Episode 7

full
Published on:

5th Mar 2024

Hackers: Right or Wrong, There's Only Fun or Boring?

You've asked for it and we're doing it! HACKERS to kick off 2024!

And like any good crew, we've brought @Kristof Lossie, @Tom De Laet, @Toon De Kock together to take look at how this legend of a movie has aged in the last 29 years!

Connect With Us:

 Syya Yasotornrat: https://www.linkedin.com/in/syyayasotornrat/

Brilliant Beam Media: https://brilliantbeammedia.com/

Website: https://checkpoint.com/

Facebook: https://www.facebook.com/checkpointsoftware

Linkedin: https://www.linkedin.com/company/check-point-software-technologies/

Twitter: https://twitter.com/checkpointsw

YouTube: https://www.youtube.com/user/CPGlobal

*****

* The information and commentary provided in this video is not intended as a substitute for professional security advice, assessment, or training.

** If you want to learn more or have any questions, please let us know in the comments. We also welcome any suggestions for future episodes.

* Copyright Disclaimer Under Section 107 of the Copyright Act 1976, allowance is made for "fair use" for purposes such as criticism, comment, news reporting, teaching, scholarship, and research. Fair use is a use permitted by copyright statute that might otherwise be infringing. Non-profit, educational or personal use tips the balance in favor of fair use. NO COPYRIGHT INFRINGEMENT INTENDED. All rights belong to their respective owners.

Transcript

0:01

welcome to checkpoint real talk a podcast for security folks who want less

0:07

Fu and more Fu n in each episode we'll have light-hearted conversations about

0:14

security people processes and Technology as we react to how they're portrayed in

0:20

film and TV we'll bring in experts from inside and outside checkpoint to break it down what was accurate what wasn't

0:28

and what can you apply to real world cyber events on today's episode host seea

0:35

gorra checkpoint manager security engineer team Kristoff Losi incident

0:40

response lead Tom DEET and incident response analyst tone the coke react to

0:47

the:

Welcome

0:53

good evening welcome to checkpoint real talk today we are going to be going over a movie that has been multiple like

1:01

thousands of people just requesting hackers and so who could I get but the coolest guys out of Belgium that are

1:08

going to be uh our experts to talk about why hackers with Angelina Jolie in her

1:13

you younger years as has been stated um she looks the same to me but uh guys

1:19

welcome so we've got Kristoff Tom and tone welcome welcome welcome checkpoint Real Talk

1:25

guys thanks for the welcome welcome to be here fun to be here

1:31

okay so that remains to be seen if it's F to be here yeah yes I know oh no pressure on my part now great guys I

1:38

throw I throw down once to say it's okay guys have personality and all of a sudden all of your faces drop at me like

1:45

what it's okay yeah so okay so real quick question have raise your hand who

1:50

has seen hackers oh this is going to be good this is going to be very good all right so I

1:57

have actually seen hackers but many many moon cycles so it's almost as if I haven't seen it in a long long time so

2:03

this will be really interesting um the premise of it is basically uh is the

2:09

early years of the internet and you had a group of people that were literally hacking uh into uh networks so I don't

2:17

remember beyond that so Kristoff do you remember beyond that I just

2:23

remember I just remember being like a bunch of like cool kids and they were all cute that was I think all I remember

2:30

well what I remember because indeed for me it's also many many many mons ago since I saw this movie uh it was a

2:39

typical 90s movie both in dress code as well as in way of acting and um there

2:47

was a lot of Hysteria about something happening on a computer screen and if I'm not

2:54

mistaken uh they weren't really the cool kids because they were actually into

3:00

computers and stuff which back in those days were only for the nerdy ones that's true hasn't been changing

3:06

much I see no do yes yes I know okay so that's funny

3:12

you should mention that because uh there is this assumption stereotypically you see it all the time in social media that

3:19

like hackers are wearing like hoodies and they're like in a dart basement somewhere or they parents basement

3:24

somewhere or you get this like land where like everyone's got like a bunch of computers All In one room and space

3:31

that's like far from the truth maybe that back then it might have been but today doesn't feel like uh that's the

3:37

case or is it are we still wearing hoodies as hackers well s we sometimes wear hoodies

3:43

true but we indeed need to step away from that how do you stereotype depicting of the of the hacker true

3:50

probably just work in cubicles and be miserable about their cies too they're

3:57

basically especially the the black hackers The ransomware Operators I do think they are just as miserable as we

4:04

are and trying to make their wages at the end of the months to get their bonuses in and things like that are you

4:12

miserable I'm not are you miserable there anything you want well my my team

4:18

lead is on here so Tom I'm I'm not feeling very fine I might do with a with

4:24

significant raise at the moment it would help yes oh I love it I love it it so okay

