Hey there everyone, it's me Josh, and for this week's s Y s K Selects, I've chosen a classic episode on cyber war It's almost certainly hopelessly out of date by now, but it is an interesting intro to cyber warfare, and we learned that Chuck hates the words stucks net. So listen out for that kick back and enjoy this classic episode of Stuff You Should Know. Welcome to Stuff You Should Know, a production of five Heart Radios How Stuff Works. Hey, welcome to the podcast. I'm Josh Clark with me is always a child to be Chuck Bryant. We call him an authority on UM, cyber security, the Internet and everything about it. An expert. You would say, that's right. Hey, should we say hello to our our latest celebrity fan who we just learned today that miss Kristen Bell, the lovely and enchanting and nerdy Kristen Bell. Is she nerdy, very nerdy, like prides herself on. I mean, it doesn't surprise me that she listens to the show. Yeah, because she's on record as being a big nerd, which is one reason I like her a lot. And she's curating UM a newsweek page right, Yeah, like things she likes or kind of one of those deals that they do in magazines now and she listed us. That's pretty awesome. How about that? Thank you very much for that. I'm a huge fan of a party down which she was in and other stuff that she's been in forgetting Sarah Marshall, how's it going? And her You gotta see her sloth video online that she did on the Ellen Show. It's pretty funny, highly recommended. Okay, so that's all I got. That's all the sucking up I'm gonna do. Should we say hi to another fan, slightly less famous but pretty cool? Yes? Sam? Do you want to give a little a little backstory? Giving some backstory here? Sure? We um. We had a live Um tribute event here in Atlanta a couple of years ago, and at the event was a little, uh teenage fan named Sam teenage you mean like just post tween. Yeah, like, and his mom brought him and he's a big fan. He's just like really sweet kid. Mom was very sweet, sweet, very nice family. Flash forward a couple of years we got to south By, Southwest there Sam again, apparently mom drove him to Austin to come see our life podcast. Yeah, they weren't there to see. I've spoke to mom afterwards and was like, so, what else are you guys gonna see? She's like nothing. We're going back crazy. I was like, what else did you see? She's like nothing. They came to see us. So then we were like, all right, we gotta think of something for Samy because he's proved his metal And Sam wrote in and and sent his resume and like all the reasons we should put him to work, and it's just like, dude, if the future is secure, if kids are like Sam, for I'm not worried about a thing anymore. Yeah, So we we racked our brains and we found out there's like a surprising amount of adult only tasks that we do, like at any given time, and we're like, all right, we have to we have to figure out something that's age appropriate for Sam. That's right. So long story short, I was getting kind of thin on podcast topics. I put Sam on the case and he sent me like a stellar, stellar list with reasons why we should do these and uh, this is the first one. This is one, and he had a lot of overlap on once we had already recorded it aren't out yet, so that just goes to show you that Sam is like he gets the show right. And uh so, as Sam's picking these out, we're gonna let you know if this is a Sam one. But this is going on in the summer, we're gonna call this the Summer of Sam. That's right, Sam's choice. All right. So that's the longest intro ever. That wasn't even the intro. Man, Well, let's get to cyber worse. Then, let's bossy. Well, you know, Chuck, have you ever been to Bellingham, Washington? No? Okay, I have not. Have you been to Washington? Been in Seattle? Isn't that where um Van Nostrin lives? Yeah? Or is it Oregon? Now he sees Washington? Ok um? So, uh in Bellingham, wash Ington on June at the Olympic Pipeline Company a systems control and data acquisition system. There's systems twice in there. Um, but a SCATA or SKATA system um, which is basically like a computer program that like can make a valve turn or turn something off for mechanical right from from digital binary instructions right. Um, This Olympic Pipeline Company system was operating on this this type of program and UM something went wrong and one of their pipes started leaking a lot, like millions of gallons of gasoline UM and part of it erupted into a fireball and killed three people injured many others. UM and they went back and looked at it. They think it was just a system malfunction. But the fact that this came along, this happened because of this system can troll, and it happened in as the dot com bubble was starting to grow and like the Internet was really becoming a huge thing. UM people who are into cybersecurity now point to this as evidence of exactly what somebody could do during a cyber attack, even though they think this was just an accident, right, irrelevant, But they're they're they weren't like pointing to that as well. No, they don't think that had anything to do, but they were saying, this is what it would look like if somebody had wanted to attack, Like, this is what a cyber attack would look like. Because it's not just the Olympic Pipeline company that's using these systems UM. All over the United States, companies, law enforcement agencies, military banks, UM, public works, all of these things are all running on what amounts to Windows. It's a simple that. Yeah, Microsoft