Question
Introduction
0:02
The Internet: Cybersecurity and Crime
0:06
Hi, my name's Jenny Martin and I'm the director of cyber security
0:11
investigations at Symantec. Today cybercrime causes huge problems for
0:16
society personally, financially, and even in matters of national security. Just in
0:22
the last few years hundreds of millions of credit card numbers have been stolen,
0:26
tens of millions of Social Security numbers and healthcare records were
0:30
compromised, even nuclear centrifuges that have been hacked, and unmanned
0:35
aerial drones have been hijacked. This is all done by exploiting vulnerabilities
0:40
in hardware and software or more often by taking advantage of unintentional
0:45
decisions made by the people using the software. People committing these cyber
The Cyber Army
0:53
crimes don't a single profile or motivation it could be anyone from an
0:57
international terrorist to a teenager competing for bragging rights. Today the largest
1:03
countries not only have a regular army but also have a well armed cyber army. In
1:08
fact the next World War may not be fought with traditional weapons, but with
1:12
computers used to shut down national water supplies, energy grids, and
1:17
transportation systems. Hi my name is Parisa and I'm Google Security Princess. I've worked
Viruses
1:25
on a lot of different products and a lot of different ways to try and
1:29
make our software as secure as possible.
1:33
Now let's take a look at how cybercrime works under the hood
1:36
will learn about software viruses, denial-of-service attacks, and phishing
1:41
scams. In biology and life, a virus is an organism that is spread by coughing,
1:46
sneezing, or physical contact.
1:49
Viruses work by infecting cells, injecting their genetic material, and
1:53
using those cells to replicate. They can make people really sick and then spread to other people.
1:59
A computer virus works bit similarly. A virus is an executable program that gets
2:04
installed, usually unintentionally, and harms the user and their computer. It's also
2:10
possible for a virus to spread itself to other computers. Now how does a virus get on your
How Viruses Get On Your Computer
2:16
computer in the first place? There are a couple ways an attacker can infect someone's
2:19
computer. They might lure a victim into installing a program with deception about the
2:24
program's purpose, so for example a lot of viruses are disguised as security updates.
2:29
It's also possible that the software on your computer has a vulnerability, so an attacker can install itself
2:35
without even needing explicit permission.
2:39
Once a virus is on your computer it can steal or delete any of your files,
2:43
control other programs, or even allow someone else to remotely control your
2:47
computer.
2:50
Using computer viruses, hackers can take over millions of computers world wide
2:55
and then use them as a digital army, otherwise known as a botnet, to attack and take down websites.
3:01
This kind of attack is called a distributed denial of service.
3:07
A denial of service is when hackers overwhelm a website with too many
3:10
requests. We call it a distributed denial-of-service when the attack comes from many
3:14
computers all at once.
3:16
Most websites are ready to respond to millions of requests a day, but if you
3:21
hit them with billions or trillions of requests, coming from different places,
3:25
the computers are overloaded and stop responding. Another trick used by
Phishing Scams
3:31
cybercriminals is to send large amounts of spam email in an attempt to trick people
3:35
into sharing sensitive personal information.
3:39
This is called a phishing scam. A phishing scam is when you get what seems like a
3:44
trustworthy email asking you to log into your account, but clicking the email
3:49
takes you to a fake website.
3:51
if you log in anyway you've been tricked into giving your password away.
3:55
Hackers can then use your login credentials to access your real accounts
4:00
to steal information or maybe even to steal your money. Fortunately there are
4:05
many companies, laws, and government organizations working to make the
4:09
internet safer, but these efforts are not enough.
4:14
You may think when a computer system gets hacked the problem was the security
4:18
design or the software. Ninety percent of the time the system gets hacked
4:22
however, it's not because of the security bug, but because of a simple mistake made by
4:26
a human. It turns out there are steps we can all take to protect ourselves. Often
Outro
4:35
your actions not only impact the security of your own data and computer, but the
4:39
security of everyone at your school,
4:41
workplace, and home. With billions or trillions of dollars at stake
4:46
cybercriminals get smarter each year and we all need to keep up.
0:04
First you should always ask when someone asks you joining a gym I need your social security
0:09
number.
0:10
For what reason?
0:11
What’s the purpose of asking me for my social security number?
0:13
They don’t need it.
0:14
Actually, by law when you look up the law involving your social security number it’s
0:18
limited to about as many things as you can count on one hand where you legally have to
0:23
provide it for income taxes, law enforcement, things of that nature.
