Mikko Hypponen: Fighting viruses, defending the net

269,727 views ・ 2011-07-20

TED


Please double-click on the English subtitles below to play the video.

Translator: Polimar Balatbat Reviewer: Schubert Malbas
00:15
I love the Internet.
0
15260
3000
Mahal ko ang Internet.
00:18
It's true.
1
18260
2000
Totoo yun.
00:20
Think about everything it has brought us.
2
20260
2000
Isipin mo ang lahat ng naidulot nito sa atin.
00:22
Think about all the services we use,
3
22260
3000
Isipin mo ang lahat ng pakinabang nito sa atin,
00:25
all the connectivity,
4
25260
2000
lahat ng pagkakaugnay,
00:27
all the entertainment,
5
27260
2000
lahat ng uri ng aliw,
00:29
all the business, all the commerce.
6
29260
3000
lahat ng negosyo, lahat ng kalakalan.
00:32
And it's happening during our lifetimes.
7
32260
3000
At ito'y nangyayari sa panahon natin.
00:35
I'm pretty sure that one day
8
35260
3000
Sigurado ako na balang araw
00:38
we'll be writing history books
9
38260
2000
tayo'y magsusulat ng librong pangkasaysayan
00:40
hundreds of years from now. This time
10
40260
3000
ilang daang taon mula ngayon. Ngayon
00:43
our generation will be remembered
11
43260
3000
ang henerasyon natin ay maaalala
00:46
as the generation that got online,
12
46260
3000
bilang henerasyon na nagka-online,
00:49
the generation
13
49260
2000
ang henerasyon
00:51
that built something really and truly global.
14
51260
3000
na bumuo ng isang bagay na tunay at talagang pangdaigdigan.
00:54
But yes, it's also true
15
54260
3000
Subalit, totoo din naman
00:57
that the Internet has problems, very serious problems,
16
57260
3000
na ang internet ay may mga suliranin, mga napakaseryosong suliranin,
01:00
problems with security
17
60260
3000
mga problema sa seguridad
01:03
and problems with privacy.
18
63260
3000
at mga problema sa pagiging pribado nito.
01:06
I've spent my career
19
66260
2000
Ginugol ko ang aking karera
01:08
fighting these problems.
20
68260
3000
upang labanan ang mga problemang ito.
01:11
So let me show you something.
21
71260
3000
Kaya hayaan niyo sanang ipakita ko sa inyo ito.
01:15
This here
22
75260
2000
Ito ay
01:17
is Brain.
23
77260
2000
ang Brain.
01:19
This is a floppy disk
24
79260
2000
Ito ay isang disket
01:21
-- five and a quarter-inch floppy disk
25
81260
2000
-- lima at sangkapat na pulgadang disket
01:23
infected by Brain.A.
26
83260
2000
na nahawaan ng Brain.A.
01:25
It's the first virus we ever found
27
85260
2000
Ito ang kauna-unahang virus na natagpuan namin
01:27
for PC computers.
28
87260
2000
para sa mga PC kompyuter.
01:30
And we actually know
29
90260
2000
At alam namin talaga
01:32
where Brain came from.
30
92260
2000
kung saan nagmula ang Brain.
01:34
We know because it says so
31
94260
2000
Alam namin dahil ito'y sinabi mismo
01:36
inside the code.
32
96260
2000
sa loob ng code.
01:38
Let's take a look.
33
98260
3000
Tingnan natin.
01:45
All right.
34
105260
3000
Ayos.
01:48
That's the boot sector of an infected floppy,
35
108260
3000
Ito ang boot sector ng nahawang disket.
01:51
and if we take a closer look inside,
36
111260
3000
At kung titingnan natin ng mabuti sa loob,
01:54
we'll see that right there,
37
114260
2000
makikita natin ito dito,
01:56
it says, "Welcome to the dungeon."
38
116260
4000
nakasaad dito na, "Welcome to the dungeon."
02:00
And then it continues,
39
120260
2000
At kasunod nito,
02:02
saying, 1986, Basit and Amjad.
40
122260
3000
ay nakasaad, 1986, Basit and Amjad.
02:05
And Basit and Amjad are first names,
41
125260
3000
At Basit at Amjad ay mga pangalan,
02:08
Pakistani first names.
42
128260
2000
Mga pangalan ng mga Pakistani.
02:10
In fact, there's a phone number and an address in Pakistan.
43
130260
3000
Sa katunayan, may numero ng telepono at address sa Pakistan.
02:13
(Laughter)
44
133260
5000
(Tawanan)
02:18
Now, 1986.
45
138260
3000
Ito, 1986.
02:21
Now it's 2011.
46
141260
2000
Ngayon ay 2011.
02:23
That's 25 years ago.
47
143260
2000
Yun ay 25 taong nakalipas.
02:25
The PC virus problem is 25 years old now.
48
145260
4000
Ang problema sa PC virus ay 25 taon na.
02:29
So half a year ago,
49
149260
2000
Kaya kalahating taon ang nakalipas,
02:31
I decided to go to Pakistan myself.
50
151260
3000
Nagpasya akong magpunta sa Pakistan nang ako mismo.
02:34
So let's see, here's a couple of photos I took while I was in Pakistan.
51
154260
3000
Kaya tingnan natin, ito'y dalawang larawan na kinuhanan ko habang ako ay nasa Pakistan.
