Where is cybercrime really coming from? | Caleb Barlow

285,427 views ใƒป 2017-02-15

TED


์•„๋ž˜ ์˜๋ฌธ์ž๋ง‰์„ ๋”๋ธ”ํด๋ฆญํ•˜์‹œ๋ฉด ์˜์ƒ์ด ์žฌ์ƒ๋ฉ๋‹ˆ๋‹ค.

00:00
Translator: Leslie Gauthier Reviewer: Camille Martรญnez
0
0
7000
๋ฒˆ์—ญ: yongkyu lee ๊ฒ€ํ† : Mihyun Gong
00:12
Cybercrime is out of control.
1
12832
4217
์‚ฌ์ด๋ฒ„ ๋ฒ”์ฃ„๋Š” ํ†ต์ œํ•  ์ˆ˜ ์—†์Šต๋‹ˆ๋‹ค.
00:18
It's everywhere.
2
18006
1365
์–ด๋””์—์„œ๋‚˜ ์ผ์–ด๋‚˜์ฃ .
00:19
We hear about it every single day.
3
19395
4288
์šฐ๋ฆฌ๋Š” ๋งค์ผ ์‚ฌ์ด๋ฒ„ ๋ฒ”์ฃ„์— ๋Œ€ํ•œ ๋‰ด์Šค๋ฅผ ์ ‘ํ•ฉ๋‹ˆ๋‹ค.
00:24
This year,
4
24591
1214
์˜ฌํ•ด๋งŒ ํ•ด๋„
00:25
over two billion records lost or stolen.
5
25829
5134
20์–ต ๊ฑด์ด ๋„˜๋Š” ๊ธฐ๋ก๋“ค์ด ์‚ฌ๋ผ์ง€๊ฑฐ๋‚˜ ๋„๋‚œ๋‹นํ–ˆ์Šต๋‹ˆ๋‹ค.
00:31
And last year, 100 million of us, mostly Americans,
6
31870
5635
์ž‘๋…„์—๋Š” ๋ฏธ๊ตญ์ธ์ด ๋Œ€๋‹ค์ˆ˜์ธ
์•ฝ 1์–ต ๋ช…์— ๋‹ฌํ•˜๋Š” ์‚ฌ๋žŒ๋“ค์˜ ๊ฑด๊ฐ•๋ณดํ—˜ ๊ฐ€์ž… ์ •๋ณด๋ฅผ ๋„๋‘‘๋งž์•˜์Šต๋‹ˆ๋‹ค.
00:37
lost our health insurance data to thieves -- myself included.
7
37529
5134
์ œ ์ •๋ณด๋„ ํฌํ•จ๋˜์—ˆ์ฃ .
์ด๋Ÿฐ ์ผ์ด ํŠนํžˆ ์šฐ๋ ค์Šค๋Ÿฌ์šด ์ด์œ ๋Š”
00:44
What's particularly concerning about this is that in most cases,
8
44123
5448
๋Œ€๋ถ€๋ถ„์˜ ๊ฒฝ์šฐ์—
00:49
it was months before anyone even reported that these records were stolen.
9
49595
5911
๋ช‡ ๋‹ฌ์ด ์ง€๋‚œ ๋’ค์—์•ผ ์ด๋Ÿฐ ๊ธฐ๋ก์ด ๋„๋‚œ๋‹นํ–ˆ์Œ์„ ์•Œ๊ฒŒ ๋˜๊ธฐ ๋•Œ๋ฌธ์ž…๋‹ˆ๋‹ค.
00:56
So if you watch the evening news,
10
56984
3043
๊ทธ๋ฆฌ๊ณ  ์—ฌ๋Ÿฌ๋ถ„์ด ์ด๋Ÿฐ ์ผ์„ ์ €๋… ๋‰ด์Šค์—์„œ ์ ‘ํ•˜๋ฉด
01:00
you would think that most of this is espionage or nation-state activity.
11
60051
5206
๊ทธ ๋Œ€๋ถ€๋ถ„์ด ์ฒฉ๋ณด ํ™œ๋™์ด๊ฑฐ๋‚˜ ๊ตญ๊ฐ€์  ํ™œ๋™์ด๋ผ๊ณ  ์ƒ๊ฐํ•ฉ๋‹ˆ๋‹ค.
01:05
And, well, some of it is.
12
65813
2093
๋ฌผ๋ก  ์ผ๋ถ€๋Š” ๊ทธ๋ ‡์ฃ .
01:08
Espionage, you see, is an accepted international practice.
13
68514
4438
์ฒฉ๋ณด ํ™œ๋™์€ ๊ตญ์ œ ๊ด€ํ–‰์œผ๋กœ ๋ฐ›์•„๋“ค์—ฌ์ง€๊ณ  ์žˆ์œผ๋‹ˆ๊นŒ์š”.
01:13
But in this case,
14
73613
1483
ํ•˜์ง€๋งŒ ์ด ๊ฒฝ์šฐ๋Š”
01:15
it is only a small portion of the problem that we're dealing with.
15
75120
5453
์šฐ๋ฆฌ๊ฐ€ ๋‹ค๋ฃจ๋Š” ๋ฌธ์ œ์˜ ๊ทนํžˆ ์ผ๋ถ€์— ๋ถˆ๊ณผํ•ฉ๋‹ˆ๋‹ค.
01:21
How often do we hear about a breach
16
81459
3335
์œ„๋ฐ˜ ์‚ฌ์‹ค์˜ ๋’ค์—๋Š” ์ข…์ข… ์ด๋Ÿฐ ํ‘œํ˜„์ด ๋’ค๋”ฐ๋ฆ…๋‹ˆ๋‹ค.
01:24
followed by, "... it was the result of a sophisticated nation-state attack?"
17
84818
4851
์ด๋Š” ๊ตญ๊ฐ€๋ฅผ ๋Œ€์ƒ์œผ๋กœ ํ•œ ์น˜๋ฐ€ํ•œ ๊ณต๊ฒฉ์˜ ๊ฒฐ๊ณผ์˜€๋‹ค๊ณ  ๋ง์ด์ฃ .
01:30
Well, often that is companies not being willing to own up
18
90481
4861
๊ทธ๊ฑด ์–ด์ฉŒ๋ฉด ๋ณด์•ˆ์— ๊ด€ํ•œ ํ—ˆ์ˆ ํ•œ ๊ด€ํ–‰์„ ์ธ์ •ํ•˜์ง€ ์•Š์œผ๋ ค๋Š”
01:35
to their own lackluster security practices.
19
95366
2980
์—…์ฒด๋“ค์˜ ์ด์•ผ๊ธฐ์ผ ๊ฒ๋‹ˆ๋‹ค.
01:38
There is also a widely held belief
20
98885
2500
๋˜ํ•œ ๊ทธ ๊ธฐ์ €์— ๊น”๋ ค์žˆ๋Š” ๊ฒƒ์€
01:42
that by blaming an attack on a nation-state,
21
102175
3851
๊ณต๊ฒฉ ๋Œ€์ƒ์„ ๊ตญ๊ฐ€ ์ฐจ์›์œผ๋กœ ๋Œ๋ฆผ์œผ๋กœ์จ
01:46
you are putting regulators at bay --
22
106050
2681
์ ์–ด๋„ ํ•œ๋™์•ˆ์€ ๊ทœ์ œ ๋‹น๊ตญ์„ ๊ถ์ง€๋กœ ๋ชฐ ์ˆ˜ ์žˆ์„ ๊ฑฐ๋ผ๋Š” ์ƒ๊ฐ์ด์ฃ .
01:48
at least for a period of time.
23
108755
2034
01:51
So where is all of this coming from?
24
111657
4483
๊ทธ๋ ‡๋‹ค๋ฉด ์ด๋Ÿฐ ์ผ๋“ค์„ ๋ˆ„๊ฐ€ ์ €์ง€๋ฅด๋Š” ๊ฑธ๊นŒ์š”?
01:56
The United Nations estimates that 80 percent of it
25
116817
5493
UN์€ ์ด๋“ค ๋ฒ”์ฃ„์˜ ์•ฝ 80% ์ •๋„๋Š”
02:02
is from highly organized and ultrasophisticated criminal gangs.
26
122334
5770
๋Œ€๋‹จํžˆ ์กฐ์งํ™”๋˜๊ณ  ์น˜๋ฐ€ํ•œ ๋ฒ”์ฃ„ ์ง‘๋‹จ์— ์˜ํ•ด ์ €์งˆ๋Ÿฌ์ง€๊ณ  ์žˆ๋‹ค๊ณ  ํŒ๋‹จํ•ฉ๋‹ˆ๋‹ค.