4:31

well guys are we ready to jump in and then check out uh the first first scene

4:36

all right let's do it sure it isn't a virus it's a worm what's

The Worm

4:41

this one e it nibbles you see all of this this is every financial transaction Ellingson conducts yeah from million

4:48

dooll deals to the 10 bucks that some guy pays for gas the worm eats a few cents from each transaction no one's

4:54

caught it because the money isn't really gone it's just data being shifted around and when the worm's ready it zips out

5:00

with the money and erases its track Joey got cut off before he got to that part check it out by this point it's already

5:06

running at what twice the speed is when it started and at this rate it ends its run in 2 days judging by this segment

5:13

alone man it's already eaten about 21.8 million bucks man whoever wrote This

5:19

needs somebody to take the fall and that's freak and that's Joey and that's us we got to get the rest of the file so

5:25

we can find out where the money is going before the worm disappears so we can find out who created it all right

5:33

guys we're talking about a worm here and the way they described it right they

5:39

kind of put it in like um civilian terms where it was already encoded in there

5:44

and it it will pull it out when it's ready and then erase its uh presence

5:50

help me understand you guys is that accurate of what a worm

5:56

is uh no it's ACC modern malware things but the the distinction between virus

6:03

and worm uh takes back quite a few years I think Kristoff might remember those

6:09

times still yep and yeah the idea of having a literal worm nibbling away it's

6:16

just I mean it makes for a good movie line but it's not what actually happens

6:23

the actual difference is the virus needs a human to trigger it like the I love you virus where people actually needed

6:28

to execute it uh that's a virus and the worm is basically the virus which doesn't need

6:34

the interaction to propagate he can't propagate himself uh but there do are some very

6:40

cool takes in this clip as I see this guy reading hexad decimal at a speed I

6:46

can only be jealous of and his forensic skills are through the roof the the way

6:52

he is reading that and analyzing that and piecing that thing together yeah that that's just not realistic what

6:59

could be realistic is indeed having some malware doing exactly this and underneath under the radar trying to

7:06

exfiltrate some in this case money uh because it's indeed data that's just

7:11

being shifted around but uh the whole way that he gets to that conclusion by just looking at a screen that it's going

7:18

so fast that no human can ever read it ever that's just ridiculous it's just

7:24

the funniest thing I I will give them credit though at least actually showing like uh it's

7:31

scrolling as far as like in other movies we see them like have a graphics like they'll do these crazy looking Graphics

7:38

that are flashing all over the place this is a little bit more accurate in the context that it is some of the

7:43

earliest attempts to somewhat be accurate and not have the website saying

7:49

enter password firewall hacked you've entered the Pentagon something like that in other

7:54

movies yeah okay give him credit for that or the or the hacking progress bar I'm I'm always a fan of the hacking

8:01

progress bar what where where there is like 100% hack like that one that's come

8:08

on hurry up they're almost in just hit the keyboard a little bit harder and you will find it y but does

8:15

crate for good drama no it it does Hollywood gets away with a lot of things

8:23

I like the fact they were actually doing forensics in this case because they were analyzing the malware to see what it did

8:28

and what itcap abilities where um they did it in Ultra fast forward but they

8:33

were doing forensics so I like him yeah because nobody wants to see a scene of

8:38

three hours going through the data figuring out what's actually happening nobody wants to see that in a movie I

8:45

maybe you guys but you are you are the analyst so you you maybe get a kick out of it but I sure wouldn't yeah the movie

8:53

would be called case study yeah stud that's funny okay so um so with

9:00

that portion of the depiction of of of them knowing about this for and again I don't know this movie either I just

9:06

thought it was a really cool scene um let's let's continue on because this next portion of it uh cracks me up

9:12

because I think there's something about notoriety of being a hacker I know I know who wrote it what this Ellingson

Zero Cool

9:19

security creep I gave him a copy of the disc you gave me you what didn't know what was on it

9:27

oh man it's universally stupid man yo man you an amateur

9:33

man why did he come to you I got a record I was Zero cool zero cool crash

9:41

157 systems in one day biggest crash in history Front Page New York Times August

9:47

th:

9:52

this is zero cool oh [ __ ] that's far out this is zero cool man oh

9:59

y That's great there goes MIT I'll make it up yeah how I'll hack the Gibson dude

10:07

they'll Trace you like that man the cops are going to find you they're going to find you with a Smoking Gun [ __ ] if I care man look even if you had the

10:14

password take you 10 minutes to get in and you still got to find the files man I mean the cops will have you in 5