02:37
This is from the city of Lahore,
52
157260
2000
Ito ay mula sa siyudad ng Lahore,
02:39
which is around 300 kilometers south
53
159260
2000
na humigit kumulang na 300 kilometro patimog
02:41
from Abbottabad, where Bin Laden was caught.
54
161260
3000
mula Abbottabad kung saan nahuli si Bin Laden.
02:44
Here's a typical street view.
55
164260
3000
Ito'y karaniwang tanawin mula sa kalye.
02:47
And here's the street or road leading to this building,
56
167260
3000
At ito ang kalye at daan papunta sa gusali,
02:50
which is 730 Nizam block at Allama Iqbal Town.
57
170260
4000
ang 730 Nizam block sa bayan ng Allama Iqbal.
02:54
And I knocked on the door.
58
174260
2000
At kinatok ko ang pintuan.
02:56
(Laughter)
59
176260
2000
(Tawanan)
02:58
You want to guess who opened the door?
60
178260
2000
Hulaan niyo kung sino ang nagbukas ng pinto?
03:00
Basit and Amjad; they are still there.
61
180260
2000
Basit at Amjad; nandoon pa din sila.
03:02
(Laughter)
62
182260
2000
(Tawanan)
03:04
(Applause)
63
184260
4000
(Palakpakan)
03:08
So here standing up is Basit.
64
188260
3000
Kaya ito nakatayo si Basit.
03:11
Sitting down is his brother Amjad.
65
191260
3000
Nakaupo naman ang kanyang kapatid na si Amjad.
03:14
These are the guys who wrote the first PC virus.
66
194260
3000
Sila ang mga taong sumulat ng kaunaunahang PC virus.
03:17
Now of course, we had a very interesting discussion.
67
197260
3000
Syempre, naganap ang isang kawili-wiling talastasan.
03:20
I asked them why.
68
200260
2000
Tinanong ko sila kung bakit.
03:22
I asked them how they feel about what they started.
69
202260
3000
Tinanong ko kung ano ang tingin nila sa kanilang naumpisahan.
03:25
And I got some sort of satisfaction
70
205260
3000
At nagkaroon ako ng mumunting kagalakan
03:28
from learning that both Basit and Amjad
71
208260
3000
nang nalaman kong sila Basit at Amjad
03:31
had had their computers infected dozens of times
72
211260
3000
ay nagkakaproblema din sa mga nahawang komputer
03:34
by completely unrelated other viruses
73
214260
2000
mula sa iba't ibang klase ng virus
03:36
over these years.
74
216260
2000
sa mga nakalipas na taon.
03:38
So there is some sort of justice
75
218260
2000
May hustisya naman pala
03:40
in the world after all.
76
220260
3000
sa mundong ito.
03:44
Now, the viruses that we used to see
77
224260
2000
Ngayon, ang mga virus na dati nating nakikita
03:46
in the 1980s and 1990s
78
226260
2000
noong 1980s at 1990s
03:48
obviously are not a problem any more.
79
228260
3000
ay hindi na problema.
03:51
So let me just show you a couple of examples
80
231260
2000
Hayaan niyong ipakita ko sa inyo ang ilang halimbawa
03:53
of what they used to look like.
81
233260
2000
ng kanilang dating anyo.
03:55
What I'm running here
82
235260
2000
Pinapatakbo ko dito
03:57
is a system that enables me
83
237260
2000
ang isang sistema na nagbibigay-daan
03:59
to run age-old programs on a modern computer.
84
239260
3000
para gumana ang mga lumang programa dito sa modernong kompyuter.
04:02
So let me just mount some drives. Go over there.
85
242260
3000
Ilalagay ko muna itong mga drives. Punta ka doon.
04:05
What we have here is a list of old viruses.
86
245260
3000
May listahan tayo dito ng mga lumang virus.
04:08
So let me just run some viruses on my computer.
87
248260
3000
Paaandarin ko ang ilang mga virus sa aking kompyuter.
04:11
For example,
88
251260
2000
Halimbawa,
04:13
let's go with the Centipede virus first.
89
253260
2000
tingnan natin ang Centipede virus.
04:15
And you can see at the top of the screen,
90
255260
2000
Makikita niyo sa taas ng screen,
04:17
there's a centipede scrolling across your computer
91
257260
2000
may centipede na gumagapang sa inyong kompyuter
04:19
when you get infected by this one.
92
259260
2000
kapag nahawaan nito.
04:21
You know that you're infected
93
261260
2000
Alam mong nahawaan ito,
04:23
because it actually shows up.
94
263260
2000
dahil nakikita mo ito mismo.
04:25
Here's another one. This is the virus called Crash,
95
265260
3000
Heto pa ang isa. Ito ang virus na tinatawag na Crash
04:28
invented in Russia in 1992.
96
268260
2000
na naimbento sa Russia noong 1992.
04:30
Let me show you one which actually makes some sound.
97
270260
3000
Ito naman ay isang virus na gumagawa ng tunog.
04:34
(Siren noise)
98
274260
6000
(Tunog ng wang-wang)
04:40
And the last example,
99
280260
2000
At ang huling halimbawa,
04:42
guess what the Walker virus does?
100
282260
2000
hulaan niyo ang ginagawa ng Walker virus.
04:44
Yes, there's a guy walking across your screen
101
284260
2000
Tama, may taong maglalakad sa screen
04:46
once you get infected.
102
286260
2000
kapag ikaw ay nahawaan.