02:09
To date,
27
129074
1719
์ง€๊ธˆ์€
02:10
this represents one of the largest illegal economies in the world,
28
130817
6600
์ด๋Š” ์„ธ๊ณ„์ ์œผ๋กœ ๊ฐ€์žฅ ํฐ ๊ทœ๋ชจ์˜ ์ง€ํ•˜ ๊ฒฝ์ œ ์ค‘์˜ ํ•˜๋‚˜๋กœ ๋ถ€๊ฐ๋˜๊ณ  ์žˆ๊ณ 
02:17
topping out at, now get this,
29
137441
3120
๊ทธ ๊ทœ๋ชจ๋Š” ๋†€๋ž๊ฒŒ๋„
02:20
445 billion dollars.
30
140585
4316
4,450์–ต ๋‹ฌ๋Ÿฌ์— ๋‹ฌํ•ฉ๋‹ˆ๋‹ค.
02:25
Let me put that in perspective for all of you:
31
145359
2912
์–ด๋Š ์ •๋„ ๊ทœ๋ชจ์ธ์ง€ ๋ง์”€๋“œ๋ฆฌ์ž๋ฉด
02:28
445 billion dollars is larger than the GDP
32
148295
6104
4,450์–ต ๋‹ฌ๋Ÿฌ๋Š” ์•ฝ 160์—ฌ ๊ฐœ๊ตญ์˜ GDP๋ณด๋‹ค ํฐ ์•ก์ˆ˜์ž…๋‹ˆ๋‹ค.
02:34
of 160 nations,
33
154423
2666
02:37
including Ireland, Finland, Denmark and Portugal,
34
157113
4545
์•„์ผ๋žœ๋“œ, ํ•€๋ž€๋“œ, ๋ด๋งˆํฌ, ํฌ๋ฅดํˆฌ๊ฐˆ์„ ํฌํ•จํ•œ ์—ฌ๋Ÿฌ ๋‚˜๋ผ๊ฐ€ ํ•ด๋‹น๋˜์ฃ .
02:41
to name a few.
35
161682
1230
02:44
So how does this work?
36
164113
2004
๊ทธ๋Ÿฌ๋ฉด ๊ทธ๋Ÿฐ ์ผ์ด ์–ด๋–ป๊ฒŒ ์ผ์–ด๋‚ ๊นŒ์š”?
02:46
How do these criminals operate?
37
166141
1906
์–ด๋–ป๊ฒŒ ์ด๋Ÿฐ ๋ฒ”์ฃ„๋ฅผ ์ €์ง€๋ฅผ ์ˆ˜ ์žˆ๋Š” ๊ฑธ๊นŒ์š”?
02:48
Well, let me tell you a little story.
38
168521
2856
์งง์€ ์ด์•ผ๊ธฐ๋ฅผ ํ•˜๋‚˜ ๋“ค๋ ค๋“œ๋ฆฌ๊ฒ ์Šต๋‹ˆ๋‹ค.
02:52
About a year ago,
39
172351
1194
๋ช‡ ๋…„ ์ „, ์šฐ๋ฆฌ์˜ ๋ณด์•ˆ ์—ฐ๊ตฌ์›๋“ค์€
02:53
our security researchers were tracking
40
173569
3310
๋‹ค์†Œ ํ‰๋ฒ”ํ•˜์ง€๋งŒ ๋ณต์žกํ•œ ์€ํ–‰๊ฑฐ๋ž˜ ์•…์„ฑ์ฝ”๋“œ๋ฅผ ์ถ”์ ํ•˜๊ณ  ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค.
02:56
a somewhat ordinary but sophisticated banking Trojan called the Dyre Wolf.
41
176903
6046
๋‹ค์ด์–ด ์šธํ”„(Dyre Wolf)๋ผ๋Š” ์•…์„ฑ ์ฝ”๋“œ์˜€์ฃ .
03:03
The Dyre Wolf would get on your computer
42
183745
2221
๋‹ค์ด์–ด ์šธํ”„๋Š” ํ”ผ์‹ฑ ๋ฉ”์ผ์— ์žˆ๋Š” ๋งํฌ๋ฅผ ํด๋ฆญํ•˜๋ฉด ์ปดํ“จํ„ฐ์— ์„ค์น˜๋ฉ๋‹ˆ๋‹ค.
03:05
via you clicking on a link in a phishing email
43
185990
3000
03:09
that you probably shouldn't have.
44
189014
1952
๋ณดํ†ต์€ ํด๋ฆญํ•˜๋ฉด ์•ˆ๋˜์ง€๋งŒ ๋ง์ด์ฃ .
03:10
It would then sit and wait.
45
190990
1997
๊ทธ๋ฆฌ๊ณ  ์กฐ์šฉํžˆ ๊ธฐ๋‹ค๋ฆฝ๋‹ˆ๋‹ค.
03:13
It would wait until you logged into your bank account.
46
193575
3011
์—ฌ๋Ÿฌ๋ถ„์ด ์ธํ„ฐ๋„ท ์€ํ–‰ ๊ณ„์ขŒ์— ๋กœ๊ทธ์ธํ•  ๋•Œ๊นŒ์ง€ ๊ธฐ๋‹ค๋ฆฌ์ฃ .
03:17
And when you did, the bad guys would reach in,
47
197119
3343
๊ทธ๋ฆฌ๊ณ  ๋กœ๊ทธ์ธ์„ ํ•˜๋ฉด
๊ทธ ์•…๋‹น๋“ค์€ ์ปดํ“จํ„ฐ์— ์ ‘๊ทผํ•˜์—ฌ ์—ฌ๋Ÿฌ๋ถ„์˜ ์‹ ์šฉ ์ •๋ณด๋ฅผ ๋นผ๊ฐ‘๋‹ˆ๋‹ค.
03:20
steal your credentials,
48
200486
1653
03:22
and then use that to steal your money.
49
202163
1901
๊ทธ๋ฆฌ๊ณ  ์ด๋ฅผ ์ด์šฉํ•˜์—ฌ ์—ฌ๋Ÿฌ๋ถ„์˜ ๋ˆ์„ ํ›”์น˜์ฃ .
03:24
This sounds terrible,
50
204843
1920
์ƒ๊ฐ๋งŒ ํ•ด๋„ ๋”์ฐํ•˜์ฃ .
03:26
but the reality is, in the security industry,
51
206787
2793
ํ•˜์ง€๋งŒ ๋ณด์•ˆ ์—…๊ณ„ ์ชฝ์—์„œ๋Š” ์ด๋Š” ๋Š˜์ƒ ์ผ์–ด๋‚˜๋Š” ์ผ์ด๋ฉฐ
03:29
this form of attack is somewhat commonplace.
52
209604
3682
์ด๋Ÿฌํ•œ ํ˜•ํƒœ์˜ ๊ณต๊ฒฉ์€ ๋น„๊ต์  ํ‰๋ฒ”ํ•œ ํŽธ์— ์†ํ•ฉ๋‹ˆ๋‹ค.
03:35
However, the Dyre Wolf had two distinctly different personalities --
53
215822
6164
ํ•˜์ง€๋งŒ ๋‹ค์ด์–ด ์šธํ”„๋Š” ๋‘ ๊ฐ€์ง€์˜ ๋…ํŠนํ•œ ํŠน์ง•์„ ๊ฐ–๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค.
03:42
one for these small transactions,
54
222479
2341
๋ฐฉ๊ธˆ์ฒ˜๋Ÿผ ์†Œ์•ก์„ ์†ก๊ธˆํ•˜๋Š” ๊ฒฝ์šฐ์™€๋Š” ๋‹ฌ๋ฆฌ
03:44
but it took on an entirely different persona
55
224844
3040
์—ฌ๋Ÿฌ๋ถ„์ด ์‚ฌ์—…์ ์œผ๋กœ ๋งค์šฐ ํฐ ๊ธˆ์•ก์„ ์†ก๊ธˆํ•  ๋•Œ๋Š”
03:47
if you were in the business of moving large-scale wire transfers.
56
227908
3815
์™„์ „ํžˆ ๋‹ค๋ฅธ ํ˜•ํƒœ๋ฅผ ๋„๊ฒŒ ๋ฉ๋‹ˆ๋‹ค.
03:51
Here's what would happen.
57
231747
1699
๋ฌด์Šจ ์ผ์ด ์ผ์–ด๋‚˜๋Š”์ง€ ์„ค๋ช…๋“œ๋ฆฌ์ฃ .
03:53
You start the process of issuing a wire transfer,
58
233470
2800
์—ฌ๋Ÿฌ๋ถ„์ด ์†ก๊ธˆ์„ ์‹œ์ž‘ํ•˜๋ ค๊ณ  ํ•˜๋ฉด
03:56
and up in your browser would pop a screen from your bank,
59
236294
3008
ํ™”๋ฉด์— ํŒ์—…์ฐฝ์ด ๋‚˜ํƒ€๋‚˜๊ณ 
03:59
indicating that there's a problem with your account,
60
239326
2597
๊ณ„์ขŒ์— ๋ฌธ์ œ๊ฐ€ ๋ฐœ์ƒํ•œ ๊ฒƒ ๊ฐ™์œผ๋‹ˆ
04:01
and that you need to call the bank immediately,
61
241947
3191
์€ํ–‰์— ๋ฐ”๋กœ ์ „ํ™”๋ฅผ ํ•ด๋‹ฌ๋ผ๋ฉด์„œ
04:05
along with the number to the bank's fraud department.