10:20

minutes oh wow we are fried never send a boy to do a woman's job with me we can

10:27

do it in seven both I help we do it in six Jesus I got to

10:32

save all your asses I help we could do it in 5 minutes man okay let's go

10:38

shopping all right so first of all zero cool that is just yeah this whole idea

10:46

of having hacker Alias and then the best thing you can come up with is zero cool

10:52

I like I said it's the 90s okay okay if we're going to be if

10:59

we're gonna be making fun of zero Cool's name what would your hacker name be H

11:04

that's a very good question depends if I'm going to get

11:10

discovered by the cops or not want throw just throw one out I'm

11:15

intrigued now well I would pick the first and last

11:22

name of somebody I really do not like if I'm C I can have some fun with

11:28

someone yeah that that would work that would work that's funny I'll not go on

11:33

record and and name people but no no but I can think of of a few yeah for sure

11:40

that is funny yeah all right tone you win on that one first and last name of

11:45

the person I don't like I like that one you win all right so zero cool just in case

11:51

Zero cool he made a mistake you guys he uh took a I'm guessing it was like maybe

11:57

a drive or something and and gave it to someone and he didn't know what was on it so he took he made a fundamental I

12:05

think now today uh a common mistake which is oh I found a random USB I guess

12:10

I'll just shove it into my laptop and see what's on there is that basically what he's admitted

12:16

to no I think he he found something that he gave a copy to someone that he

12:21

shouldn't have given that copy too so Random USB would be the other way around

12:27

you find something and you plug it in and then it has some malware on it which is very common by the way um but uh no

12:34

this is actually something he shared that he shouldn't have shared and back in those days uh it was on a dis because

12:41

yeah that's what we used that that's what we had it's not just what we used that's what we had there was nothing

12:48

else uh speaking of those little discs like they actually interviewed a bunch of gen Z's and took a poll to say like

12:56

do you know what this is and they're like oh yeah the same button button the save 3D print a save button right yeah

13:03

3D printed a save button it's like next time oh that's funny they find a music

13:10

guet they're going to think it's from the Civil War or something yeah well okay I I've said this before and I know

13:17

I upset a lot of my friends but I was like guys you know the music in the 80s

13:22

like when we you you think Back 40 years it would be World War II the 40s right

13:29

equivalent of the kids in the:

13:35

friends were like why did you have to put it in those contacts I'm like it is we're the equivalent of World War II to

13:40

these kids right now so anyway I know I digress but okay so feeling that the

13:46

music like I said was that 40-year Gap right this movie feels really dated in a lot of ways so how with zero cool and

13:54

the fact that he shared information with someone he shouldn't have I didn't understand that last scene where they're

14:00

like I can do it in seven you need my help I can do it in six five what were they talking about there I think they

Timeframe

14:06

were talking about how much time they needed to hack in some system and steal something uh which is an hilarious thing

14:13

that you can put a time frame on there to see how much minutes he going to take yeah guess that's always completely ear

14:21

not realistic in any movie is the time frame yeah that's like the number one

14:27

thing like I we've seen many good movies uh in the past um like especially things

14:33

like uh uh Mr Robot was a very good example of of things that could really

14:39

happen but never in the time frame that they show in the movie like never okay so you can't call it out and

14:47

say I can solve this issue in two minutes no no no no also solving a case

14:54

in in that many hours is most most cases it's very well it's it's an educated

15:00

guess you can do uh whenever we have to help a client we also have to guess how

15:05

much hours how many hours we need for that uh but it's we get pretty good at

15:11

guessing but it's still guessing because you never know what you're going to get always going to be surprises coming your

15:16

way in order to well solve the puzzle interesting thing in this sorry uh I st

15:23

but the interesting thing in this is that he basically said I gave the dis to him and I didn't know was on it yeah and

15:30

that has a very good analogy as we are um well our laptops and our mobile

15:36

phones contain our entire life and once we get a new one what we what do we do with the old one might be bit of um

15:44

what's correct English term where you have some uh influence of your professional life and your private life

15:50

but I might might be misformed by that but I drill holes in all my old hard drives and I try to destroy my phones

15:57

physically before I throw away but people are well their laptops getting stolen their data is getting stolen

16:03

because they don't do any full dis encryption which they actually should on every device they have uh but but they

16:10

they're giving away things which contain important data which they have no idea what's still on there so hot take for

16:17

the for the Watchers make sure you have full dis encryption on everything and be careful when you throw away your

Final Thoughts

16:24

phone I haven't thrown any of my phones away I have like it's horrible like I've got this like massive box of all of our

16:30

equipment over time just because I'm so paranoid about it even though we've cleaned it and all that good stuff my boyfriend's actually in used to be in

16:37

cyber security so like I get it I trust him I still won't throw things away I could be hoarding tendencies but that's

16:43

a different issue all the together yeah as long as you don't start displaying things like old Hardware then