systems many of them, and um. As Jonathan Strickland wrote this from tech Stuff the article, and as Strickland points out, um, a couple of things Microsoft has been uh kind of chastise over the years for their security or lack of security in some of their programs, and um. The other thing he points out is the internets grew so fast and everyone got on board so quickly that it kind of outpaced what we could even do security wise. It was all of a sudden, Government agencies and power grids and emergency services and weapons systems, water and fuel pipelines, all the stuff is running on on computers and a lot of it through the Internet. And we don't quite know how to guard against a cyber attack. No, And apparently even as far as like the knowledge of how to guard against cyber attacks goes, the United States is is lacking, Yeah, compared to like China and Russia. UM, so we're kind of in this really weird position right now where we've realized that all of the ponies are hooked to a single basket of eggs and all it's gonna take is a couple of black cat firecrackers to scare all the horses off. That's the best analogy I can come up with. Did you just think of that? Or did you I just thought it that. My imagination is back. I can tell you where time traveled to awesome where I can't think. Okay, um, all right, let's go back a little bit in time. I don't think we need the way Back machine for this, because we're just going to We can just like walk outside. Yeah, they'd be the waste of time for the way Back machine. Umn. Some pretty smart people caught on early that hey, we could be vulnerable to something like a cyber attack. So let's look into this. Let's put a red team on it. Red team is a our friends that act as enemies to try and you know how they hire these people to like break into your home. Yeah, those are red teams basically, right, like um from Star Wars. Yeah, exactly. So let's get a red team. Let's let's uh name it this mission something really cool out of a football playbook. Let's name it Project Eligible Receiver. Do you know how many times I had to look at that before it finally sunk in what words I was looking at? Really it is? It does look kind of funny. It looks like eleanor Rigby when you glance at it, at least I think, so, yeah, it doesn't to me. I was thinking more of like a radio receiver or something like, I think it just means about football. No, it totally just saying like I read this many times before, I was like, oh, okay, so a lot of this is still classified, so we don't know everything. But basically they hired some hackers, which is what you do to test your security, they being the Department of Defense. Yeah, yeah, depart of Defense saying hey, can you nerds hack into the Pentagon system and afterwards we won't assassinate exactly, And the nerds were like, just watched this and it took three days before the Pentagon even knew that they were being cyber attacked by the Red Team, Like pretty successful and very sobering. Yeah, so um, they they h it was I guess kind of an eye opener for the d O D and they I'm sure used it to step up security. Not fast enough though, because after this Red Team attack, um Operation Eligible Receiver, an actual attack which they later came to call what was at Moonlight Maze. Yeah, this is one year after that the tests. A year after UM, somebody launched an attack and it was a I guess what's probably the most typical kind of cyber attack, where you insert some sort of software to basically spy and get files and gather data and download sensitive materials. Right, And apparently took two years before NASA, the Pentagon, UM and other agencies in the US government noticed that UM accidentally noticed that this that they were being spied on. Cyber wise, Yeah, they got data like strategic maps, troop assignments, and positions. Not good, right, very scary. And they trace it back to Russia. Doesn't necessarily mean that it came from Russia in its origin, but at least that's where they traced it to. Uh. And this is cyber warfare, like it's happening. It's been going on since the nineties pretty much. Yeah, I mean it's not is a cyber war coming, it's like, how do we prevent like a cyber war from bringing us all down? Yeah, pretty much. And it's apparently from looking into this, there's like two camps. There's like a gloom and doom camp where it's like, yeah, somebody really wants to mess things up. They're going to be able to it's gonna be pretty easy. And the sunny optimistic camp is kind of like, no, you know, we know we're looking for now, Like, sure they could launch an attack, but will we'll be able to stop it in time for before we can do like a lot of damage. Yeah, so we'll see, we'll lay out everything for you can decide who's right, that's rights w s K you should. So we've already mentioned that on the defensive side of things, the US is sorely lacking, um. But on the offensive side of things, we've actually done this ourselves more than once. Um during the coast of a war. Strickland points out, we used computer attacks to compromise Serbian air defenses, basically kind of scrambling their information so they had bad I guess coordinates. Well, just on the race our screen wasn't wasn't apt? Was okay? Or appropriate? Did you see that one? So we did this, We launched it and it and it worked. So, uh, that's a good thing, but it's also a bad thing if you're like, was it Bush the first or Clinton in Bush the second? Bush the second in two thou