The Chris Voss Show - The Chris Voss Show Podcast – Cybersecurity – Chuck Brooks, CEO & Co-Founder of Brooks Consulting International
Episode Date: October 24, 2022Cybersecurity - Chuck Brooks, CEO & Co-Founder of Brooks Consulting International Brooksci.com...
Transcript
Discussion (0)
You wanted the best. You've got the best podcast, the hottest podcast in the world.
The Chris Voss Show, the preeminent podcast with guests so smart you may experience serious brain bleed.
The CEOs, authors, thought leaders, visionaries, and motivators.
Get ready, get ready, strap yourself in. Keep your hands, arms, and legs inside the vehicle at all times
because you're about to go on a monster education roller coaster with your brain.
Now, here's your host, Chris Voss.
Hi, folks.
This is Voss here from thechrisvossshow.com, thechrisvossshow.com.
Hey, welcome to another great podcast.
We certainly appreciate you guys coming by and all that good stuff. The Chris Foss Show.com. Hey, welcome to another great podcast.
We certainly appreciate you guys coming by and all that good stuff.
Thanks for being here.
I mean, I've always told you that I, I mean, what other podcast thanks you so much and spends so much time, especially the beginning of the show, thanking you every time you come
in.
Can I, can I glad hand enough?
Can I kiss up to my audience enough?
No, I could not because we certainly appreciate the stuff we make at the beginning of the show. Welcome to the show, friends. We have
Chuck Brooks on the show. He's named the top tech person to follow by LinkedIn. He's cited as the
top 10 global tech and cybersecurity expert and influencer. And he's a Georgetown University
faculty and a Forbes contributor and a bunch of other stuff. He's pretty big over there on the
LinkedIn as I am as well.
So be sure to listen to the rest of the show.
You'd want to check that out.
As always, we refer the show to your family, friends, and relatives.
Go give us a five-star review on the iTunes there.
We're going to have some great reviews.
Thank you to the people who did the reviews.
We're going to read some of those on the show here.
I'm going to have to pull those up.
In the meantime, we actually started posting a lot on TikTok.
We're using TikTok. We're trying to get cool with the cool kids or whatever the hell's
going on over there without having to, I don't know, do thirst traps. So sorry, there won't be
any Chris Voss thirst traps over there. I'm sorry to completely disappoint part of my audience,
but there's all sorts of cool advanced stuff we'll be doing on interviews and cuts of the show. And
already some of the advanced stuff we've been putting up interviews and cuts of the show and already some of the advanced
stuff we've been putting up has been getting a lot of traction. Go to goodreads.com forward
to s.chrisvoss, youtube.com forward to s.chrisvoss, all the places we are on the internet,
especially on LinkedIn. Today we have, as I mentioned before, Chuck Brooks on the show.
He's the president of Brooks Consulting International. He is a globally recognized
thought leader and subject matter expert in cybersecurity and emerging technologies.
Chuck is the adjunct facility, is also the adjunct facility, I think, professor at Georgetown University's Graduate Applied Intelligence Program
and Graduate Cybersecurity Programs, where he teaches courses on risk management, homeland security, and cybersecurity.
He's also one of the top five tech people to follow on LinkedIn, as I mentioned before,
and the top 10 best cybersecurity and technology experts by best rated as a top 50 global influencer
in risk compliance.
We're talking to him about cybersecurity and the different things that are going on in
today's world that the business leaders really need to know about.
So welcome to the show, Chuck. How are you, my friend? Doing great, Chris. Thank you for having me.
Thanks for coming. We certainly appreciate you. You know, we were just talking before the show,
the cybersecurity is a really big deal. The Justice Department is announcing something
that's going to be interesting here about big government, some sort of government cyber issue
influence that's happening in our world. But give us your dot coms so people can find you on the interwebages.
Yeah, you can find me at either my website on brooksconsulting.international.com
or the easiest way to find me is on LinkedIn.
I have almost 90,000 followers there and on Twitter at Chuck D. Brooks.
So those three places are quick ones to go to.
There you go.
And I guess this month is Cybersecurity Awareness Month?
It certainly is.