04:48
So it used to be fairly easy to know
103
288260
3000
Kaya napakadaling malaman dati
04:51
that you're infected by a virus,
104
291260
3000
na ika'y nahawaan ng virus,
04:54
when the viruses were written by hobbyists
105
294260
2000
noong ang mga virus ay nililikha bilang katuwaan
04:56
and teenagers.
106
296260
2000
at ng mga binatilyo.
04:58
Today, they are no longer being written
107
298260
2000
Ngayon, hindi lamang
05:00
by hobbyists and teenagers.
108
300260
2000
mga hobbyists at binatilyo ang lumilikha nito.
05:02
Today, viruses are a global problem.
109
302260
3000
Ngayon, ang mga virus ay isang pandaigdigang suliranin.
05:05
What we have here in the background
110
305260
2000
Dito sa aking likuran
05:07
is an example of our systems that we run in our labs,
111
307260
3000
ay isang silip sa sistemang ginagamit namin sa lab,
05:10
where we track virus infections worldwide.
112
310260
2000
na sumusubaybay sa paghawa ng mga virus sa buong mundo.
05:12
So we can actually see in real time
113
312260
2000
Nakikita natin dito sa real time
05:14
that we've just blocked viruses in Sweden and Taiwan
114
314260
3000
na may hinarang tayong virus sa Sweden at Taiwan
05:17
and Russia and elsewhere.
115
317260
2000
at Russia at kahit saan man.
05:19
In fact, if I just connect back to our lab systems
116
319260
3000
Sa katunayan, kung kokonekta ulit ako sa aming lab system
05:22
through the Web,
117
322260
2000
gamit ang Web,
05:24
we can see in real time
118
324260
2000
makikita natin sa real time
05:26
just some kind of idea of how many viruses,
119
326260
3000
kung gaano kadami ang mga virus,
05:29
how many new examples of malware we find every single day.
120
329260
3000
kung ilang uri ng bagong malware ang natutuklasan namin bawat araw.
05:32
Here's the latest virus we've found,
121
332260
2000
Ito ang pinakabagong virus na natuklasan namin
05:34
in a file called Server.exe.
122
334260
2000
sa file na tinatawag na Server.exe.
05:36
And we found it right over here three seconds ago --
123
336260
3000
At natuklasan namin ito dito tatlong segundo lang ang nakalipas --
05:39
the previous one, six seconds ago.
124
339260
2000
yung isa naman, anim na segundo ang lumipas.
05:41
And if we just scroll around,
125
341260
3000
At kung titingnan natin lahat,
05:44
it's just massive.
126
344260
2000
ito'y napakarami.
05:46
We find tens of thousands, even hundreds of thousands.
127
346260
3000
Makakahanap tayo ng libo-libo, at ilang daang libo pa.
05:49
And that's the last 20 minutes of malware
128
349260
3000
At yun lamang ay malware sa nakalipas na 20 minuto
05:52
every single day.
129
352260
2000
bawat araw.
05:54
So where are all these coming from then?
130
354260
3000
Saan kaya nagmumula ang lahat ng ito?
05:57
Well today, it's the organized criminal gangs
131
357260
4000
Ngayon, mula ito sa mga organisadong grupong kriminal
06:01
writing these viruses
132
361260
2000
na lumilikha ng mga virus
06:03
because they make money with their viruses.
133
363260
2000
upang pagkakitaan ng pera ang mga virus.
06:05
It's gangs like --
134
365260
2000
Ito'y parang mga grupo --
06:07
let's go to GangstaBucks.com.
135
367260
3000
punta tayo sa GangstaBucks.com.
06:10
This is a website operating in Moscow
136
370260
3000
Ito ay website na nakabase sa Moscow
06:13
where these guys are buying infected computers.
137
373260
4000
kung saan binibili nila ang mga nahawaang kompyuter.
06:17
So if you are a virus writer
138
377260
2000
Kaya kung ikaw ay nagsusulat ng virus
06:19
and you're capable of infecting Windows computers,
139
379260
2000
at marunong kang manghawa ng kompyuter ng Windows,
06:21
but you don't know what to do with them,
140
381260
2000
ngunit hindi mo alam kung anong gagawin sa kanila,
06:23
you can sell those infected computers --
141
383260
2000
pwede mong ipagbili ang mga kompyuter na nahawaan --
06:25
somebody else's computers -- to these guys.
142
385260
2000
mga kompyuter ng pagmamay-ari ng iba -- sa mga taong ito.
06:27
And they'll actually pay you money for those computers.
143
387260
4000
At magbabayad talaga sila ng pera para sa mga kompyuter na iyon.
06:31
So how do these guys then monetize
144
391260
3000
Paano naman kumikita ang mga taong ito
06:34
those infected computers?
145
394260
2000
gamit ang mga nahawaang kompyuter?
06:36
Well there's multiple different ways,
146
396260
2000
May iba't ibang paraan,
06:38
such as banking trojans, which will steal money from your online banking accounts
147
398260
3000
gaya ng banking trojans, na magnanakaw ng pera sa inyong online account sa bangko
06:41
when you do online banking,
148
401260
3000
kung ika'y nag-oonline banking,
06:44
or keyloggers.
149
404260
3000
o di kaya'y keyloggers.
06:47
Keyloggers silently sit on your computer, hidden from view,
150
407260
4000
Nag-aabang ang keyloggers sa loob ng inyong kompyuter, nakatago,
06:51
and they record everything you type.
151
411260
3000
at itinatala nito ang lahat ng iyong tina-type.
06:54
So you're sitting on your computer and you're doing Google searches.
