you are gonna be making so much money, it's gonna be so easy. 439 00:24:09,996 --> 00:24:13,116 And today with AI, you don't even need to know how to code. 440 00:24:13,116 --> 00:24:17,136 You can just vibe, code your malware or yourself into an organization. 441 00:24:17,496 --> 00:24:23,576 So all of this discourse draws people in who perhaps, don't have. 442 00:24:23,966 --> 00:24:27,386 Other opportunities or even people who are just curious to see, 443 00:24:27,386 --> 00:24:29,126 Hey, could I do that as well? 444 00:24:29,546 --> 00:24:33,866 so we see a lot of people just flowing in just because they're curious. 445 00:24:33,866 --> 00:24:34,736 They wanna try it. 446 00:24:35,066 --> 00:24:38,216 They're like, Hey, maybe it's an easy way to, to make a few bucks. 447 00:24:38,396 --> 00:24:42,046 And in many cases it is, especially with, cryptocurrencies today. 448 00:24:42,326 --> 00:24:46,706 if you target people who are active in that community, you're very likely 449 00:24:46,706 --> 00:24:50,516 to be able to get your hands on large amounts of Bitcoins or other. 450 00:24:50,951 --> 00:24:51,641 Currencies. 451 00:24:52,061 --> 00:24:57,521 so yeah, just people reading the news and saying, Hey, maybe I should try this. 452 00:24:59,201 --> 00:25:02,931 are the concepts of the hackers and the people who are selling drugs 453 00:25:02,931 --> 00:25:06,141 and all of that, do they intersect? 454 00:25:06,141 --> 00:25:08,911 Is this one big business or do they have their own little. 455 00:25:09,861 --> 00:25:10,821 Enclaves. 456 00:25:10,821 --> 00:25:10,881 Yeah. 457 00:25:11,631 --> 00:25:15,891 So it's, what we've seen is it's very divided, by type of activity. 458 00:25:16,131 --> 00:25:21,981 So you're unlikely to see platforms which are gonna advertise, 459 00:25:22,031 --> 00:25:24,371 malware as well as illicit drugs. 460 00:25:24,761 --> 00:25:28,331 That happens, but there's usually a more dominant activity in there. 461 00:25:28,751 --> 00:25:32,251 but we even see, we even see groups based on. 462 00:25:32,776 --> 00:25:37,516 Yes, the type of activity, but also the places that they're from. 463 00:25:38,056 --> 00:25:43,476 And we've seen, for example, on Telegram, you're gonna see channels and it's gonna 464 00:25:43,476 --> 00:25:48,746 be, for example, Montreal Hackers, and then you're gonna have Toronto hackers, 465 00:25:48,746 --> 00:25:50,006 you're gonna have New York hackers. 466 00:25:50,006 --> 00:25:54,776 So even in the name of the channel, you're gonna have what these people 467 00:25:54,776 --> 00:25:56,336 are doing and where they're from. 468 00:25:57,086 --> 00:26:00,866 And it's pretty easy to understand because if you put me in a room with German 469 00:26:00,866 --> 00:26:03,446 hackers, we don't speak the same language. 470 00:26:03,686 --> 00:26:06,026 We're not gonna be online at the same hours. 471 00:26:06,336 --> 00:26:07,656 and we don't have the same culture. 472 00:26:07,656 --> 00:26:11,336 So we have some point of connection because, we like hacking, but 473 00:26:11,546 --> 00:26:15,686 it's still gonna be a difficult mix between the two of us. 474 00:26:15,776 --> 00:26:20,276 So I would much rather hang out with hackers from Montreal. 475 00:26:20,591 --> 00:26:22,901 Which, have the same references, the same culture. 476 00:26:23,171 --> 00:26:26,671 So that plays a very big role in how these communities, connect to each other. 477 00:26:27,451 --> 00:26:28,111 Interesting. 478 00:26:28,741 --> 00:26:32,191 Now you train police officers yourself, but what's the difference 479 00:26:32,191 --> 00:26:35,251 between what you do in research? 480 00:26:35,301 --> 00:26:38,241 what you, obviously you have a different approach to it 481 00:26:38,241 --> 00:26:39,651 than the officers you train. 482 00:26:39,856 --> 00:26:40,506 Yeah, of course. 483 00:26:40,606 --> 00:26:45,826 so I see our work in research, it's trying to understand, the changes 484 00:26:45,826 --> 00:26:47,356 that these technologies bring. 485 00:26:47,576 --> 00:26:52,746 for example, the first, research I ever did on this dark web thing was 486 00:26:53,166 --> 00:26:57,966 looking at how this technology was gonna change drug markets and violence. 487 00:26:57,966 --> 00:27:00,666 So we know that drug markets can be violent. 488 00:27:01,566 --> 00:27:05,526 And so if people start buying drugs online through this dark web thing, 489 00:27:05,896 --> 00:27:09,406 it's very difficult to shoot someone if you don't know where they are 490 00:27:09,406 --> 00:27:12,406 in the world and if you're not even in the same city as they are. 491 00:27:12,796 --> 00:27:17,626 So I wanted to know, so are we gonna see changes in the levels of 492 00:27:17,626 --> 00:27:19,726 violence associated with drug dealing? 493 00:27:19,816 --> 00:27:22,426 For example, we've also looked at. 494 00:27:23,066 --> 00:27:25,346 the effectiveness of police operations. 495 00:27:25,346 --> 00:27:32,286 So basically, how do these offenders react when one of their platform is seized? 496 00:27:32,646 --> 00:27:36,426 And a landmark study that we did showed that even if you take down 497 00:27:36,426 --> 00:27:40,106 the biggest platform there is that's, accessible through the dark web. 498 00:27:40,706 --> 00:27:43,916 About six weeks later, there's gonna be a new platform. 