Every October, the threats seem to get bigger, and cyber hygiene and cybersecurity awareness is more and more important than ever.
There you go.
Isn't it funny how they make this most scariest month Cybersecurity Month?
Well, yeah, that makes sense now when I think about it, because if you lose your identity and you lose your resources and you lose your pocketbook, you're in big trouble.
Definitely.
Definitely.
I mean, you know, there's all sorts of crazy stuff going on.
There's a ransomware that's out there.
There's all sorts of attacks that are going on to people. You know, I know that the Biden administration has been wary of Russia attacks, you know, because of Ukraine
and all that stuff. That's kind of getting to be the only thing left to fight back with.
The pace they're going. So you wrote an article in Ford and this came out, I believe, earlier this
month for Cybersecurity Awareness Month. And you talked about some of the cybersecurity threats.
What are some of the overall threats people need to be worried about right now in the business sense or personal sense, I should say?
Well, I think it covers everybody.
You're right, personal sense and business sense, particularly now that a lot of us are working in remote offices.
I mean, we're even more targeted that way.
But, you know, there's the traditional threats.
There are still the big ones.
The first one, of course, is phishing. I mean, it works. And what we're seeing now with phishing is
a lot of automated attacks, you know, sending them out through machine learning, artificial
intelligence, targeting a huge amount of audience potential. Only takes a couple of people to click
on it to make it worthwhile for them. And so they're automating these attacks. The other thing
that we've seen come more back into vogue is ransomware in the last couple years.
It's been around for a decade and a half, but now it's growing in use.
The malware is a little bit more sophisticated for it.
And the other thing, which I think the big change is that they can get paid now with cryptocurrency.
Wow.
They pay charges.
They're able to escape getting prosecuted and get their money.
So ransomware has become probably a tool of choice
for a lot of the hackers, the criminal hackers out there.
Did you hear about this case where,
I might have to pull it up on my phone,
but there's a lot of cryptocurrency hacking going on as well.
And there was a case where they ripped off like $90 million
and then they gave half of it back so that the company could stay afloat and pay their depositors for crypto.
But they kept half the money and the company agreed to that.
Did you hear about that case?
I had heard about that.
You know, they were desperate.
But what you mentioned with these cryptocurrency attacks are pretty common.
They're getting into a lot of wallets. Problem is, you know, again, is the legal aspect of it is that these are not regulated like bank accounts.
There's no insurance on them.
So you have a greater risk until something is really done to fortify these accounts.
But they're easy pickings for a lot of hackers.
Yeah, the craziness that's out there.
It's the hacker behind the Mango Markets exploit. He kept $47 million
and returned $67 million to the DeFi project after a Mango community vote. And he even claimed all
of his actions were legal, I guess. Somehow they found a exploit in their software. But he basically
gave $67 back so they could keep afloat and so depositors didn't lose their money
and kept 47 million of their profits and the company actually voted to like okay sure we'll
do that we won't pursue legal charges against you i thought that was extraordinary it's extraordinary
but part of the problem is you know i mentioned is that with a lot of the cryptocurrency companies
or people doing it they don't have many legal. And a lot of times this stuff's lost.
It's really lost.
So it's not a part of the institutional forms that you go to when you have an issue with a bank deposit or a SWIFT or something like that.
So it's very difficult to remedy your losses, particularly when it's organized crime.
So I think we'll see a change in that eventually because I think cryptocurrency is now becoming used by a lot of institutional banks and stuff, too, to hedge their bets.
There's more acceptance of it.
But there's a lot of people out there who have lost everything in crypto.
Wow.
And I feel bad for them.
They made a lot, too, but it's easy to lose.
It's gambling.
Yeah, that's the one thing that bugs me.
I mean, I understand crypto and everything, and I bought into it over time.
I, of course, went out of it before it crashed.
And I kind of felt like that was going to happen.
I think I got out a little too early, but hey, that's investing.
Hindsight's always 20-20.
I learned that when I used to day train on NASDAQ.
Yeah, the fallacy of how your craft could be hacked on top of everything
and the risks that you're gambling with.