152
414260
3000
Halimbawang ika'y nakaharap sa iyong kompyuter at nagsasaliksik sa Google.
06:57
Every single Google search you type
153
417260
2000
Bawat pananaliksik mo sa Google na tina-type
06:59
is saved and sent to the criminals.
154
419260
3000
ay naitatala at naipapadala sa mga kriminal.
07:02
Every single email you write is saved and sent to the criminals.
155
422260
3000
Bawat email na iyong sinusulat ay nakatala at pinadadala sa mga kriminal.
07:05
Same thing with every single password and so on.
156
425260
4000
Ganoon din sa bawat password at ilan pa.
07:09
But the thing that they're actually looking for most
157
429260
2000
Ngunit ang talagang nais nila
07:11
are sessions where you go online
158
431260
2000
ay ang mga pagkakataong online ka
07:13
and do online purchases in any online store.
159
433260
3000
at bumibili sa isang tindahan online.
07:16
Because when you do purchases in online stores,
160
436260
2000
Dahil kung ika'y bumibili sa mga online stores,
07:18
you will be typing in your name, the delivery address,
161
438260
3000
sinusulat mo ang iyong pangalan, tirahan,
07:21
your credit card number and the credit card security codes.
162
441260
3000
numero ng credit card at ang mga security codes ng credit card.
07:24
And here's an example of a file
163
444260
2000
At nandito ang isang halimbawa ng file
07:26
we found from a server a couple of weeks ago.
164
446260
2000
na nakita namin sa server dalawang linggo na ang nakalipas.
07:28
That's the credit card number,
165
448260
2000
Iyon ang numero ng credit card,
07:30
that's the expiration date, that's the security code,
166
450260
2000
iyon ang expiration date, iyon ang security code,
07:32
and that's the name of the owner of the card.
167
452260
2000
at iyon ang pangalan ng may-ari ng card.
07:34
Once you gain access to other people's credit card information,
168
454260
3000
Kapag nakuha mo na ang mga impormasyong ito mula sa ibang tao,
07:37
you can just go online and buy whatever you want
169
457260
2000
maari ka nang bumili online ng kahit ano
07:39
with this information.
170
459260
3000
gamit ang impormasyong ito.
07:42
And that, obviously, is a problem.
171
462260
2000
At iyon, siyempre, ay isang problema.
07:44
We now have a whole underground marketplace
172
464260
4000
May isang malaking lihim na kalakaran
07:48
and business ecosystem
173
468260
3000
at negosyong nagaganap
07:51
built around online crime.
174
471260
3000
na nakaugat sa online na krimen.
07:54
One example of how these guys
175
474260
2000
Isang halimbawa kung paano pinagkakakitaan
07:56
actually are capable of monetizing their operations:
176
476260
3000
ng mga taong ito ang ganitong modus operandi.
07:59
we go and have a look at the pages of INTERPOL
177
479260
3000
Pumunta tayo at tingnan ang mga pahina ng INTERPOL
08:02
and search for wanted persons.
178
482260
2000
at hanapin natin ang mga wanted.
08:04
We find guys like Bjorn Sundin, originally from Sweden,
179
484260
3000
Makikita natin ang mga taong tulad ni Bjorn Sundin, na nagmula sa Sweden,
08:07
and his partner in crime,
180
487260
2000
at ang kanyang kasabwat sa krimen,
08:09
also listed on the INTERPOL wanted pages,
181
489260
2000
na nakalista din sa INTERPOL sa mga pahina ng mga wanted,
08:11
Mr. Shaileshkumar Jain,
182
491260
2000
Mr. Shaileshkumar Jain,
08:13
a U.S. citizen.
183
493260
2000
isang mamamayan ng U.S.
08:15
These guys were running an operation called I.M.U.,
184
495260
3000
Pinapatakbo ng mga taong ito ang modus na tinatawag na I.M.U.,
08:18
a cybercrime operation through which they netted millions.
185
498260
3000
isang modus sa cybercrime na pinagkakitaan nila ng milyon-milyon.
08:21
They are both right now on the run.
186
501260
3000
Parehas sila ngayong nagtatago.
08:24
Nobody knows where they are.
187
504260
2000
Walang nakakaalam kung nasaan sila.
08:26
U.S. officials, just a couple of weeks ago,
188
506260
2000
Dalawang linggo ang nakakalipas, isinara ng mga tauhan sa U.S.,
08:28
froze a Swiss bank account
189
508260
2000
ang isang account sa bangko sa Switzerland
08:30
belonging to Mr. Jain,
190
510260
2000
na pagmamay-ari ni Ginoong Jain,
08:32
and that bank account had 14.9 million U.S. dollars on it.
191
512260
4000
na may laman na 14.9 milyong U.S. dolyares.
08:36
So the amount of money online crime generates
192
516260
3000
Kaya masasabi nating ang halaga ng pera sa online na krimen
08:39
is significant.
193
519260
2000
ay hindi biro.
08:41
And that means that the online criminals
194
521260
2000
Nangangahulugan na ang mga online na kriminal
08:43
can actually afford to invest into their attacks.
195
523260
3000
ay namumuhunan sa kanilang pag-atake.
08:46
We know that online criminals
196
526260
2000
Alam natin na ang mga online na kriminal
08:48
are hiring programmers, hiring testing people,
197
528260
3000
ay kumukuha ng mga programmer, mga testing people,
08:51
testing their code,
198
531260
2000
na titingin sa code,
08:53
having back-end systems with SQL databases.
