TEDGlobal 2011
Mikko Hypponen: Fighting viruses, defending the net
Miko Hiponen: Borba sa virusima, odbrana mreže
Filmed:
Readability: 4.2
1,847,520 views
Prošlo je 25 godina od kada je prvi virus za PC računare (Brejn A) dospeo na mrežu, tako da nekadašnja neprijatnost postaje prefinjeno oružje kriminala i špijunaže. Ekspert za računarsku bezbednost Miko Hiponen nam govori kako da zaustavimo nove viruse od pretnji internetu kakvog znamo.
Mikko Hypponen - Cybersecurity expert
As computer access expands, Mikko Hypponen asks: What's the next killer virus, and will the world be able to cope with it? And also: How can we protect digital privacy in the age of government surveillance? Full bio
As computer access expands, Mikko Hypponen asks: What's the next killer virus, and will the world be able to cope with it? And also: How can we protect digital privacy in the age of government surveillance? Full bio
Double-click the English transcript below to play the video.
00:15
I love the Internet.
0
0
3000
Volim Internet
00:18
It's true.
1
3000
2000
To je istina.
00:20
Think about everything it has brought us.
2
5000
2000
Pomislite samo šta nam je sve doneo.
00:22
Think about all the services we use,
3
7000
3000
Mislim na usluge koje koristimo,
00:25
all the connectivity,
4
10000
2000
povezivanje,
00:27
all the entertainment,
5
12000
2000
zabavu,
00:29
all the business, all the commerce.
6
14000
3000
poslovanje, trgovinu.
00:32
And it's happening during our lifetimes.
7
17000
3000
I sve se to dešava tokom našeg života.
00:35
I'm pretty sure that one day
8
20000
3000
Prilično sam siguran da će
00:38
we'll be writing history books
9
23000
2000
jednom pišući istoriju
00:40
hundreds of years from now. This time
10
25000
3000
za stotinak godina, ovo vreme
00:43
our generation will be remembered
11
28000
3000
i našu generaciju pamtiti po
00:46
as the generation that got online,
12
31000
3000
tome što je prva bila onlajn,
00:49
the generation
13
34000
2000
generacija koja je
00:51
that built something really and truly global.
14
36000
3000
napravila nešto stvarno globalno.
00:54
But yes, it's also true
15
39000
3000
Nasuprot tome, tačno je i
00:57
that the Internet has problems, very serious problems,
16
42000
3000
da Internet ima probleme, vrlo ozbiljne,
01:00
problems with security
17
45000
3000
probleme bezbednosti
01:03
and problems with privacy.
18
48000
3000
i privatnosti.
01:06
I've spent my career
19
51000
2000
Ceo svoj radni vek
01:08
fighting these problems.
20
53000
3000
borim se sa time.
01:11
So let me show you something.
21
56000
3000
Pokazaću vam nešto.
01:15
This here
22
60000
2000
Ovo je
01:17
is Brain.
23
62000
2000
Brein.
01:19
This is a floppy disk
24
64000
2000
Ovo je flopi disk
01:21
-- five and a quarter-inch floppy disk
25
66000
2000
-- pet četvrt inčni flopi disk
01:23
infected by Brain.A.
26
68000
2000
zaražen virusom Brein.A.
01:25
It's the first virus we ever found
27
70000
2000
Ovo je prvi ikada otkriveni virus
01:27
for PC computers.
28
72000
2000
za PC računare.
01:30
And we actually know
29
75000
2000
Mi ustvari i znamo
01:32
where Brain came from.
30
77000
2000
odakle Brein potiče.
01:34
We know because it says so
31
79000
2000
Znamo zato što piše
01:36
inside the code.
32
81000
2000
unutar koda.
01:38
Let's take a look.
33
83000
3000
Pogledajmo.
01:45
All right.
34
90000
3000
U redu.
01:48
That's the boot sector of an infected floppy,
35
93000
3000
Vidite but sektor zaraženog flopija.
01:51
and if we take a closer look inside,
36
96000
3000
Pogledamo li detaljnije sadržaj,
01:54
we'll see that right there,
37
99000
2000
videćemo da na ovom mestu ustvari
01:56
it says, "Welcome to the dungeon."
38
101000
4000
piše, "Dobrodošli u tamnicu."
02:00
And then it continues,
39
105000
2000
I onda nastavlja,
02:02
saying, 1986, Basit and Amjad.
40
107000
3000
piše, 1986. Bazit i Amdžad.
02:05
And Basit and Amjad are first names,
41
110000
3000
A, Bazit i Amdžad su prezimena,
02:08
Pakistani first names.
42
113000
2000
pakistanska prezimena.
02:10
In fact, there's a phone number and an address in Pakistan.
43
115000
3000
Ustvari, postoji broj telefona i adresa u Pakistanu.
02:13
(Laughter)
44
118000
5000
(Smeh)
02:18
Now, 1986.
45
123000
3000
Tada, 1986.
02:21
Now it's 2011.
46
126000
2000
Sada je 2011.
02:23
That's 25 years ago.
47
128000
2000
Prošlo je 25 godina.
02:25
The PC virus problem is 25 years old now.
48
130000
4000
Problem sa virusima za PC je već 25 godina star.
02:29
So half a year ago,
49
134000
2000
Tako sam pre pola godine,
02:31
I decided to go to Pakistan myself.