0:27
There’s no need for them to have that.
0:30
They’re kind of foolish taking it to begin with because then they’re responsible for
0:33
that information and they have to try to keep that information safe.
0:38
In the case of Equifax which is a perfect example, here was a multibillion dollar company.
0:44
They didn’t update their software.
0:47
They didn’t fix their patches that Microsoft said to them and said install these security
0:51
patches.
0:53
Their chief information security officer had her degree in music.
0:57
She really didn’t know anything about keeping information safe and consequently hackers
1:01
got in.
1:02
Now in my 43 year career I’ve dealt with every breach back to TJ Maxx 15 years ago
1:08
to the recent breach of Capital One, Marriott Hotels and Facebook.
1:16
What I’ve realized in every single breach happens because somebody in that company did
1:21
something they weren’t supposed to do or somebody in that company failed to do something
1:26
they were supposed to do.
1:28
Hackers don’t cause breaches.
1:29
People do.
1:30
All hackers do is look for open doors and every day there are thousands of companies
1:35
with open doors.
1:36
I was asked this earlier today and I firmly believe it.
1:40
If I give you my information whether you be a bank or credit bureau, a hospital, I’m
1:46
entrusting you with my personal data.
1:48
If something happens with that data due to your fault or your negligence in keeping it
1:53
safe I should have the right to a recourse to sue you for getting my information out.
2:00
Because now that they don’t have that as a statute companies get away with it and they
2:04
tell you I’ll buy you one year of credit monitoring service, two years of credit monitoring
2:09
service.
2:10
That’s worthless.
2:11
If I steal your name, your social security number and your date of birth you can’t
2:15
change your name.
2:16
You can’t change your social security number.
2:17
You can’t change your date of birth.
2:19
So if I’m smart I’m going to hold that data for at least three to four years before
2:24
I ever go use it.
2:26
But if I steal credit card numbers and debit card numbers I have to get rid of them right
2:30
away.
2:31
They have a very short shelf life.
2:33
But when they do a major breach they store that data typically we find from about four
2:38
to five years.
2:39
So you giving me one year of credit monitoring, two years of credit monitoring, three years
2:43
of credit monitoring really is not going to help me at all in the long run.
2:47
They will eventually get to my data and use my data.
2:50
I do think that companies need to do a better job of protecting the information that’s
2:55
been entrusted to them.
2:56
And this is why I was so big on trying to get the ability to freeze your credit.
3:01
No one in this country ever said to Equifax, you know what.
3:05
You can store all my personal data and you can make billions of dollars selling it for
3:09
background checks, employee checks, credit checks.
Watch the 2 videos and take notes.
Write a paragraph summarizing each video, include key points of interests
0:02
The Internet: Cybersecurity and Crime
0:06
Hi, my name's Jenny Martin and I'm the director of cyber security
0:11
investigations at Symantec. Today cybercrime causes huge problems for
0:16
society personally, financially, and even in matters of national security. Just in
0:22
the last few years hundreds of millions of credit card numbers have been stolen,
0:26
tens of millions of Social Security numbers and healthcare records were
0:30
compromised, even nuclear centrifuges that have been hacked, and unmanned
0:35
aerial drones have been hijacked. This is all done by exploiting vulnerabilities
0:40
in hardware and software or more often by taking advantage of unintentional
0:45
decisions made by the people using the software. People committing these cyber
The Cyber Army
0:53
crimes don't a single profile or motivation it could be anyone from an
0:57
international terrorist to a teenager competing for bragging rights. Today the largest
1:03
countries not only have a regular army but also have a well armed cyber army. In
1:08
fact the next World War may not be fought with traditional weapons, but with
1:12
computers used to shut down national water supplies, energy grids, and
1:17
transportation systems. Hi my name is Parisa and I'm Google Security Princess. I've worked
Viruses
1:25
on a lot of different products and a lot of different ways to try and
1:29
make our software as secure as possible.
1:33
Now let's take a look at how cybercrime works under the hood
1:36
will learn about software viruses, denial-of-service attacks, and phishing
1:41
scams. In biology and life, a virus is an organism that is spread by coughing,
1:46
sneezing, or physical contact.
1:49
Viruses work by infecting cells, injecting their genetic material, and
1:53
using those cells to replicate. They can make people really sick and then spread to other people.