199
533260
3000
taglay ang mga sistemang back-end na ginagamitan ng SQL databases.
08:56
And they can afford to watch how we work --
200
536260
3000
At maari nilang pag-aralan ang ating bawat galaw --
08:59
like how security people work --
201
539260
2000
gaya nang ginagawa ng mga security personnel --
09:01
and try to work their way around
202
541260
2000
at hahanapin nila ng kahit anong butas
09:03
any security precautions we can build.
203
543260
2000
upang makalusot sa security precautions natin.
09:05
They also use the global nature of Internet
204
545260
3000
At dahil sakop ng Internet ang buong mundo
09:08
to their advantage.
205
548260
2000
ginagamit nila ito upang makalamang.
09:10
I mean, the Internet is international.
206
550260
2000
Internasyonal ang internet.
09:12
That's why we call it the Internet.
207
552260
2000
Kung kaya't Internet ang tawag dito.
09:14
And if you just go and take a look
208
554260
2000
At kung ikaw titingnan mo
09:16
at what's happening in the online world,
209
556260
3000
ang mga nangyayari online,
09:19
here's a video built by Clarified Networks,
210
559260
2000
ito ay video na nilikha ng Clarified Networks,
09:21
which illustrates how one single malware family is able to move around the world.
211
561260
4000
na isinasalarawan kung paano kumakalat sa buong mundo ang isang pamilya ng malware.
09:25
This operation, believed to be originally from Estonia,
212
565260
3000
Ang ganitong modus, na pinaniniwalaang nagmula sa Estonia,
09:28
moves around from one country to another
213
568260
2000
ay lumilipat mula sa isang bansa papunta sa iba
09:30
as soon as the website is tried to shut down.
214
570260
2000
kapag ipinapasara na ang website.
09:32
So you just can't shut these guys down.
215
572260
3000
Kaya hindi madaling mapahinto ang ganitong modus.
09:35
They will switch from one country to another,
216
575260
2000
Lilipat lang sila mula sa isang bansa papunta sa iba,
09:37
from one jurisdiction to another --
217
577260
2000
mula sa iisang saklaw ng hudikatura papunta sa iba --
09:39
moving around the world,
218
579260
2000
palipat-lipat sa buong mundo,
09:41
using the fact that we don't have the capability
219
581260
2000
dahil wala tayong kakayahan
09:43
to globally police operations like this.
220
583260
3000
upang mahuli ang malawakang modus na tulad nito.
09:46
So the Internet is as if
221
586260
2000
Kaya maiisip nating ang internet
09:48
someone would have given free plane tickets
222
588260
2000
ay nagiging libreng tiket sa eroplano
09:50
to all the online criminals of the world.
223
590260
3000
para sa lahat ng mga online na kriminal sa mundo.
09:53
Now, criminals who weren't capable of reaching us before
224
593260
3000
Kung dati'y walang kakayahan ang mga kriminal, ngayon ay madali na
09:56
can reach us.
225
596260
2000
nila tayong maaabot.
09:58
So how do you actually go around finding online criminals?
226
598260
3000
Paano natin mahahanap ang gaya nilang kriminal online?
10:01
How do you actually track them down?
227
601260
2000
Paano natin sila matutunton?
10:03
Let me give you an example.
228
603260
2000
Bibigyan ko kayo ng halimbawa.
10:05
What we have here is one exploit file.
229
605260
3000
May isang exploit file tayo dito.
10:08
Here, I'm looking at the Hex dump of an image file,
230
608260
4000
Dito, may isang Hex dump ng isang image file,
10:12
which contains an exploit.
231
612260
2000
na may lamang exploit.
10:14
And that basically means, if you're trying to view this image file on your Windows computer,
232
614260
3000
Kung bubuksan ninyo itong image file sa inyong Windows computer,
10:17
it actually takes over your computer and runs code.
233
617260
3000
kokontrolin na niya ang inyong kompyuter at papaandarin ang code.
10:20
Now, if you'll take a look at this image file --
234
620260
3000
Ngayon, kung titingnan niyo ang image file na ito --
10:23
well there's the image header,
235
623260
2000
yun ang image header,
10:25
and there the actual code of the attack starts.
236
625260
3000
at doon nagsisimula ang mismong code ng pag-atake.
10:28
And that code has been encrypted,
237
628260
2000
At ang code na iyon ay naka-encrypt,
10:30
so let's decrypt it.
238
630260
2000
kaya i-decrypt natin.
10:32
It has been encrypted with XOR function 97.
239
632260
2000
Ito ay naka-encrypt gamit ang XOR function 97.
10:34
You just have to believe me,
240
634260
2000
Maniwala ka na lang,
10:36
it is, it is.
241
636260
2000
tama yan.
10:38
And we can go here
242
638260
2000
At pwede nating tingnan dito
10:40
and actually start decrypting it.
243
640260
2000
na inuumpisahan na itong ma-decrypt.
10:42
Well the yellow part of the code is now decrypted.
244
642260
2000
Ang bahagi ng code na kulay dilaw ay na-decrypt na.
10:44
And I know, it doesn't really look much different from the original.
245
644260
3000
Alam ko, wala namang gaanong pinag-iba sa orihinal.
10:47
But just keep staring at it.
246
647260
2000
Pero titigan niyo ito ng mabuti.