But let's talk a little bit about what's going on with the remote working and stuff. I know a lot of companies and a lot of discussion
has been, you know, when they were, you know, when people were in the office, you know, the email
would come through, you know, the servers of the company and stuff. I suppose in some way they still
do. You still, you can just set it up in your Gmail or something. But, you know, there was probably
less opportunities for hackers or malware to get in.
But now when people are working remotely, you know, they can click on any link
and they can have access to everything and get into the system and work around.
Yeah, no, remote work was a boon to hackers in a lot of ways.
I mean, what you just mentioned is exactly true.
When you're away from the administrator and the IT shop, it makes it difficult to monitor and see what you're doing.
A lot of people, you know, they mix their personal and their business work together.
It co-mingles and gets cross-pollinated.
And the next thing you know, it's expanding all over the place because of hackers finding, you know, vulnerabilities.
So it's a real problem.
I mean, a lot of people working at home have not really fortified their workplace, you know, with their router, encrypted it. People
are thinking, imagine it. I mean, it's logical. Instead of having one office, you get tens of
thousands of offices out there. And, you know, it just makes more of a tax surface for hackers.
You know, the funny thing about most people, I was, and I found this out, my nephew was having
issues with his father not wanting to
pay up for some internet so you know i so i said look let me help you out let's see if we can log
into your cat's home internet and because he probably hasn't changed the admin password
and sure enough he hadn't and i created a dmz so he could bypass the firewall
gaming you know i wasn't doing anything bad or illegal or anything.
I just basically made it so you could have a DMC.
And I'm surprised.
You didn't change the admin password on your home router.
And, man, if you're not doing that,
especially like you say, if your business employees
or if your employees are doing that at home,
they're like wide the hell open, you know.
That's a common thread.
I mean, you hit on another big, I mean, IoT, Internet of Things devices, you know.
There's going to be four Internet of Devices for every person in the planet in the next two years.
So you're going to have a lot of vulnerabilities, particularly when you don't change those passwords, which most people do not do.
And hackers are very aware that they don't change them.
So they're really looking.
If you look at it the way they think,
they're looking for any avenue into your network.
Oh, yeah.
And that's the easiest way.
I mean, you know, if you don't do that, right in.
So what are some of the things as a civ?
Hi, folks.
Chris Voss here with a little station break.
Hope you're enjoying the show so far.
We'll resume here in a second.
I'd like to invite you to come to my coaching, speaking, and training courses website.
You can also see our new podcast over there at chrisvossleadershipinstitute.com.
Over there, you can find all the different stuff that we do for speaking engagements,
if you'd like to hire me, training courses that we offer, and coaching for leadership,
management, entrepreneurism, podcasting, corporate stuff.
With over 35 years of experience in business and running companies as a CEO, I think I'm
going to offer a wonderful breadth of information and knowledge to you or anyone that you want
to invite me to for your company.
Thanks for tuning in.
We certainly appreciate you listening to the show.
And be sure to check out chrisvossleadershipinstitute.com.
Now back to the show.
Well, I guess you consult on this.
You help companies sit down.
What are some of the best ways that companies can, you know, like reach out to you, get
more information or figure out, you know, assess their vulnerabilities and assess what they should do.
And should they just trust that everything's fine because they hired a couple of IT guys or, you know, I mean, half the time people hire, you know, they're like, well, I hired my nephew.
He says he's been at IT, he's 13, so he probably knows what he's doing.
Well, you know, there's a problem with qualified cybersecurity people anyway.
You've got to get them and keep them.
So there's a reality out there, which I tell companies that, you know, you really got to be responsible for your own well-being.
And that starts with cybersecurity risk management.
It starts with risk management in general, knowing where your risks are in a business. But there's plenty of resources out there from NIST, from MITRE, from others
to use industry-specific risk management processes
to at least set up a strategy for your company of what data you want to protect,
what do you need to do best, what do you want to keep separate,
segmented from the public if you get hacked.
You know, assume you're going to get hacked and you have an incident response plan,
you have cybersecurity hygiene teaching to your employees.