three in a rock and Clinton? Well, they were both like, we don't think we should be doing much of this because a couple of reasons. A. It basically opens us up. It's like, hey, they did this, so we can do it right back and be I think they could have drained some banks of terrorist cells. And they said, we kind of depend on the integrity of the banking system worldwide, like we don't want to start messing around with us. So apparently with with UM cyber warfare, it's very much like UM. When you build that virus, it's out there and it can be captured and studied and re deployed against you. Yeah, so what they were saying with Clinton and Bush who were saying like, no, we're not going to use a virus to UM to drain those bank accounts because they could be it will eventually come back on us, and our banking industry is not secure enough to withstand something that we ourselves make. Because apparently the US is pretty good at making viruses. I'm sure should we talk about some of the different ways that this can go down. Yeah, the Pearl Harbor attack, Yes, I had the feeling strictly might A name this one himself, but it's not true. He went to a lot of trouble to explain why it's called the Pearl Harbor strategy, and I think he could have just left at that. The idea here is that it's it's pretty much in your face. It's a massive cyber attack where they infiltrate and then they sabotage systems. UM much like Pearl Harbor was a big surprise and a big attack, wasn't I mean, it was sneaky, but it wasn't quiet by any means, right or stealthy. I guess the word UM. The other ones are pretty much stealthy. Part of a Pearl Harbor attack. I believe UM could be a distributed denial of service attack, which is basically, you know, like when you UM try to get onto a website or whatever, you're sending a request to the server to let you on right now. If you assault that one server with millions of pings and it's trying to accommodate everybody as is appropriate and apt UM, it'll basically they crash. Is the point you can crash a server by hitting it with millions of pings all at once, just slows it down to the point either where it doesn't work or it crashes. Yeah, and that's that's what anonymous likes to do with like MasterCard during the whole wiki leaks thing when they was a master Card or Visa crash. I cannot remember, um remember when that happened. Though. It's basically just launching a bunch of server requests at a specific server in the service, like no, no, and this falls over? Is that why people say ping? By the way, the ping um? Yeah, I hate that. It's better than javastorm. I don't even know what that is, drinking coffee while you're having a brainstorm, like let's go get coffee and brainstorm something javas to people say that, Yeah, I don't say it. I've never heard of that. That ping and meta or the three things that I will never say. Epic maybe the worst to call something epic. I don't mind epic. Oh man, I hate epics. At least it's a real word, especially epic fail. Well yeah, sure, okay, back to it. Viruses, uh, code red, slammer, nimda. These are viruses that Strickland has mentioned that it spread very quickly across the Internet, and there's a couple of ways this can go down. You can either, um, you can set a you can do it immediately and release a virus. You can have all these other computers deliver the virus. You can put sort of like a delay timer on your virus for it to go off in two years, automatically or manually whenever you want to. It can be waiting for you to hit the button and then latch the virus that way, or I think, um for the user of that computer to do, like say control all delete, Well we'll trigger it or something. Yeah, that's pretty scary. Yeah, I don't don't press those three buttons all the time on my PC. Oh my god, Chuck. I think we should talk about right about here is I think we're stucks net fits in who stucks net? Say it? When we're stucks net? I don't know what that is. You know it's stucks net? Is that in this? Yeah? It's the Iranian Um, it's the virus that the US and Israel unleashed on Iran. It's a perfect example of this. It is. You're right, So let's talk about stucks net. Stucks net. It's a great name. It was offensive a cyber attack. Offensive been two thousand and ten. They thinking maybe it was the first one ever, the US launched like a strictly for sabotage attack. Basically, they wanted to disable Iran UH Iran's UH centrifuges so they could not enrich uranium. And they did this through the UH, the new Air Force based out of Texas, right, Texas in Georgia. Yeah, what's the Warner Robbins Robin's Air Force Space, Yeah, Robin's Air Force Base. Yeah, those two places are where they station. Yeah. And this is the first all cyber unit. Pretty much pretty cool, right, Their whole is it, Their whole task is to wage cyber warfare, and I imagine to be defensive against cyber attacks. But um, I don't I don't know if they had to do with stuck stent, but they probably would have. Um I think it was being developed before was ordained in two thousand nine. Think it went back to two thousand seven when it was started. But basically, the they the CIA got their hands on centrifuges that they knew Iran was using, and they had just as many as Iran did of the same kind, and they studied it and they built this virus based on this configuration of centrifuges running Windows and Siemens switches, right, yeah, and then they build a virus to go infiltrate it. I thought it was called Operation