10:49
You'll actually see that down here
247
649260
2000
Makikita mo dito sa bandang ilalim
10:51
you can see a Web address:
248
651260
2000
na may Web address:
10:53
unionseek.com/d/ioo.exe
249
653260
6000
unionseek.com/d/ioo.exe
10:59
And when you view this image on your computer
250
659260
2000
At kung titingnan mo itong larawan sa iyong kompyuter
11:01
it actually is going to download and run that program.
251
661260
2000
ay sisimulan na niya ang download at pagpapatakbo ng program.
11:03
And that's a backdoor which will take over your computer.
252
663260
3000
At iyon ang backdoor na kokontrol sa iyong kompyuter.
11:06
But even more interestingly,
253
666260
2000
Ang mas interesante,
11:08
if we continue decrypting,
254
668260
2000
ay kung ipagpapatuloy natin ang pagdedecrypt,
11:10
we'll find this mysterious string,
255
670260
2000
makikita natin itong misteryong string
11:12
which says O600KO78RUS.
256
672260
5000
na nagsasabing O600KO78RUS.
11:17
That code is there underneath the encryption
257
677260
2000
Ang code na ito nakapaloob sa encryption
11:19
as some sort of a signature.
258
679260
2000
na tulad ng isang lagda.
11:21
It's not used for anything.
259
681260
2000
Hindi itong ginagamit sa kahit ano.
11:23
And I was looking at that, trying to figure out what it means.
260
683260
3000
Tinitigan ko ito, sinubukang alamin ang kahulugan nito.
11:26
So obviously I Googled for it.
261
686260
2000
Kaya nag-Google ako.
11:28
I got zero hits; wasn't there.
262
688260
2000
Wala akong nakuha; wala siya doon.
11:30
So I spoke with the guys at the lab.
263
690260
2000
Kaya kinausap ko ang mga tauhan sa lab.
11:32
And we have a couple of Russian guys in our labs,
264
692260
2000
At may dalawang Ruso sa aming labs,
11:34
and one of them mentioned,
265
694260
2000
at sabi nung isa sa kanila,
11:36
well, it ends in RUS like Russia.
266
696260
2000
na ang code ay nagtatapos sa rus tulad ng Russia.
11:38
And 78 is the city code
267
698260
2000
at 78 ay ang code ng lungsod
11:40
for the city of St. Petersburg.
268
700260
2000
para sa lungsod ng St. Petersburg.
11:42
For example, you can find it from some phone numbers
269
702260
2000
Halimbawa, nakikita ito sa mga numero ng telephono
11:44
and car license plates and stuff like that.
270
704260
3000
at sa mga plaka ng sasakyan at sa ibang bagay.
11:47
So I went looking for contacts in St. Petersburg,
271
707260
3000
Kaya naghanap ako ng mga koneksyon sa St. Petersburg.
11:50
and through a long road,
272
710260
2000
At sa katagalan ng paglalakbay,
11:52
we eventually found this one particular website.
273
712260
4000
nahanap namin ang isang natatanging website.
11:56
Here's this Russian guy who's been operating online for a number of years
274
716260
3000
Heto ang isang Ruso na naka-online sa loob ng maraming taon
11:59
who runs his own website,
275
719260
2000
na may sariling website,
12:01
and he runs a blog under the popular Live Journal.
276
721260
3000
at nagsusulat ng blog sa tanyag na Live Journal.
12:04
And on this blog, he blogs about his life,
277
724260
2000
At sa blog na iyon, sinusulat niya ang tungkol sa buhay niya,
12:06
about his life in St. Petersburg --
278
726260
2000
tungkol sa buhay niya sa St. Petersburg --
12:08
he's in his early 20s --
279
728260
2000
siya ay higit kumulang 20 gulang --
12:10
about his cat,
280
730260
2000
tungkol sa kanyang pusa,
12:12
about his girlfriend.
281
732260
2000
tungkol sa kanyang kasintahan.
12:14
And he drives a very nice car.
282
734260
2000
At minamaneho niya ang isang napakagarang sasakyan.
12:16
In fact, this guy drives
283
736260
3000
Kung tutuusin, minamaneho ng taong ito
12:19
a Mercedes-Benz S600
284
739260
2000
ang isang Mercedes-Benz S600
12:21
V12
285
741260
2000
V12
12:23
with a six-liter engine
286
743260
2000
na may makinang anim na litro ang laman
12:25
with more than 400 horsepower.
287
745260
2000
at may mahigit 400 horsepower.
12:27
Now that's a nice car for a 20-something year-old kid in St. Petersburg.
288
747260
4000
Iyon ay isang napakagarang kotse para sa isang 20 anyos na binatilyo sa St. Petersburg.
12:31
How do I know about this car?
289
751260
2000
Paano ko nalaman ang tungkol sa kotse?
12:33
Because he blogged about the car.
290
753260
2000
Dahil nagblog siya tungkol sa kanyang kotse.
12:35
He actually had a car accident.
291
755260
2000
Nagkaroon siya ng aksidente.
12:37
In downtown St. Petersburg,
292
757260
2000
Sa downtown St. Petersburg,
12:39
he actually crashed his car into another car.
293
759260
2000
nabangga ang kotse niya sa isa pang kotse.
12:41
And he put blogged images about the car accident --
294
761260
2000
Naglagay siya ng mga larawan sa blog tungkol sa aksidente --
12:43
that's his Mercedes --
295
763260
2000
iyon ang kanyang Mercedes --
12:45
right here is the Lada Samara he crashed into.
296
765260
4000
at ito yung Lada Samara na nakabanggaan niya.