1:59
A computer virus works bit similarly. A virus is an executable program that gets
2:04
installed, usually unintentionally, and harms the user and their computer. It's also
2:10
possible for a virus to spread itself to other computers. Now how does a virus get on your
How Viruses Get On Your Computer
2:16
computer in the first place? There are a couple ways an attacker can infect someone's
2:19
computer. They might lure a victim into installing a program with deception about the
2:24
program's purpose, so for example a lot of viruses are disguised as security updates.
2:29
It's also possible that the software on your computer has a vulnerability, so an attacker can install itself
2:35
without even needing explicit permission.
2:39
Once a virus is on your computer it can steal or delete any of your files,
2:43
control other programs, or even allow someone else to remotely control your
2:47
computer.
2:50
Using computer viruses, hackers can take over millions of computers world wide
2:55
and then use them as a digital army, otherwise known as a botnet, to attack and take down websites.
3:01
This kind of attack is called a distributed denial of service.
3:07
A denial of service is when hackers overwhelm a website with too many
3:10
requests. We call it a distributed denial-of-service when the attack comes from many
3:14
computers all at once.
3:16
Most websites are ready to respond to millions of requests a day, but if you
3:21
hit them with billions or trillions of requests, coming from different places,
3:25
the computers are overloaded and stop responding. Another trick used by
Phishing Scams
3:31
cybercriminals is to send large amounts of spam email in an attempt to trick people
3:35
into sharing sensitive personal information.
3:39
This is called a phishing scam. A phishing scam is when you get what seems like a
3:44
trustworthy email asking you to log into your account, but clicking the email
3:49
takes you to a fake website.
3:51
if you log in anyway you've been tricked into giving your password away.
3:55
Hackers can then use your login credentials to access your real accounts
4:00
to steal information or maybe even to steal your money. Fortunately there are
4:05
many companies, laws, and government organizations working to make the
4:09
internet safer, but these efforts are not enough.
4:14
You may think when a computer system gets hacked the problem was the security
4:18
design or the software. Ninety percent of the time the system gets hacked
4:22
however, it's not because of the security bug, but because of a simple mistake made by
4:26
a human. It turns out there are steps we can all take to protect ourselves. Often
Outro
4:35
your actions not only impact the security of your own data and computer, but the
4:39
security of everyone at your school,
4:41
workplace, and home. With billions or trillions of dollars at stake
4:46
cybercriminals get smarter each year and we all need to keep up.
0:04
First you should always ask when someone asks you joining a gym I need your social security
0:09
number.
0:10
For what reason?
0:11
What’s the purpose of asking me for my social security number?
0:13
They don’t need it.
0:14
Actually, by law when you look up the law involving your social security number it’s
0:18
limited to about as many things as you can count on one hand where you legally have to
0:23
provide it for income taxes, law enforcement, things of that nature.
0:27
There’s no need for them to have that.
0:30
They’re kind of foolish taking it to begin with because then they’re responsible for
0:33
that information and they have to try to keep that information safe.
0:38
In the case of Equifax which is a perfect example, here was a multibillion dollar company.
0:44
They didn’t update their software.
0:47
They didn’t fix their patches that Microsoft said to them and said install these security
0:51
patches.
0:53
Their chief information security officer had her degree in music.
0:57
She really didn’t know anything about keeping information safe and consequently hackers
1:01
got in.
1:02
Now in my 43 year career I’ve dealt with every breach back to TJ Maxx 15 years ago
1:08
to the recent breach of Capital One, Marriott Hotels and Facebook.
1:16
What I’ve realized in every single breach happens because somebody in that company did
1:21
something they weren’t supposed to do or somebody in that company failed to do something
1:26
they were supposed to do.
1:28
Hackers don’t cause breaches.
1:29
People do.
1:30
All hackers do is look for open doors and every day there are thousands of companies
1:35
with open doors.
1:36
I was asked this earlier today and I firmly believe it.
1:40
If I give you my information whether you be a bank or credit bureau, a hospital, I’m
1:46
entrusting you with my personal data.
1:48
If something happens with that data due to your fault or your negligence in keeping it
1:53
safe I should have the right to a recourse to sue you for getting my information out.
2:00
Because now that they don’t have that as a statute companies get away with it and they
2:04
tell you I’ll buy you one year of credit monitoring service, two years of credit monitoring
2:09
service.
2:10
That’s worthless.
2:11
If I steal your name, your social security number and your date of birth you can’t
2:15
change your name.
2:16
You can’t change your social security number.
2:17
You can’t change your date of birth.