62
245162
2742
์€ํ–‰์‚ฌ๊ธฐ ๋Œ€์‘ ๋ถ€์„œ์˜ ์ „ํ™”๋ฒˆํ˜ธ๋ฅผ ๋ณด์—ฌ์ค๋‹ˆ๋‹ค.
04:08
So you pick up the phone and you call.
63
248655
2170
๊ทธ๋Ÿฌ๋ฉด ์—ฌ๋Ÿฌ๋ถ„์€ ๋ฐ”๋กœ ์ „ํ™”๋ฅผ ๊ฑธ๊ฒ ์ฃ .
04:10
And after going through the normal voice prompts,
64
250849
3011
์ •์ƒ์ ์ธ ์Œ์„ฑ์•ˆ๋‚ด๋“ค์„ ๊ฑฐ์น˜๊ณ  ๋‚˜๋ฉด
04:13
you're met with an English-speaking operator.
65
253884
2117
์ƒ๋‹ด์›์ด ์˜์–ด๋กœ ์ด๋ ‡๊ฒŒ ๋งํ•˜์ฃ .
04:16
"Hello, Altoro Mutual Bank. How can I help you?"
66
256025
2868
"์•ˆ๋…•ํ•˜์„ธ์š”. ์•Œํ† ๋กœ ์€ํ–‰์ž…๋‹ˆ๋‹ค. ๋ฌด์—‡์„ ๋„์™€๋“œ๋ฆด๊นŒ์š”?"
04:19
And you go through the process like you do every time you call your bank,
67
259853
3653
๊ทธ๋ฆฌ๊ณ  ๋Š˜ ์€ํ–‰์— ์ „ํ™”๋ฅผ ๊ฑธ๋ฉด ์ผ์–ด๋‚˜๋Š” ์ผ๋“ค์ด ์ง„ํ–‰๋ฉ๋‹ˆ๋‹ค.
04:23
of giving them your name and your account number,
68
263530
2791
์—ฌ๋Ÿฌ๋ถ„์˜ ์ด๋ฆ„๊ณผ ๊ณ„์ขŒ ๋ฒˆํ˜ธ๋ฅผ ์•Œ๋ ค์ฃผ๊ณ 
04:26
going through the security checks to verify you are who you said you are.
69
266345
3923
์ž์‹ ์ด ๋งž๋Š”์ง€ ๋ณธ์ธ ์ธ์ฆ๊ณผ ๋ณด์•ˆ ์ ๊ฒ€์„ ๊ณผ์ •์„ ๊ฑฐ์น˜์ฃ .
04:31
Most of us may not know this,
70
271629
1488
์—ฌ๋Ÿฌ๋ถ„์€ ์ž˜ ๋ชจ๋ฅด์‹œ๊ฒ ์ง€๋งŒ
04:33
but in many large-scale wire transfers,
71
273141
2229
ํฐ ์•ก์ˆ˜๋ฅผ ์†ก๊ธˆํ•  ๋•Œ๋Š”
04:35
it requires two people to sign off on the wire transfer,
72
275394
3111
์†ก๊ธˆ ์Šน์ธ์„ ์œ„ํ•ด์„œ ๋‘ ๋ช…์˜ ์ธ์ฆ์ด ํ•„์š”ํ•ฉ๋‹ˆ๋‹ค.
04:38
so the operator then asks you to get the second person on the line,
73
278529
3199
๊ทธ๋ž˜์„œ ๊ทธ ์ƒ๋‹ด์›์€ ์—ฌ๋Ÿฌ๋ถ„์—๊ฒŒ ๋‘ ๋ฒˆ์งธ ์ง์›์„ ์—ฐ๊ฒฐํ•ด์ฃผ๊ณ 
04:41
and goes through the same set of verifications and checks.
74
281752
2801
์ธ์ฆ๊ณผ ํ™•์ธ์„ ์œ„ํ•œ ๋™์ผํ•œ ๊ณผ์ •์„ ๊ฑฐ์นฉ๋‹ˆ๋‹ค.
04:45
Sounds normal, right?
75
285780
1346
์ •์ƒ์ ์ธ ๊ฒƒ ๊ฐ™์ฃ ?
04:47
Only one problem:
76
287729
1442
๊ทธ๋Ÿฐ๋ฐ ๋ฌธ์ œ๊ฐ€ ํ•˜๋‚˜ ์žˆ์Šต๋‹ˆ๋‹ค.
04:49
you're not talking to the bank.
77
289195
1825
์—ฌ๋Ÿฌ๋ถ„์€ ์€ํ–‰๊ณผ ํ†ตํ™”ํ•œ ๊ฒƒ์ด ์•„๋‹™๋‹ˆ๋‹ค.
04:51
You're talking to the criminals.
78
291044
1586
๋ฐ”๋กœ ๋ฒ”์ฃ„์ž๋“ค๊ณผ ์ด์•ผ๊ธฐํ•œ ๊ฒƒ์ž…๋‹ˆ๋‹ค.
04:52
They had built an English-speaking help desk,
79
292654
2198
๊ทธ๋“ค์€ ์˜์–ด๋กœ ๋œ ํ—ฌํ”„๋ฐ์Šคํฌ๋ฅผ ๋งŒ๋“ค๊ณ 
04:54
fake overlays to the banking website.
80
294876
2065
๊ฐ€์งœ ์›น์‚ฌ์ดํŠธ๋ฅผ ์šด์˜ํ•ฉ๋‹ˆ๋‹ค.
04:56
And this was so flawlessly executed
81
296965
3100
๊ทธ๋Ÿฐ๋ฐ ์ด ๋ชจ๋“  ๊ฒƒ๋“ค์ด ๋„ˆ๋ฌด๋‚˜๋„ ์ •๊ตํ•˜๊ฒŒ ์ด๋ฃจ์–ด์ ธ์„œ
05:00
that they were moving between a half a million
82
300089
2143
50๋งŒ์—์„œ 150๋งŒ ๋‹ฌ๋Ÿฌ์˜ ๋ˆ์„
05:02
and a million and a half dollars per attempt
83
302256
3087
์ž์‹ ๋“ค์˜ ๋ฒ”์ฃ„ ๊ณ„์ขŒ๋กœ ๊ฐ„๋‹จํ•˜๊ฒŒ ์˜ฎ๊น๋‹ˆ๋‹ค.
05:05
into their criminal coffers.
84
305367
1558
05:07
These criminal organizations operate
85
307960
2615
์ด๋Ÿฌํ•œ ๋ฒ”์ฃ„ ์กฐ์ง์€ ๋งˆ์น˜ ํ•ฉ๋ฒ•์ ์ธ ์‚ฌ์—…์ฒด์ธ ๊ฒƒ์ฒ˜๋Ÿผ ์šด์˜๋ฉ๋‹ˆ๋‹ค.
05:10
like highly regimented, legitimate businesses.
86
310599
3025
05:14
Their employees work Monday through Friday.
87
314165
2483
๊ทธ ์ง์›๋“ค์€ ์›”์š”์ผ๋ถ€ํ„ฐ ๊ธˆ์š”์ผ๊นŒ์ง€ ์ผํ•˜์ฃ .
05:17
They take the weekends off.
88
317129
1536
๊ทธ๋ฆฌ๊ณ  ์ฃผ๋ง์—๋Š” ์‰ฝ๋‹ˆ๋‹ค.
05:18
How do we know this?
89
318689
1383
์ด๊ฑธ ์–ด๋–ป๊ฒŒ ์•„๋Š๋ƒ๊ณ ์š”?
05:20
We know this because our security researchers see
90
320096
3133
์šฐ๋ฆฌ ์—ฐ๊ตฌ์›๋“ค์ด ๋ถ„์„ํ•ด๋ณด๋‹ˆ
05:23
repeated spikes of malware on a Friday afternoon.
91
323253
3066
๊ธˆ์š”์ผ ์˜คํ›„์— ์•…์„ฑ์ฝ”๋“œ ๊ณต๊ฒฉ์ด ๊ฐ€์žฅ ๋นˆ๋ฒˆํ•˜๊ฒŒ ๋‚˜ํƒ€๋‚ฌ๊ธฐ ๋•Œ๋ฌธ์ž…๋‹ˆ๋‹ค.
05:27
The bad guys, after a long weekend with the wife and kids,
92
327074
3215
์•…๋‹น๋“ค์€ ๊ธด ์ฃผ๋ง์„ ์•„๋‚ด์™€ ์•„์ด๋“ค๊ณผ ๋ณด๋‚ธ ๋’ค์—
05:30
come back in to see how well things went.