12:49
And you can actually see that the license plate of the Samara
297
769260
3000
At makikita mo na ang plaka ng Samara
12:52
ends in 78RUS.
298
772260
2000
ay nagtatapos sa 78RUS.
12:54
And if you actually take a look at the scene picture,
299
774260
3000
At kung titingnan mong mabuti ang larawan ng pangyayari,
12:57
you can see that the plate of the Mercedes
300
777260
2000
makikita mo na ang plaka ng Mercedes
12:59
is O600KO78RUS.
301
779260
6000
ay O600KO78RUS.
13:05
Now I'm not a lawyer,
302
785260
2000
Ngayon hindi naman ako abogado,
13:07
but if I would be,
303
787260
2000
ngunit kung sakali'y ako man,
13:09
this is where I would say, "I rest my case."
304
789260
3000
ngayon ko sasabihin, "Tapos na ang kasong ito."
13:12
(Laughter)
305
792260
2000
(Tawanan)
13:14
So what happens when online criminals are caught?
306
794260
3000
Ano ang mangyayari kung mahuhuli ang mga kriminal na online?
13:17
Well in most cases it never gets this far.
307
797260
3000
Madalas, hindi na umaabot sa ganito.
13:20
The vast majority of the online crime cases,
308
800260
2000
Karamihan sa mga kasong kriminal online,
13:22
we don't even know which continent the attacks are coming from.
309
802260
3000
hindi natin malalaman kung aling kontinente nagmula ang pag-atake.
13:25
And even if we are able to find online criminals,
310
805260
3000
At kung mahahanap man sila,
13:28
quite often there is no outcome.
311
808260
2000
madalas walang nangyayari.
13:30
The local police don't act, or if they do, there's not enough evidence,
312
810260
3000
Hindi ito sakop ng lokal na kapulisan, at madalas walang sapat na katibayan,
13:33
or for some reason we can't take them down.
313
813260
2000
o sadyang mahirap talaga silang mahuli.
13:35
I wish it would be easier;
314
815260
2000
Sana may madaling paraan;
13:37
unfortunately it isn't.
315
817260
2000
sa kasamaang-palad, wala.
13:39
But things are also changing
316
819260
3000
Ngunit may mga bagay na sadyang
13:42
at a very rapid pace.
317
822260
3000
mabilis ang pagbabago.
13:45
You've all heard about things like Stuxnet.
318
825260
3000
Narinig mo na siguro ang mga bagay tulad ng Stuxnet.
13:48
So if you look at what Stuxnet did
319
828260
3000
Mahalaga ang Stuxnet dahil
13:51
is that it infected these.
320
831260
2000
hinawaan niya ang mga ito.
13:53
That's a Siemens S7-400 PLC,
321
833260
3000
Iyan ay ang Siemens S7-400 PLC,
13:56
programmable logic [controller].
322
836260
2000
programmable logic [controller].
13:58
And this is what runs our infrastructure.
323
838260
3000
At ito ang nagpapatakbo sa ating imprastraktura.
14:01
This is what runs everything around us.
324
841260
3000
Ito ang nagpapaandar sa lahat ng nakapaligid sa atin.
14:04
PLC's, these small boxes which have no display,
325
844260
3000
PLC's, mga maliliit na kahon na walang display,
14:07
no keyboard,
326
847260
2000
walang keyboard,
14:09
which are programmed, are put in place, and they do their job.
327
849260
2000
na naka-program, nakapwesto, at nagtatrabaho.
14:11
For example, the elevators in this building
328
851260
2000
Halimbawa, ang mga elevator sa gusaling ito
14:13
most likely are controlled by one of these.
329
853260
4000
ay marahil pinapatakbo ng mga ito.
14:17
And when Stuxnet infects one of these,
330
857260
3000
At kapag nahawaan ng Stuxnet ang isa sa mga ito,
14:20
that's a massive revolution
331
860260
2000
iyon ay isang napakalaking pagsisiwalat
14:22
on the kinds of risks we have to worry about.
332
862260
3000
sa uri ng mga panganib na dapat nating alalahanin.
14:25
Because everything around us is being run by these.
333
865260
3000
Dahil lahat sa ating paligid ay pinapatakbo ng mga ito.
14:28
I mean, we have critical infrastructure.
334
868260
2000
Ibig kong sabihin, nanganganib ang ating imprastraktura.
14:30
You go to any factory, any power plant,
335
870260
3000
Pumunta ka sa kahit anong pabrika, sa planta ng kuryente,
14:33
any chemical plant, any food processing plant,
336
873260
2000
sa planta ng kemikal, sa planta ng pinoprosesong pagkain,
14:35
you look around --
337
875260
2000
tumingin ka sa paligid --
14:37
everything is being run by computers.
338
877260
2000
lahat ay pinapaandar ng mga kompyuter.
14:39
Everything is being run by computers.
339
879260
2000
Lahat ay pinapaandar ng mga kompyuter.
14:41
Everything is reliant on these computers working.
340
881260
3000
Lahat ay umaasa sa mga kompyuter.
14:44
We have become very reliant
341
884260
3000
Masyado tayong umaasa
14:47
on Internet,
342
887260
2000
sa Internet,
14:49
on basic things like electricity, obviously,
343
889260
3000
sa mga pangunahing bagay gaya ng kuryente, siyempre,
14:52
on computers working.
344
892260
2000
sa mga kompyuter.
14:54
And this really is something
345
894260
2000
At ang mga bagay na ito
14:56
which creates completely new problems for us.