16:51

then you're fine no I I'll try not I'll try not okay so any any final thoughts

16:56

on this particular scene you guys a that stood out to you yeah I just wanted to add on the timing thing was that uh what

17:03

is kind of realistic is when when you have like a certain window of getting something done that is that is that is

17:10

true but you can't figure it out in time in that window no you need to be able to

17:15

plan ahead create some sort of attack that fits in that window so that part

17:21

can be really like we only have five minutes in they until they can something gets triggered that kind of could be a

17:29

realistic but then two other two other things that popped up here as well like he in in in this days day of age uh in

17:37

that case he gave a dis to somebody else uh now uh when like ton already

17:42

mentioned sometimes they're also discr employees those hackers though those those hacking groups are often how do

17:49

use midsized companies they do not get enough pay or leave and then something happens like the con Leakes for example

17:56

which C did decent analysis about so that is something true as well data can leak also in those watch out then

18:03

for Tony just mentioned that he wants to pay I'll be monitoring him very closely just making

18:10

sure the idea you should be paying me more and the other the other thing next

18:15

to the the leaking of the data was although it was a very successful zero cool hacker apparently with a lot of

18:22

notoriety uh these guys do make a lot of mistakes often that we see we see that as well in those in our invest vations

18:29

uh so they're not all o very well oiled industrial uh hacking groups uh

18:36

sometimes we see them doing the initial breach and then testing something it fails because endpoint triggers

18:42

something they fa they try again they fail then suddenly it exceeds you see them uh typing in commands and then

18:50

Googling new commands copy pasting so it's it's actually Al fun it's also

18:55

almost a movie on its own to do the investigation so basically it's every other software engineer ever out there

19:02

is doing just exactly the same thing yes and there are theop the copy pasting the

19:09

searching the trying the failing the trying again until it kind of works and

19:15

then we're good enough I had no idea I am not technical I just was in uh I just

19:22

sold the stuff I affectionally call myself a groupy of cyber security like I get the concepts so you're telling me

19:29

they just copy and paste off of Google like in real time they're like searching that's really yeah from time to time

19:36

yeah go ahead go go go yeah but I insist that you go ahead first sir all right so

19:42

uh actually this is kind of of a big problem in development these days is that nobody's writing something from

19:48

scratch so they're reusing what's called libraries left and right and nobody

19:54

really verifies whether those libraries are actually milici even not not even badly written but actually malicious and

20:02

published because of it so an hacker could publish something that you could

20:08

use as an as an um as an engineer to build software oh this is an easy

20:13

function that I could use but it's actually a back door into your soft using your software into whatever it's

20:19

installed on and that's very common these days oh wow okay had no idea it it's

20:28

something you just don't think about that's crazy well okay so now now you're

20:33

really making me think and I have to move on to the next clip but before we close out this little moment on a scale

20:39

of 1 to 10 accuracy 10 being the most accurate how would you rate the

20:46

scene I'm giving it a seven wow they had a seven they were

20:51

orensics uh good enough for a:

21:00

yeah yeah I would I would go with a six or so because the timing thing is just

21:06

ridiculous but I do like the fact that they're doing their analysis uh like

21:11

even if it's at lightning speed it is still an analysis I was going for a three

21:20

so fair enough oh okay somebody need to keep up the standards Tom is going to be the tough

21:27

one in this uh this group here okay we we always everyone needs a Simon cowl in the group so we're okay so that's is it Simon C I

21:35

need to Google that you don't know him oh

21:45

[Music]

21:57

wow [Music] so-called American Indians Latinos and

22:03

blacks come from a genetically mediocre stock yak yak y being aware of racial

22:09

division get a j I [Music]

22:22

am say I'm a

22:29

[Music]

22:37

[Music]

22:44

now I'm Mr Simpson I'm subbing from his bis who was arrested at the anti-fur

22:49

rally all right all right so what's the thing this one there

22:57

there's some good there's some bad true so true true true to be frankly

23:04

honest when I when I when I saw the first inter the the the the picture on the screen uh what is it with the tape

23:10

robot I think that that it should have meant I was thinking about IC and skada

23:15

systems being approachable uh publicly available actually that was my first uh

23:20

yeah well there goes of fun in this in this episode

23:26

on no I thought look in back in those days

23:32

those um clips that were aired those were probably vide taped and to have some sort of robot to manage those tapes

23:39

is not uncommon and the fact that you could hack it and put a different uh tape in there without someone noticing

23:48

because it's probably the off hours that to me is realistic what is actually what

23:54

I find very funny is that he was typing on and looking at a scen screen and the screen was just doing something random

23:59

that has nothing to do with what he was typing and that that part is just like what is he doing like usually when you