499 00:27:44,276 --> 00:27:45,506 It's gonna be very similar. 500 00:27:45,506 --> 00:27:47,366 It's gonna be up and running, and everyone's gonna be back to 501 00:27:47,366 --> 00:27:49,556 business because basically if you. 502 00:27:50,066 --> 00:27:53,846 Attack the platforms, someone's gonna create a new one and they'll 503 00:27:53,846 --> 00:27:58,016 be, just back to what they were doing just in a matter of weeks. 504 00:27:58,346 --> 00:28:02,996 so trying to understand this, it's more kind of understanding the impact of 505 00:28:02,996 --> 00:28:07,706 technology on crime as well as how people network and connect with each other. 506 00:28:09,001 --> 00:28:12,446 Yeah, and I don't wanna wander, I want to stay back on the point, but I just tweaked 507 00:28:12,446 --> 00:28:16,196 something with me is that the imagination that most of us have is that most of these 508 00:28:16,586 --> 00:28:20,846 people are in Russia or North Korea or someplace where they can't be extradited. 509 00:28:21,356 --> 00:28:24,836 but if you're gonna run a drug business, you actually have 510 00:28:24,836 --> 00:28:26,456 to have physical presence in. 511 00:28:27,806 --> 00:28:30,206 Places that are clo quite close to us in Canada. 512 00:28:30,206 --> 00:28:31,136 In the US or, yeah. 513 00:28:31,186 --> 00:28:31,816 or nearby. 514 00:28:32,266 --> 00:28:35,721 So it is very different depending on what type of activity you're talking about. 515 00:28:36,001 --> 00:28:39,921 but even then, I would be curious to know if there are more hackers in the 516 00:28:39,921 --> 00:28:44,461 States when Russia, not really clear on what the answer is to that question. 517 00:28:44,821 --> 00:28:48,531 I wouldn't be surprised if there was more people in the States, Just hacking 518 00:28:48,561 --> 00:28:52,971 into the states rather than Russians hacking to the, into the United States. 519 00:28:53,301 --> 00:28:54,711 that's still up for debate. 520 00:28:55,031 --> 00:29:00,491 but one thing for sure, even though there are international networks, 521 00:29:00,521 --> 00:29:04,591 even in the hacking world, even if you gave me credentials to log in once 522 00:29:04,591 --> 00:29:09,481 again to a German bank, once I'm in, I don't speak German, so I have no idea. 523 00:29:09,856 --> 00:29:13,006 Am I in a big bank, a small bank, original bank? 524 00:29:13,276 --> 00:29:14,206 How do I pivot? 525 00:29:14,266 --> 00:29:16,486 I get, I, what do I search for? 526 00:29:16,816 --> 00:29:17,926 your password files? 527 00:29:17,926 --> 00:29:18,856 That'll be called password. 528 00:29:18,886 --> 00:29:20,186 It's gonna be, Einstein. 529 00:29:20,516 --> 00:29:24,236 So there's all these things, which means that when you're hacking 530 00:29:24,236 --> 00:29:28,516 into systems, you have to speak the language, know the culture. 531 00:29:28,516 --> 00:29:30,521 Once again, that makes it much easier. 532 00:29:31,966 --> 00:29:35,266 Which I is one of the reasons why so many young people are recruited 533 00:29:35,266 --> 00:29:39,076 because they're obviously, they've got, English speaking people working 534 00:29:39,076 --> 00:29:42,436 in the us they've got French people speaking, people working in Quebec. 535 00:29:42,586 --> 00:29:47,016 And as you are well aware, it's not just because you speak French doesn't mean 536 00:29:47,016 --> 00:29:49,596 that you're going to fit into a community. 537 00:29:50,011 --> 00:29:52,291 in Paris there are different dialects. 538 00:29:52,291 --> 00:29:52,711 There are different. 539 00:29:53,911 --> 00:29:57,091 Cultural norms that you have to, if you're, especially if you're going 540 00:29:57,091 --> 00:30:00,931 to be doing things like trying to do social engineering, you have 541 00:30:00,931 --> 00:30:02,731 to understand the culture as well. 542 00:30:03,091 --> 00:30:03,631 Exactly. 543 00:30:03,631 --> 00:30:04,441 Yeah, exactly. 544 00:30:04,441 --> 00:30:09,961 So that's why even though we're always focusing on these international groups and 545 00:30:09,961 --> 00:30:14,501 there are many of them and they're very effective, but depending on what they're 546 00:30:14,591 --> 00:30:16,301 doing, if you have social engineering. 547 00:30:16,826 --> 00:30:22,526 You have to have someone who's local or it takes time for you to really 548 00:30:22,646 --> 00:30:24,866 be good at it in a different culture. 549 00:30:24,896 --> 00:30:25,946 So that's for sure. 550 00:30:26,306 --> 00:30:28,736 And that's why I think that's the hope for law enforcement. 551 00:30:29,036 --> 00:30:33,166 So sometimes we feel like, all we're doing in is investigating these, 552 00:30:33,166 --> 00:30:38,236 Chinese, Russian, Brazilian, German gangs hacking into our systems. 553 00:30:38,326 --> 00:30:38,746 True. 554 00:30:39,241 --> 00:30:41,641 But there's also a lot of their partners who are local 555 00:30:41,671 --> 00:30:42,901 and they need those partners. 556 00:30:43,231 --> 00:30:46,771 And maybe we go after these guys rather than the main ring. 557 00:30:47,281 --> 00:30:52,421 Not as effective, but at least it gives us something that we can actually use and 558 00:30:52,481 --> 00:30:54,431 a way to prevent some of these attacks. 