Ransomware: Last Week Tonight with John Oliver (HBO) 

My WiFi lost connection just as John said “and internet service providers are f...”, I seriously thought it was a gag for about a minute, it kept getting funnier!

John overlooked the fact that the attack on Colonial didn’t target the pipeline control and safety systems, it attacked their billing system. They could have continued to deliver oil/gas but opted not to because they didn’t want to lose revenue.

As somebody in the field of cybersecurity, I'm sooooo glad we're starting to see real mainstream media coverage about just how dangerous ransomware really is. Now we just need to talk about the rest.

The single greatest tech knowledge I imparted to my Grandma when she became IT independent (aka got her own devices) was how to spot and avoid malicious emails/websites/ads. In the past 10 years I've helped her through various things like installing a new printer, setting up Netflix on a new TV, how to stalk her friends on facebook without them knowing (that one always leads to fun stories about the things she's found), even sending and receiving emails while on the go using a 4G dongle, and also taught my 88yr old Grandpa to navigate solitare/tripeaks games and watch dash cam footage on youtube.. he then figured out all on his own how to find some classic music on youtube that he hadn't heard in almost 50 years And during this time, the number of callouts I've had to help with viruses or malware - zero Parents should teach their kids about safe sex when they come of age, so kids, now it's your turn to teach your grandparents safe internetting.

Ransomware guy: "Pay me or your chastity cage stays locked." Chastity Guy: "I'm so into this. Do my buttplug too, please."

Remember everyone, it wasn't even the ransomware that caused the gas stations to run out, it was the people hoarding gas in plastic bags. Source: I live in North Carolina.

As an IT guy, I cannot stress this enough - you need to back up your stuff, and you MUST HAVE AN OFFLINE COPY OF IT. Spending a couple hundred bucks is much cheaper when you need to restore.

People who are enthusiastic about tech: "I have a smart fridge!" People who use/work tech: *have a stash of scissors and hammers, just in case*

As an individual in the Cyber Security field, I want to say thank you for talking about this and brining attention to it. Media really doesnt touch on attack types and how much a cyber attacker can actually damage infrastructure. Thank you sir.

Speaking as a cybersec professional: that was a really good educational segment. Knowing how hard it is to make people listen to us, thank you.

About companies not telling about getting hacked: some countries like the Netherlands have a law that obligates companies to disclose if they have had any form of cyber breach or data leak and how it happened. When people's data is stolen (or destroyed?), companies are also obligated to notify all possible affected parties

"If HBO's going to be publicly humiliated, it'll be by releasing the last season of Game of Thrones on its own terms, thank you very much." That burn was hotter than dragon fire.

I enjoy staying awake on Sunday nights, just to be the first to see a video that will ultimately make me more depressed.

"If HBO is gonna be publicly humiliated , it'll be by releasing the last season of Game of Thrones, on it's own Terms. Thank You." I almost forgot how much The HBO likes to humiliate itself; on top of that, they paid for this joke and then aired it 😂

There was a big part missing in the advice at the end: Backups. Working backups that are physically disconnected most of the time from the live systems make ransomware more of an annoyance than a threat. "You have encrypted my photos? Well I have a copy on that flash drive over there... so... i just re-install my PC and I'm good to go."

John, you forgot something that everyone needs to do to avoid paying ransomware; Backup Your Data!!! That way you can wipe the computer and restore your important files if they crypto-lock your computer.

And always remember: The S in "IoT" stands for: Security

I’ve watched this show enough to expect that clip with the Russian lady ending with her being arrested for threatening the hackers and the hackers getting away with everything. This show has made me expect the worst in the world and be happily surprised when it’s not that bad.

I love that John Oliver instills me with a dose of terror every Monday morning before work😐

If phishing emails and texts didn’t almost reliably include typos or mistakes somewhere, i probably would have fallen victim to a bunch by now

As someone who works in supporting IT teams, it shocks and dismays me how woefully unprepared companies and governments are for these ransomware attacks. A properly set up IT infrastructure should be able to recover from ransomware attacks with minimal downtime. Offsite backups, live backups, file versioning, all of these are part of standard disaster recovery systems that should be employed but aren't. My personal clients computers have better disaster recovery than many of the people I work with in my day job.