Olympic Games. It was, but the malware, the virus itself is called Okay that's what I couldn't figure it out, but you're right. It was called Operation Olympic Games. And this whole operation was this huge, sweeping, awesome, massive secretive basically imagine like the CIA. Do you remember Uncommon Valor? Oh yeah, okay, do you remember when like they're training at that replica of the camp? Okay, the CIA did that with Iran centrifuges in the nuclear program, and they figured out exactly how he worked, and then they figured out the best way to break it. Was Gene Hackman bank rolling the whole thing. Oh yeah, he was there to get his son out. He he was just staring at this menu of guns and silhouette that he wanted to order. Remember that? Oh yeah, dude, that I thought that was so bad. That yeah, but that was a huge, huge movie for like dude's our age. No, I'm saying bad isn't like good? Okay, yeah, gotcha? Um so stucks and net Olympic Games happened, and like you said, it was the first offensive cyber attack. Most of the other ones have come in the form of UM sneaking in and lying around and watching and waiting and spying. Well, stuck that had that too, was that the initial There was a companion program called Flame that somehow. This is the part that's the biggest mystery. The m Iran's nuclear program is not connected to the Internet, so somebody got that in on thumb drive, infected their local system. UM and Flames sat there and basically just studied everything, told the US how the configuration was set up, and then they built it, and then they inserted stucks net and basically it made all of their data looked like everything was operating normally, but it was telling their centrifuges to spin out of control and basically break themselves. It's like Oceans eleven when they built the Replica vault exactly showed the Replica video. There's nothing going on. So basically, the Pentagon has been watching a lot of movies pretty much as skuld. But this is a hugely successful attack UM, if not at the very least for American cyber warfare UM, because it's supposedly set Iran's nuclear program back by at least a year, if not more, and that this would let us continue talk. Yeah, and I think it said one of the aims was to make them feel stupid, and then they said it worked like they that they done something wrong and that's why this these systems were failing. It's pretty scary, man. But the point is now is Okay, that's out there. Stuck Snut is out there for anybody who can get their hands on it. And that's the name of it. It's a great name, alright, stuck Snut within with an X with a new guetas center. But it's out there, and the US is now basically just the the computer equivalent of Hiroshima was just launched by the United States. Yeah, and nice little set up there. A lot of people are comparing these days of the early days of cyber warring to the early days of of nuclear bombs, and that there's not a ton of defense. Not anyone really knows what they're doing. It's sort of a chaotic mess that everyone's trying to get their finger in the bie though. Yeah, and the other countries like China, believe Russia, who are apparently better equipped to defend against a cyber attech than the US. So basically the US is really playing with fire. Well, and that's why Clinton and Bush we're declining to use these is one of the reasons where like, you know, this opens us up to counterattacks and just may not be the smartest way to Like we wouldn't go out and just drop a nuclear bomb on a country. Right, Oh wait did all? Right? Oops? Twice? What else you got? Let's see, Uh we talked about the system controls and UM data acquisition systems. Yeah, that was UM. Basically that is the achilles heel of infrastructure and the United States. One of the reasons why we're not set up to defend against UM a cyber attack is because we are so connected to the internet. Yeah everything is. Yeah. Iran North Korea, Yeah, not quite as much because a lot of their stuff is off the grid just by default because they don't have the infrastructure that we have. So just the robustness of our own infrastructure is one of the one of its vulnerabilities as well. Yeah, that's a good point as far as defense goes to I forgot about this stuff. Um. Strickland says that like the first step is education as far as educating consumers over you know, antivirus software and how they search the Internet and stuff like that. So I give that a medium. But uh, this guy, Richard Clarke, he's a security expert. He blames things on companies like Microsoft too. He feels like rushes through programs UM but for their fully security tested because they want to make you know, they want a few coins rub together by selling this stuff, and the consumer doesn't want to wait, and the stockholders don't want lots of testing because they want those new products on the market. So it's a bit of a rough position. And um, you know, private companies run most of the net, you know, it's not like this big government thing. So he contends, Clark does that it's up to these private companies who own the Internet's infrastructure to really make it more robust in a defensive sense, right, which is good in one sense, because then you have a dollar amount in the form of lost profits attached to UM a security breach, right, so company is going to try to protect it UM, which is good. Yeah, But at the same time it's like, yeah, if you're putting out products though, and you have competition