559 00:30:55,691 --> 00:30:59,501 Now if, and we deal with the problem that we have, which is. 560 00:31:00,281 --> 00:31:02,111 There, it's like playing whack-a-mole. 561 00:31:02,201 --> 00:31:05,531 you knock out one of these groups, they're back again in three weeks, 562 00:31:05,531 --> 00:31:09,731 six weeks with a new name and the same players and back at work. 563 00:31:10,241 --> 00:31:13,961 How do we tackle these? 564 00:31:15,221 --> 00:31:16,361 Very big question. 565 00:31:16,411 --> 00:31:17,311 very big question. 566 00:31:17,491 --> 00:31:20,551 The technology for the dark web, for example. 567 00:31:20,881 --> 00:31:24,871 I don't think anyone's really broken the technology, the encryption. 568 00:31:25,161 --> 00:31:28,541 that problem has pretty much been solved in that, you can 569 00:31:28,541 --> 00:31:30,521 create secure connections online. 570 00:31:30,851 --> 00:31:32,411 You can add your identity. 571 00:31:32,831 --> 00:31:38,201 now if you're the NSA and you have a bird's eye view of a whole country's 572 00:31:38,201 --> 00:31:41,706 network becomes a bit more easier to track people than if you're. 573 00:31:42,386 --> 00:31:46,566 A single ISB or a single law enforcement, agency, for example. 574 00:31:46,946 --> 00:31:50,846 but I think that the human aspect is still the most important one. 575 00:31:51,146 --> 00:31:56,216 So these offenders are, in most cases, going to connect with each other. 576 00:31:56,526 --> 00:32:00,096 no one is able to hack into a large organization alone. 577 00:32:00,426 --> 00:32:02,676 You need to get malware from other people. 578 00:32:02,676 --> 00:32:06,546 You need to learn some tactics, some techniques from other people. 579 00:32:06,846 --> 00:32:08,946 So you have to connect network. 580 00:32:09,696 --> 00:32:14,376 Crime is probably the most social activity in the whole world. 581 00:32:14,856 --> 00:32:18,786 And so that's where you strike, where you need to be able to monitor these 582 00:32:18,786 --> 00:32:23,256 conversations, see who's interested in what, and that's where you have 583 00:32:23,256 --> 00:32:29,546 the, you best handle things as, as well, perhaps as the cryptocurrency. 584 00:32:29,606 --> 00:32:33,266 So everyone's just stealing cryptocurrency, asking for 585 00:32:33,266 --> 00:32:34,736 ransom and cryptocurrency. 586 00:32:35,031 --> 00:32:36,921 I can give you a million Bitcoins. 587 00:32:37,041 --> 00:32:38,691 There's not much you can do with that. 588 00:32:38,751 --> 00:32:44,301 What you want is US dollars or Euros, and you have to convert those at some point. 589 00:32:44,751 --> 00:32:48,771 And so if I'm able to track you down to the exchange that you're using, 590 00:32:49,221 --> 00:32:55,131 that's also a very effective method for identifying people in some of your work. 591 00:32:55,136 --> 00:32:57,021 And I admit to just glancing through it, you, there was a 592 00:32:57,021 --> 00:32:59,031 concept of conditional deterrence. 593 00:32:59,071 --> 00:33:00,091 Can you explain that? 594 00:33:00,331 --> 00:33:05,531 Yeah, so basically, so you can take down one platform and as I 595 00:33:05,531 --> 00:33:10,101 said, there's not gonna be a lot of, Impact because everyone's gonna 596 00:33:10,101 --> 00:33:13,201 be back up to their old practice with just the different platforms. 597 00:33:13,471 --> 00:33:17,791 So what you want with deterrence is to have kind of a more lasting impact. 598 00:33:18,391 --> 00:33:23,251 And so we've seen police operations that were very well designed in the past. 599 00:33:23,531 --> 00:33:27,841 so for example, law enforcement was running the biggest market 600 00:33:27,841 --> 00:33:31,621 that was accessible to the dark web for a number of weeks. 601 00:33:31,681 --> 00:33:33,421 And then they came out and they said, Hey guys. 602 00:33:34,111 --> 00:33:37,951 You didn't know this, but we were actually running this platform and 603 00:33:37,951 --> 00:33:41,191 while we were doing it, we were collecting all this information on you. 604 00:33:41,731 --> 00:33:45,961 And for example, they raised all the images from the website and they told 605 00:33:45,961 --> 00:33:48,961 everyone, Hey, we lost all the images. 606 00:33:48,961 --> 00:33:51,991 Your icon, you know your picture with your profile, it's gone. 607 00:33:52,411 --> 00:33:54,391 We need you to re upload it again. 608 00:33:54,691 --> 00:33:56,431 Here's a website where you can do this. 609 00:33:56,431 --> 00:33:57,991 this website was actually tracking. 610 00:33:58,501 --> 00:34:01,621 Everyone's ipd to see where they were submitting their images from. 611 00:34:02,041 --> 00:34:07,651 So when you do that and then you make it public, then everyone starts to freak out. 612 00:34:07,651 --> 00:34:10,711 And everyone's, wondering what do they know about me? 613 00:34:10,991 --> 00:34:12,221 do they know who I am? 614 00:34:12,221 --> 00:34:13,181 Do they know what I've done? 615 00:34:13,391 --> 00:34:18,311 So this is where you're trying to, deter people, by doing the operations, 616 00:34:18,311 --> 00:34:22,481 which show that, we could be coming to your door at any point in time. 617 00:34:23,186 --> 00:34:27,446 And we could be just arresting you, so maybe it's better if you quit 618 00:34:27,476 --> 00:34:30,406 while you're ahead, is basically the message law enforcement is sending. 