because of the internet people tend to to linda too much trust of that type of mechanism they don't really understand that criminals love to operate using the internet it lends itself to anonymity the criminal doesn't have to face the victim or the person he's trying to rip off or steal money from either so it is it also lends itself to that separation so the criminal act like when i broke the law it was all about me stealing from people that i'd never met and never would meet and that allowed me the opportunity to to be anonymous and also not have to face the people that i was ripping off not hurt that the most damaging cyber attacks that kompany is can face come from of bogus emails how come that after millions of dollars spent on sophisticated fire walls on workshops being held on elementary cyber security skills it still takes a single click on a bad link to send the whole enterprise down the river well the reason is the human factor the reason that that ninety two percent of every single breach begins with

a phishing attack phishing attack is simply as a form of social engineering as a criminal you know that it's much easier to ask someone permission then it is to try to brute force your way into a system so the only thing you have to do is you have to send an e-mail that looks legitimate enough to get someone to click on it once that happens it's game over for the company or the person or the or the government or whatever it is to try to break into can you purchase a firewall to help prevent human curiosity. what i do these days i do a lot of consulting with companies groups law enforcement for individuals i recommend that they use the software firewall but for businesses it's important to use a physical firewall now that being said even if you're using the physical firewalls the human is still the weakest link in that cyber security chain so if a company is using the physical firewall if they still receive a phishing e-mail that looks like it comes from the company itself or or something

that looks legitimate and that that employee clicks on that link it's still game over for that company now you've talked about working with a fellow says it might be easier to get where you want to set a corporation with a phone call than with technical tools as social engineering more important in cyber crime than the actual cyber part the most important thing is to get information are right now it's easier to get information as i said before it's easier to get information by simply asking a person for that access and you do that by social engineering talking about phone calls for example i can bypass every piece of internet security that a company or government has simply by picking up a phone spoofing a phone number which is when i call in and it will appear on the opposite side as someone else's number so i can spoof the phone call make it appear as if i'm a customer or a boss or anything else and convince that person that hey send me the money or give me access to your system and when that happens again it's game over the weakest

link is always always the human being behind the software that's using. but i mean how do you deal with that you can't really fix the human error can you know you cannot fix the human error one of the things i say in a lot of presentations is that there's no patch for human stupidity now that being said you can do a lot of training for people so i advise companies to do simulated phishing attacks companies to have people come in and constantly train not just the higher ups of the company but from the ground floor up it's important for a company these days that security is is part of the entire structure of the company so the person that's sweeping the floor the lowest paid employee the most the lowest educated employee all the way up to the c.e.o. of the company the need to know about all these breaches that are going on about the avenues of attack about phishing about the dangers that lurk from cyber

criminals like i used to be companies often refuse to report a cyber crime because they don't want to be compromised they don't compromise their reputation a shop owner wouldn't think twice before calling the police if his place was broken into why don't business treat data out theft the same way that is the question of the day right there why don't the large businesses share information and tell exactly what's going on and a lot of it has to do with liability a lot of it has to do is they they don't want to lose business they don't want to be sued they don't want their customers to think that they are not doing a proper job with security so what we see across the board with these larger companies will there be a fax or a. target or anything else what we see with companies like that is they'll be breached and first they try to hide it and then when it comes out in the news they try to minimize it and it continues to go out that until maybe a year and a half later you start to see these new stories popping up of well no this breach

was much worse than we initially thought and the thing is that nowadays breaches are so common that most people have gotten used to the idea of their information already being out there online for cell or to be used by criminals so individuals are also less likely to go to the police after online crime not just corporations why is that because you're not physically killing someone or physically stilling money from someone's pocket what with when i was when i was breaking the law one of the first lessons that i learned was that people or companies they really don't report the crime now some of them do but a lot of companies and a lot of individuals once the ripped off whether it's embarrassment or they just think that the longer that law enforcement won't do anything about it that nothing's going to come of the investigation a lot of companies a lot of individuals tend not to report it to law enforcement the problem is that when you don't report it to law enforcement law enforcement doesn't know what's going on it and it doesn't aid in any type of ongoing investigations of the guy

going on at the time so it's important it's really important that individuals reports law enforcement that companies report law enforcement that way this database that law enforcement keeps with all these breaches all these crimes that are going on they get more information more data and it will ultimately result in a group like in fraud being shut down or a group like i used to roam a shadow crew being shut down and people going to prison because that's that's really what it's going to take is more investigations more legislation companies actually reporting and security as a whole being increased not only with companies but individuals do you feel less responsibility for committing a crime in cyberspace and so do victims still as hurt by them as well i mean in essence a cyber crime phil unreal because it's in a virtual world. i think it feels unreal in a virtual world for both of the criminals and the people there the victims or the companies that are victims and the reason is because of the separation you don't

