25487 views

Go inside the war room of the cyber crisis management center.

00:00 - 00:03 Sir, our IT operations are down.

00:04 - 00:05 The computers are down.

00:05 - 00:07 Phones, printers, and the Juicero are encrypted.

00:08 - 00:12 We're infected with Petya. It's ransomware.

00:12 - 00:15 It's asking for $300 in bitcoin.

00:17 - 00:19 I'm not going pay.

00:19 - 00:21 Restore from backups.

00:24 - 00:26 Sir...

00:27 - 00:28 Unfortunately...

00:31 - 00:33 We tried to restore.

00:34 - 00:36 The backups failed.

00:53 - 00:58 Everyone without a CISSP, GSEC, or CISM... get out.

01:13 - 01:15 How could this happen!?

01:15 - 01:17 152 threat intel feeds, 8 next-gen AV products.

01:18 - 01:23 A 9-figure security budget.

01:25 - 01:28 Gartner magic quadrant my ass!

01:29 - 01:31 I sent you to Defcon to stop this shit.

01:31 - 01:34 Here we are again, only a month after WannaCry.

01:34 - 01:37 You had since March to patch.

01:37 - 01:40 Since MARCH! MARCH!

01:40 - 01:42 Sir, we patched. We did.

01:42 - 01:46 Then why is my Juicero encrypted?

01:46 - 01:48 Sir, this is new. Sophisticated.

01:48 - 01:52 That's what PR wonks say to noobs.

01:53 - 01:54 CISSP bullshit.

01:56 - 01:57 MalwareTech had a kill-switch.

01:57 - 02:00 We sent him pizza, beer, and a barber.

02:00 - 02:03 We read Robert Graham's blog together every morning.

02:04 - 02:08 We did security awareness training.

02:08 - 02:13 And we're still hacked every week like Yahoo!

02:14 - 02:16 I'm sick of getting calls from Brian Krebs.

02:17 - 02:21 The grugq always trolling us on twitter.

02:27 - 02:29 I just want one uneventful weekend.

02:30 - 02:34 Is that too much to ask?

02:34 - 02:36 If it's not one thing, it's Tavis Ormandy.

02:41 - 02:42 No dropping 0-days on Friday!

02:43 - 02:47 If not Tavis, it's the Shadowbrokers.

02:48 - 02:53 I can't even understand what they're are saying.

02:54 - 02:56 Like John Malkovich reading leet speak...

02:56 - 02:59 ...with a Russian accent

03:00 - 03:02 I swear we'll switch from Windows to Mac.

03:04 - 03:07 Don't worry. We'll have VMs.

03:14 - 03:16 I hate saying this...

03:19 - 03:23 At least if we pay we'll get our data back.

03:25 - 03:26 It's only $300.

03:31 - 03:33 We need to buy more bitcoins.

03:40 - 03:46 What I'm going to say to our cyber-insurer.

03:46 - 03:49 The board is going to scapegoat me.