619 00:34:31,336 --> 00:34:31,846 Interesting. 620 00:34:31,846 --> 00:34:35,866 Yeah, because it, one of the techniques that I'd heard about from another 621 00:34:35,866 --> 00:34:41,961 officer that I was interviewing was to that they try to sow distrust in the 622 00:34:41,961 --> 00:34:47,991 group to make it more dysfunctional and just to slow them down if nothing else. 623 00:34:48,501 --> 00:34:52,661 Yeah, so so one thing that we, another student of mine, we worked 624 00:34:52,691 --> 00:34:58,841 on a police operation where basically the police were seizing drugs, 625 00:34:58,841 --> 00:35:00,281 but they were making no arrests. 626 00:35:00,611 --> 00:35:04,571 And so people were ordering cannabis through the dark web and they 627 00:35:04,571 --> 00:35:05,861 would never get their packages. 628 00:35:06,041 --> 00:35:09,881 But the people, the drug dealers, they were selling packages. 629 00:35:10,241 --> 00:35:13,591 But the police was at the police at the Canada Post, and he 630 00:35:13,591 --> 00:35:14,851 was just seizing the packages. 631 00:35:14,851 --> 00:35:19,921 So the customers thought, Hey, this guy is now just not sending the drugs. 632 00:35:20,341 --> 00:35:24,181 And the drug dealers were thinking that the customers were seeing from them create 633 00:35:24,211 --> 00:35:29,401 huge distrust, and it just crashed the cannabis market in Canada for cannabis. 634 00:35:29,611 --> 00:35:29,671 wow. 635 00:35:29,701 --> 00:35:30,691 That can be done. 636 00:35:31,126 --> 00:35:31,336 Huh. 637 00:35:31,636 --> 00:35:34,211 The other thing you could do is legalize it and then you don't have a problem. 638 00:35:34,451 --> 00:35:34,771 Oh, true. 639 00:35:35,111 --> 00:35:37,561 But it was super interesting because it's a very low cost. 640 00:35:37,561 --> 00:35:41,491 if you know what these packages look like, you just take them with you. 641 00:35:41,851 --> 00:35:46,321 You don't have to build evidence, you don't have to arrest anyone, which, takes 642 00:35:46,801 --> 00:35:49,261 a lot of resources just by doing that. 643 00:35:49,261 --> 00:35:52,681 You just destroy the market and people have to go and 644 00:35:52,681 --> 00:35:53,761 do something else basically. 645 00:35:54,721 --> 00:35:55,381 Interesting. 646 00:35:55,431 --> 00:36:00,051 Tell me more about where, what your experience has been. 647 00:36:00,051 --> 00:36:03,411 And I know as a researcher you have your different ethical 648 00:36:03,921 --> 00:36:05,571 approaches only so much you can do. 649 00:36:05,721 --> 00:36:08,271 What are the things that, that my listeners would be 650 00:36:08,271 --> 00:36:10,161 more, most surprised about? 651 00:36:11,421 --> 00:36:16,261 there, there are some really dark things, that are being 652 00:36:16,261 --> 00:36:18,361 hosted on this darkwood thing. 653 00:36:18,701 --> 00:36:20,501 the red rooms, the torture chambers. 654 00:36:20,501 --> 00:36:26,801 There, there are some dark sides of humanity that perhaps shouldn't exist 655 00:36:26,801 --> 00:36:28,721 and should not be shared online. 656 00:36:29,141 --> 00:36:32,881 but I would say I think that the, the most surprising thing is. 657 00:36:33,531 --> 00:36:38,821 How unimportant in many ways the dark web has become, over the past, I would 658 00:36:38,821 --> 00:36:45,871 say, 10 or 15 years, a lot of the enforce law enforcement has focused on the dark 659 00:36:45,871 --> 00:36:48,661 web, and this means that perhaps it's. 660 00:36:49,036 --> 00:36:52,846 Much more risky to be using this technology because law enforcement 661 00:36:52,846 --> 00:36:56,656 have been targeting, monitoring, and looking at all the actors 662 00:36:56,656 --> 00:36:57,916 that are using this technology. 663 00:36:58,546 --> 00:37:03,546 So more and more what we're seeing is people are saying, using the dark 664 00:37:03,546 --> 00:37:09,696 web, yes, it provides me some level of anonymity, but because anyone's gonna be 665 00:37:09,696 --> 00:37:13,626 clicking on the link uploading pictures, they can actually find my identity 666 00:37:13,626 --> 00:37:18,591 pretty easily anyways, Maybe it would be better for me to be using other networks, 667 00:37:18,591 --> 00:37:21,466 technologies rather than dark web and. 668 00:37:22,446 --> 00:37:26,256 Unfortunately, we've seen the dark web become more and more 669 00:37:26,256 --> 00:37:28,446 boring, over the past decade. 670 00:37:28,746 --> 00:37:31,746 And I still, unfortunately, just because I had invested a lot of 671 00:37:32,196 --> 00:37:36,006 time, energy to develop, monitoring infrastructure, trying to understand 672 00:37:36,006 --> 00:37:40,476 these networks that we now have to redeploy to other platforms like, ham. 673 00:37:40,506 --> 00:37:45,216 But even that's dying down, so looking more at discord, and just, 674 00:37:45,216 --> 00:37:47,166 just plain old web forms basically. 675 00:37:48,456 --> 00:37:48,726 Really. 