have to look your victim in the face and the victim doesn't see the criminal the criminals face either so there's that separation that takes place for example the criminals that i know when one alphabet a was shut down in july of last year they had a membership in that was the largest online criminal network they had a membership of two hundred forty thousand members so there were two hundred forty thousand people that were trying to rip people off every single day now if that were in the real world if that were two hundred forty thousand people if alfa bay were a group that you had to rip people off face to face you had to steal money from them by pointing a gun at them or whatever you wouldn't have that type of number but because it's online and because the criminal can hide behind that mask of anonymity you have these people that are joining up and they'll even think about it they they they consider it well i'm not ripping off the person the bank will pay for it or the government is who i'm ripping off and they can afford it but the truth of the

matter is is that everyone is a victim if you're if if a cyber criminal hits a bank or a government those costs are just passed on to the citizens or the customers of the business now you've said that cyber criminals often sidelined the negative consequences of their actions so they're anxious to share or there are too good to be caught i mean when you were jailed for your online front schemes did you see that coming. we had in our case we did see it coming we had we were so sophisticated at that point in time that we had actually hacked into the secret service cell phone accounts and we had text messages about them investigating us on the server side we know saying that law enforcement was visiting our side we knew exactly what was going on and we knew things were going and what and badly force most criminals and i did the same thing so yes we can park my car to compartmentalise everything so we justify or crimes by saying you know i didn't rip off people i ripped off businesses and governments and not only that but we also say you know whatever's going to happen is going to happen so we tend to adopt this

this philosophy of fatalism that in order to keep operating in order to keep breaking the law we know there's going to be a bad end but we continue on anyway thinking that ok it's already too late we need to go in and continue and maybe something will work in the favor of the criminal the point is that for any cyber criminal it always ends badly always i've got friends associates that were engaged in those types of crimes and they ended up with life in prison or thirty years in prison and one guy ended up committing suicide and sort of going to prison it always ends badly for. the rat brat where they take a short break right now and learn where the back flow continued talking to brett johnson former mentor a cyber criminal talking about the dangers of the rabbi and how they can be inverted stay with us.

it's seemed wrong. but old rules just don't. let me. get to shape out these days because get educated and in detroit equals betrayal. when so many find themselves worlds apart we choose to look for common ground.

i think the number. they matter to us is over one trillion dollars. more than ten dollars for an m.p. . eighty five percent of global will be long for the old. eight percent world market. there's some with one hundred twenty three for chicken per second and if we rose to twenty thousand dollars. china is building two point one billion dollars industrial park but don't let the numbers over with. the only number you need remember one one is that you know for the one and only boom but.

now we're back with grants johnson former cyber criminal now cyber security expert who is now helping others to stay safe aligned brett i read a story about how you were teaching frot to the arian brotherhood when you were in prison i mean do you think the cyber criminals and will live criminals are going to merge eventually and you know there will be no difference actually i think we are seeing that now now when i taught fraud or our how to commit fraud when i was in prison that was to remain safe i was i had to do that in order to not be killed while i was in prison by various brotherhood or these other gangs that were around but what we see these days in cyber crime when i was so in gauged in cyber crime you had to do you had this clear wind that separated physical crime from online crime you didn't have gentlemen that were gay. both now that that's pretty much

gone crimes today especially united states crimes today mix the two so today we've got people that will still mail from people's mail boxes once that mill is stolen they'll go ahead and go online and they'll try to pull the social security numbers the dates of birth mother's maiden the complete identity profile of that person they've stolen the mail from once that's done they add an address on to the credit reported what's called a drop address so that they can receive new account cards or replacement cards or order physical items and cash out like that as we continue to grow online with our online identities and personas you will continue to see this mixture of physical crime and internet crime and the two will meld to a point where they're almost indistinguishable if you can't really distinguish them at all so what is cyber crime a name for a more dangerous stuff like terrorism financing or laundering drug money for a cartel as does the internet make doing that a walk in the park it makes it much easier before if you if you were

a group that needed to raise money without the internet it was very difficult you had to engage in drug trafficking or anything else like that but these new terrorist organizations that are out now they can engage in online crime they have they have people that they don't have to worry about brute forcing or attacking or using violence to steal money they can engage in bitcoin laundering. cryptocurrency still in that you've got to several governments melba or terrorist organizations that try to steal crypto currency because of the value of it and they use that to finance their terrorist our operations or if there is a sanction against the government the government will try to. still bit coin or launder money with bitcoin we're going to continue to see that that's not going anywhere anytime soon because it's a much easier and more profitable avenue for terrorist groups or who have you to make money so let's talk