All this stuff can be done with just a general knowledge. And I often go
into companies and do that and say, here, we'll set this up. Then you want to do pen testing when
you've got a little bit more secure. The resources to do, there's also managed security groups that
do a great job depending what you want to protect. If you're in a brick and mortar business and you
really need some sort of
expertise for your payments, for other things, there's other places to go there too. But I think
in this world, you know, the first step is imperative is risk. And, you know, you have to
know what your risk is, you know, what you're spending, what you could get, what losses you
could incur, and particularly what data is there. But I think most businesses don't even know it's
their network. So I think a first step would say, okay, who's connected to your network and who has administrative privileges?
Yeah, it's pretty wild. And then what about ransomware? I mean, ransomware is really out
of control. Like I said, I think the administration is still expecting Russian attacks. And of course,
there's North Korea that's really big, China that's into it. I'm really interested to see
who this state media is. The Justice Department's getting announced today, is doing some sort of illegal foreign
government hacking or something. But what are some ways that that can impact the business,
ransomware? Well, in a huge way. Most small businesses can go out of business,
whether they pay or not pay. The advice from the FBI is certainly don't pay because they're going
to just take your information and sell it to someone else and you're going to get hacked again.
So really it's preventive is the best advice I give to businesses.
Make sure you have backups.
Make sure you have your data encrypted if possible.
There's a lot of good encryption programs you can buy that are almost multilayer grade and do that.
But ransomware, you mentioned from a lot of the foreign countries,
you're not going to get it back. North Korea is funding a lot of their activities through
this ransomware. And as you mentioned earlier, we're in shields up right now with the CEC because
where there's a threat of Russian attacks on businesses, they've already tested our
critical infrastructure with colonial pipeline and solar winds. And there's plenty of experts
out there that think that they're already in our networks and systems.
Let me just turn it on in a second.
So I think Shields Up is a really good advice.
Make sure you prepare, at least get ready.
Don't know if anything will happen because it's a two-way street.
If they do it, we can do it back to them.
But it's certainly a real threat.
Now with the Chinese, it's a little bit different.
They've been stealing mostly IP, which is very valuable and also costly to our security.
So a lot of the hypersonic missile information from the U.S., all kinds of stuff from DOD.
And they go into Silicon Valley and they go to universities and they tend to go after some of the early IP, too.
So that's worrisome.
I mean, you know, because IP is definitely a value and it's a future.
We're now at an industrial digital revolution where I think that, you know, this kind of technology is really the future of the well-being of our country.
You wrote in the article about 40% of ethical hackers surveyed by SANS Institute said they can break into most environments they test, if not at all.
And 60% said they need five hours or less to break into a corporate
environment once they identify a weakness. Yeah. I mean, it's incredible. I mean,
those are the good guys. Those are the good guys.
Yeah. So the unethical hackers, it's good that they're out there, but there are a lot more
unethical hackers out there. So it's a numbers game too. And then you're also talking, what we
just mentioned, state-sponsored unethical hackers, organized criminal hackers. There's a lot of gangs
that are pretty sophisticated. They've made a lot of money.
They've hired a lot of talent.
A lot of it is coming out of Eastern Europe and foreign countries.
They're very difficult for us to find them.
But you're right.
It's a problem.
It's too easy to hack.
There's just too much of an ecosystem of opportunity for hackers.
Wow.
It's crazy, all the stuff that's out there, and it just seems to be
getting worse. And what percentage of companies were you saying are lax on their security measures?
Well, if you're looking overall, I would say over 80%. I mean, there's certainly obviously
a lot of industries that have done pretty well with finance, casinos particularly. They're the forerunners of some of the innovative capabilities for cybersecurity.
But most companies, which are the bulk of them are small and medium businesses out there, don't have a clue.
They don't really understand the threats.
They think, oh, it's not going to be me.
But it is going to be them.
And two areas in particular have been really targeted by hackers. One is
healthcare, you know, because they've spent most of their money in buying medical technologies and
working for patient stuff, not for security. And same within education, because they have a lot
of networks, a lot of people using it, easy access, a lot of vital data there. So those two industries
have been very, very heavily hacked for ransomware and other things. But so it's understandable that there are a lot of people that don't understand what the implications of cybersecurity is.