93
330313
2240
์ผ์ด ์–ผ๋งˆ๋‚˜ ์ž˜ ๋˜์—ˆ๋Š”์ง€ ๋Œ์•„์™€์„œ ํ™•์ธ๋งŒ ํ•˜๋ฉด ๋˜๋Š”๊ฑฐ์ฃ .
05:35
The Dark Web is where they spend their time.
94
335521
2674
๊ทธ๋“ค์ด ์‹œ๊ฐ„์„ ๋ณด๋‚ด๋Š” ๊ณณ์„ ๋‹คํฌ ์›น์ด๋ผ๊ณ  ํ•ฉ๋‹ˆ๋‹ค
05:39
That is a term used to describe the anonymous underbelly of the internet,
95
339115
5789
์ด๋Š” ๋„๋‘‘๋“ค์ด ์ต๋ช…์œผ๋กœ ์šด์˜ํ•˜๋ฉฐ
05:44
where thieves can operate with anonymity
96
344928
2925
๊ฐ์‹œ๋ง์„ ํ”ผํ•ด ํ™œ๋™ํ•  ์ˆ˜ ์žˆ๋Š” ์ธํ„ฐ๋„ท ๊ณต๊ฐ„์„ ์˜๋ฏธํ•ฉ๋‹ˆ๋‹ค.
05:47
and without detection.
97
347877
1445
05:50
Here they peddle their attack software
98
350029
3027
๊ทธ ๊ณณ์—์„œ ๊ทธ๋“ค์€ ๊ณต๊ฒฉ์šฉ ์†Œํ”„ํŠธ์›จ์–ด๋ฅผ ํŒ๋งคํ•˜๋ฉฐ
05:53
and share information on new attack techniques.
99
353080
3456
์ƒˆ๋กœ์šด ๊ณต๊ฒฉ ๊ธฐ๋ฒ•๋“ค์„ ๊ณต์œ ํ•ฉ๋‹ˆ๋‹ค.
05:57
You can buy everything there,
100
357391
1850
์ด๊ณณ์—์„œ๋Š” ๊ธฐ๋ณธ์ ์ธ ๊ณต๊ฒฉ๋ถ€ํ„ฐ
05:59
from a base-level attack to a much more advanced version.
101
359265
3656
๋งค์šฐ ๋ฐœ์ „๋œ ํ˜•ํƒœ์˜ ๋ฒ„์ „๊นŒ์ง€ ๋ฌด์—‡์ด๋“  ๊ตฌ๋งคํ•  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.
06:03
In fact, in many cases, you even see
102
363662
2292
์‚ฌ์‹ค, ๋Œ€๋ถ€๋ถ„์˜ ๊ฒฝ์šฐ์—
06:05
gold, silver and bronze levels of service.
103
365978
3172
๊ธˆ ์€,๋™ ๋ฉ”๋‹ฌ ์ˆ˜์ค€์˜ ๊ณต๊ฒฉ ์„œ๋น„์Šค๋กœ ๋‚˜๋‰˜์–ด์ง‘๋‹ˆ๋‹ค.
06:09
You can check references.
104
369723
1671
์ฆ๋ช…์„œ๋ฅผ ๋ฐ›์•„๋ณผ ์ˆ˜๋„ ์žˆ๊ณ 
06:11
You can even buy attacks
105
371797
2560
์‹ฌ์ง€์–ด ์–ด๋–ค ๊ณต๊ฒฉ ์„œ๋น„์Šค๋Š”
06:14
that come with a money-back guarantee --
106
374381
3328
๊ตฌ๋งค์‹œ์— ํ™˜๋ถˆ ๋ณด์ฆ๊นŒ์ง€ ํ•ด์ฃผ์ฃ .
06:17
(Laughter)
107
377733
1045
(์›ƒ์Œ ์†Œ๋ฆฌ)
06:18
if you're not successful.
108
378802
1655
๋งŒ์ผ ๊ณต๊ฒฉ์ด ์‹คํŒจํ–ˆ๋‹ค๋ฉด ๋ง์ด์ฃ .
06:21
Now, these environments, these marketplaces --
109
381751
3091
์ด์ œ, ์ด๋Ÿฐ ํ™˜๊ฒฝ๋“ค, ์ด๋Ÿฐ ํŒ๋งค์‹œ์žฅ์€ Amazon์ด๋‚˜ eBay์™€ ๊ฐ™์•„์กŒ์Šต๋‹ˆ๋‹ค.
06:24
they look like an Amazon or an eBay.
110
384866
3347
06:28
You see products, prices, ratings and reviews.
111
388237
3956
์ƒํ’ˆ, ๊ฐ€๊ฒฉ, ํ‰๊ฐ€ ๋“ฑ๊ธ‰๊ณผ ์‚ฌ์šฉ๊ธฐ๊นŒ์ง€ ๋ณผ ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.
06:32
Of course, if you're going to buy an attack,
112
392217
2254
๋‹น์‹ ์ด ๊ณต๊ฒฉ ์„œ๋น„์Šค๋ฅผ ๊ตฌ๋งคํ•˜๋ ค ํ•œ๋‹ค๋ฉด
06:34
you're going to buy from a reputable criminal with good ratings, right?
113
394495
3449
ํ‰๊ฐ€๊ฐ€ ์ข‹๊ณ  ๋ฒ”์ฃ„์  ํ‰ํŒ๋„ ๋†’์€ ๊ฒƒ์„ ์‚ฌ๊ฒ ์ฃ . ๊ทธ๋ ‡์ฃ ?
06:37
(Laughter)
114
397968
1004
(์›ƒ์Œ)
06:38
This isn't any different
115
398996
1201
์ƒˆ๋กœ์šด ์Œ์‹์ ์„ ๊ฐ€๊ณ  ์‹ถ์„ ๋•Œ
06:40
than checking on Yelp or TripAdvisor before going to a new restaurant.
116
400221
5190
Yelp๋‚˜ TripAdvisor์—์„œ ์ฐพ์•„๋ณด๋Š” ๊ฒƒ๊ณผ ๋‹ค๋ฅด์ง€ ์•Š์ฃ .
06:46
So, here is an example.
117
406323
2093
์˜ˆ๋ฅผ ํ•˜๋‚˜ ๋ณด์—ฌ๋“œ๋ฆฌ์ฃ .
06:48
This is an actual screenshot of a vendor selling malware.
118
408440
5421
์ด๋Š” ์‹ค์ œ๋กœ ํŒ๋งค์ž๊ฐ€ ์•…์„ฑ์ฝ”๋“œ๋ฅผ ํŒ๋งคํ•˜๋Š” ํŽ˜์ด์ง€์˜ ์Šคํฌ๋ฆฐ ์ƒท์ž…๋‹ˆ๋‹ค.
06:53
Notice they're a vendor level four,
119
413885
1815
ํŒ๋งค์ž ๋“ฑ๊ธ‰์€ 4๋“ฑ๊ธ‰์ด๊ณ 
06:55
they have a trust level of six.
120
415724
1841
์‹ ๋ขฐ ๋“ฑ๊ธ‰์€ 6๋“ฑ๊ธ‰์ด๋„ค์š”.
06:57
They've had 400 positive reviews in the last year,
121
417589
2335
์ž‘๋…„์— 400๊ฐœ์˜ ๊ธ์ •์  ๋ฆฌ๋ทฐ๋ฅผ ๋ฐ›์•˜๊ณ 
06:59
and only two negative reviews in the last month.
122
419948
2380
์ง€๋‚œ ๋‹ฌ์—๋Š” ๋‹จ 2๊ฐœ์˜ ๋ถ€์ •์ ์ธ ๋ฆฌ๋ทฐ๋ฅผ ๋ฐ›์•˜๊ตฐ์š”.
07:02
We even see things like licensing terms.
123
422892
3357
์‹ฌ์ง€์–ด ์ด์šฉ ์•ฝ๊ด€๊นŒ์ง€๋„ ์žˆ์Šต๋‹ˆ๋‹ค.
07:06
Here's an example of a site you can go to
124
426582
2004
๋˜ ๋‹ค๋ฅธ ์˜ˆ๋กœ์„œ ์—ฌ๋Ÿฌ๋ถ„์˜ ์‹ ๋ถ„์„ ๋ฐ”๊ฟ€ ์ˆ˜ ์žˆ๋Š” ์‚ฌ์ดํŠธ๋„ ์žˆ์Šต๋‹ˆ๋‹ค.
07:08
if you want to change your identity.
125
428610
1757
07:10
They will sell you a fake ID,
126
430391
1857
๊ทธ๊ณณ์—์„œ๋Š” ๊ฐ€์งœ ์‹ ๋ถ„์ฆ๊ณผ ๊ฐ€์งœ ์—ฌ๊ถŒ์„ ํŒ๋งคํ•˜์ฃ .
07:12
fake passports.