676 00:37:48,906 --> 00:37:53,911 So where does the future go for criminals on the web? 677 00:37:54,511 --> 00:37:56,581 I honestly don't know. 678 00:37:56,641 --> 00:37:57,601 I honestly don't know. 679 00:37:57,701 --> 00:38:01,661 ham seemed to be the new place where everyone was, but then the 680 00:38:01,661 --> 00:38:05,741 French people groomed everything by arresting the owner of the telegram. 681 00:38:06,121 --> 00:38:10,651 and now there's been a lot of debate as to, can you use Ingham now? 682 00:38:11,101 --> 00:38:12,631 And many people in the community. 683 00:38:12,976 --> 00:38:15,526 In the hacking community are against using it. 684 00:38:15,836 --> 00:38:20,016 they're saying we should be using signal, we should be using, other apps. 685 00:38:20,226 --> 00:38:25,446 But, fun fact, who was the seed money and who paid for the development of the 686 00:38:25,446 --> 00:38:28,446 signal app, the US government once again. 687 00:38:28,786 --> 00:38:30,796 it's just fascinating to see. 688 00:38:30,801 --> 00:38:32,086 Gotta love it. 689 00:38:32,086 --> 00:38:33,736 Everyone's Hey, let's use this thing. 690 00:38:33,736 --> 00:38:38,966 It's oh, the US government created it, or the government funded it I don't know that 691 00:38:39,026 --> 00:38:46,086 one platform is gonna be ruling them all because they're all vulnerable basically. 692 00:38:46,466 --> 00:38:51,116 but the things that'll be interesting to look at, I think one of the big thing 693 00:38:51,116 --> 00:38:53,186 that I'm looking at is cryptocurrency. 694 00:38:53,366 --> 00:38:58,466 Because cryptocurrency changed the whole game for hackers, for ransomware. 695 00:38:58,886 --> 00:39:02,126 If we didn't have cryptocurrencies. 696 00:39:02,771 --> 00:39:07,091 It would be so much harder for people to buy and sell malware, to buy and 697 00:39:07,091 --> 00:39:12,881 sell identities, access to networks, and to companies and cryptocurrencies 698 00:39:12,971 --> 00:39:17,771 are perhaps, and I'm gonna be making on a lot of enemies by saying this, but 699 00:39:17,771 --> 00:39:24,011 it's perhaps one of the few technologies that have very few useful use cases 700 00:39:24,251 --> 00:39:26,831 and a lot of problematic use cases. 701 00:39:27,161 --> 00:39:29,501 it's very useful for speculation. 702 00:39:30,056 --> 00:39:34,046 But for buying a sandwich, it makes little to no sense. 703 00:39:34,406 --> 00:39:37,246 yeah, it's hard to justify in a, nobody carries cash. 704 00:39:37,246 --> 00:39:40,116 In Canada, we all use electronic currency now you don't need a 705 00:39:40,321 --> 00:39:42,931 Bitcoin to transact, anything. 706 00:39:43,321 --> 00:39:43,501 Yeah. 707 00:39:43,506 --> 00:39:46,556 and I know in some countries, financial services are hard to come 708 00:39:46,556 --> 00:39:50,576 by and it's stuff like us in Canada where everyone has 20 different 709 00:39:50,636 --> 00:39:53,036 credit cards, credit is easy to get. 710 00:39:53,336 --> 00:39:58,426 So there, there are some use cases, but besides speculation, having people 711 00:39:58,696 --> 00:40:01,336 getting their funds stolen, fascinating. 712 00:40:01,336 --> 00:40:04,551 The exchanges of illicit, goods and services. 713 00:40:04,931 --> 00:40:07,811 and so it's gonna be very interesting to look at. 714 00:40:08,486 --> 00:40:10,676 How these cryptocurrencies evolve. 715 00:40:10,726 --> 00:40:12,226 do they stay relevant? 716 00:40:12,566 --> 00:40:17,186 do we have quantum computers that just break blockchains so we can't 717 00:40:17,186 --> 00:40:18,566 use cryptocurrencies anymore? 718 00:40:18,986 --> 00:40:24,386 I think that's perhaps the biggest change that the criminal underground has seen. 719 00:40:25,016 --> 00:40:27,056 And it'll be interesting to see. 720 00:40:27,116 --> 00:40:30,956 Do they keep that tool or do they lose it in the coming decades? 721 00:40:31,946 --> 00:40:32,696 It's interesting. 722 00:40:32,696 --> 00:40:34,286 There's a trial going on in New York. 723 00:40:34,286 --> 00:40:37,916 I don't know if you've heard of it, but two MIT students, they basically 724 00:40:37,916 --> 00:40:43,086 ripped off people for $25 million in cryptocurrency, and they're 725 00:40:43,086 --> 00:40:49,386 being hauled into court and they're saying, you, you can't touch me why? 726 00:40:50,196 --> 00:40:51,306 This is a blockchain. 727 00:40:51,336 --> 00:40:55,146 Anything permitted by the blockchain is inherently legal 728 00:40:55,146 --> 00:40:57,546 within there, and you have no law. 729 00:40:57,891 --> 00:41:03,721 That affects blockchains, they might actually get off, which would be, it's 730 00:41:03,721 --> 00:41:08,431 like at the beginning of the internet that there was, I think the first case 731 00:41:08,431 --> 00:41:14,401 that was tried was, was people, who were, they had a hotel database and basically 732 00:41:14,401 --> 00:41:19,271 they copied the database, with all the, the employee's information in it. 733 00:41:19,766 --> 00:41:22,346 And basically were charged with theft, but they said, I didn't. 734 00:41:22,556 --> 00:41:26,156 Theft means that I take something from you and you don't have it anymore. 735 00:41:26,436 --> 00:41:30,276 in this case, I just copied the list of employees so you still have it. 736 00:41:30,336 --> 00:41:31,356 So it wasn't theft. 