50
136000
3000
odlučio da posetim Pakistan lično.
02:34
So let's see, here's a couple of photos I took while I was in Pakistan.
51
139000
3000
Vidimo, ovde nekoliko fotografija koje sam snimio u Pakistanu.
02:37
This is from the city of Lahore,
52
142000
2000
Ovo je iz mesta Lahor,
02:39
which is around 300 kilometers south
53
144000
2000
koje se nalazi 300 km južno
02:41
from Abbottabad, where Bin Laden was caught.
54
146000
3000
od Abotabada gde je Bin Laden uhvaćen.
02:44
Here's a typical street view.
55
149000
3000
Ovo je izgled prosečne ulice.
02:47
And here's the street or road leading to this building,
56
152000
3000
A ovde je ulica ili put koji vodi ka zgradi,
02:50
which is 730 Nizam block at Allama Iqbal Town.
57
155000
4000
u ulici Nizam, 730. blok u oblasti grada zvanog Alama Igbal.
02:54
And I knocked on the door.
58
159000
2000
Zakucao sam na vrata.
02:56
(Laughter)
59
161000
2000
(Smeh)
02:58
You want to guess who opened the door?
60
163000
2000
Pogodite ko je otvotio?
03:00
Basit and Amjad; they are still there.
61
165000
2000
Bazit i Amdžad; još uvek su tamo.
03:02
(Laughter)
62
167000
2000
(Smeh)
03:04
(Applause)
63
169000
4000
(Aplauz)
03:08
So here standing up is Basit.
64
173000
3000
Osoba koja stoji je Bazit.
03:11
Sitting down is his brother Amjad.
65
176000
3000
Onaj što sedi je njegov brat, Amdžad.
03:14
These are the guys who wrote the first PC virus.
66
179000
3000
To su momci koji su napisali prvi virus za PC.
03:17
Now of course, we had a very interesting discussion.
67
182000
3000
Naravno, imali smo vrlo zanimljiv razgovor.
03:20
I asked them why.
68
185000
2000
Pitao sam ih zašto.
03:22
I asked them how they feel about what they started.
69
187000
3000
Pitao sam kako se osećaju povodom onoga što su započeli.
03:25
And I got some sort of satisfaction
70
190000
3000
Dobio sam neku vrstu zadovoljstva
03:28
from learning that both Basit and Amjad
71
193000
3000
saznanjem da su i Bazitovi i Amdžadovi
03:31
had had their computers infected dozens of times
72
196000
3000
računari mnog puta zaraženi
03:34
by completely unrelated other viruses
73
199000
2000
potpuno različitim virusima
03:36
over these years.
74
201000
2000
tokom svih ovih godina.
03:38
So there is some sort of justice
75
203000
2000
Tako da ipak postoji neka pravda
03:40
in the world after all.
76
205000
3000
u svetu, konačno.
03:44
Now, the viruses that we used to see
77
209000
2000
Viruse koje smo gledali
03:46
in the 1980s and 1990s
78
211000
2000
osamdesetih i devedesetih
03:48
obviously are not a problem any more.
79
213000
3000
očigledno nisu više problem.
03:51
So let me just show you a couple of examples
80
216000
2000
Dozvolićete mi da vam pokažem par primera
03:53
of what they used to look like.
81
218000
2000
na šta su ličili.
03:55
What I'm running here
82
220000
2000
Pokrenuću ovde
03:57
is a system that enables me
83
222000
2000
sistem koji mi omogućava
03:59
to run age-old programs on a modern computer.
84
224000
3000
da učitam stari program na modernom računaru.
04:02
So let me just mount some drives. Go over there.
85
227000
3000
Sada ću da ubacim flopi. Idemo ovamo.
04:05
What we have here is a list of old viruses.
86
230000
3000
Ovde imamo listu starih virusa.
04:08
So let me just run some viruses on my computer.
87
233000
3000
Dakle, startovaću neke od virusa na mom kompjuteru.
04:11
For example,
88
236000
2000
Na primer,
04:13
let's go with the Centipede virus first.
89
238000
2000
počnimo sa Centriped virusom.
04:15
And you can see at the top of the screen,
90
240000
2000
Možete videti na vrhu ekrana,
04:17
there's a centipede scrolling across your computer
91
242000
2000
da stonoga putuje po vašem računaru
04:19
when you get infected by this one.
92
244000
2000
kada je zaražen tim virusom.
04:21
You know that you're infected
93
246000
2000
Onda ste svesni da je zaražen,
04:23
because it actually shows up.
94
248000
2000
zato što se to ustvari i vidi.
04:25
Here's another one. This is the virus called Crash,
95
250000
3000
Evo još jednog. To je virus zvani Kreš
04:28
invented in Russia in 1992.
96
253000
2000
napravljen u Rusiji 1992.
04:30
Let me show you one which actually makes some sound.
97
255000
3000
Pokazaću vam jedan koji ustvari proizvodi neke zvuke.
04:34
(Siren noise)
98
259000
6000
(Zvuci sirene)
04:40
And the last example,
99
265000
2000
I poslednji primer,
04:42
guess what the Walker virus does?
100
267000
2000
pogodite šta Voker (Šetač) virus radi.
04:44
Yes, there's a guy walking across your screen
101
269000
2000
Da, momak šeta preko vašeg ekrana
04:46
once you get infected.