24:07

use any kind of interface it actually does something to to the the viewing

24:13

whatever it is and this was definitely not the case fun thing was he was looking at a 13inch monitor with yeah

24:21

three columns and all moving in a different direction yeah was cool but I

24:27

did like the thing robot yeah the tape robot was awesome cool and actually

24:32

still actual uh in this case it was with video cassette for video recordings but

24:38

uh from nowadays we still see them in in some cases with the backup tapes where

24:43

the tapes are in a in a robot uh we even have a ransomware case we had a

24:48

ransomware case once where basically the tape robot was also hacked and they the

24:54

attacker went in there and they actually deleted all the the back updates and they could access all the backup tapes

24:59

because the tapes were still physically in the robot and the robot could access them one of the most cool cases ever but

25:06

uh that's why when we're talking to client who fell victim to a ransomware attack that we now ask do you have a

25:11

copy do you have an offline copy of your backups and then yes yes we have the own tape and then the next question is

25:17

always going to be are these tapes in a tape robot because we have seen cases

25:23

where actually the tape robot was leveraged for that um so offline backups

25:29

ortant thing and apparently a:

25:36

case o i i I just assumed that was like Antiquated but the fact that you're

25:41

talking about backups that does make absolute sense O Okay so okay that

25:46

little snippet that you saw there guys uh scale of one to 10 I'm just curious how accurate That was cuz didn't we just

25:53

talk about how we were impressed that they didn't use some random goey to show being ha and then of course this next

25:59

scene is exactly that some random imagery that says welcome to whatever system that

26:06

was yeah and and like even even if that that that would never have been the

26:11

interface for the actual programming running the robot so that that in itself looks nobody would make something that

26:19

is so elaborate and that doesn't show anything except an animation of of tapes being switched that would not that would

26:25

not happen uh so like I said everything about the hack is realistic but

26:31

everything visualizing it in the movie is absolutely

26:36

worthless so I'm guessing it's you're you're gonna give it less than like what five six is that my guess how you'd give

The Score

26:43

the scene yeah I would I would give it higher remarks because it it is very

26:50

realistic the hack itself is realistic so I would even go as far as an eight I

26:55

think for this one uh oh and Tomy is giving it a two

27:02

probably go ahead guy something like that yeah true

27:08

the imagery was awful yeah okay the top the tape Rob brings you to a topic that is that might be still on point or or

27:14

currently these days but these movies I'm not very fond of these movies because they don't do the uh the real

27:21

life justice so no no no also very bad score for this all right so what was this if you

27:29

guys are being so severe I I I'll do a four out of 10 for the stupid animation but then go up to a six out of 10 by the

27:37

coolness of the tape robot being used okay all right I we roll with that

School Property

27:43

okay so let's go on to the next clip here now I'm Mr Simpson and I'm subbing from his bis who was arrested at the

27:49

anti-fur rally I know some of you kids got

27:55

computers at home but these these are school property people and I don't want to see any gum

28:04

Stu chapter one designing graphical

28:19

interface the ominous music

28:26

yeah

28:32

what's

28:38

up oh

28:49

my okay guys so those were two scenes actually

28:55

right yeah well I think it was two two scenes yeah the first one was where he

29:00

was changing his score or something or changing his class and then the second was was the spr sprinkler system that he

29:08

hacked this scene I liked okay the scoring will be better for this

29:14

one because it's it's talk to me Goose why do you like this uh well well the first one uh

29:22

indeed changing points or whatever I couldn't uh distinct what he was

29:27

changing but uh well that is something that it's can be very true of course but

29:32

the especially the second part of the of the of the scene having access to an internal well in this uh fire

29:39

extinguishing system brings me back to the topic I I said uh being IC and SCA

29:44

being publicly available you see those that often these interfaces are public e publicly available and not not enough

29:51

well protected or even inside uh an environment a lot of people can access those kind of things so this actually is

29:57

very well it's not possible this is reality yeah um once inside a network you often have access to these kind of

30:03

things because they're really bad default wise really bad secured and then you can do stuff like

30:10

that so I like this this is very um it's very plausible indeed very plausible did

30:16

did any of you guys did any of you guys pick up that he basically makes him graduate to Advanced English

30:24

which allow himself to graduate to Advanced English playing around with his grades that

30:29

but yes uh especially in the:

30:36

database Securities and the the interfaces were really really bad so it

30:42

was easy toble for students to from time to time break into one of these databases yeah it wouldn't even be

30:49

called a hack you would just access the database and change it and you as long

30:55

as you knew where it was you could easily do it well that brings up what

31:00

is yeah like it didn't break anything it just changed some records to A system

31:07

that was probably just accessible from anywhere and and and in the second scene

31:12

Tom with just the other week we were on a team building and we were staying in this house that had a Wi-Fi and we