But I think in the next few years, they better understand because we're getting more and more digitally connected.
And pretty much every business that you see breaking more is also digital there.
They have to understand the importance.
Definitely.
I'm not sure what the exact term is for it, but is fake linking, you know, like where I get an email or I get a lot of texts nowadays, too, that have this where they're like, hey, your Amazon account has some issues.
Your PayPal account has got some issues.
You know, different things like that.
Amazon seems to be a real popular one.
Number one.
Is it number one?
Wow.
Yeah.
And, you know, you click the link and
i'm sure when you click that link you're hacked or yeah whatever happens i've never i i have a
big thing where if if i got a message that says that my amazon account is a problem i i look at
the link and if there's ever a question i tell this to my family too you know don't don't use
the link to log in just go to your web browser and type in
your amazon.com and go through the portal, but you know, and then see if there's a message from
them, which usually there's not, but the, the fake, you know, the fake websites that they can
have. I mean, I can, I've seen some that where it looks like a PayPal website. It looks like your
bank of America website. I've gotten the bank America ones. There's the Zelle hack now.
There's all sorts of crazy stuff.
And so people just really need to pay attention
to what they're clicking on.
One thing I'm getting lately that just started,
I have a YouTube.
So most everyone I think has a YouTube.
I don't know.
Maybe they do or maybe they don't.
But I've been getting this thing now
where I'm getting a thing sent to my Google Drive
and it says it's a YouTube takedown notice for copyright violations.
And normally you panic when you see those, and I don't ever get them because I don't mess with them.
Although I've gotten actually some hacker ones that try and steal your stuff, steal your money by saying that this is part of your, you know, this is a stolen video, which I don't.
But there's lots of people who steal our videos.
But it's been sent to my Google Drive, and it's got a PDF attached.
And my understanding is if I click that PDF, I'll have all sorts of problems.
Don't do it.
Yeah.
No, I think you hit on another area.
I mean, the sophistication of these hackers now,
they've changed so immensely in the last decade.
You know, it used to be that these things, you have a bank account in my will,
someplace in Nigeria or wherever, some prints, misspellings.
And now you're exactly right.
The graphics replicate the websites.
They use social engineering to see what your interests are,
where you shop, where you bank, who your friends are,
so they can mimic your work.
And you said amazon is definitely
a choice because everyone uses amazon so when you get something yeah but your advice is really good
and i you know repeat it it's just just don't don't click on the link look at it to go to the
website make sure if someone says something like that and the copyright stuff i mean they like i
said there's so much more sophistication out there they're going after everybody and text too you
know on your phone it's just a wild wild west out there. We're going after everybody and text too, you know, on your phone.
It's just a wild, wild west out there.
It's really difficult to, you know, not click.
But so, you know, I had to get a reflex to do that because I get so much spam and so many threats every day, you know, as everyone does.
Just because, like I said, a lot of it's automated.
Easy to do. One of the things we always get is these offers from people,
these Fiverr guys and offers on the Internet for people to pump our podcast
and our YouTube and stuff.
And I've talked to people that have worked with those people,
and a lot of times their accounts get stolen.
If they're paying them for a while and they stop paying them,
then they end up with 500 bad reviews or their accounts get hacked. You know, there's all these people that want
access to the Chris Voss show to either redesign it or, or work on our YouTube channel. And I know
as soon as we let over the password, like we're going to lose all of our stuff that have had
their whole channel disappears and goes to, in fact, we had our Chinese, we had our Instagram account.
We're trying to get back.
We're sending a letter to the legal department of Instagram
that we're pretty sure got hacked somehow by someone in China
because it's changed to Chinese language last time we saw it.
And we're pretty sure the hack came through a third-party app
that had access to it because I'm not, it was on double,
it was on double, whatchamacall would call it double password double verification yeah and we were pretty sure we know know who the third party was
that it they came through so we're still trying to get that back so yeah it's crazy even like on
linkedin or you know i'll pr companies they'll send me a pdf and i'm like i can't click on that
you're gonna send the data to me because I can't trust anything.
You can't risk it.
Plus, you know, they can be like, well, we made the PDF.