102
271000
2000
kada vam je računar zaražen.
04:48
So it used to be fairly easy to know
103
273000
3000
Bilo je prilično lako znati
04:51
that you're infected by a virus,
104
276000
3000
kada vam je računar zaražen,
04:54
when the viruses were written by hobbyists
105
279000
2000
kada su viruse pisali ljudi iz hobija
04:56
and teenagers.
106
281000
2000
i tinejdžeri.
04:58
Today, they are no longer being written
107
283000
2000
Danas ih ne pišu ni iz hobija
05:00
by hobbyists and teenagers.
108
285000
2000
ni tinejdžeri.
05:02
Today, viruses are a global problem.
109
287000
3000
Danas su virusi globalni problem.
05:05
What we have here in the background
110
290000
2000
Ovde u pozadini se odigrava
05:07
is an example of our systems that we run in our labs,
111
292000
3000
primer našeg sistema iz naše laboratorije,
05:10
where we track virus infections worldwide.
112
295000
2000
gde tragamo za virusima širom sveta.
05:12
So we can actually see in real time
113
297000
2000
Tako da možemo videti u realnom vremenu
05:14
that we've just blocked viruses in Sweden and Taiwan
114
299000
3000
da smo upravo blokirali viruse u Švedskoj i Tajvanu
05:17
and Russia and elsewhere.
115
302000
2000
i Rusiji i drugde.
05:19
In fact, if I just connect back to our lab systems
116
304000
3000
Ustvari, ako se povežem na naše laboratorijske
05:22
through the Web,
117
307000
2000
sisteme preko mreže,
05:24
we can see in real time
118
309000
2000
možemo videti u realnom vremenu
05:26
just some kind of idea of how many viruses,
119
311000
3000
i stvoriti sliku koliko virusa,
05:29
how many new examples of malware we find every single day.
120
314000
3000
koliko novih primera "melvera" nađemo svaki dan.
05:32
Here's the latest virus we've found,
121
317000
2000
Ovo je poslednji virus koji smo otkrili
05:34
in a file called Server.exe.
122
319000
2000
u programu zvanom Server.exe.
05:36
And we found it right over here three seconds ago --
123
321000
3000
Našli smo virus baš tu pre tri sekunde --
05:39
the previous one, six seconds ago.
124
324000
2000
prethodni, pre šest sekundi.
05:41
And if we just scroll around,
125
326000
3000
Ako samo pregledamo okolo,
05:44
it's just massive.
126
329000
2000
zaraza njime je ogromna.
05:46
We find tens of thousands, even hundreds of thousands.
127
331000
3000
Nalazimo desetine, ponekad i stotine, hiljada.
05:49
And that's the last 20 minutes of malware
128
334000
3000
To je poslednjih 20 minuta "melvera"
05:52
every single day.
129
337000
2000
svakodnevno.
05:54
So where are all these coming from then?
130
339000
3000
Odakle svi oni dolaze?
05:57
Well today, it's the organized criminal gangs
131
342000
4000
Pa danas, to su organizovane bande
06:01
writing these viruses
132
346000
2000
kriminalaca koji ih stvaraju
06:03
because they make money with their viruses.
133
348000
2000
jer tako zarađuju na svojim virusima.
06:05
It's gangs like --
134
350000
2000
Slični su bandama --
06:07
let's go to GangstaBucks.com.
135
352000
3000
hajdemo na GangstaBucks.com.
06:10
This is a website operating in Moscow
136
355000
3000
To je veb stranica iz Moskve
06:13
where these guys are buying infected computers.
137
358000
4000
gde ti momci kupuju zaražene računare.
06:17
So if you are a virus writer
138
362000
2000
Tako da ako ste pisac virusa
06:19
and you're capable of infecting Windows computers,
139
364000
2000
i u stanju ste da zarazite "Windows" računare,
06:21
but you don't know what to do with them,
140
366000
2000
ali ne znate šta da radite sa njima,
06:23
you can sell those infected computers --
141
368000
2000
možete prodati zaražene računare --
06:25
somebody else's computers -- to these guys.
142
370000
2000
ili nečije računare -- tim momcima.
06:27
And they'll actually pay you money for those computers.
143
372000
4000
I oni stvarno plaćaju za takve računare.
06:31
So how do these guys then monetize
144
376000
3000
Pa kako ti momci onda unovčavaju
06:34
those infected computers?
145
379000
2000
te zaražene računare?
06:36
Well there's multiple different ways,
146
381000
2000
Postoji mnogo različitih načina,
06:38
such as banking trojans, which will steal money from your online banking accounts
147
383000
3000
bankarski trojanci, kojima se skida vaš novac sa
06:41
when you do online banking,
148
386000
3000
računa dok ste onlajn sa bankom,
06:44
or keyloggers.
149
389000
3000
ili ki logeri (keyloggers).
06:47
Keyloggers silently sit on your computer, hidden from view,
150
392000
4000
Ki loger miruje, maskiran programom računara,
06:51
and they record everything you type.
151
396000
3000
i snima sve što kucate na tastaturi.
06:54
So you're sitting on your computer and you're doing Google searches.
152
399000
3000
Tako vi sedite za zaraženim računarom i idete na Gugl pretragu.