a bit of samurai context here mean we're used to the fact that real organized crime around has for all its lawbreaking own internal sadder rules what about cyber crimes that have its own machine a code of honor i mean certain to lose like the mafia you do have taboos in cyber crime so realize that to engage in financial cyber crime there are three motivations it's either ideology it's status or it's cash most people do it for cash they do it to make money now when you start as a cyber criminal you don't really know a lot of how to commit crime you don't know or know or understand the dynamics of cyber crime so you start at the lowest rung possible you start by ripping off people now as you advance your craft as you become better and that career fraud you get to the point where you're ripping off governments or organizations companies things like that so what you see with cyber criminals is is there is this clear hierarchy of who thinks they're better than someone else so if you're beginning

criminal you're looked down upon by these upper class people that are only ripping off governments because they view themselves as better and that's that's part of this entire online. business or persona or ideology that takes place you the criminals have to justify and i did the same thing i had to justify my crimes by saying at least i'm better than these people so you'll see them engaged in crime you won't see a financial cyber criminal that really i have never met a financial cyber criminal that is engaged in child pornography they they all look down on that they all tend to look down on drug trafficking even though today if you're looking at financial side. it is necessarily mixed with drug trafficking as well because or so much profit in that but even as such the guys who are stealing money still look down on the guys who are doing drugs so there's always that that

hierarchy of who thinks they're better than someone else and at the end of the day everyone still criminals so see how hackers don't go around busting kneecaps on the streets or mugging anyone a gunpoint that kind of thing what does it make them i mean does it make them less tal's when facing the law is certainly does one wire when i ran shadow crew when we were called everyone told everything they knew as soon as they were arrested and i did the exact same thing and the reason was is that we were not we were not used to crime we were used to internet crime but not physical world crime now is shadow crew ended we started to see more mafia type groups being engaged in cyber crime and with that they brought violence with them as shuttle crew ended there was one gentleman that he posted pictures of a guy who owed him money and he had had the guy kidnapped and he was torturing the individual so he posted that you start to see more of that coming into the cyber

crime world because the profit potential is so high that that threat of violence has to be there and we'll continue to see that advance you know you you're seeing now but people who have bitcoin there being kidnapped and threatened with their lives in order to ransom up for money. i know that when you first start working for this errol government you also managed to moonlight as a scammer at the same time all the while being under surveillance and supposedly under the control of the sat so how many hackers are double agents so to speak and how and play both teams at the same time. i think that you're right when i when the secret service got me out of jail to work for them i started breaking the law the exact same day that i got out and i continue doing that for ten months until they found out about it how many people do the exact same thing most if not all until they reach a point that they understand that it's not going to end well and that usually takes

a lot of prison time and in my case it took being sentenced to seven and a half years of prison escaping president being called again and seen sent back to prison so there was a story a little while back about the director of the f.b.i. complaining about a staff shortage in the cyber crime unit saying that all those who are capable of working there are slow by juana and therefore are banned from a federal law enforcement job so does the law enforcement mostly force hackers into cooperation like either you serve time or you work for us because you can't attract talent to come into for an voluntarily. for the united states there's a stigma with law enforcement of hiring ex criminals or ex hackers. or corporations and companies there's not as much of a stigma but still it's there even today i consult with fortune one hundred companies with security companies i think and so today with the f.b.i. . there is still that mistrust because i was the guy that used to rip off

a lot of people a lot of money and i even continue to commit crime when i worked for the federal government before. the thing is is that for a criminal law enforcement security people they really don't understand that criminal minds they don't understand the the links that even i would go to to break the law and until you start to understand the human factor it's like with cyber criminals cyber criminals know that the most important part of breaking the law and getting money is the human being that's why fishing is so popular it's the same thing for law enforcement companies they they need to get to the point where they understand that we need to understand this criminal minds so when we find someone that has reformed and it took me a long time to reform but when you find someone that is reformed but still has that ability to to think as a criminal to explain that type of mindset to law enforcement groups organizations companies it has a lot of value to it and when i give a presentation today most companies groups know that fraud is

a problem but they don't understand the face of fraud until you actually talk to a guy that used to rip them off so if the fads ran network of recruiters then the informants and the hacker community but i heard about a game called spot the fad during hacker conferences is it really that easy. undercover cop at a hacker convention i mean what gives it away it is it's not just the spot the feds at a hacker convention it's spot the feds on online criminal groups and communities it's everywhere and it's extremely easy to spot a law enforcement official it's easy to spot. security pro any number of things for example online you've got several online carding forums or fraud forums and you'll have law enforcement people that will try to integrate themselves into these forums and what usually happens is they'll come on and they'll act like they're a criminal but they'll ask the wrong type of questions or they'll they'll want too much information too soon there's these telltale signs that criminals that they