The fact that Last Week Tonight got J.K. Simmons for that last part is freaking perfection.

reason why ransomware attacks are so common, is that every company thinks "yea the attacks are common, but it will probably not happen to us" and then proceed to allocate minimal budged to cybersecurity protection measures. great % of critical systems around the world run on WINDOWS XP, some even on MS-DOS

One of the simplest ways to help with cyber Security of our PCs is don't make your main account you use on the PC an admin account. Change it from a Admin to a standard user and every time you need to do something that requires admin rights, just input it.

Can we all just take a moment to admire John Oliver's willpower, sitting there with nearly a straight face and say, " Crucially, the barrier to entry has gotten lower." while discussing hacked internet butt plugs without losing it, this man must be carved from granite.

I remember googling what was happening when I noticed every single gas station around me had lines all the way out into the streets. I saw a couple articles saying “there shouldn’t be too much of a shortage unless everyone goes out to get gas right now” and I immediately knew there would be a huge shortage… ah, the south.

"I could give two shits about the life of any big snake" Them's strong words for a bird, John...

Also good advice: Always make full backups on external harddrives or flashsticks. So when the Ransomeware strikes, just delete the harddrive and reload the last backup. If everyone would be doing that, there would be no Ransomware.

Kinda wish Oliver had mentioned that the Colonial Pipeline hack didn't even affect distribution systems, only payment; Colonial cut off gasoline distribution and caused a panic because they were worried they wouldn't get paid. It's not germane to the main discussion, but it's still super scummy, and Colonial needs to be called out more for it.

Here we are, in August of 2021, STILL ripping on Game of Thrones Season 8. Godspeed, John

reminder, the gas pipeline was never in any danger, it was their billing system that was compromised, so rather than risk customers not being billed properly they shut the pipeline down.

The lesson here: You never really know who might be wearing a butt plug.

The fact that they got J.K. Simmons to do the voiceover for the "advertisement" at the end of this makes it that much better

To clarify, the license plate reads "B217OP" which is read "V217OR" in Russian and 217 is not part of the "thief" spelling, it's the "VOR" that means thief, so it's not that blatant. It's like if someone had license plate numbers "TH217IEF"

"he's like robin hood, if robin hood had gone around taking money from the poor, and promising the poor that he'd definitely give it back to them later". dog that's just ronald reagan

As an IT professional this is all true...this mainly happens bc most businesses dont want to invest in decent IT departments...they rather contract out when needed..and it leaves them vulnerable to things like this. Backup is a thing too...that doesnt happen as much as it should...but the cyber war is on.

LOL the people who made that ad could have never imagined the incredible staying power of the god damned fax machine

That guy is going to put on his acting resume, "Played a role of a victim of a butt plug hacker on Last Week Tonight."

Others have said this, but it bears repeating. A lot. *_1)_* *Make regular backups that are stored offline* *_2)_* Keep _multiple_ backups. One you update every week, and another you update every 2 wks or each month, stored at another location. If you are a business, you should know how you need to adjust those schedules so you never lose much in case of flood, fire, or ransomware. If you are not running a business, *you are an easier target!* Do backups too, so you don't get trapped.

Most of these clowns aren't actually 'hackers' and it's unearned flattery to refer to them as such. If we imagine a hacker as an expert fly-fisher then these guys are the internet equivalent of a tug trawler. They spread a massive net and then tug boat goes brrr

My wife’s step-mom called me with a computer problem. Said her screen was stuck. Not changing. I said it sounds like your computer has frozen up. She said, “Probably, it is really cold outside!”

John Oliver: “Here are human-shaped bathtubs.” Junji Ito: “Go on…”

"Honestly, I wish my internet service provider had customer service the way these guys do" that's so fucking funny lolololol

"Hello, Locksmith and Co.? I lost a very important key and would need your services." "Are you locked out of your home?" "No. I need you to unlock my butt."