06:57
Every single Google search you type
153
402000
2000
Svaku pretragu koju otkucate ki loger
06:59
is saved and sent to the criminals.
154
404000
3000
snima i šalje kriminalcima.
07:02
Every single email you write is saved and sent to the criminals.
155
407000
3000
Svaki i-meil koji napišete, snima i šalje kriminalcima.
07:05
Same thing with every single password and so on.
156
410000
4000
Isto je sa svakom lozinkom i tako redom.
07:09
But the thing that they're actually looking for most
157
414000
2000
Ali ustvari oni tragaju najviše
07:11
are sessions where you go online
158
416000
2000
za sesijama kada ste na internet vezi.
07:13
and do online purchases in any online store.
159
418000
3000
i kada kupujete preko interneta.
07:16
Because when you do purchases in online stores,
160
421000
2000
Zbog toga što kada kupujete preko neta,
07:18
you will be typing in your name, the delivery address,
161
423000
3000
vi unosite svoje lične podatke, adresu,
07:21
your credit card number and the credit card security codes.
162
426000
3000
broj kreditne kartice i sigurnosni broj.
07:24
And here's an example of a file
163
429000
2000
Ovde imamo primer fajla
07:26
we found from a server a couple of weeks ago.
164
431000
2000
koji smo pronašli pre par nedelja.
07:28
That's the credit card number,
165
433000
2000
Tu je broj kreditne kartice,
07:30
that's the expiration date, that's the security code,
166
435000
2000
do kada važi, tu je sigurnosni kod,
07:32
and that's the name of the owner of the card.
167
437000
2000
i ime vlasnika kartice.
07:34
Once you gain access to other people's credit card information,
168
439000
3000
Kada jednom pristupite podacima sa kartica
07:37
you can just go online and buy whatever you want
169
442000
2000
možete prosto on lajn kupiti šta god želite
07:39
with this information.
170
444000
3000
imajući te informacije.
07:42
And that, obviously, is a problem.
171
447000
2000
I to je, očigledno, problem.
07:44
We now have a whole underground marketplace
172
449000
4000
Sada imamo cela tržišta podzemlja
07:48
and business ecosystem
173
453000
3000
i poslovne sisteme
07:51
built around online crime.
174
456000
3000
izgrađene oko on lajn kriminala.
07:54
One example of how these guys
175
459000
2000
To je primer način na koji su momci poput ovih
07:56
actually are capable of monetizing their operations:
176
461000
3000
stanju da unovče svoje poslove.
07:59
we go and have a look at the pages of INTERPOL
177
464000
3000
Pogledajmo stranice Interpola
08:02
and search for wanted persons.
178
467000
2000
i proverimo tražene osobe.
08:04
We find guys like Bjorn Sundin, originally from Sweden,
179
469000
3000
Naći ćemo neke kao Bjorn Sundin, poreklom iz Švedske,
08:07
and his partner in crime,
180
472000
2000
i njegov saučesnik,
08:09
also listed on the INTERPOL wanted pages,
181
474000
2000
takođe na listi poternica Interpola,
08:11
Mr. Shaileshkumar Jain,
182
476000
2000
gospodin Šajleškumar Džejn,
08:13
a U.S. citizen.
183
478000
2000
državljanin SAD-a.
08:15
These guys were running an operation called I.M.U.,
184
480000
3000
Ovi momci vode operaciju zvanu I.M.U. (Ja sam ti),
08:18
a cybercrime operation through which they netted millions.
185
483000
3000
operaciju visokotehnološkog kriminala vrednu milione dolara.
08:21
They are both right now on the run.
186
486000
3000
Obojica su u bekstvu.
08:24
Nobody knows where they are.
187
489000
2000
Niko ne zna gde su.
08:26
U.S. officials, just a couple of weeks ago,
188
491000
2000
Vlasti SAD-a su pre par nedelja,
08:28
froze a Swiss bank account
189
493000
2000
zamrzle račun u Švajcarskoj
08:30
belonging to Mr. Jain,
190
495000
2000
u vlasništvu gospodina Džejna,
08:32
and that bank account had 14.9 million U.S. dollars on it.
191
497000
4000
na računu je bilo 14,9 miliona dolara.
08:36
So the amount of money online crime generates
192
501000
3000
Količina novca koju pravi on lajn kriminal
08:39
is significant.
193
504000
2000
je značajna.
08:41
And that means that the online criminals
194
506000
2000
To znači da on lajn kriminalci
08:43
can actually afford to invest into their attacks.
195
508000
3000
mogu da priušte finansiranje svojih napada.
08:46
We know that online criminals
196
511000
2000
Znamo da on lajn kriminalci
08:48
are hiring programmers, hiring testing people,
197
513000
3000
unajmljuju programere, testere programa,
08:51
testing their code,
198
516000
2000
da testiraju njihove kodove,
08:53
having back-end systems with SQL databases.
199
518000
3000
koje prave kao bek-end sisteme u SQL bazama.
08:56
And they can afford to watch how we work --
200
521000
3000
Oni mogu sebi priuštiti da prate naš rad --
08:59
like how security people work --
201
524000
2000
kako ljudi iz bezbednosti rade --
09:01
and try to work their way around
202
526000
2000
i kako da nađu način da svaku
09:03
any security precautions we can build.
203
528000
2000
našu bezbednosnu prepreku zaobiđu.