31:20

wanted to do something with a chomecast and the Wi-Fi had some security feature

31:25

enabled so that two devices in the same network couldn't connect and we simply

31:31

tried the the admin portal of the Wi-Fi which had the default password on it we

31:36

just logged on changed the setting all done so and that was in like publicly

31:43

available place where you would didn't expect it but it was still default password like that kind of stuff and it

31:50

still happens today do you think that's because of uh

31:57

uh ignorance of maintaining good policy or laziness what do you guys think would

32:03

use these words that's easy to have I

32:08

will yeah an inse um or forgetting about

32:15

it uh it we we say that often it's not

32:20

it's it's not ignorance or laziness um it it Dives right into the topic of skills shortages don't have don't

32:26

doesn't people or companies don't don't having the band with or the people to manage these systems you

32:32

buy the ecosystem nowadays is you need tons of different security vendors or

32:37

just infrastructure type of vendors you have tons of tools nobody is fully educated on them so no it's default out

32:43

of the box you place it you don't configure you don't update and then these things happen it's it's one of

32:49

have the complexity for the party setting it up and then saying to the guys who are going to have to work with

32:54

it afterwards saying hey guys I set this up with a default password so you guys can change it later and the other guys say yes we'll do that and they forget

33:01

about it because they're overtasked and have 3,000 other things to do in the company uh also one of these things we

33:07

see a lot there's a lot of non sexy cool things of a partner go yeah sorry sorry

33:14

um from from uh because I used to work at a partner doing these installations of tons of these systems and I can tell

33:21

you that you indeed are there like guys it's finished now you need to change it and yeah

33:28

you do you do your best and then yeah and always the same thing with

33:33

security products you have the the quality of the product and you have the quality of the um configuration of the

33:39

product and just plain things like forgetting to reset default credentials the product might be topnotch if you

33:46

forget to do the basics like res setting the default passwords it's going to be breach

33:52

sometimes it it feels like a human aspect right the human element if there's going to be that one step it's

33:57

going to be the human right like I I I usually is it usually is at some point

34:04

and even if it's the system someone made a mistake somewhere that allows some hacker to use misuse a system so at the

34:12

end it's all human but yeah most of it if when it comes down to configuration usually yeah and like Tom said it it's

34:20

not really their fault in the sense that they are overworked they don't have enough resources so they need to

34:25

prioritize on the most important an things and most businesses still prioritize availability over security at

34:32

any time and that usually bites them in the rear end at some

34:39

point T and Tom can can go and fix the problem when that there you go it's

34:45

called job security guys yes yeah there's PL plenty of that for us true

34:50

sadly enough of course but no it's a sad fact but I tell everyone if you want to

Home Run

34:55

if you want job security go into the Cyber cuz that's just where it's going to

35:01

[Applause]

35:20

[Music]

35:25

go

35:31

[Music]

35:55

f yes home run home run all right let's okay okay what a great visual depiction

36:03

of yeah this with no link to reality whatsoever no nope this this is just an

36:12

Hollywood attempt to make things that look literally look very boring make make it look interesting that that's

36:19

just it there's nothing this this to me gets a two a one a zero out of 10 like

36:25

this is worthless I also like the fact that they at one time they zoomed in on the CCTV thingies

36:32

which at in:

36:38

system not a network system and they jump through there into the network uh

36:44

Cas yeah and then the the the:

36:51

things where everything is flashing and going like weird Clips just Stitch

36:56

together like doesn't make any sense but yeah they had to fill the seconds and minutes I guess yes no I thought that

37:04

was funny of I I get what they're trying to do with a visual depiction of like data going through a system I think

37:11

that's they're getting artistic license I think is what I would call that um

37:16

yeah I I don't know if anything else to say other than I think that was just a visual depiction of data running through

37:21

a network that was my guess of how to read that that is indeed what it was and

37:28

it has no basis in reality whatsoever our jobs are much more boring

37:35

to look at from a visual perspective you don't it was no I wish it was would be

37:42

cool too no it's also I think it Al also a bit of a this is 95 so it's like this

37:49

is what we can generate with a computer when it comes to 3D images back in the

37:56

day cuz that that scene with the the green cubes that would have taken

38:01

probably days of rendering back in the day like this is CGI from

38:08

95 so yeah they wanted to show off what they could do back then which probably

38:15

back then looked really cool butou yeah but uh to today standards not

38:23

so much so are you're saying that ERS is aging itself a little bit is that what you guys are saying it's dated a little

38:30

bit that scene definitely tiny bit Yeah tiny bit yes

ACC Counting

38:38

okay awesome okay so um I'd like if we can I would like to see if we can do one more

38:43

[Music]

38:55

okay [Music]