346
896260
2000
ay lumilikha ng mga panibagong problema para sa atin.
14:58
We must have some way
347
898260
2000
Dapat may paraan tayo
15:00
of continuing to work
348
900260
2000
upang mapagpatuloy ang trabaho
15:02
even if computers fail.
349
902260
3000
kung sakaling mabigo ang mga kompyuter.
15:12
(Laughter)
350
912260
2000
(Tawanan)
15:14
(Applause)
351
914260
10000
(Palakpakan)
15:24
So preparedness means that we can do stuff
352
924260
3000
Kaya ang kahandaan ay ang kakayahang gumawa
15:27
even when the things we take for granted
353
927260
2000
kung sakaling ang mga bagay na binabaliwala
15:29
aren't there.
354
929260
2000
ay biglang mawala sa atin.
15:31
It's actually very basic stuff --
355
931260
2000
Ito'y mga simpleng bagay lang --
15:33
thinking about continuity, thinking about backups,
356
933260
3000
pag-iisip tungkol sa daloy, sa mga backup,
15:36
thinking about the things that actually matter.
357
936260
3000
sa mga mahahalagang bagay.
15:39
Now I told you --
358
939260
3000
Sinabi ko kanina --
15:42
(Laughter)
359
942260
2000
(Tawanan)
15:44
I love the Internet. I do.
360
944260
4000
Mahal ko ang Internet. Totoo yun.
15:48
Think about all the services we have online.
361
948260
3000
Isipin niyo ang lahat ng mga kapakipakinabang online.
15:51
Think about if they are taken away from you,
362
951260
3000
Ipagpalagay na inalis itong lahat,
15:54
if one day you don't actually have them
363
954260
2000
na isang araw wala na sila,
15:56
for some reason or another.
364
956260
2000
sa kung anumang kadahilanan.
15:58
I see beauty in the future of the Internet,
365
958260
3000
Nakikita ko na maganda ang kinabukasan ng internet,
16:01
but I'm worried
366
961260
2000
ngunit nag-aalala ako
16:03
that we might not see that.
367
963260
2000
na hindi natin ito masisilayan.
16:05
I'm worried that we are running into problems
368
965260
2000
Nababahala ako dahil nagkakaroon tayo ng mga suliranin
16:07
because of online crime.
369
967260
2000
sa online na krimen.
16:09
Online crime is the one thing
370
969260
2000
Ang online na krimen ay isang dahilan
16:11
that might take these things away from us.
371
971260
2000
upang mawala ang mga bagay na ito sa atin.
16:13
(Laughter)
372
973260
3000
(Tawanan)
16:16
I've spent my life
373
976260
2000
Ginugol ko ang buhay ko
16:18
defending the Net,
374
978260
3000
na ipinagtatanggol ang net.
16:21
and I do feel that if we don't fight online crime,
375
981260
3000
At kapag hindi nasugpo ang online na krimen,
16:24
we are running a risk of losing it all.
376
984260
4000
nanganganib na mawawala ang lahat ng ito.
16:28
We have to do this globally,
377
988260
3000
Kailangang pandadaigdigan ang lawak ng aksyon,
16:31
and we have to do it right now.
378
991260
3000
at kailangang ngayon na.
16:34
What we need
379
994260
2000
Ang kailangan natin
16:36
is more global, international law enforcement work
380
996260
3000
ay isang tanggapan na magpapatupad ng batas na pang-internasyonal
16:39
to find online criminal gangs --
381
999260
2000
upang hanapin ang mga grupong kriminal online --
16:41
these organized gangs
382
1001260
2000
mga organisadong grupo
16:43
that are making millions out of their attacks.
383
1003260
2000
na kumikita ng milyon-milyon mula sa mga pag-atake.
16:45
That's much more important
384
1005260
2000
Iyon ay mas mahalaga
16:47
than running anti-viruses or running firewalls.
385
1007260
2000
higit pa sa mga anti-virus at firewall sa kompyuter.
16:49
What actually matters
386
1009260
2000
Higit pang mahalaga
16:51
is actually finding the people behind these attacks,
387
1011260
2000
ay ang pagtukoy sa mga taong nagdudulot nito.
16:53
and even more importantly,
388
1013260
2000
At mas mahalaga,
16:55
we have to find the people
389
1015260
2000
ay tukuyin ang mga tao
16:57
who are about to become
390
1017260
2000
na nagbabalak na sumali
16:59
part of this online world of crime,
391
1019260
2000
sa mundo ng online na krimen,
17:01
but haven't yet done it.
392
1021260
2000
na hindi pa nakapagsimula.
17:03
We have to find the people with the skills,
393
1023260
3000
Hanapin natin ang mga taong may ganitong kakayahan,
17:06
but without the opportunities
394
1026260
2000
na hindi nagkaroon ng pagkakataon
17:08
and give them the opportunities
395
1028260
2000
at bigyan natin sila ng pagkakataon
17:10
to use their skills for good.
396
1030260
3000
na gamitin ang kanilang angking husay para sa kabutihan.
17:13
Thank you very much.
397
1033260
2000
Maraming salamat.
17:15
(Applause)
398
1035260
13000
(Palakpakan)
About this website

This site will introduce you to YouTube videos that are useful for learning English. You will see English lessons taught by top-notch teachers from around the world. Double-click on the English subtitles displayed on each video page to play the video from there. The subtitles scroll in sync with the video playback. If you have any comments or requests, please contact us using this contact form.

https://forms.gle/WvT1wiN1qDtmnspy7