09:05
They also use the global nature of Internet
204
530000
3000
Takođe koriste i globalnu prirodu Interneta
09:08
to their advantage.
205
533000
2000
kao svoju prednost.
09:10
I mean, the Internet is international.
206
535000
2000
Mislim, Internet je internacionalan.
09:12
That's why we call it the Internet.
207
537000
2000
Ujedno je to i razlog zašto Internet tako zovemo.
09:14
And if you just go and take a look
208
539000
2000
I ako samo bacite pogled
09:16
at what's happening in the online world,
209
541000
3000
na događanja u on lajn svetu,
09:19
here's a video built by Clarified Networks,
210
544000
2000
ovde je video koji je snimila ĆKlarifajd NetvorksĆ
09:21
which illustrates how one single malware family is able to move around the world.
211
546000
4000
ž
09:25
This operation, believed to be originally from Estonia,
212
550000
3000
Ovo dešavanje, za koje verujemo da potiče iz Estonije,
09:28
moves around from one country to another
213
553000
2000
kreće se unaokolo iz zemlje u zemlju
09:30
as soon as the website is tried to shut down.
214
555000
2000
onog trenutka kada vebsajt pokuša da ga isključi.
09:32
So you just can't shut these guys down.
215
557000
3000
Tako da ne možete prosto isključiti te stvari.
09:35
They will switch from one country to another,
216
560000
2000
Oni se prebacuju iz zemlje u zemlju,
09:37
from one jurisdiction to another --
217
562000
2000
iz jedne nadležnosti u drugu --
09:39
moving around the world,
218
564000
2000
obilazeći oko sveta,
09:41
using the fact that we don't have the capability
219
566000
2000
koriste činjenicu da nemamo mogućnosti
09:43
to globally police operations like this.
220
568000
3000
za globalne policijske akcije kao što je ova.
09:46
So the Internet is as if
221
571000
2000
Internet je kao kada bi
09:48
someone would have given free plane tickets
222
573000
2000
neko podelio besplatne avionske karte
09:50
to all the online criminals of the world.
223
575000
3000
svim on lajn kriminalcima sveta.
09:53
Now, criminals who weren't capable of reaching us before
224
578000
3000
Kriminalcima kojima nije ranije bilo moguće da dopru do nas
09:56
can reach us.
225
581000
2000
sada je omogućeno.
09:58
So how do you actually go around finding online criminals?
226
583000
3000
Pa kako ustvari tražimo unaokolo on lajn kriminalce?
10:01
How do you actually track them down?
227
586000
2000
Kako ih pronalazimo?
10:03
Let me give you an example.
228
588000
2000
Pokazaću vam jedan primer.
10:05
What we have here is one exploit file.
229
590000
3000
Pred nama je "eksploit" fajl.
10:08
Here, I'm looking at the Hex dump of an image file,
230
593000
4000
Ovde gledam "Heks damp" imidž fajla,
10:12
which contains an exploit.
231
597000
2000
koji sadrži "eksploit".
10:14
And that basically means, if you're trying to view this image file on your Windows computer,
232
599000
3000
U suštini to znači, da ako probate pregled ove imidž fajla na vašem PC-ju sa Vindousom,
10:17
it actually takes over your computer and runs code.
233
602000
3000
on ustvari preuzima vaš računar i izvršava kod.
10:20
Now, if you'll take a look at this image file --
234
605000
3000
Sada, ako pogledamo taj imidž fajl --
10:23
well there's the image header,
235
608000
2000
ovo je zaglavlje imidža,
10:25
and there the actual code of the attack starts.
236
610000
3000
i tu je stvarni kod za startovanje napada.
10:28
And that code has been encrypted,
237
613000
2000
I taj kod je šifrovan,
10:30
so let's decrypt it.
238
615000
2000
dešifrujmo ga.
10:32
It has been encrypted with XOR function 97.
239
617000
2000
šifrovan je sa funkcijom XOR 97 (ekskluzivno ili).
10:34
You just have to believe me,
240
619000
2000
Ako mi verujete,
10:36
it is, it is.
241
621000
2000
to je to.
10:38
And we can go here
242
623000
2000
Možemo krenuti odavde
10:40
and actually start decrypting it.
243
625000
2000
i početi sa dešifrovanjem.
10:42
Well the yellow part of the code is now decrypted.
244
627000
2000
Pa, žuti deo koda je dešifrovan.
10:44
And I know, it doesn't really look much different from the original.
245
629000
3000
I sad znam, da ne izgleda mnogo drugačije od originala.
10:47
But just keep staring at it.
246
632000
2000
Ali samo pogledajmo upornije.
10:49
You'll actually see that down here
247
634000
2000
Videćete ustvari da ovde pri dnu
10:51
you can see a Web address:
248
636000
2000
možete pročitait veb adresu:
10:53
unionseek.com/d/ioo.exe
249
638000
6000
unionseek.com/d/ioo.exe
10:59
And when you view this image on your computer
250
644000
2000
I kada pregledate ovaj imidž na vašem kompjuteru
11:01
it actually is going to download and run that program.
251
646000
2000
on usuštini kreće da skida i pokreće taj program.
11:03
And that's a backdoor which will take over your computer.
252
648000
3000
I to su mala vrata preko kojih će preuzeti vaš računar.