and your competitors products are safer, UM, and you're just rushing stuff to market and you're gonna lose out ultimately pretty bit the same economic forces. And Jonathan also points out to that, you know, a scary way this can be implemented is as a one two punch with a physical attack. Yeah. So, I mean, this is the one that wakes me up in the middle of the night is a cyber attack is launched and the electric power grid is shut down, and gas lines and waterlines start going haywire, and then all of a sudden incomes the Red Dawn team parachuting in. Well, that's what we did to a Rock in two thousand three. We sent a cyber attack that messed with their UM I guess their air defense systems, and then we invaded. So that's happened before we've done it, doesn't surprise me. Yeah, cyber war, we're in the midst of it. We're in the midst of it. Pretty crazy stuff. Get your what Norton anti virus that'll just solve everything. Yeah. Education, education, that's all. That's the only thing, that's all we can do to prevent cyber war. UM. If you want to learn more about cyber War and read this article by Jonathan Strickland. You can type cyber war one word in the search bar how stuff works dot com and will bring it up, I said Jonathan Strickland, which means it's time for a listener. May all, it's time for a lot more than that. Uh. I'm gonna call this beer and Fire. Hi, guys, I'm a professor of history and a long time act of your show. I use a podcast in my college classes to talk about how we use history and entertainment. I'm writing about the Great Chicago Fire podcast, especially as it relates to my research. See. I study the history of alcohol, and I teach a class on the history of beer. Uh. Pretty cool. We study the economic, social, and cultural history of beer, and we make beer in class into weekly beer tastings. What anyway, Aside from the stuff you mentioned the show, the Chicago fire is important because it wiped out about three quarters Chicago's breweries. Something like eighteen breweries were destroyed by the fire. Of course, people still wanted beer. Uh. Chicago and the Upper Midwest has was populated about a lot of Germans at the time. This gave birth to the beer industry in Milwaukee before the Great Fire. Milwaukee was a beer town, but not a major supply center. Schlitz especially as a good example of how the Milwaukee beer industry reacted to the fire. Joseph Schlitz, the founder it, first donated thousands of barrels of beer to Chicagoans and the weeks after the fire. Been Sensing an opportunity, he then opened a distribution point in the city. After all, there were still hundreds of thousands of thirsty Chicagoans, he opened Schlitz Tide saloons. By the eighteen eighties, he was selling about fifty thousand barrels of beer in Chicago alone, which is about seventeen percent of their total. And the slogan, the slogan for Schlitz, the beer that made Milwaukee famous, came out of this period, and it's because of the beer sold after the fire, so that's where they got the name. By nineteen two, Schlitz was the largest brew in the world, a title it would trade back and forth with Budweiser until the nineteen fifties. And he goes on to point out that Blats and perhapsed followed similar trajectories stucks net, stucks net, and UH. The Chicago brewing industry sadly never recovered from the fire, although beer drinking remained steady. And I don't have Professor Beer's name, so we'll just call him Professor Beer. Oh, I'm sure he'd appreciate that. Yeah, I'm sure that's what the students call him. Thanks, Professor Beer. Yeah. And if you want to write in, I'll say your name on a later show. Okay. Um. And if you teach, especially something interesting or you stuff you should Know? To hell. If you teach, we're always interested in hearing that. We want to know about it. Okay. You can tweet it to us at s y s K podcast, put it on Facebook dot com slash Stuff you Should Know, or you can send us an email. The Stuff podcast at how Stuff Works dot com and has always joined us at our home on the web Stuff you Should Know dot Com. Stuff you Should Know is a production of iHeart Radio's How Stuff Works. For more podcasts for my heart Radio, visit the iHeart Radio app, Apple Podcasts, or wherever you listen to your favorite shows. H

Hey there everyone, it's me Josh, and for this week's s Y s K Selects, I've chosen a classic episode on cyber war It's almost certainly hopelessly out of date by now, but it is an interesting intro to cyber warfare, and we learned that Chuck hates the words stucks net. So listen out for that kick back and enjoy this classic episode of Stuff You Should Know. Welcome to Stuff You Should Know, a production of five Heart Radios How Stuff Works. Hey, welcome to the podcast. I'm Josh Clark with me is always a child to be Chuck Bryant. We call him an authority on UM, cyber security, the Internet and everything about it. An expert. You would say, that's right. Hey, should we say hello to our our latest celebrity fan who we just learned today that miss Kristen Bell, the lovely and enchanting and nerdy Kristen Bell. Is she nerdy, very nerdy, like prides herself on. I mean, it doesn't surprise me that she listens to the show. Yeah, because she's on record as being a big nerd, which is one reason I like her a lot. And she's curating UM a newsweek page right, Yeah, like things she likes or kind of one of those deals that they do in magazines now and she listed us. That's pretty awesome. How about