We call this the "Boomer Tax" in my company. We're breached a lot because our managers are "in their 60's, haven't grown since the 70s, and force us to use software vendors from the 90s"

Jesus! That graphic for the buttplug looks like the historic "pear of anguish." The inquisition is alive and well in the cybersex industry.

Newt Gingrich shows up. Me: "Oh, is this going to be one of those 'the worst person you know has a point' moments?" Gingrich: *speaks* Me: "Nope. It is not one of those moments at all."

So glad Cave Johnson has recovered and is doing these voice-overs.

"Life just wouldn't be the same without you. And I really wished that life weren't always the same." Thanks John, I think I just found my new catchphrase

10 seconds in: “Fuck the internet!” This is about to be a good episode

The sad thing is, the government wouldn't be doing anything about this, had ransomware not been used against corporations, and only targeted regular people.

for some bizzare reason the thing that has me shellshocked is that you know have app-controlled sex toys with a "friends" function. What a world we live in. Until i actually checked that it's a real thing I was convinced that Last Week Tonight simply invented it as a joke...

Shout-out to the guy who made the "Ransom-warehouse" graphic. It was on screen for all of three seconds but I do appreciate it.

WAKE UP BABE NEW JOHN OLIVER

"Most punishments-and this is true-fall somewhere between 'death sentence' and 'a cash reward'."

I’m always amazed at the celebs they get to do the skits for the show lol I never thought I’d hear JK Simmons say “butt plug”

IT as a whole, the branch under which cybersecurity responsibility tends to fall, is a criminally underfunded branch of most businesses, because business people are often so disconnected from reality that they truly believe the old joke: "When everything is working: What do we pay you for? When everything is broken: What do we pay you for?" The world is becoming increasingly tech dependent, and yet the people in charge of everything are basically technophobic. It's insane.

The equifax breach should have taught everybody that lesson, their business is data and they lost it.

I knew this was going to be a good episode when the first victim was Business Daddy.🤣

Somewhere in Ohio, my mom’s crazy old family practice partner is throwing her hands in the air, shouting *I TOLD YOU SO!* in celebration of the fact that she’s refused to use medical record software for the past 20-odd years… (in favor of old-fashioned paper charts) Good job, Annette, but I really hope you’ve given into peer-pressure and let the nurses use air conditioning in the exam rooms again.

"Moving on." Greatest transition from absolutely anything I was doing immediately before clicking that notification. It's beautiful.

The gas shutdown was done because Colonial turned off the flow when they couldn't track how much to bill clients. The hackers didn't close the valve, the company did.

man, opening the day with an attack on business daddy.

The funny thing is, those of us that actually work in tech fields tend to be Luddites when it comes to these internet connected things. We know what can happen and don't want to be caught like this.

Regarding beach faxes: DocuSign is basically this.

On a personal level, also do both a physical and digital backup of files you'd be willing to pay a ransom for.

John Oliver: "Ransomware is a typical business but staffed by criminals" Me: "So, like the healthcare insurance industry?"

When I worked at the Canada Post Office, we were taught specifically to look out for people who were coming in to look for unusual ways of paying someone anonymously, especially in similar amounts. And then convince them NOT to and provide them with phone numbers to…police? I worked there about eleven years ago

The “colonial123” password remark was probably a jab at Solarwinds and their getting hacked

"don't click on suspicious links in your email" haha jokes on you I NEVER check my email.

"I'll turn up the thermostat to 90 degrees until I'm paid the money!"....*laughs as a HVAC service technician*

We actually need that big IT companies create products that does not need to connect to the internet. That's all I'm asking for

I never thought I would be so glad to hear John Oliver talk about something I already know a lot about. Thank you for helping spread awareness on this.