11:06
But even more interestingly,
253
651000
2000
Ali što je još zanimljivije,
11:08
if we continue decrypting,
254
653000
2000
ako nastavite sa dešifrovanjem,
11:10
we'll find this mysterious string,
255
655000
2000
naćićete ovaj zagonetni niz
11:12
which says O600KO78RUS.
256
657000
5000
gde piše O600KO78RUS.
11:17
That code is there underneath the encryption
257
662000
2000
Taj kod je ovde ispod šifre
11:19
as some sort of a signature.
258
664000
2000
kao neka vrsta potpisa.
11:21
It's not used for anything.
259
666000
2000
I beskorisan je.
11:23
And I was looking at that, trying to figure out what it means.
260
668000
3000
I onda sam gledao to, pokušavajući da mu shvatim značenje.
11:26
So obviously I Googled for it.
261
671000
2000
Pa sam očigledno guglovao to.
11:28
I got zero hits; wasn't there.
262
673000
2000
Dobio sam nula pogodaka; nije tamo.
11:30
So I spoke with the guys at the lab.
263
675000
2000
Pa sam pričao sa momcima iz laboratorije.
11:32
And we have a couple of Russian guys in our labs,
264
677000
2000
Imamo par Rusa u našim laboratorijama,
11:34
and one of them mentioned,
265
679000
2000
i kada sam to pomenuo jednom od njih,
11:36
well, it ends in RUS like Russia.
266
681000
2000
zapravo, ispostavilo se da završetak rus podseća na Rusiju.
11:38
And 78 is the city code
267
683000
2000
A 78 je oznaka grada
11:40
for the city of St. Petersburg.
268
685000
2000
za Sankt Peterburg.
11:42
For example, you can find it from some phone numbers
269
687000
2000
Kao na primer, možete ih pronaći u pojedinim brojevima telefona
11:44
and car license plates and stuff like that.
270
689000
3000
na tablicama kola i sličnim stvarima.
11:47
So I went looking for contacts in St. Petersburg,
271
692000
3000
Tako sam pošao tragajući za kontaktima u Sankt Peterburgu.
11:50
and through a long road,
272
695000
2000
I tokom dugog puta,
11:52
we eventually found this one particular website.
273
697000
4000
na kraju smo pronašli baš ovu veb stranicu.
11:56
Here's this Russian guy who's been operating online for a number of years
274
701000
3000
Ovde je taj Rus koji radi on lajn već godinama
11:59
who runs his own website,
275
704000
2000
on vodi svoju stranicu
12:01
and he runs a blog under the popular Live Journal.
276
706000
3000
i ima blog na popularnom Žurnalu uživo.
12:04
And on this blog, he blogs about his life,
277
709000
2000
I u blogu, on bloguje o svom životu,
12:06
about his life in St. Petersburg --
278
711000
2000
svom životu u Sankt Peterburgu -
12:08
he's in his early 20s --
279
713000
2000
ima tek dvadesetak godina --
12:10
about his cat,
280
715000
2000
o svojoj mački,
12:12
about his girlfriend.
281
717000
2000
o svojoj devojci.
12:14
And he drives a very nice car.
282
719000
2000
I vozi vrlo lepa kola.
12:16
In fact, this guy drives
283
721000
3000
Ustvari, taj momak vozi
12:19
a Mercedes-Benz S600
284
724000
2000
Mercedes Benc S600
12:21
V12
285
726000
2000
V12
12:23
with a six-liter engine
286
728000
2000
sa šest-litarskim motorom
12:25
with more than 400 horsepower.
287
730000
2000
i više od 400 konjskih snaga.
12:27
Now that's a nice car for a 20-something year-old kid in St. Petersburg.
288
732000
4000
Baš lepa kola za dvadesetogodišnjaka u Sankt Peterburgu.
12:31
How do I know about this car?
289
736000
2000
Kako znam za ta kola?
12:33
Because he blogged about the car.
290
738000
2000
Zato što je napisao blog o tim kolima.
12:35
He actually had a car accident.
291
740000
2000
Ustvari imao je saobraćajku.
12:37
In downtown St. Petersburg,
292
742000
2000
U centru Sankt Peterburga,
12:39
he actually crashed his car into another car.
293
744000
2000
udario je drugi auto.
12:41
And he put blogged images about the car accident --
294
746000
2000
Postavio je slike o udesu na blog.
12:43
that's his Mercedes --
295
748000
2000
ovo je njegov Mercedes --
12:45
right here is the Lada Samara he crashed into.
296
750000
4000
ovde je i Lada Samara koju je udario.
12:49
And you can actually see that the license plate of the Samara
297
754000
3000
Možete videti Ladinu registraciju
12:52
ends in 78RUS.
298
757000
2000
završava na 78RUS.
12:54
And if you actually take a look at the scene picture,
299
759000
3000
Ako ustvari pogledate celu sliku,
12:57
you can see that the plate of the Mercedes
300
762000
2000
možete videti tablicu Mercedesa
12:59
is O600KO78RUS.
301
764000
6000
oznake O600KO78RUS.
13:05
Now I'm not a lawyer,
302
770000
2000
Nisam advokat,
13:07
but if I would be,
303
772000
2000
ali ako bih bio,
13:09
this is where I would say, "I rest my case."