that? Thank you very much for that. I'm a huge fan of a party down which she was in and other stuff that she's been in forgetting Sarah Marshall, how's it going? And her You gotta see her sloth video online that she did on the Ellen Show. It's pretty funny, highly recommended. Okay, so that's all I got. That's all the sucking up I'm gonna do. Should we say hi to another fan, slightly less famous but pretty cool? Yes? Sam? Do you want to give a little a little backstory? Giving some backstory here? Sure? We um. We had a live Um tribute event here in Atlanta a couple of years ago, and at the event was a little, uh teenage fan named Sam teenage you mean like just post tween. Yeah, like, and his mom brought him and he's a big fan. He's just like really sweet kid. Mom was very sweet, sweet, very nice family. Flash forward a couple of years we got to south By, Southwest there Sam again, apparently mom drove him to Austin to come see our life podcast. Yeah, they weren't there to see. I've spoke to mom afterwards and was like, so, what else are you guys gonna see? She's like nothing. We're going back crazy. I was like, what else did you see? She's like nothing. They came to see us. So then we were like, all right, we gotta think of something for Samy because he's proved his metal And Sam wrote in and and sent his resume and like all the reasons we should put him to work, and it's just like, dude, if the future is secure, if kids are like Sam, for I'm not worried about a thing anymore. Yeah, So we we racked our brains and we found out there's like a surprising amount of adult only tasks that we do, like at any given time, and we're like, all right, we have to we have to figure out something that's age appropriate for Sam. That's right. So long story short, I was getting kind of thin on podcast topics. I put Sam on the case and he sent me like a stellar, stellar list with reasons why we should do these and uh, this is the first one. This is one, and he had a lot of overlap on once we had already recorded it aren't out yet, so that just goes to show you that Sam is like he gets the show right. And uh so, as Sam's picking these out, we're gonna let you know if this is a Sam one. But this is going on in the summer, we're gonna call this the Summer of Sam. That's right, Sam's choice. All right. So that's the longest intro ever. That wasn't even the intro. Man, Well, let's get to cyber worse. Then, let's bossy. Well, you know, Chuck, have you ever been to Bellingham, Washington? No? Okay, I have not. Have you been to Washington? Been in Seattle? Isn't that where um Van Nostrin lives? Yeah? Or is it Oregon? Now he sees Washington? Ok um? So, uh in Bellingham, wash Ington on June at the Olympic Pipeline Company a systems control and data acquisition system. There's systems twice in there. Um, but a SCATA or SKATA system um, which is basically like a computer program that like can make a valve turn or turn something off for mechanical right from from digital binary instructions right. Um, This Olympic Pipeline Company system was operating on this this type of program and UM something went wrong and one of their pipes started leaking a lot, like millions of gallons of gasoline UM and part of it erupted into a fireball and killed three people injured many others. UM and they went back and looked at it. They think it was just a system malfunction. But the fact that this came along, this happened because of this system can troll, and it happened in as the dot com bubble was starting to grow and like the Internet was really becoming a huge thing. UM people who are into cybersecurity now point to this as evidence of exactly what somebody could do during a cyber attack, even though they think this was just an accident, right, irrelevant, But they're they're they weren't like pointing to that as well. No, they don't think that had anything to do, but they were saying, this is what it would look like if somebody had wanted to attack, Like, this is what a cyber attack would look like. Because it's not just the Olympic Pipeline company that's using these systems UM. All over the United States, companies, law enforcement agencies, military banks, UM, public works, all of these things are all running on what amounts to Windows. It's a simple that. Yeah, Microsoft systems many of them, and um. As Jonathan Strickland wrote this from tech Stuff the article, and as Strickland points out, um, a couple of things Microsoft has been uh kind of chastise over the years for their security or lack of security in some of their programs, and um. The other thing he points out is the internets grew so fast and everyone got on board so quickly that it kind of outpaced what we could even do security wise. It was all of a sudden, Government agencies and power grids and emergency services and weapons systems, water and fuel pipelines, all the stuff is running on on computers and a lot of it through the Internet. And we don't quite know how to guard against a cyber attack. No, And apparently even as far as like the knowledge of how to guard against cyber attacks goes, the United States is is lacking, Yeah, compared to like China and Russia. UM, so we're kind of in this really weird position right now where we've realized that all of the ponies are hooked to a single basket of eggs and all it's gonna take is a couple of black cat firecrackers to scare all the horses off. That's the best analogy I can come up with. Did you just think of that? Or did you I just