And you're like, well, yeah, I know you guys, but for all I know, you know, it's got.
Maybe we should look into someone else. If you're not secure, you're just passing me the next virus cold.
Yeah, no, that's good advice.
I mean, I'm a big user on LinkedIn, too.
And the good thing is you can see who you're talking to.
But, you know, you're right with the attachments.
You still got to be careful because you don't know where they've been and who's someone's
into your malware.
You know, they can do it in websites, too.
And I've experienced that actually in a business sense where I actually didn't research.
I go to a normal website and there's some malware implanted in it.
So you really it's a minefield out there.
And you really got to most expect to be exploited at some point because there's just too many red flags out there.
Yeah, it's funny. Like Google does that. Every now and then, for some reason, our SSL will kick off.
I think we finally upgraded our services at GoDaddy. But our SSL would kick off like it would
expire on our website. And then people would get this notification from Google that says,
Hey,
this is,
and I get really pissed off about it because we,
we try and keep that up to date.
For some reason it would kick off,
but people,
I'm really surprised how many people aren't aware of that.
Making sure the SSL certificate and stuff is on their website.
You know,
we'll get a lot of people that'll be like,
Hey Chris,
we want to come on the show and I'll go to their website and I'll get a lot of people that'll be like, hey, Chris, we want to come on the show, and I'll go to their website,
and a big warning comes up from Google.
Yeah, they don't keep it updated.
And that's also a problem with cybersecurity.
You have to update the patches, too,
because there's all kinds of exploits being discovered,
even by Microsoft, every day.
So you really got to be vigilant.
And most people are not.
Most companies are certainly not.
And so it makes for even more difficulty fighting the separate threats yeah we found that out the hard way over 13 years
of the chris voss show you gotta update those plugins and make sure because you know the reason
they're updating is because they've you know they've found they're being exploited by exactly
and they're like trying to patch it all and you know i i work
with clients that's you know i'll go into their wordpress and i'm like you haven't updated these
plugins for like five years like yeah you should probably do that that might be a good idea
and wordpress is a favorite for hackers too they they get get a lot of victims that way. It is. I mean, we've had a couple of close calls where
we had our site badly maligned about seven or eight years ago when we weren't as good at keeping
up on stuff. And we pulled it back from the brink. But, you know, and every now and then some weird
stuff will go on on the website. And, you know, it's usually always through a plugin or some sort
of third party application. We haven't touched on that we should touch on when it comes to cybersecurity here.
Yeah, I think one of the things that we sort of touched on,
which is the new emerging technologies,
we're talking about machine learning,
but now we're seeing the introduction of more levels
of artificial intelligence that could go out,
find vulnerabilities as well as...
Oh, wow.
And deep plant malware
using biometrics where it could trigger on someone's face.
You're seeing the 5G come into play where
the latency is now longer there so they can do stuff
instantly with a huge amount of data or steal a huge amount
of data, exfiltrate a huge amount of data. We're eventually going to
see quantum computing too. Now the government's already put out
requirements for quantum proof algorithms. We're doing business with dod and dhs but you know so that's not far
down the line and that'll revolutionize things particularly the ability to to analyze data and
great where abouts what you have to worry about because chinese have all of our opm files and
everything else um but so those elements are really important, I think, to understand that we're moving so quickly.
I think with COVID-19, we moved faster into the digital world.
And now I think we're there just speeding it up,
introducing these new technologies.
And also, I think that because the money is less now
in basically the brick-and-mortar world
where a lot of the crime was,
it's now going to the digital world for the same reason.
They go where the money is.
Acting groups are getting – they're not some guy sitting in their basement
with a hoodie on anymore.
They're people with backgrounds and training,
usually by the armed forces of a country or wherever.
And they know what they're doing,
so it's going to be precarious for the next few years.
Yeah, and a lot of times we don't even hear about a lot of ransomware.
I've heard of hospitals that will pay and pay the ransom
and just don't announce it and hide it for a while,
and then eventually it comes out.
You had written in the Forbes article that more than 80% of organizations
have experienced a cloud-related security incident.
64% of businesses suspect they're targets of nation-state attacks.