304
774000
3000
rekao bih, "Slučaj je rešen".
13:12
(Laughter)
305
777000
2000
(Smeh)
13:14
So what happens when online criminals are caught?
306
779000
3000
Pa šta se dešava kada uhvate on lajn kriminalce?
13:17
Well in most cases it never gets this far.
307
782000
3000
U većini slučajeva nikada ne stignu tako daleko.
13:20
The vast majority of the online crime cases,
308
785000
2000
U velikoj većini on lajn slučajeva,
13:22
we don't even know which continent the attacks are coming from.
309
787000
3000
mi i ne znamo sa kojeg kontinenta napadi dolaze.
13:25
And even if we are able to find online criminals,
310
790000
3000
I čak da smo u mogućnosti da nađemo on lajn kriminalce,
13:28
quite often there is no outcome.
311
793000
2000
veoma često to nema značaja.
13:30
The local police don't act, or if they do, there's not enough evidence,
312
795000
3000
Lokalna policija ne reaguje, ili ako to učini, nema dovoljno dokaza,
13:33
or for some reason we can't take them down.
313
798000
2000
ili iz nekog drugog razloga ne možete da ih privedete.
13:35
I wish it would be easier;
314
800000
2000
Voleo bih da je to jednostavnije:
13:37
unfortunately it isn't.
315
802000
2000
nažalost nije.
13:39
But things are also changing
316
804000
3000
Ali stvari se takođe menjaju
13:42
at a very rapid pace.
317
807000
3000
veoma brzim tempom.
13:45
You've all heard about things like Stuxnet.
318
810000
3000
Čuli ste za stvari kao što je Staksnet.
13:48
So if you look at what Stuxnet did
319
813000
3000
Pa ako pogledate šta Staksnet radi
13:51
is that it infected these.
320
816000
2000
inficirao je ovo.
13:53
That's a Siemens S7-400 PLC,
321
818000
3000
To je Simens S7-400 PLC,
13:56
programmable logic [controller].
322
821000
2000
programibilni logički kontroler
13:58
And this is what runs our infrastructure.
323
823000
3000
I to je ono što upravlja našom infrastrukturom.
14:01
This is what runs everything around us.
324
826000
3000
To je ono što upravlja stvarima oko nas.
14:04
PLC's, these small boxes which have no display,
325
829000
3000
PLC, male kutije koje nemaju ekran,
14:07
no keyboard,
326
832000
2000
ni tastaturu,
14:09
which are programmed, are put in place, and they do their job.
327
834000
2000
ali programirane, stavljene na mesto, i rade svoj posao.
14:11
For example, the elevators in this building
328
836000
2000
Na primer, liftovi u ovoj zgradi
14:13
most likely are controlled by one of these.
329
838000
4000
najverovatnije su upravljani sa nekim od ovih.
14:17
And when Stuxnet infects one of these,
330
842000
3000
I kada Staksnet zarazi neki od ovih,
14:20
that's a massive revolution
331
845000
2000
to je masovna panika
14:22
on the kinds of risks we have to worry about.
332
847000
3000
zbog vrste rizika o kojima treba da brinemo.
14:25
Because everything around us is being run by these.
333
850000
3000
Zato što sve oko nas pokreću kontroleri.
14:28
I mean, we have critical infrastructure.
334
853000
2000
Mislim, imamo kritične infrastrukture.
14:30
You go to any factory, any power plant,
335
855000
3000
Idite u bilo koju fabriku, elektranu,
14:33
any chemical plant, any food processing plant,
336
858000
2000
fabriku petrohemije, obrade hrane
14:35
you look around --
337
860000
2000
i pogledajte unaokolo --
14:37
everything is being run by computers.
338
862000
2000
sve stvari kontrolišu računari.
14:39
Everything is being run by computers.
339
864000
2000
Sve to kontrolišu računari.
14:41
Everything is reliant on these computers working.
340
866000
3000
Sve se oslanja na njihov rad.
14:44
We have become very reliant
341
869000
3000
Mi smo počeli da se dosta
14:47
on Internet,
342
872000
2000
oslanjamo na Internet,
14:49
on basic things like electricity, obviously,
343
874000
3000
i rad računara
14:52
on computers working.
344
877000
2000
za osnovne stvari kao što je električna struja.
14:54
And this really is something
345
879000
2000
A to je stvarno nešto
14:56
which creates completely new problems for us.
346
881000
2000
što nam stvara sasvim nove probleme.
14:58
We must have some way
347
883000
2000
Moramo pronaći neki način
15:00
of continuing to work
348
885000
2000
da nastvimo sa radom
15:02
even if computers fail.
349
887000
3000
čak i ako računari otkažu.
15:12
(Laughter)
350
897000
2000
(Smeh)
15:14
(Applause)
351
899000
10000
(Aplauz)
15:24
So preparedness means that we can do stuff
352
909000
3000
Pa spremnost znači da možemo činiti stvari
15:27
even when the things we take for granted
353
912000
2000
čak i kad stvari na koje smo navikli
15:29
aren't there.
354
914000
2000
nisu na raspolaganju.
15:31
It's actually very basic stuff --
355
916000
2000
To su u suštini osnovne stvari --
15:33
thinking about continuity, thinking about backups,
356
918000
3000
razmišljanje o kontinuitetu, razmišljanje o rezervi,
15:36
thinking about the things that actually matter.