737 00:41:31,716 --> 00:41:34,536 And so I believe they walked, and that's where we need this. 738 00:41:34,536 --> 00:41:39,726 okay, maybe we need new laws, like what does theft means in the digital age? 739 00:41:39,936 --> 00:41:44,406 It means that I can take something from you, but you get still to enjoy. 740 00:41:44,701 --> 00:41:45,721 the thing that you have. 741 00:41:45,991 --> 00:41:48,571 So we will need new laws, that's for sure. 742 00:41:48,571 --> 00:41:50,441 Because the reality is just different. 743 00:41:51,671 --> 00:41:55,661 This drives me crazy, especially since we have places like the 744 00:41:55,661 --> 00:41:58,361 University of Montreal that have so much knowledge on this. 745 00:41:58,631 --> 00:42:04,181 do law enforcement or do regulators and legislators come to you to try and 746 00:42:04,181 --> 00:42:05,801 find out what they should be doing? 747 00:42:06,311 --> 00:42:07,781 Yeah, we all the time. 748 00:42:07,841 --> 00:42:08,681 All the time. 749 00:42:09,091 --> 00:42:11,411 and, And we don't have all the answers. 750 00:42:11,521 --> 00:42:15,181 people on the ground, law enforcement officers, they're in there 24 7. 751 00:42:15,571 --> 00:42:18,211 They're looking at these networks, they're monitoring them. 752 00:42:18,551 --> 00:42:23,771 so they've, the sophistication of law enforcement operations 753 00:42:23,801 --> 00:42:25,661 has, it's really impressive. 754 00:42:25,661 --> 00:42:29,291 But what they've done in the past decade or the past 20 years, 755 00:42:29,681 --> 00:42:33,971 and in terms of laws, we know regulations and laws, they always. 756 00:42:34,331 --> 00:42:36,941 Dragged behind by a decade or two. 757 00:42:36,991 --> 00:42:38,221 we'll get there at some point. 758 00:42:38,281 --> 00:42:41,221 But, when you have these cases where people say, I didn't 759 00:42:41,221 --> 00:42:42,691 really steal 25 million Bitcoins. 760 00:42:43,261 --> 00:42:47,771 They just, flowed through me and, I didn't do anything wrong. 761 00:42:48,081 --> 00:42:51,056 I'm sure we're gonna see new laws around that in the coming years, that's for sure. 762 00:42:52,636 --> 00:42:54,576 And just two pieces of if. 763 00:42:55,571 --> 00:42:58,901 You were going to give advice to policymakers or 764 00:42:58,931 --> 00:43:00,401 legislators, what would you say? 765 00:43:00,461 --> 00:43:03,581 What would be the thing, the biggest thing that they should be looking at? 766 00:43:04,761 --> 00:43:08,951 as I said, I think, how we use, cryptocurrencies always comes 767 00:43:08,951 --> 00:43:10,811 down to money in most cases. 768 00:43:11,061 --> 00:43:14,691 how do we handle ATMs with bitcoins? 769 00:43:14,691 --> 00:43:17,501 How do we handle The place of Bitcoins. 770 00:43:17,611 --> 00:43:22,171 so I would say that trying to make laws that make sure that 771 00:43:22,171 --> 00:43:24,481 we can actually track and know. 772 00:43:25,471 --> 00:43:28,021 You know who these offenders are because of their payments. 773 00:43:28,311 --> 00:43:29,541 that would be one thing. 774 00:43:30,021 --> 00:43:34,621 the other thing is to say that, no technology is inherently evil. 775 00:43:34,871 --> 00:43:39,571 sometimes we try to, say encryption is bad, so we need to get rid of encryption. 776 00:43:39,571 --> 00:43:41,701 We need to have, back doors into everything. 777 00:43:42,031 --> 00:43:43,141 The dark web is bad. 778 00:43:43,201 --> 00:43:46,771 Like I would say all technologies have a purpose and. 779 00:43:47,701 --> 00:43:52,511 We've seen over the past few weeks, months and years, people trying 780 00:43:52,511 --> 00:43:54,491 to put back doors into everything. 781 00:43:54,761 --> 00:44:00,151 And so we just see, we just saw the EU proposal to monitor, to monitor 782 00:44:00,181 --> 00:44:04,876 pretty much everyone except EU lawmakers, which would be protected 783 00:44:04,876 --> 00:44:07,051 against any monitoring of course. 784 00:44:07,151 --> 00:44:10,871 I would say that's possibly a very big threat because we've all seen that if 785 00:44:10,871 --> 00:44:17,411 you try to, monitor, surveil people and break the, and attack the technology, 786 00:44:17,711 --> 00:44:19,571 that's always the wrong way to go. 787 00:44:19,851 --> 00:44:24,191 and we have to fight this again and again, and it's gonna happen, 788 00:44:24,371 --> 00:44:25,601 I think, again in the future. 789 00:44:26,381 --> 00:44:27,371 And why do you say that? 790 00:44:27,451 --> 00:44:28,681 why is it the wrong way to go? 791 00:44:29,351 --> 00:44:32,591 just because when you are creating back doors and when you're. 792 00:44:32,951 --> 00:44:34,601 Trying to outlaw technology. 793 00:44:34,601 --> 00:44:38,081 The only thing that happens is the bad guys can access the 794 00:44:38,081 --> 00:44:40,271 technology and the good guys cannot. 795 00:44:40,691 --> 00:44:43,931 nothing new here, but that's always what we see. 796 00:44:43,931 --> 00:44:48,151 if you say tour is illegal, all the bad guys are gonna use it. 797 00:44:48,511 --> 00:44:52,171 And people who would actually benefit from using it because they're whistleblowers, 798 00:44:52,176 --> 00:44:55,471 because they want to communicate securely with their loved ones. 799 00:44:55,846 --> 00:44:58,936 In oppressed countries, they lose that ability to do because 800 00:44:58,936 --> 00:44:59,806 they don't wanna get arrested. 