I'm reading the live here from the DOJ.
Rick Garland here, probably in a few minutes,
is going to launch a press conference.
This is an emergency one.
Significant national security cases address malign influence schemes
and alleged activity by a nation-state actor.
FBI Director Christopher Wray is going to be there as well,
National Security and Justice Department people.
So this is a big deal.
It sounds like it's getting even bigger.
So this should be interesting to see what they come out with today.
It will be interesting to see.
There's always a talk about sort of the influencing aspect.
I look more at the criminal aspect of hacking.
I think that very few of us, because we're bombarded by so much stuff right now and so much information, I don't think we're going to
fall for Chinese or Russian propaganda very often, particularly with Russia right now and Ukraine
getting all that bad publicity. So I think the real elements here are what the Chinese are doing,
is really stealing, stealing IP and getting to us. And also, what the Russians were doing earlier
and still may be doing with the capabilities
is putting our critical infrastructure at risk.
That's the number one fear I have.
We have a grid that's antiquated,
not very well protected.
Can you imagine what would happen
if they ramped up the power?
They've already tested water spots in other places.
Nuclear plants, too.
Yeah, nuclear, too.
I mean, everything is just, you know,
connected to either IT or OT, or both.
And critical infrastructure is just certainly an easy target.
You know, I was, a friend of mine, he's got a Tesla, and it recently bricked itself because a firmware downworld failed.
He was pulling out of his driveway to go for a drive, and it completely it completely like shut down and bricked on him
and so he sent it to the shop on friday and didn't have it for the whole weekend and came back that
it was a firmware bad firmware and i said to him this morning i said i'm gonna go buy a 1965 chevy
one of those ones they use in cuba that seems to last forever. Yes. I don't know. I think I'm done.
I don't want my car to break.
I've had a phone sprick on me.
I don't want my car to break on me.
I think I don't know about the future.
I agree.
I mean, now you have to be, you know, everything has to be future analyzed when you go to the car dealership.
You can't even change your oil anymore.
It's just crazy.
It's such a, you know, more things go wrong. I mean, some of those
old cars, like the Dodge Chargers,
you know, really, you know, reliable
engines. You're right. One thing was going to happen
to them. You know, you can take the engine apart,
put it back together, but you can't do
anything now, touch anything now without messing up the car.
Yeah, it's crazy, you know.
Now they're stealing the catalytic
converters out underneath the cars or whatever.
It's a big problem in Arlington, Virginia.
I'm just going to get me one of those old-timey.
There's a thing in Nevada where I can get like a, what is it?
It's a, I don't know, a jalopy license or something.
It basically certifies it's an old car, so it doesn't have to.
Yeah.
I'm just going to get that on a car.
Fuck it.
I don't have to register it anymore and crap.
That's what I'm thinking.
I don't know, man.
Maybe I'll go back to it.
Right.
You know, I think they're pushing for electric cars.
I think that's a long way off.
I just don't see the infrastructure in the U.S. for that.
You know, having charging stations plus the cost of the cars.
So, you know, you're right.
Let's go back to some of the old big reliable cars that lasted 10 years.
That one year.
You know what? it i'm gonna
trade in my computer for an etch-a-sketch fuck it yeah i'm just gonna do that yeah pretend like
i'm on the internet it'd probably be more intelligent than what's on they won't get
half yeah i gotta quit knocking tiktok we're on it now announcing stuff so i should probably
give it some love yeah it's got a big viewing audience so i mean that's you know younger one it's crazy and they get pretty good views over there it's it's kind of insane so
you know i haven't had around dance around naked and make a thirst trap yet
i'll threaten my audience if you don't follow us in tiktok i'll have to make i'll have to get naked
and make thirst traps so make sure you subscribe subscribe. Otherwise, I might get desperate.
What more do you want to touch on before we go out, Chuck?
No, I just think, just to the viewers out there, I think, you know, really, you know,
it's not a joke, you know, that we really are being threatened and too much is, you know, could hurt us digitally.
So I think you need to be really vigilant and, you know, do the basics, do the cyber
hygiene, have strong passwords, have encryption if you can, don't overshare, you know, do the basics, do the cyber hygiene, have strong passwords, have encryption if you can, don't overshare.