The funny and sad part of the pipeline hack is that even though the company paid the money, Colonial restored their own systems from backups because "it's just faster." Also, the hack didn't stop the flow of gas, it stopped the software that Colonial was using to process payments. If it had used old fashioned methods to track customers, it would never have had to shutdown at all. Now after hearing something horrible, imagine trying to fit a key in your hacked remote control buttplug.

"Companies run by criminals" Do you even remember half of the episodes you do?

Good lord I love this man…that Santa Claus analogy was so good. 😂

Lol I have been in audit over 10 years and IT audit over 5 years...and this episode is probably 3X better than the typical IT security training course that cost $100 per hour...much funnier too.

When I started watching this episode, I was definitely not expecting it to end with a commercial where JK Simmons talks about a wifi connected buttplug.

How to scare Americans: have the media say "there will be a shortage of..."

Weirdly, I'm okay with hackers going after Colonial Pipelines. They seem cool. I am not okay with them going after hospitals and grandmas. That's not cool.

Give that actor playing the guy with the buttplug an award, he's the real mvp here

Funny thing. My stepdad once clicked on something unsavory, and ended up with a cheapo ransomware message flashing on the screen and making god-awful noises. I went over to the house on my mother's desperate request, saw it was nothing more than a browser-based prank, started the computer in safe mode, and deleted the installer and folder that was causing the issue. Problem solved. Meanwhile, they were freaking out, thinking some hacker was trying to steal their piddling amount of money from their bank account. Even after that, I still can't get them to use multi-factor verification. They say it's "too annoying" and "doesn't work". Guess I better teach them how to buy bitcoin.

"It is people like that guy that make everything completely impossible, all of the time" - brilliant.

friends: Where's your dad? me: He Ransomware when I was a kid

I love this show!! John, please do an episode about the trucking industry. My dad is a long-haul trucker, I've been thinking about going into it (to pay off my fucking student loans which I've been paying into for 20 years already!), but there is clearly a shit-ton of predatory business going on in that industry and I'm afraid to even start. Would love to hear your thorough and inevitably hilarious take on it.

As an owner of a big snake: My boa constrictor Kevin Snacon is doing great and has a wonderful quality of life.

FINALLY. This piece is YEARS overdue. Thank you for this.

Try to imagine how much harm ransomware is doing everywhere else in the world. In poorer countries, states, small, medium and bigger companies etc..

4:53 "Robin Hood, if Robin Hood had gone around taking money from the poor and promising the poor that he'd definitely give it back later." Isn't that just all rich people?

I love John's new take on the old joke, "Opinions are like a** holes: everyone has one and they all smell." Updated to, "A** holes are like opinions: letting the internet to be in charge of yours is a really bad idea." I'm looking at you, QANON followers.

Fun fact: *Some* ransomware can be thwarted by having Russian installed as a system language. It doesn't need to be the active language, it just has to be installed. *Some* ransomware checks whether or not you have a Russian language pack, and if it detects that you do it just deletes itself, to avoid losing their safe-haven status from Russia they avoid affecting Russians. Obviously that doesn't work for every type of ransomware, but for some it does, so might be a useful trick.

"think of it like chips at the casino, grandma" - me, getting that $500

“The Faster Idiot” will be a book title in the next year, with no credit given.

“Just picture the last time you searched for your keys around the house and then raise the stakes SIGNIFICANTLY” 🤣🤣

The advice you gave at the end is actually what we told people when I worked in IT is the saame advice we gave in 2014...

I’ve been watching this guy regularly for a few years and I noticed he often exposes people. It’s fuel for me to get mad at random ppl that I otherwise never would have known about. Isn’t Facebook getting in trouble for this or something? Idc. John oliver is a content god and I love watching his shit

This segment really missed the boat in talking about how insecure so many products are out of the gate. If computer and device security wasn't such a joke, they wouldn't be trivially hackable.

Companies: "Let's use complex networked software!" Also companies: "Let's never bother to actually protect our mission critical software."

This is why I'm glad that one of the first things they taught me learning about computer information technology is maintaining regular backups preferably on an external disconnected piece of media

The fact that john's videos don't have any advertisement in start or in between gives me another sense of reliability.