know that something's wrong they may not know that the guys of course the guys a law enforcement officer or security pro but they know he's not a criminal and they have this bad feeling criminals are very good with intuition of being able to know that something is wrong so they automatically they may not know he's a cop but they automatically pay him as someone that's not like them and that becomes a huge huge problem for law enforcement that's why law enforcement tends to use a lot of informants and stuff like that in order to gain access to these communities now and one of the articles you wrote that purchasing someone's credit card number along with their full identity information with set you back just about two hundred dollars i mean how come it's so cheap is everyone's identity absolutely unsafe. the way i took to the way i talk about it today and i use equifax as an example so everyone is scared to death of the equifax breach but the truth of the matter is is all of that information everyone's information has been out there and

there have been so many breaches that your information is already for sale and because of that that dell would use of information that so much information is out there it's pretty cheap for example i can buy a credit card for anywhere from six to twenty dollars ok and with that credit card i get the card number i get the card owner's name address phone number expiration date three digit security code on the back now that gives me they have the ability to start buying things online but i can also pull that car owners complete identity information and what i do is there's a website i can go to and pull. the social security number and date of birth and address history for another two dollars and ninety cents once i do that i go over i start when background checks background checks run sixteen dollars so all of a sudden i've got a complete background check and i've got the social the date of birth for a post of twenty dollars then i pull the credit report the credit report is free once i have that i have

a nuff information to really do whatever i want to commit whatever type of financial crime i want to with the victims of formation and that that's part of the ease of cyber crime it's not rocket science anymore it's things are so easy for criminals these days that it doesn't take much money to get started it doesn't take much knowledge to get started you can buy a tutorial you can take a class on how to commit crime all this stuff is pretty automated these days so just to wrap this up briefly what can an ordinary repair person do about all this i mean you can tell the government registries are big companies to beef up security yes but. i personally do about my identity being traded on the internet and i think sure so no no there are things you can do and what i what i try to tell people to do is to make sure you're not the low hanging fruit and the way to do that is first to freeze your credit all right and not just freeze your credit of you but every single person in the house because children are the number one victims of identity

theft you can use the child's information to create entirely new identities so freeze the credit of everyone in the house monitor every single account you've got and what i mean by that is bank accounts e-mail accounts credit cards everything monitor everything place alerts on every single account as well that way if a thief does have your information and they try to charge your credit card you get an alert to your phone that says hey something's going on so those are two things the third thing is to use a password manager we as humans we simply do not know how to best pick a secure password so we tend to use the exact same passwords across. well websites it's important that we don't do that you do those three things those three easy things and the chances of you being ripped off or becoming a victim online is really really minimized at that point in time criminals tend to go for the easiest targets and you just made yourself more difficult than eighty percent of the populace fred thank you so much for this wonderful insight and for

this interview we're talking to brett johnson the original internet got father former notorious cyber criminal turned digital security expert about the dark side of cyberspace well that's it for this edition of the enco i will see you next time . when the ruling classes protect themselves. in the final.

we can all middle of the room. i think is an outstanding person because he took on the most powerful agency. or you'll be the state if you look at it from the. mark was the day that when he was. going to spin the show. this most contentious critic for you is the first time i noticed something wasn't right in fleece work pretty much when i first started the corruption in palm beach county is not something that you can smell or thing like that it's a nod and a wink it wasn't what i wanted to do and. we've

had more on all the shootings in this county then some states have had a collective thing to go and went to his website began featuring comments about his family the sheriff by ten men in your squash you like a bug you know i wish you'd stop then you should stand a life and stop i believe what i'm doing also like ok you know it's your funeral boating f.b.i. raided p.b.s. and critics in the house. i snuck out of the united states. into russia where i can flip all sign. men they know bad wolf. i do think the numbers mean something they've matter us with over one trillion dollars in debt more than ten white collar crime happens to. eighty five percent of global wealth he longs to be rich eight point six percent world market thirty

percent somewhat one hundred to five hundred three per second per second and when he rose to twenty thousand dollars. china's building two point one billion dollars ai industrial park but don't let the numbers over. the only number you need to remember one one business you know board the mint one and only boom box. i was.

fighting rages for control of the libyan capital tripoli the u.n. and the united states are pulling troops and urging sides to cease military action . a general election looms in israel an incumbent leader benjamin netanyahu faces a close race we look at how much his relations with the u.s. play a role in the upcoming vote. also to come to this monday morning world power struggle to find an answer on what to do with foreign fighters who've joined in syria and iraq and i want to come home again r.t. heard from some of the militants. might be the biggest mistake of my life that we emigrated. that we made absolutely cannot be undone unfortunately.