127
432272
1594
07:14
But note the legally binding terms for purchasing your fake ID.
128
434423
5049
์—ฌ๊ธฐ์—๋Š” ์œ„์กฐ ์‹ ๋ถ„์ฆ ๊ฑฐ๋ž˜์— ์žˆ์–ด์„œ ๋ฒ•์  ๊ตฌ์†๋ ฅ์„ ๊ฐ–๋Š” ์กฐํ•ญ์ด ์žˆ๋Š”๋ฐ์š”.
07:20
Give me a break.
129
440338
1521
๊ทธ๋Ÿฐ๋ฐ ์ž ๊น๋งŒ์š”.
07:21
What are they going to do -- sue you if you violate them?
130
441883
2858
๊ทธ ์กฐํ•ญ์„ ์–ด๊ธด๋‹ค๊ณ  ํ•ด์„œ ํŒ๋งค์ž๊ฐ€ ์—ฌ๋Ÿฌ๋ถ„์„ ๊ณ ์†Œํ•  ์ˆ˜ ์žˆ์„๊นŒ์š”?
07:24
(Laughter)
131
444765
1150
(์›ƒ์Œ)
07:27
This occurred a couple of months ago.
132
447278
2423
๋ช‡ ๋‹ฌ ์ „์— ์ด๋Ÿฐ ์ผ์ด ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค.
07:29
One of our security researchers was looking
133
449725
3615
์šฐ๋ฆฌ ๋ณด์•ˆ ์—ฐ๊ตฌ์› ์ค‘ ํ•˜๋‚˜๊ฐ€
์ €ํฌ๊ฐ€ ์ƒˆ๋กœ ๋ฐœ๊ฒฌํ•œ ์•ˆ๋“œ๋กœ์ด๋“œ OS์˜ ์•…์„ฑ์ฝ”๋“œ ์•ฑ์„ ๋ถ„์„ํ•˜๊ณ  ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค.
07:33
at a new Android malware application that we had discovered.
134
453364
4998
07:38
It was called Bilal Bot.
135
458386
1920
๋นŒ๋ผ ๋ด‡(Bilal Bot)์ด๋ผ๋Š” ๊ฒƒ์ด์—ˆ์Šต๋‹ˆ๋‹ค.
07:41
In a blog post,
136
461334
1926
๊ทธ๋ฆฌ๊ณ  ์šฐ๋ฆฌ ๋ธ”๋กœ๊ทธ์—
07:43
she positioned Bilal Bot as a new, inexpensive and beta alternative
137
463284
6805
๋นŒ๋ผ ๋ด‡์€ ์ƒˆ๋กญ๊ณ , ์ €๋ ดํ•œ ๋ฒ ํƒ€๋ฒ„์ „์œผ๋กœ
07:50
to the much more advanced GM Bot
138
470690
3338
์ผ๋ฐ˜์ ์œผ๋กœ ๋ฒ”์ฃ„ ์˜์—ญ์—์„œ ๋งค์šฐ ํ”ํ•˜๊ฒŒ ์‚ฌ์šฉ๋˜๋Š” GM๋ด‡์„
07:54
that was commonplace in the criminal underground.
139
474052
2815
๋Œ€์ฒดํ•˜๊ธฐ ์œ„ํ•œ ๊ฒƒ์ด๋ผ๋Š” ๊ธ€์„ ์˜ฌ๋ ธ์ฃ .
07:58
This review did not sit well with the authors of Bilal Bot.
140
478478
4010
๊ทธ๋Ÿฐ๋ฐ ๋นŒ๋ผ๋ด‡ ์ œ์ž‘์ž๋“ค์—๊ฒŒ๋Š” ์ด ๋ฆฌ๋ทฐ๊ฐ€ ๋งˆ์Œ์— ๋“ค์ง€ ์•Š์•˜์Šต๋‹ˆ๋‹ค.
08:03
So they wrote her this very email,
141
483057
2580
๊ทธ๋ž˜์„œ ๊ทธ๋“ค์€ ๊ทธ ์—ฐ๊ตฌ์›์—๊ฒŒ ๋ฐ”๋กœ ์ด๋Ÿฐ ๋ฉ”์ผ์„ ๋ณด๋ƒˆ๊ณ 
08:06
pleading their case and making the argument
142
486848
2757
๊ทธ๋“ค์˜ ์ž…์žฅ์„ ํ•ญ๋ณ€ํ•˜๋ฉฐ
์•„๋งˆ ๊ทธ ์—ฐ๊ตฌ์›์ด ์ด์ „ ๋ฒ„์ „์„ ๊ฐ€์ง€๊ณ  ๋ฆฌ๋ทฐ๋ฅผ ์“ด ๊ฒƒ ๊ฐ™๋‹ค๊ณ  ์ฃผ์žฅํ–ˆ์Šต๋‹ˆ๋‹ค.
08:09
that they felt she had evaluated an older version.
143
489629
5429
08:16
They asked her to please update her blog with more accurate information
144
496018
4709
๊ทธ๋“ค์€ ๋”์šฑ ์ •ํ™•ํ•œ ์ •๋ณด๋ฅผ ๊ฐ€์ง€๊ณ  ๋ธ”๋กœ๊ทธ๋ฅผ ์—…๋ฐ์ดํŠธํ•ด๋‹ฌ๋ผ๊ณ  ์š”์ฒญํ–ˆ์ฃ .
08:20
and even offered to do an interview
145
500751
3412
์‹ฌ์ง€์–ด ๊ทธ ๊ณต๊ฒฉ ์†Œํ”„ํŠธ์›จ์–ด๊ฐ€ ํ˜„์žฌ ๊ฒฝ์Ÿ์ž๋“ค๋ณด๋‹ค ์–ผ๋งˆ๋‚˜ ๋” ๋‚˜์€์ง€
08:24
to describe to her in detail
146
504187
2221
๋ณด๋‹ค ์ž์„ธํ•˜๊ฒŒ ์„ค๋ช…ํ•  ์ˆ˜ ์žˆ๋„๋ก
08:26
how their attack software was now far better than the competition.
147
506432
4599
์šฐ๋ฆฌ์—๊ฒŒ ์ธํ„ฐ๋ทฐ๋ฅผ ์ œ์•ˆํ•˜๊ธฐ๋„ ํ–ˆ์Šต๋‹ˆ๋‹ค.
08:32
So look,
148
512185
1325
์ž, ์ƒ๊ฐํ•ด๋ณด์„ธ์š”.
08:33
you don't have to like what they do,
149
513534
3864
๊ทธ๋“ค์ด ์ €์ง€๋ฅด๋Š” ์ผ๋“ค์€ ์ข‹์•„ํ•  ์ด์œ ๊ฐ€ ์—†์ง€๋งŒ
08:37
but you do have to respect the entrepreneurial nature
150
517422
4919
๊ธฐ์—…๊ฐ€์  ์ธก๋ฉด์—์„œ์˜ ๊ทธ๋“ค์˜ ๋…ธ๋ ฅ์€
08:42
of their endeavors.
151
522365
1207
์กด๊ฒฝํ•  ๋งŒํ•ฉ๋‹ˆ๋‹ค.
08:43
(Laughter)
152
523596
1150
(์›ƒ์Œ)
08:46
So how are we going to stop this?
153
526296
3855
๊ทธ๋Ÿฌ๋ฉด ์ด๋Ÿฐ ์ผ์„ ์–ด๋–ป๊ฒŒ ๋ง‰์•„์•ผ ํ• ๊นŒ์š”?
08:51
It's not like we're going to be able to identify who's responsible --
154
531534
5564
์ฑ…์ž„์ž๋ฅผ ์ƒ‰์ถœํ•˜๊ธฐ๋Š” ์–ด๋ ค์šธ ๊ฒƒ ์ž…๋‹ˆ๋‹ค.
08:57
remember, they operate with anonymity
155
537122
2962
๊ธฐ์–ตํ•˜์„ธ์š”.
๊ทธ๋“ค์€ ์ต๋ช…์œผ๋กœ ์šด์˜๋˜๊ณ  ๋ฒ• ํ…Œ๋‘๋ฆฌ ๋ฐ–์—์„œ ํ™œ๋™ํ•ฉ๋‹ˆ๋‹ค.
09:00
and outside the reach of the law.
156
540108
1985
09:03
We're certainly not going to be able to prosecute the offenders.
157
543037
3284
๋ฒ”์ฃ„์ž๋ฅผ ๊ธฐ์†Œํ•˜๊ธฐ๋„ ์‰ฝ์ง€ ์•Š์ฃ .
09:06
I would propose that we need a completely new approach.
158
546976
5545
์ €๋Š” ์™„์ „ํžˆ ์ƒˆ๋กœ์šด ์ ‘๊ทผ๋ฒ•์ด ํ•„์š”ํ•˜๋‹ค๊ณ  ์ œ์•ˆํ•˜๊ณ  ์‹ถ์Šต๋‹ˆ๋‹ค.