39:15

they [Music]

39:25

go [Music]

39:41

this is ACC counting sir uh you inquired about an employee of ours agent Richard Gil yes our records indicate he's

39:48

deceased um

39:53

what yeah oh I there's so much about this scene that just cracked me up okay

39:59

so I don't know if anyone has the ability to take someone's property and

40:05

destroy it first off so I don't know if that was a policy back in the day but just seeing how nonchalant that waiter

40:13

was to carry back that credit card and just be like boop boop boop Deuces it's like no explanation no do have any other

40:21

cards none of that so I thought that was really funny yeah that was that was quite funny

Magnetic Strip

40:28

but it was not for me it wasn't the funniest thing in the clip but yeah definitely funny there as

40:33

well also the thing that well that were magnetic the magnetic strip was the only

40:38

thing on that card at the time now we all have cards with chips and the chip basically has some basic security in it

40:45

uh that was the the old times where you could just copy some somebody's magnetic

40:50

strip which was basically just a string of data was enough to yeah and that indeed cutting the the

40:57

strip into was good enough to basically protect you from abuse I like plenty of things in here

41:05

the the fact they were on a on a public telephone boot kids probably don't know

41:11

what it was but at the time before mobiles was a thing uh us as mere mortals we made arrangements with people

41:17

and we were on the certain time at a certain place to meet each other and things like that but well the phone

41:24

boots to basically link up with a computer uh with a thing called the modem which made a very distinct sound

41:31

uh when you try to dial into a network uh I like that one really really really

Modem

41:37

yeah and it would would have made them less traceable because they were on a public phone and they could leave and

41:43

there was no trace of them being there so that was really good um would also cost them quite a few pennies to keep

41:50

the the phone line open yeah especially knowing which internet speeds at that time we had and things like that yeah of

41:58

course the amount of data was not that much what what was again completely ridiculous was the the visual

42:05

representation if you would edit data when you hack something it would not

42:10

look like that you wouldn't have a nice graphical interface and like ton said with the speeds that you had back then

42:17

it would take too long to just load the graphical interface to begin with so

42:23

that that that again Hollywood doing what Hollywood does

42:29

best well it might be a bit of artistic freedom to to make a SQL injection look

42:36

a bit cooler yep but then again you and I would find it much cooler if it was

42:43

actual real injection yep like you had again in The

42:50

Matrix movie there's a scene where they where they actually use an exploit that was a real exploit back in the day uh

42:56

and they actually show you the the oh cool The Prompt was an SSH hacked

43:03

something uh vulnerability and they actually used the real one that was valid in that

43:11

time that's cool movie to review I didn't know that one no nether oh I've

43:16

added I made a mental note to add that to our review list so thank you everyone loves Matrix though so I get

43:23

it and Tom you've been a little quiet there my friend yeah well the um

43:29

actually I was I was thinking about a book I read on Kevin mnik it was ghost in the wires um this scene reminded me

43:35

about that it wasn't it's a really awesome book I've um only been playing

43:40

in the Dig digital realm uh uh doing this but if you see how he explains um in very much in detail how

43:49

we uh deceived FBI by by uh leveraging the the phone system back in the days

43:55

and hacking into companies and universities uh awesome book to read if you want to dive into that uh that Tech

44:03

subject ghost in the wires what was it was the correct term for that for Pham

44:08

line hacks fracking no fracking fracking Fring fracking fracking is it it has a specific

44:15

term oh interesting not to be confused with the term used in Battle Star Galactica which is also that's

44:23

completely different thing Series yeah um yeah and what's relevant today also I

Digital Identity

44:30

think is that how much of our Lives is digital so if there is Mees if they mess

44:36

with that data um yeah it can have real life consequences like if someone puts

44:43

somewhere that you are actually deceased it can be hard to get those errors out

44:48

of the system that is prove it right that is something that we don't deal

44:53

with of course that type of uh incidents or cyber crime that that's more for

44:59

police um but it is I I can't remember also auth I can't remember the name when

45:06

somebody takes your identity there's a an um takes over your kinds yeah yeah

45:11

there's something else as well I didn't well wanted to go to identity theft of

45:16

course um it's uh to have that uh if they take your identity well um because

45:23

there's also very little you can do about it um it can mess up your life

45:30

and the more we move into the digital world the the more important it is to protect your digital identity too uh on

45:38

all sorts of forms because well the probably is going to be the case already

45:43

that your digital self is more important than your physical self uh at least for everything what the states or the place

45:50

you live that the authorities are concerned about yeah

45:56

it makes 100% sense so okay I love this last scene here because I do think it's

46:01

a great reminder of how vulnerable this Richard Gil apparently they're definitely targeting him for whatever