thought it that. My imagination is back. I can tell you where time traveled to awesome where I can't think. Okay, um, all right, let's go back a little bit in time. I don't think we need the way Back machine for this, because we're just going to We can just like walk outside. Yeah, they'd be the waste of time for the way Back machine. Umn. Some pretty smart people caught on early that hey, we could be vulnerable to something like a cyber attack. So let's look into this. Let's put a red team on it. Red team is a our friends that act as enemies to try and you know how they hire these people to like break into your home. Yeah, those are red teams basically, right, like um from Star Wars. Yeah, exactly. So let's get a red team. Let's let's uh name it this mission something really cool out of a football playbook. Let's name it Project Eligible Receiver. Do you know how many times I had to look at that before it finally sunk in what words I was looking at? Really it is? It does look kind of funny. It looks like eleanor Rigby when you glance at it, at least I think, so, yeah, it doesn't to me. I was thinking more of like a radio receiver or something like, I think it just means about football. No, it totally just saying like I read this many times before, I was like, oh, okay, so a lot of this is still classified, so we don't know everything. But basically they hired some hackers, which is what you do to test your security, they being the Department of Defense. Yeah, yeah, depart of Defense saying hey, can you nerds hack into the Pentagon system and afterwards we won't assassinate exactly, And the nerds were like, just watched this and it took three days before the Pentagon even knew that they were being cyber attacked by the Red Team, Like pretty successful and very sobering. Yeah, so um, they they h it was I guess kind of an eye opener for the d O D and they I'm sure used it to step up security. Not fast enough though, because after this Red Team attack, um Operation Eligible Receiver, an actual attack which they later came to call what was at Moonlight Maze. Yeah, this is one year after that the tests. A year after UM, somebody launched an attack and it was a I guess what's probably the most typical kind of cyber attack, where you insert some sort of software to basically spy and get files and gather data and download sensitive materials. Right, And apparently took two years before NASA, the Pentagon, UM and other agencies in the US government noticed that UM accidentally noticed that this that they were being spied on. Cyber wise, Yeah, they got data like strategic maps, troop assignments, and positions. Not good, right, very scary. And they trace it back to Russia. Doesn't necessarily mean that it came from Russia in its origin, but at least that's where they traced it to. Uh. And this is cyber warfare, like it's happening. It's been going on since the nineties pretty much. Yeah, I mean it's not is a cyber war coming, it's like, how do we prevent like a cyber war from bringing us all down? Yeah, pretty much. And it's apparently from looking into this, there's like two camps. There's like a gloom and doom camp where it's like, yeah, somebody really wants to mess things up. They're going to be able to it's gonna be pretty easy. And the sunny optimistic camp is kind of like, no, you know, we know we're looking for now, Like, sure they could launch an attack, but will we'll be able to stop it in time for before we can do like a lot of damage. Yeah, so we'll see, we'll lay out everything for you can decide who's right, that's rights w s K you should. So we've already mentioned that on the defensive side of things, the US is sorely lacking, um. But on the offensive side of things, we've actually done this ourselves more than once. Um during the coast of a war. Strickland points out, we used computer attacks to compromise Serbian air defenses, basically kind of scrambling their information so they had bad I guess coordinates. Well, just on the race our screen wasn't wasn't apt? Was okay? Or appropriate? Did you see that one? So we did this, We launched it and it and it worked. So, uh, that's a good thing, but it's also a bad thing if you're like, was it Bush the first or Clinton in Bush the second? Bush the second in two thou three in a rock and Clinton? Well, they were both like, we don't think we should be doing much of this because a couple of reasons. A. It basically opens us up. It's like, hey, they did this, so we can do it right back and be I think they could have drained some banks of terrorist cells. And they said, we kind of depend on the integrity of the banking system worldwide, like we don't want to start messing around with us. So apparently with with UM cyber warfare, it's very much like UM. When you build that virus, it's out there and it can be captured and studied and re deployed against you. Yeah, so what they were saying with Clinton and Bush who were saying like, no, we're not going to use a virus to UM to drain those bank accounts because they could be it will eventually come back on us, and our banking industry is not secure enough to withstand something that we ourselves make. Because apparently the US is pretty good at making viruses. I'm sure should we talk about some of the different ways that this can go down. Yeah, the Pearl Harbor attack, Yes, I had the feeling strictly might A name this one himself, but it's not true. He went to a lot of trouble to explain why it's called the Pearl