801 00:45:00,346 --> 00:45:02,961 So I would say that, yeah, we need to take a different route. 802 00:45:04,016 --> 00:45:04,196 Yeah. 803 00:45:04,196 --> 00:45:07,416 And the reason I would ask that was, the whole idea of back doors and creating 804 00:45:07,416 --> 00:45:10,226 those, is attractive to law enforcement. 805 00:45:10,226 --> 00:45:14,156 They always want it, but then they're not as good at guarding it as they might be. 806 00:45:14,156 --> 00:45:17,476 And we found that in the US where the back doors that they'd created into the 807 00:45:17,476 --> 00:45:20,926 telephone system, guess what they leaked. 808 00:45:20,986 --> 00:45:25,276 And we had, I think we probably still have hackers going out through 809 00:45:25,276 --> 00:45:29,016 our telephone networks or our now digital networks for telephony. 810 00:45:29,811 --> 00:45:33,881 Oh yeah, they're going to do the SS seven network, even, the Apple chips 811 00:45:33,931 --> 00:45:35,761 that had a backdoor a few years back. 812 00:45:36,211 --> 00:45:38,221 that backdoor was so hidden. 813 00:45:38,331 --> 00:45:43,401 there was no way for a random person to just discover it, except, I think 814 00:45:43,401 --> 00:45:47,656 it was Kaspersky who saw it now being used, and they were like, oh, okay. 815 00:45:47,706 --> 00:45:50,736 Now that we've seen someone use it, now we know how to replicate 816 00:45:50,736 --> 00:45:52,596 it and now we can use it as well. 817 00:45:52,836 --> 00:45:55,596 So that's always a problem is, you can put a hidden backdoor 818 00:45:55,596 --> 00:45:59,406 somewhere, but the second you use it, you just burned it basically. 819 00:45:59,736 --> 00:46:02,516 So there's ways to do effective backdoor. 820 00:46:03,101 --> 00:46:05,441 Only problem is you cannot use them. 821 00:46:05,891 --> 00:46:08,411 And so what's the point of having back doors in the first place? 822 00:46:08,471 --> 00:46:14,351 So yeah, it just in terms of my audience, which is largely, people who are 823 00:46:14,351 --> 00:46:16,341 involved in corporations and security. 824 00:46:16,581 --> 00:46:16,826 Is there any. 825 00:46:17,491 --> 00:46:20,161 Things that you've learned from what you're doing that would be, that 826 00:46:20,161 --> 00:46:21,661 they should be paying attention to? 827 00:46:22,661 --> 00:46:27,051 I think that they should have a program, and services to monitor what people are 828 00:46:27,051 --> 00:46:32,001 saying, what people are saying about their company, but also their industry. 829 00:46:32,281 --> 00:46:33,626 so we're seeing you. 830 00:46:34,486 --> 00:46:36,736 as we said when we began this conversation. 831 00:46:37,096 --> 00:46:41,746 there are new things in cybersecurity from time to time, but very often it's 832 00:46:41,746 --> 00:46:43,966 just the same history that repeats itself. 833 00:46:44,266 --> 00:46:49,786 So trying to understand, okay, so if I run a hospital, how have 834 00:46:49,786 --> 00:46:51,436 hospitals been hacked in the past? 835 00:46:51,486 --> 00:46:55,326 trying to understand what are people saying about me? 836 00:46:55,326 --> 00:46:56,256 Are people. 837 00:46:56,601 --> 00:46:59,091 Selling accounts for my employees. 838 00:46:59,331 --> 00:47:03,681 So trying to understand what your threat is, but also just how 839 00:47:03,681 --> 00:47:06,771 your industry is being threatened is also extremely important. 840 00:47:07,251 --> 00:47:10,821 And I think that being aware of this, keeping an eye on, okay, so 841 00:47:10,821 --> 00:47:13,491 there's been like a wave of two or three hospitals have been hacked. 842 00:47:13,791 --> 00:47:14,781 How did this happen? 843 00:47:14,811 --> 00:47:15,651 Can we talk with each other? 844 00:47:15,651 --> 00:47:19,401 And trying to understand how people are bridging to these networks. 845 00:47:19,731 --> 00:47:25,626 I think that people should spend more time trying to understand what the real actual. 846 00:47:26,316 --> 00:47:30,996 Threats are rather than, just go through compliance and trying to find, 847 00:47:31,046 --> 00:47:35,456 okay, we're using X, Y, or Z software, but trying to understand what are 848 00:47:35,456 --> 00:47:41,726 the real use cases and the original and innovators in terms of criminals. 849 00:47:41,966 --> 00:47:45,356 They do exist, but most of the time it is just the same thing 850 00:47:45,356 --> 00:47:46,856 that happens over and over again. 851 00:47:48,026 --> 00:47:51,986 And where would be the best place for them to educate themselves on this? 852 00:47:51,986 --> 00:47:54,416 Because I know people sell this as a service and things like that. 853 00:47:54,416 --> 00:47:55,946 I don't know what's reliable. 854 00:47:55,996 --> 00:48:00,136 where should a company be looking to if they want to become more educated on what. 855 00:48:00,556 --> 00:48:01,876 All the things that you've talked about. 856 00:48:01,876 --> 00:48:01,936 Yeah. 857 00:48:02,176 --> 00:48:04,606 There, there's so much, so many conferences. 858 00:48:04,636 --> 00:48:06,706 so that's always a good place to start. 