2:19
So if I’m smart I’m going to hold that data for at least three to four years before
2:24
I ever go use it.
2:26
But if I steal credit card numbers and debit card numbers I have to get rid of them right
2:30
away.
2:31
They have a very short shelf life.
2:33
But when they do a major breach they store that data typically we find from about four
2:38
to five years.
2:39
So you giving me one year of credit monitoring, two years of credit monitoring, three years
2:43
of credit monitoring really is not going to help me at all in the long run.
2:47
They will eventually get to my data and use my data.
2:50
I do think that companies need to do a better job of protecting the information that’s
2:55
been entrusted to them.
2:56
And this is why I was so big on trying to get the ability to freeze your credit.
3:01
No one in this country ever said to Equifax, you know what.
3:05
You can store all my personal data and you can make billions of dollars selling it for
3:09
background checks, employee checks, credit checks.
Watch the 2 videos and take notes.
Write a paragraph summarizing each video, include key points of interests
Answers
GPT-4o mini
### Summary of Video 1: Cybersecurity and Crime
In this video, Jenny Martin, the director of cyber security investigations at Symantec, outlines the pervasive issues surrounding cybercrime and its impacts on society. She highlights the alarming statistics of stolen credit card numbers, compromised Social Security numbers, and even high-stakes attacks on infrastructure, such as nuclear centrifuges and drones. Martin emphasizes that cybercriminals can be anyone from teenagers seeking notoriety to organized terrorist groups, and points out that many countries now have well-equipped cyber armies. Parisa, known as Google Security Princess, explains the workings of cybercrime, particularly focusing on how software viruses operate. She describes how viruses can infiltrate systems through deceptive means, the harm they can cause, and the concept of botnets used in distributed denial-of-service attacks. Additionally, she addresses phishing scams, where attackers deceive individuals into revealing sensitive information. Martin concludes by stressing that human errors, rather than software flaws, often lead to security breaches, and encourages proactive measures for internet safety for both personal and collective security.
### Summary of Video 2: Personal Insight on Cybersecurity Breaches
In the second video, the speaker shares a personal perspective on the consequences of data breaches, drawing from over four decades of experience in the field. They elaborate on specific incidents like the Equifax breach, highlighting failures in software updates and leadership expertise. The speaker emphasizes that breaches often result from human mistakes—either a lack of necessary actions or misguided actions by employees. They argue that if companies fail to adequately protect entrusted personal data, individuals should have legal recourse for negligence. The speaker critiques the common practice of offering limited credit monitoring services after a breach, asserting that such measures do not sufficiently protect consumers in the long term. They express concern over the long-term storage of sensitive data by companies and advocate for stronger protection measures, including credit freezes, urging that individuals never willingly consent to their personal information being exploited for corporate gain.
In this video, Jenny Martin, the director of cyber security investigations at Symantec, outlines the pervasive issues surrounding cybercrime and its impacts on society. She highlights the alarming statistics of stolen credit card numbers, compromised Social Security numbers, and even high-stakes attacks on infrastructure, such as nuclear centrifuges and drones. Martin emphasizes that cybercriminals can be anyone from teenagers seeking notoriety to organized terrorist groups, and points out that many countries now have well-equipped cyber armies. Parisa, known as Google Security Princess, explains the workings of cybercrime, particularly focusing on how software viruses operate. She describes how viruses can infiltrate systems through deceptive means, the harm they can cause, and the concept of botnets used in distributed denial-of-service attacks. Additionally, she addresses phishing scams, where attackers deceive individuals into revealing sensitive information. Martin concludes by stressing that human errors, rather than software flaws, often lead to security breaches, and encourages proactive measures for internet safety for both personal and collective security.
### Summary of Video 2: Personal Insight on Cybersecurity Breaches
In the second video, the speaker shares a personal perspective on the consequences of data breaches, drawing from over four decades of experience in the field. They elaborate on specific incidents like the Equifax breach, highlighting failures in software updates and leadership expertise. The speaker emphasizes that breaches often result from human mistakes—either a lack of necessary actions or misguided actions by employees. They argue that if companies fail to adequately protect entrusted personal data, individuals should have legal recourse for negligence. The speaker critiques the common practice of offering limited credit monitoring services after a breach, asserting that such measures do not sufficiently protect consumers in the long term. They express concern over the long-term storage of sensitive data by companies and advocate for stronger protection measures, including credit freezes, urging that individuals never willingly consent to their personal information being exploited for corporate gain.