You know, just be careful out there because it's going to be, I think it's going to get worse before it gets better.
Yeah, I don't think it'll ever get better, maybe.
I think once this Pandora's box has been open, you know, I remember when I was a kid watching, I wasn't a kid, I think I was in my mid-ages,
but I remember when they first started putting cement blocks across the front of the White House.
And I think it was after the New York, the first attack on the Twin Towers, I think in 92, the first attack.
And I was like, wow, man, our world's changing and it's never going back to where it was.
And, of course, you know, things got worse from there.
But, yeah, it's just going to get more complex as we become more.
AI is kind of an interesting thing.
I have a lot of good friends who study and talk about AI,
and it's crazy some of the stuff it can do.
And if AI can start going out there, you know,
Skynet can hack me and send Terminators.
Well, then we're going to have trouble.
Yeah.
Well, I mean, the technology like AI is a double-edged sword.
It can do really good.
I mean, it can have analytics and capabilities, decision-making,
but the bad guys have it too.
So, you know, you always got to look at, you know,
we have to protect ourselves.
And it has an offensive capability too to go back after them.
I mean, that's not a thought too.
Yeah.
Maybe we can have AI that's the good guy AI that fights the bad guy AI.
It will be that way someday.
It's going to be beneficial.
It'll turn on us. There was a post I made on LinkedIn where way someday it's going to be actually a little turn on us there was a post
i made on on linkedin where and it's on tiktok too where they they they've been doing this artwork
where they've been asking ai systems to say you know take elton john and i don't know put them in
space or something you know and the ai will will take search on the internet and put all this weird
stuff on and make this really cool art.
In fact, one of the art pieces passed for a real artist piece at a contest recently.
And everyone's really upset about it.
So someone put into an AI system, they said, recreate pictures of salmon swimming in the river.
And so it's all these strips of salmon meat
jumping in the river that the AI made.
So AI is going to be kind of interesting.
With the AI, I think at MIT experiment,
we're a way to its own language.
Oh, yeah?
A little frightening, too.
I mean, there are people like Elon Musk
is one of the things that ultimately
aren't doing is going to be the smart,
sentient artificial intelligence.
I think we're away from that.
Oh, well, a while away from that.
But it's certainly a threat.
I mean, you know, when you look at it, you know, our dependence on networks and if they take it over,
what they could do and trigger, you know, certainly when everything is connected robotically.
We'll see.
With your own language.
Yes.
That's like it all.
All right.
Well, this has been pretty insightful, Chuck, and everyone should be aware of it.
You know, it's one of those things.
How can people get a hold of you, talk to you, do business with you, et cetera, et cetera?
I still think I like LinkedIn.
I think it's the easiest business place to find you.
You know, go to my LinkedIn site.
Just go Chuck Brooks on LinkedIn.
I'll come up first.
And, you know, I'd be happy to speak with everybody.
Just send me an email.
And, you know, that would be great.
There you go.
There you go.
Well, thank you very much for coming on, Chuck.
We really appreciate it.
Thank you for having me, Chris.
It was great.
Thank you.
And thanks to my audience for tuning in.
We always appreciate you as well.
Go give us a five-star review on iTunes.
Go to all of our places there on Goodreads.com for us.
That's Chris Voss.
YouTube.com for us.
That's Chris Voss. See the YouTube newsletter, youtube newsletter the big youtube group 120 000 people over there
130 120 something like that whatever it is yeah it's a couple people there and all the places we
are on the internet and follow us on the tiktok because we're trying to be cool because we're not
daily with the clue with those kids let's get get it. TikTok is like huge,
which,
and that's kind of an own,
its own interest as well,
because it's Chinese.
Exactly.
Getting a lot of information from young people out there.
Yeah. Just,
just use it with your whole iPhone or they pronounce that.
Why?
Huawei.
Huawei.
That's it.
Just use it with your Huawei phone.
See how that works.
Anyway,
guys,
thanks for tuning in.
Be good to each other.
Stay safe.
We'll see you guys next time.
And that should have a sound.
Huawei.