09:13
And that approach needs to be centered on the idea
159
553583
3906
๊ทธ ์ ‘๊ทผ๋ฒ•์˜ ๊ธฐ๋ณธ ๊ฐœ๋…์€
09:17
that we need to change the economics for the bad guys.
160
557513
3895
์•…๋‹น๋“ค์˜ ๊ฒฝ์ œ ๊ตฌ์กฐ๋ฅผ ๋ฐ”๊พธ๋Š” ๋ฐ์— ์žˆ์Šต๋‹ˆ๋‹ค.
09:22
And to give you a perspective on how this can work,
161
562065
3101
๊ทธ ๋ฐฉ๋ฒ•์— ๋Œ€ํ•œ ์ดํ•ด๋ฅผ ๋•๊ธฐ ์œ„ํ•ด์„œ
09:25
let's think of the response we see to a healthcare pandemic:
162
565190
4988
์œ ํ–‰์„ฑ ์ „์—ผ๋ณ‘์— ๋Œ€์ฒ˜ํ•œ๋‹ค๊ณ  ์ƒ๊ฐํ•ด๋ณด์ฃ .
09:30
SARS, Ebola, bird flu, Zika.
163
570202
3003
์‚ฌ์Šค, ์—๋ณผ๋ผ, ์กฐ๋ฅ˜ ๋…๊ฐ, ์ง€์นด ๋ฐ”์ด๋Ÿฌ์Šค๊ฐ™์€ ๊ฒƒ๋“ค์ด์š”.
09:33
What is the top priority?
164
573856
1921
๊ฐ€์žฅ ๋จผ์ € ํ•  ์ผ์€ ๋ฌด์—‡์ผ๊นŒ์š”?
09:35
It's knowing who is infected and how the disease is spreading.
165
575801
5293
๋ˆ„๊ฐ€ ๊ฐ์—ผ๋˜์—ˆ๊ณ  ์–ด๋–ป๊ฒŒ ๋ณ‘์ด ํผ์ง€๊ณ  ์žˆ๋Š”์ง€ ํŒŒ์•…ํ•˜๋Š” ๊ฒƒ์ž…๋‹ˆ๋‹ค.
09:43
Now, governments, private institutions, hospitals, physicians --
166
583835
6147
์ •๋ถ€, ์‚ฌ์„ค ๊ธฐ๊ด€, ๋ณ‘์›, ์˜์‚ฌ.
09:50
everyone responds openly and quickly.
167
590881
3720
๋ชจ๋‘๊ฐ€ ๊ณต๊ฐœ์ ์ด๊ณ  ์‹ ์†ํ•˜๊ฒŒ ๋Œ€์‘ํ•ฉ๋‹ˆ๋‹ค.
09:55
This is a collective and altruistic effort
168
595154
3971
๋ชจ๋‘๊ฐ€ ํ˜‘๋ ฅํ•˜๊ณ  ์‚ฌ์‹ฌ์—†๋Š” ๋…ธ๋ ฅ์„ ๊ธฐ์šธ์—ฌ
09:59
to stop the spread in its tracks
169
599149
3900
๊ฐ์—ผ ๊ฒฝ๋กœ๋ฅผ ๋”ฐ๋ผ ๋ณ‘์ด ํผ์ง€๋Š” ๊ฒƒ์„ ๋ง‰๊ณ 
10:03
and to inform anyone not infected
170
603073
2877
๊ฐ์—ผ๋˜์ง€ ์•Š์€ ์‚ฌ๋žŒ๋“ค์—๊ฒŒ๋Š”
10:05
how to protect or inoculate themselves.
171
605974
2380
์Šค์Šค๋กœ๋ฅผ ๋ณดํ˜ธํ•˜๋Š” ๋ฐฉ๋ฒ•๊ณผ ์˜ˆ๋ฐฉ ์ ‘์ข…์— ๊ด€ํ•œ ์ •๋ณด๋ฅผ ์ œ๊ณตํ•˜์ฃ .
10:10
Unfortunately, this is not at all what we see in response to a cyber attack.
172
610720
5694
๋ถˆํ–‰ํžˆ๋„ ์‚ฌ์ด๋ฒ„ ๊ณต๊ฒฉ์˜ ์„ธ๊ณ„์—์„œ๋Š” ์ด๋Ÿฐ ๋ฐ˜์‘์„ ๊ธฐ๋Œ€ํ•˜๊ธฐ ์–ด๋ ต์Šต๋‹ˆ๋‹ค.
10:17
Organizations are far more likely to keep information on that attack
173
617670
4451
์—ฌ๋Ÿฌ ๋‹จ์ฒด๋“ค์€ ๊ณต๊ฒฉ์— ๋Œ€ํ•œ ์ •๋ณด๋“ค์„ ํผ๋œจ๋ฆฌ์ง€ ์•Š์œผ๋ ค๊ณ  ํ•  ๊ฐ€๋Šฅ์„ฑ์ด
10:22
to themselves.
174
622145
1625
๋” ๋†’์Šต๋‹ˆ๋‹ค.
10:24
Why?
175
624902
1156
์™œ ๊ทธ๋Ÿด๊นŒ์š”?
10:26
Because they're worried about competitive advantage,
176
626082
2970
์™œ๋ƒํ•˜๋ฉด ๊ทธ๋“ค์€ ๊ฒฝ์Ÿ ์šฐ์œ„๋ฅผ ๊ฑฑ์ •ํ•˜๊ณ 
10:29
litigation
177
629863
1571
์†Œ์†ก๊ณผ ๊ทœ์ •๋งŒ์„ ์ƒ๊ฐํ•˜๊ธฐ ๋•Œ๋ฌธ์ž…๋‹ˆ๋‹ค.
10:31
or regulation.
178
631458
1306
10:33
We need to effectively democratize threat intelligence data.
179
633647
5770
์šฐ๋ฆฌ๋Š” ์œ„ํ˜‘์ด ๋ ๋งŒํ•œ ์ •๋ณด๋“ค์„ ํšจ๊ณผ์ ์œผ๋กœ ๋Œ€์ค‘ํ™”ํ•ด์•ผ ํ•ฉ๋‹ˆ๋‹ค.
10:39
We need to get all of these organizations to open up and share
180
639795
5476
์ด๋Ÿฐ ๋ชจ๋“  ๋‹จ์ฒด๋“ค์ด ๊ฐ€์ง€๋Š” ๊ฐœ์ธ ์ •๋ณด ์ €์žฅ์†Œ๋ฅผ ์—ด๊ณ 
10:45
what is in their private arsenal of information.
181
645295
3622
๊ณต์œ ํ•  ํ•„์š”๊ฐ€ ์žˆ์Šต๋‹ˆ๋‹ค.
10:50
The bad guys are moving fast;
182
650830
2794
์•…๋‹น๋“ค์ด ๋น ๋ฅด๊ฒŒ ์›€์ง์ธ๋‹ค๋ฉด
10:53
we've got to move faster.
183
653648
2117
์šฐ๋ฆฌ๊ฐ€ ๋ณด๋‹ค ๋น ๋ฅด๊ฒŒ ์›€์ง์ด๋ฉด ๋ฉ๋‹ˆ๋‹ค.
10:56
And the best way to do that is to open up
184
656570
3722
๊ทธ๋ฆฌ๊ณ  ์ด๋ฅผ ์‹ค์ฒœํ•˜๋Š” ์ตœ๊ณ ์˜ ๋ฐฉ๋ฒ•์€
๋ฌด์Šจ์ผ์ด ์ผ์–ด๋‚ฌ๋Š”์ง€ ๊ณต๊ฐœํ•˜๊ณ  ๊ณต์œ ํ•˜๋Š” ๊ฒƒ์ž…๋‹ˆ๋‹ค.
11:00
and share data on what's happening.
185
660316
2347
11:03
Let's think about this in the construct of security professionals.
186
663124
4326
๋ณด์•ˆ ์ „๋ฌธ๊ฐ€๋“ค์˜ ๊ตฌ์„ฑ์— ๋Œ€ํ•ด์„œ ์ƒ๊ฐํ•ด๋ด…์‹œ๋‹ค.
11:07
Remember, they're programmed right into their DNA to keep secrets.
187
667984
4976
๊ทธ๋“ค์€ ๋น„๋ฐ€์„ ์ง€ํ‚ค๋„๋ก ์œ ์ „์ž๊ฐ€ ์„ค์ •๋˜์–ด ์žˆ๋Š” ์‚ฌ๋žŒ๋“ค์ด๋ผ๊ณ  ์ƒ๊ฐํ•˜์ฃ .
11:12
We've got to turn that thinking on its head.
188
672984
3024
๋ฐ”๋กœ ๊ทธ๋Ÿฐ ์ƒ๊ฐ๋ถ€ํ„ฐ ๋ฐ”๊พธ์–ด์•ผ ํ•ฉ๋‹ˆ๋‹ค.