859 00:48:07,066 --> 00:48:11,776 Many of them put their content online, many of them free, so you don't need to 860 00:48:11,776 --> 00:48:14,366 pay millions of dollars to, for this. 861 00:48:14,646 --> 00:48:17,636 so I think that just, Watching the content that's been produced 862 00:48:17,636 --> 00:48:19,466 online podcast like this one. 863 00:48:19,816 --> 00:48:24,406 I do listen to a lot of podcasts and once again, sometimes it's a bit boring 864 00:48:24,406 --> 00:48:29,206 because you're like, okay, so yet another human who clicked on the link, but it 865 00:48:29,256 --> 00:48:34,236 tells you, you get a sense for what's going on, what are the big trends. 866 00:48:34,416 --> 00:48:38,706 So I think just podcasting conferences are the easy way to go. 867 00:48:39,401 --> 00:48:42,731 And then if you have the money and millions to spend, there's gonna 868 00:48:42,731 --> 00:48:45,191 be a whole pack of companies. 869 00:48:45,191 --> 00:48:49,421 And I'm sure they're already knocking on everyone's door to sell them services. 870 00:48:49,691 --> 00:48:52,301 So we'll let them decide who's good, who's bad. 871 00:48:52,601 --> 00:48:54,131 that's, they're gonna find you. 872 00:48:54,431 --> 00:48:55,391 You don't have to find them. 873 00:48:56,186 --> 00:49:00,386 I noticed you, you posted something on LinkedIn to BSides, which David, my 874 00:49:00,386 --> 00:49:04,166 other friend David has told me about, and that seems to be a really accessible 875 00:49:04,166 --> 00:49:08,516 place for people to start getting more educated in terms of what's happening 876 00:49:08,516 --> 00:49:10,676 in terms of cyber threats anyway. 877 00:49:11,186 --> 00:49:14,036 Yeah, so if you're in the Montreal region, so BSides is 878 00:49:14,036 --> 00:49:15,806 just this brand for conferences. 879 00:49:16,086 --> 00:49:20,766 I believe there's now over 200 b besides events all over the world and 880 00:49:20,766 --> 00:49:22,746 each of them is run independently. 881 00:49:22,746 --> 00:49:27,776 So they range from 40 people to 4,000 people in Vegas. 882 00:49:27,896 --> 00:49:30,266 so in Montreal we have about 300 people. 883 00:49:30,596 --> 00:49:33,866 It's one Saturday in September, every year. 884 00:49:33,866 --> 00:49:34,856 It's our fifth year. 885 00:49:35,246 --> 00:49:37,706 We've been lucky enough to be sold out for the past five 886 00:49:37,706 --> 00:49:39,296 years, which is pretty awesome. 887 00:49:39,676 --> 00:49:43,596 and we have, almost free half day workshops. 888 00:49:43,626 --> 00:49:44,586 There's two of them. 889 00:49:44,856 --> 00:49:47,646 We have treasure hunts, we have some great talks. 890 00:49:47,736 --> 00:49:50,456 And for 40 bucks you get a t-shirt. 891 00:49:51,026 --> 00:49:56,066 Breakfast, lunch, dinner, open bar at the end, and some pretty great talks. 892 00:49:56,096 --> 00:50:00,326 So you know, it's a no brainer and you learned something too. 893 00:50:00,446 --> 00:50:04,136 I was gonna say that's on top of everything, so it's not so bad. 894 00:50:04,826 --> 00:50:06,236 David, this has been fantastic. 895 00:50:06,236 --> 00:50:07,916 I'm so glad to have had this chat with you. 896 00:50:07,916 --> 00:50:10,976 I hope I can come back to you when we have some other E, especially if 897 00:50:10,976 --> 00:50:13,646 you have other research that comes out, I'd love to hear about it and 898 00:50:13,646 --> 00:50:14,666 I think our audience would as well. 899 00:50:15,441 --> 00:50:16,341 thank you for having me. 900 00:50:16,551 --> 00:50:16,911 Great. 901 00:50:17,161 --> 00:50:20,191 great talk and yeah, when there's some developments in the dark 902 00:50:20,191 --> 00:50:21,841 web, we can talk about that. 903 00:50:22,231 --> 00:50:22,501 Okay. 904 00:50:23,071 --> 00:50:23,941 Thank you very much. 905 00:50:24,851 --> 00:50:25,901 I'll, I will talk to you soon. 906 00:50:25,901 --> 00:50:27,011 Thanks a lot for doing this. 907 00:50:27,011 --> 00:50:27,551 Appreciate it. 908 00:50:28,241 --> 00:50:28,781 My pleasure. 909 00:50:29,028 --> 00:50:29,928 And that's our show. 910 00:50:30,498 --> 00:50:32,388 Love to hear what you think about this. 911 00:50:32,568 --> 00:50:37,507 I. Hope we bridge the gap between those people who don't know a lot about this 912 00:50:37,507 --> 00:50:41,617 and maybe some of you who may know a lot more I hope was interesting. 913 00:50:41,827 --> 00:50:42,607 But let me know. 914 00:50:42,607 --> 00:50:46,357 I'd like to get some feedback from you so I know how to plan these shows better. 915 00:50:47,567 --> 00:50:51,797 You can reach me@technewsday.com or.ca. 916 00:50:51,797 --> 00:50:52,577 Take your pick. 917 00:50:52,727 --> 00:50:55,937 Just go to the contact us tab and leave us a note. 918 00:50:56,927 --> 00:50:59,897 If you're listening to this on YouTube, just put a comment under the video. 919 00:51:00,047 --> 00:51:01,067 I listen to them all. 920 00:51:02,479 --> 00:51:06,098 David Shipley will be back Monday morning and I will talk 921 00:51:06,098 --> 00:51:07,838 to you again Wednesday morning. 922 00:51:08,528 --> 00:51:09,548 I'm your host, Jim Love. 923 00:51:10,163 --> 00:51:10,973 Thanks for listening. 924 00:51:12,438 --> 00:51:12,558 I.