46:07

reason because obviously they don't know the movie but he he did he definitely did something to earn it right so if you

46:13

get on the target of an ey of a hacker that really wants to go after your personal life identity theft or whatever

46:19

purpose they want to go after um it's it's very real in this day and age is that fair to say it doesn't matter who

46:26

you are if you've got an IP address somewhere with your identity you can't get tracked and you can't get hacked is

46:32

that the positive message I guess we should take away if it talks to to

46:37

internet it can get hacked yes and even if it doesn't talk to internet it might still end up being

46:43

hacked reversal but and this is what we tell customers as well I mean they

46:48

always say yeah but why would someone hack us yeah but if someone does and then we have the the angry ex employee

46:57

or or even still employee or there are many reasons why they would be a Target

47:05

and um and once they target you she bad

47:10

luck you have targeted attacks but there's a lot of automation automated scanners who report on hey we have a

47:16

vulnerability here and they just fenter into that so y well okay so it sounds

47:23

like to me I apologize uh tone go ahead I was just going to add that's not

47:30

like the uh proverbial worm that's nibbling away if you sents of your bank accounts that that's not what they're

47:36

after they're not as nice than that they leave something in your bank accounts they try to empty it as a whole that's a

47:43

very true statement so guys I know we can keep going and I know hackers has been requested like I said so many

47:50

people are like you guys got to do hackers you guys got to do it so uh I I know we didn't actually play the

47:56

seen so far knowing that's a:

48:04

10 what did you think of your experience of uh watching the hacker scenes overall I'll go for a three and a

48:13

half I don't yeah not my kind of movie I think no not going to spend my time on

48:18

it it's got like that all right tone I go for a seven because I have some

48:24

interesting concept which are still valid today and I I'll go for a six because I

48:31

think it is good entertainment at least uh and it has some points of truth but

48:37

it's just fun to watch well guys I appreciate your feedback and Tom you cracked me up

48:44

you're like it's a two or a three on a good day you might be surprised I I me a

48:49

lot of a lot of guys uh and gals in cyber security have said hackers has actually got them interested in and

48:55

going into the field so it's like one of those early you know predecessor I guess what you call OG movies so um I might

49:03

check it out myself I haven't seen in like so many eons but uh yeah I gotta

49:08

say it is entertaining it's probably more accurate than I think some other movies that we've seen of depiction of of hacking but yes I mean come on you

49:16

guys if they actually if Hollywood actually filmed us accurately of what you guys all do all day I'd imagine it

49:22

would be a very short movie with a very small niche of people thatd be interested uh just because it's so not

49:29

exciting visually speaking as you guys have said is that accurate very long movie very long sometimes a very long

49:36

and boring movie long and boring movie with like at the very end Eureka moment

49:42

and that's it and it's a and end and scene well guys that kind of well

49:48

Kristoff tone Tom I really appreciate your time and uh I really loved your guys' Insight so um you know what I

49:56

think we could just go ahead and wrap this up because I have a feeling we could keep going and going on this so I want to say thank you so much for your

50:01

time you guys have been rock stars and uh you're always welcome back but let's go ahead and wrap this up for another

50:07

episode of checkpoint real talk we'll see you next time that's a wrap on today's episode of checkpoint real talk

50:15

if you like this video hit that subscribe button and some of those other buttons to show us your appreciation and

50:21

if you want to learn more or have any questions please let us know in the comments we'll see you next time for

50:27

another episode of checkpoint real [Music]

50:35

talk

Listen for free

Show artwork for Check Point ReelTalk

About the Podcast

Check Point ReelTalk
Check Point ReelTalk is a podcast for security folks who want less F-U-D – and more F-U-N.

Each episode, we’ll have lighthearted conversations about security people, processes, and technology as we react to how they’re portrayed in film and TV.

Experts from inside and outside Check Point will break it down. What was accurate? What wasn’t? And what can you apply to real world cyber events?

Make sure you hit that subscribe button and follow us on your favorite podcast listening platforms.

Website: https://checkpoint.com/
Facebook: https://www.facebook.com/checkpointsoftware
Linkedin: https://www.linkedin.com/company/check-point-software-technologies/
Twitter: https://twitter.com/checkpointsw
YouTube: https://www.youtube.com/user/CPGlobal
YouTube: https://www.youtube.com/channel/UC43dLX4Howmh11bGpEkl1pQ

About your host

Profile picture for Syya Yasotornrat

Syya Yasotornrat

Syya is a tenured tech sales professional with her time at SonicWALL and Hewlett Packard (HPE) with some hospitality at the Walt Disney Company and IT recruitment experience in the mix. She is currently a podcast strategist and consultant, helping others to bring out their voice and legacy through podcasting. She loves to learn and talk about anything, so feel free to reach out!