11:16
We've got to get governments, private institutions
189
676032
3281
๋ฌด์—‡๋ณด๋‹ค๋„ ์ •๋ถ€์™€ ์‚ฌ์„ค๊ธฐ๊ด€
11:19
and security companies
190
679337
1443
๋ณด์•ˆ ํšŒ์‚ฌ๋“ค๋กœ ํ•˜์—ฌ๊ธˆ
11:20
willing to share information at speed.
191
680804
2731
์‹ ์†ํ•˜๊ฒŒ ์ •๋ณด๋ฅผ ๊ณต์œ ํ•˜๋„๋ก ๋งŒ๋“ค์–ด์•ผ ํ•ฉ๋‹ˆ๋‹ค.
11:23
And here's why:
192
683559
1676
๊ทธ ์ด์œ ๋ฅผ ๋ง์”€๋“œ๋ฆฌ์ฃ .
11:25
because if you share the information,
193
685259
1877
์ •๋ณด๋ฅผ ๊ณต์œ ํ•œ๋‹ค๋Š” ๊ฒƒ์€ ์˜ˆ๋ฐฉ ์ ‘์ข…์„ ํ•˜๋Š” ๊ฒƒ๊ณผ ๊ฐ™์Šต๋‹ˆ๋‹ค.
11:27
it's equivalent to inoculation.
194
687160
2017
11:30
And if you're not sharing,
195
690483
1547
๋งŒ์ผ ์ •๋ณด๋ฅผ ๊ณต์œ ํ•˜์ง€ ์•Š์œผ๋ฉด
11:32
you're actually part of the problem,
196
692054
2101
์—ฌ๋Ÿฌ๋ถ„์€ ๋ฌธ์ œ์˜ ์ผ๋ถ€๊ฐ€ ๋  ๊ฒƒ์ž…๋‹ˆ๋‹ค.
11:34
because you're increasing the odds that other people could be impacted
197
694179
5768
๋˜‘๊ฐ™์€ ๊ณต๊ฒฉ ๊ธฐ๋ฒ•์„ ๊ฐ€์ง€๊ณ  ๋‹ค๋ฅธ ์‚ฌ๋žŒ์ด ์˜ํ–ฅ์„ ๋ฐ›์„
11:39
by the same attack techniques.
198
699971
2630
ํ™•๋ฅ ์ด ๋†’์•„์ง€๊ธฐ ๋•Œ๋ฌธ์ž…๋‹ˆ๋‹ค.
11:43
But there's an even bigger benefit.
199
703806
2049
ํ•˜์ง€๋งŒ ๋” ํฐ ์žฅ์ ์ด ์žˆ์Šต๋‹ˆ๋‹ค.
11:47
By destroying criminals' devices closer to real time,
200
707018
4746
๋ฒ”์ฃ„์ž์˜ ๋„๊ตฌ๋ฅผ ๊ฑฐ์˜ ์‹ค์‹œ๊ฐ„์œผ๋กœ ํŒŒ๊ดดํ•จ์œผ๋กœ์จ
11:51
we break their plans.
201
711788
1753
๊ทธ๋“ค ๊ณ„ํš์„ ๋ฌด๋„ˆ๋œจ๋ฆด ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.
11:55
We inform the people they aim to hurt
202
715282
3240
๊ทธ๋“ค์˜ ์˜ˆ์ƒ๋ณด๋‹ค ํ›จ์”ฌ ๋” ๋นจ๋ฆฌ
11:58
far sooner than they had ever anticipated.
203
718546
2645
๊ทธ๋“ค์ด ๋…ธ๋ฆฌ๋Š” ์‚ฌ๋žŒ๋“ค์—๊ฒŒ ์•Œ๋ฆด ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.
12:02
We ruin their reputations,
204
722340
2201
๊ทธ๋“ค์˜ ๋ช…์„ฑ์„ ๋ฌด๋„ˆ๋œจ๋ฆฌ๊ณ 
12:04
we crush their ratings and reviews.
205
724565
3092
๊ทธ๋“ค์— ๋Œ€ํ•œ ํ‰๊ฐ€์™€ ๋ฆฌ๋ทฐ๋ฅผ ๋ถ€์ˆ  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.
12:08
We make cybercrime not pay.
206
728125
3832
์‚ฌ์ด๋ฒ„ ๋ฒ”์ฃ„๋กœ ๋ˆ์„ ๋ฒŒ์ง€ ๋ชปํ•˜๊ฒŒ ๋งŒ๋“ค ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.
12:12
We change the economics for the bad guys.
207
732751
3768
๊ทธ ์•…๋‹น๋“ค์˜ ๊ฒฝ์ œ ๊ตฌ์กฐ๋ฅผ ๋ฐ”๊พธ๋Š” ๊ฑฐ์ฃ .
12:18
But to do this, a first mover was required --
208
738135
3972
๊ทธ๋Ÿฌ๋‚˜ ๊ทธ๋Ÿฌ๊ธฐ ์œ„ํ•ด์„œ๋Š” ์•ž์„œ ์ด๋Œ์–ด ์ค„ ์‚ฌ๋žŒ์ด ํ•„์š”ํ•ฉ๋‹ˆ๋‹ค
12:22
someone to change the thinking in the security industry overall.
209
742131
4601
๋ณด์•ˆ ์—…๊ณ„ ์ „๋ฐ˜์˜ ์‚ฌ๊ณ  ๋ฐฉ์‹์„ ๋ฐ”๊ฟ€ ๋ˆ„๊ตฐ๊ฐ€๊ฐ€ ํ•„์š”ํ•ฉ๋‹ˆ๋‹ค.
12:27
About a year ago,
210
747887
1270
์•ฝ 1๋…„ ์ „,
12:29
my colleagues and I had a radical idea.
211
749181
2506
์ €์™€ ์ œ ๋™๋ฃŒ๋“ค์€ ๊ธ‰์ง„์ ์ธ ์•„์ด๋””์–ด๋ฅผ ๊ฐ€์ง€๊ณ  ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค.
12:32
What if IBM were to take our data --
212
752444
4584
๋งŒ์ผ IBM์ด ์šฐ๋ฆฌ์˜ ๊ฐœ์ธ์ •๋ณด๋ฅผ ๋ชจ์•„์„œ
12:37
we had one of the largest threat intelligence databases in the world --
213
757807
3988
์œ„ํ˜‘์ด ๋ ๋งŒํ•œ ๋ฐฉ๋Œ€ํ•œ ์ •๋ณด๋“ค์„ ์–ป์€ ๋’ค์— ๊ทธ๊ฑธ ๊ณต๊ฐœํ•ด๋ฒ„๋ฆฐ๋‹ค๋ฉด
12:41
and open it up?
214
761819
1359
์–ด๋–ป๊ฒŒ ๋ ๊นŒ์š”?
12:43
It had information not just on what had happened in the past,
215
763577
3461
๊ณผ๊ฑฐ์˜ ์ •๋ณด๋“ค๋ฟ๋งŒ ์•„๋‹ˆ๋ผ,
12:47
but what was happening in near-real time.
216
767062
2475
์‹ค์‹œ๊ฐ„์œผ๋กœ ์ผ์–ด๋‚˜๋Š” ์ผ์˜ ์ •๋ณด๋„ ์žˆ์„ ๊ฒƒ์ž…๋‹ˆ๋‹ค.
12:49
What if we were to publish it all openly on the internet?
217
769561
3897
์ด๋ฅผ ์ธํ„ฐ๋„ท์œผ๋กœ ๋ชจ๋“  ์ด์—๊ฒŒ ๊ณต๊ฐœํ•œ๋‹ค๋ฉด ์–ด๋–ป๊ฒŒ ๋ ๊นŒ์š”?
12:54
As you can imagine, this got quite a reaction.
218
774283
2494
์ƒ์ƒํ•˜์‹œ๋Š”๋Œ€๋กœ ์—„์ฒญ๋‚œ ๋ฐ˜๋ฐœ์ด ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค.
12:56
First came the lawyers:
219
776801
1364
๋จผ์ € ๋ณ€ํ˜ธ์‚ฌ์˜ ์ง€์ ์ด ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค.
12:58
What are the legal implications of doing that?
220
778189
2315
๊ทธ ์ผ์ด ๋ฒ•์ ์œผ๋กœ ์–ด๋–ค ๊ฒฐ๊ณผ๋ฅผ ์ดˆ๋ž˜ํ•˜๊ฒŒ ๋ ์ง€๋ฅผ ๋ฌผ์—ˆ์ฃ .
13:01
Then came the business:
221
781205
1335
์‚ฌ์—… ์ธก๋ฉด์˜ ์ง€์ ๋„ ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค.
13:02
What are the business implications of doing that?