357
921000
3000
razmišljanje o stvarima koje ustvari nešto znače.
15:39
Now I told you --
358
924000
3000
Kažem vam --
15:42
(Laughter)
359
927000
2000
(Smeh)
15:44
I love the Internet. I do.
360
929000
4000
Volim Internet. Stvarno.
15:48
Think about all the services we have online.
361
933000
3000
Mislite o svim uslugama koje imamo on lajn.
15:51
Think about if they are taken away from you,
362
936000
3000
Pommislite da vam mogu biti uskraćeni,
15:54
if one day you don't actually have them
363
939000
2000
ako ih jednom stvarno ne budete imali
15:56
for some reason or another.
364
941000
2000
iz bilo kog razloga.
15:58
I see beauty in the future of the Internet,
365
943000
3000
Ja vidim svu lepotu u budućnosti Interneta,
16:01
but I'm worried
366
946000
2000
ali sam zabrinut
16:03
that we might not see that.
367
948000
2000
da mi to možda ne vidimo.
16:05
I'm worried that we are running into problems
368
950000
2000
Brinem da srljamo u probleme
16:07
because of online crime.
369
952000
2000
zbog on lajn kriminala.
16:09
Online crime is the one thing
370
954000
2000
On lajn kriminal je jedna stvar
16:11
that might take these things away from us.
371
956000
2000
koja nam može oduzeti sve ostale dobre stvari.
16:13
(Laughter)
372
958000
3000
(Smeh)
16:16
I've spent my life
373
961000
2000
Proveo sam svoj život
16:18
defending the Net,
374
963000
3000
štiteći mrežu.
16:21
and I do feel that if we don't fight online crime,
375
966000
3000
Imam osećaj da ako se ne borimo protiv onlajn
16:24
we are running a risk of losing it all.
376
969000
4000
kriminala, rizikujemo da sve to izgubimo.
16:28
We have to do this globally,
377
973000
3000
Moramo da radimo globalno,
16:31
and we have to do it right now.
378
976000
3000
i to moramo da učinimo odmah.
16:34
What we need
379
979000
2000
Šta nam je potrebno
16:36
is more global, international law enforcement work
380
981000
3000
je više globalnog, međunarodnog rada na sprovođenju zakona
16:39
to find online criminal gangs --
381
984000
2000
da nađemo on lajn kriminalne bande --
16:41
these organized gangs
382
986000
2000
te organizovane bande
16:43
that are making millions out of their attacks.
383
988000
2000
koje izvode milione napada.
16:45
That's much more important
384
990000
2000
To je mnogo važnije
16:47
than running anti-viruses or running firewalls.
385
992000
2000
nego korišćenje anti-virusa ili fajervol-ova
16:49
What actually matters
386
994000
2000
Ono što je ustvari bitno je
16:51
is actually finding the people behind these attacks,
387
996000
2000
da se nađu ljudi koji su odgovorni za napade.
16:53
and even more importantly,
388
998000
2000
Važnije od svega je, da
16:55
we have to find the people
389
1000000
2000
pronađemo ljude
16:57
who are about to become
390
1002000
2000
koji bi mogli biti deo
16:59
part of this online world of crime,
391
1004000
2000
on lajn svetskog kriminala,
17:01
but haven't yet done it.
392
1006000
2000
ali to još nisu postali.
17:03
We have to find the people with the skills,
393
1008000
3000
Moramo pronaći ljude sa veštinama,
17:06
but without the opportunities
394
1011000
2000
ali bez mogućnosti
17:08
and give them the opportunities
395
1013000
2000
i pružiti im mogućnost
17:10
to use their skills for good.
396
1015000
3000
da svoje veštine koriste za opšte dobro.
17:13
Thank you very much.
397
1018000
2000
Hvala vam puno.
17:15
(Applause)
398
1020000
13000
(Aplauz)
ABOUT THE SPEAKER
Mikko Hypponen - Cybersecurity expertAs computer access expands, Mikko Hypponen asks: What's the next killer virus, and will the world be able to cope with it? And also: How can we protect digital privacy in the age of government surveillance?
Why you should listen
The chief research officer at F-Secure Corporation in Finland, Mikko Hypponen has led his team through some of the largest computer virus outbreaks in history. His team took down the world-wide network used by the Sobig.F worm. He was the first to warn the world about the Sasser outbreak, and he has done classified briefings on the operation of the Stuxnet worm -- a hugely complex worm designed to sabotage Iranian nuclear enrichment facilities.
As a few hundred million more Internet users join the web from India and China and elsewhere, and as governments and corporations become more sophisticated at using viruses as weapons, Hypponen asks, what's next? Who will be at the front defending the world’s networks from malicious software? He says: "It's more than unsettling to realize there are large companies out there developing backdoors, exploits and trojans."
Even more unsettling: revelations this year that the United States' NSA is conducting widespread digital surveillance of both US citizens and anyone whose data passes through a US entity, and that it has actively sabotaged encryption algorithms. Hypponen has become one of the most outspoken critics of the agency's programs and asks us all: Why are we so willing to hand over digital privacy?
Read his open-season Q&A on Reddit:"My TED Talk was just posted. Ask me anything.
See the full documentary on the search for the Brain virus.
Mikko Hypponen | Speaker | TED.com