222
782564
2400
๊ทธ ์ผ์ด ์‚ฌ์—… ์ธก๋ฉด์—์„œ ์–ด๋–ค ์˜ํ–ฅ์„ ๋ฏธ์น˜๊ฒŒ ๋ ์ง€ ๋ฌผ์—ˆ์Šต๋‹ˆ๋‹ค.
13:05
And this was also met with a good dose
223
785442
2173
๋ฌผ๋ก  ์šฐ๋ฆฌ์—๊ฒŒ ์ œ์ •์‹ ์ด๋ƒ๊ณ  ๋ฌป๋Š” ์‚ฌ๋žŒ๋“ค๋„ ๋งŽ์•˜์Šต๋‹ˆ๋‹ค.
13:07
of a lot of people just asking if we were completely crazy.
224
787639
3108
13:11
But there was one conversation that kept floating to the surface
225
791748
3786
ํ•˜์ง€๋งŒ ๋ˆ„๊ตฌ์™€ ๋Œ€ํ™”๋ฅผ ๋‚˜๋ˆ„๋“ 
๊ณ„์†ํ•ด์„œ ํ‘œ๋ฉด์œผ๋กœ ๋– ์˜ค๋ฅด๋Š” ํ•œ๊ฐ€์ง€ ์ฃผ์ œ๊ฐ€ ์žˆ์—ˆ์Šต๋‹ˆ๋‹ค
13:15
in every dialogue that we would have:
226
795558
2051
13:18
the realization that if we didn't do this,
227
798220
3547
๊ทธ ์ผ์„ ํ•˜์ง€ ์•Š์œผ๋ฉด
์šฐ๋ฆฌ์—๊ฒŒ๋„ ๋ฌธ์ œ๊ฐ€ ์žˆ๋‹ค๋Š” ๊นจ๋‹ฌ์Œ์ด์—ˆ์Šต๋‹ˆ๋‹ค.
13:21
then we were part of the problem.
228
801791
2631
13:25
So we did something unheard of in the security industry.
229
805334
2860
๊ทธ๋ž˜์„œ ์šฐ๋ฆฌ๋Š” ๋ณด์•ˆ ์—…๊ณ„์—์„œ ์ „๋ก€๊ฐ€ ์—†์—ˆ๋˜ ์ผ์„ ํ–ˆ์Šต๋‹ˆ๋‹ค.
13:28
We started publishing.
230
808865
1673
์šฐ๋ฆฌ๋Š” ์‚ฌ์ด๋ฒ„ ๋ฒ”์ฃ„๋ฅผ ๋ง‰๊ธฐ ์œ„ํ•ด
13:30
Over 700 terabytes of actionable threat intelligence data,
231
810562
4410
700 ํ…Œ๋ผ๋ฐ”์ดํŠธ๊ฐ€ ๋„˜๋Š” ํ™œ์šฉ ๊ฐ€๋Šฅํ•œ ์œ„ํ˜‘ ์š”์ธ ์ •๋ณด์™€
13:34
including information on real-time attacks
232
814996
3005
์‹ค์‹œ๊ฐ„ ๊ณต๊ฒฉ ์ •๋ณด๋ฅผ ๋ฐœํ‘œํ•˜๊ธฐ ์‹œ์ž‘ํ–ˆ์Šต๋‹ˆ๋‹ค.
13:38
that can be used to stop cybercrime in its tracks.
233
818025
2863
13:41
And to date,
234
821633
1370
๊ทธ๋ฆฌ๊ณ  ์ง€๊ธˆ๊นŒ์ง€
13:43
over 4,000 organizations are leveraging this data,
235
823027
4044
100๋Œ€ ๊ธฐ์—…์˜ ์ ˆ๋ฐ˜์„ ํฌํ•จํ•œ 4,000๊ฐœ๊ฐ€ ๋„˜๋Š” ๋‹จ์ฒด๋“ค์ด
13:47
including half of the Fortune 100.
236
827095
1879
์ด ๋ฐ์ดํ„ฐ๋ฅผ ํ™œ์šฉํ•˜๊ณ  ์žˆ์Šต๋‹ˆ๋‹ค.
13:50
And our hope as a next step is to get all of those organizations
237
830419
4017
๊ทธ๋ฆฌ๊ณ  ๋‹ค์Œ ๋‹จ๊ณ„๋กœ์„œ ์šฐ๋ฆฌ์˜ ๋ฐ”๋žŒ์€
๋ชจ๋“  ์กฐ์ง์ด ์šฐ๋ฆฌ์™€ ํ•จ๊ป˜ ์ด ์‹ธ์›€์— ์ฐธ์—ฌํ•˜๊ณ 
13:54
to join us in the fight,
238
834460
1961
13:56
and do the same thing
239
836445
1551
๋˜‘๊ฐ™์€ ์ผ์„ ํ•˜๋ฉฐ
13:58
and share their information
240
838020
2088
๊ทธ๋“ค์ด ์–ธ์ œ ์–ด๋–ป๊ฒŒ ๊ณต๊ฒฉ์„ ๋‹นํ–ˆ๋Š”์ง€ ๊ทธ ์ •๋ณด๋ฅผ ๊ณต์œ ํ•˜๋Š” ๊ฒƒ์ž…๋‹ˆ๋‹ค.
14:00
on when and how they're being attacked as well.
241
840132
2534
14:03
We all have the opportunity to stop it,
242
843372
3018
์šฐ๋ฆฌ์—๊ฒŒ๋Š” ๋ฒ”์ฃ„๋ฅผ ๋ง‰์„ ๊ธฐํšŒ๊ฐ€ ์žˆ์Šต๋‹ˆ๋‹ค,
14:06
and we already all know how.
243
846414
2161
๊ทธ๋ฆฌ๊ณ  ๊ทธ ๋ฐฉ๋ฒ•๋„ ์ด๋ฏธ ์•Œ๊ณ  ์žˆ์ฃ .
14:09
All we have to do is look to the response that we see
244
849192
4370
์šฐ๋ฆฌ ๋ชจ๋‘๊ฐ€ ํ•ด์•ผ ํ•  ์ผ์€
๊ณต์ค‘๋ณด๊ฑด์ด ์–ด๋–ป๊ฒŒ ๊ฐ์—ผ๋ณ‘์— ๋Œ€์ฒ˜ํ•˜๊ณ  ๋Œ€์‘ํ•˜๋Š”์ง€ ์‚ดํŽด๋ณด๋Š” ๊ฒƒ์ž…๋‹ˆ๋‹ค.
14:13
in the world of health care,
245
853586
1506
14:15
and how they respond to a pandemic.
246
855116
1903
14:17
Simply put,
247
857443
1379
๊ฐ„๋‹จํžˆ ๋งํ•ด์„œ
14:18
we need to be open and collaborative.
248
858846
2276
์šฐ๋ฆฌ๋Š” ๊ฐœ๋ฐฉํ•˜๊ณ  ๋” ํ˜‘๋ ฅํ•ด์•ผ ํ•ฉ๋‹ˆ๋‹ค.
14:21
Thank you.
249
861696
1151
๊ฐ์‚ฌํ•ฉ๋‹ˆ๋‹ค.
14:22
(Applause)
250
862871
3792
(๋ฐ•์ˆ˜)
์ด ์›น์‚ฌ์ดํŠธ ์ •๋ณด

์ด ์‚ฌ์ดํŠธ๋Š” ์˜์–ด ํ•™์Šต์— ์œ ์šฉํ•œ YouTube ๋™์˜์ƒ์„ ์†Œ๊ฐœํ•ฉ๋‹ˆ๋‹ค. ์ „ ์„ธ๊ณ„ ์ตœ๊ณ ์˜ ์„ ์ƒ๋‹˜๋“ค์ด ๊ฐ€๋ฅด์น˜๋Š” ์˜์–ด ์ˆ˜์—…์„ ๋ณด๊ฒŒ ๋  ๊ฒƒ์ž…๋‹ˆ๋‹ค. ๊ฐ ๋™์˜์ƒ ํŽ˜์ด์ง€์— ํ‘œ์‹œ๋˜๋Š” ์˜์–ด ์ž๋ง‰์„ ๋”๋ธ” ํด๋ฆญํ•˜๋ฉด ๊ทธ๊ณณ์—์„œ ๋™์˜์ƒ์ด ์žฌ์ƒ๋ฉ๋‹ˆ๋‹ค. ๋น„๋””์˜ค ์žฌ์ƒ์— ๋งž์ถฐ ์ž๋ง‰์ด ์Šคํฌ๋กค๋ฉ๋‹ˆ๋‹ค. ์˜๊ฒฌ์ด๋‚˜ ์š”์ฒญ์ด ์žˆ๋Š” ๊ฒฝ์šฐ ์ด ๋ฌธ์˜ ์–‘์‹์„ ์‚ฌ์šฉํ•˜์—ฌ ๋ฌธ์˜ํ•˜์‹ญ์‹œ์˜ค.

https://forms.gle/WvT1wiN1qDtmnspy7