Harbor strategy, and I think he could have just left at that. The idea here is that it's it's pretty much in your face. It's a massive cyber attack where they infiltrate and then they sabotage systems. UM much like Pearl Harbor was a big surprise and a big attack, wasn't I mean, it was sneaky, but it wasn't quiet by any means, right or stealthy. I guess the word UM. The other ones are pretty much stealthy. Part of a Pearl Harbor attack. I believe UM could be a distributed denial of service attack, which is basically, you know, like when you UM try to get onto a website or whatever, you're sending a request to the server to let you on right now. If you assault that one server with millions of pings and it's trying to accommodate everybody as is appropriate and apt UM, it'll basically they crash. Is the point you can crash a server by hitting it with millions of pings all at once, just slows it down to the point either where it doesn't work or it crashes. Yeah, and that's that's what anonymous likes to do with like MasterCard during the whole wiki leaks thing when they was a master Card or Visa crash. I cannot remember, um remember when that happened. Though. It's basically just launching a bunch of server requests at a specific server in the service, like no, no, and this falls over? Is that why people say ping? By the way, the ping um? Yeah, I hate that. It's better than javastorm. I don't even know what that is, drinking coffee while you're having a brainstorm, like let's go get coffee and brainstorm something javas to people say that, Yeah, I don't say it. I've never heard of that. That ping and meta or the three things that I will never say. Epic maybe the worst to call something epic. I don't mind epic. Oh man, I hate epics. At least it's a real word, especially epic fail. Well yeah, sure, okay, back to it. Viruses, uh, code red, slammer, nimda. These are viruses that Strickland has mentioned that it spread very quickly across the Internet, and there's a couple of ways this can go down. You can either, um, you can set a you can do it immediately and release a virus. You can have all these other computers deliver the virus. You can put sort of like a delay timer on your virus for it to go off in two years, automatically or manually whenever you want to. It can be waiting for you to hit the button and then latch the virus that way, or I think, um for the user of that computer to do, like say control all delete, Well we'll trigger it or something. Yeah, that's pretty scary. Yeah, I don't don't press those three buttons all the time on my PC. Oh my god, Chuck. I think we should talk about right about here is I think we're stucks net fits in who stucks net? Say it? When we're stucks net? I don't know what that is. You know it's stucks net? Is that in this? Yeah? It's the Iranian Um, it's the virus that the US and Israel unleashed on Iran. It's a perfect example of this. It is. You're right, So let's talk about stucks net. Stucks net. It's a great name. It was offensive a cyber attack. Offensive been two thousand and ten. They thinking maybe it was the first one ever, the US launched like a strictly for sabotage attack. Basically, they wanted to disable Iran UH Iran's UH centrifuges so they could not enrich uranium. And they did this through the UH, the new Air Force based out of Texas, right, Texas in Georgia. Yeah, what's the Warner Robbins Robin's Air Force Space, Yeah, Robin's Air Force Base. Yeah, those two places are where they station. Yeah. And this is the first all cyber unit. Pretty much pretty cool, right, Their whole is it, Their whole task is to wage cyber warfare, and I imagine to be defensive against cyber attacks. But um, I don't I don't know if they had to do with stuck stent, but they probably would have. Um I think it was being developed before was ordained in two thousand nine. Think it went back to two thousand seven when it was started. But basically, the they the CIA got their hands on centrifuges that they knew Iran was using, and they had just as many as Iran did of the same kind, and they studied it and they built this virus based on this configuration of centrifuges running Windows and Siemens switches, right, yeah, and then they build a virus to go infiltrate it. I thought it was called Operation Olympic Games. It was, but the malware, the virus itself is called Okay that's what I couldn't figure it out, but you're right. It was called Operation Olympic Games. And this whole operation was this huge, sweeping, awesome, massive secretive basically imagine like the CIA. Do you remember Uncommon Valor? Oh yeah, okay, do you remember when like they're training at that replica of the camp? Okay, the CIA did that with Iran centrifuges in the nuclear program, and they figured out exactly how he worked, and then they figured out the best way to break it. Was Gene Hackman bank rolling the whole thing. Oh yeah, he was there to get his son out. He he was just staring at this menu of guns and silhouette that he wanted to order. Remember that? Oh yeah, dude, that I thought that was so bad. That yeah, but that was a huge, huge movie for like dude's our age. No, I'm saying bad isn't like good? Okay, yeah, gotcha? Um so stucks and net Olympic Games happened, and like you said, it was the first offensive cyber attack. Most of the other ones have come in the form of UM sneaking in and lying around and watching and waiting and spying. Well, stuck that had that too, was that the initial There was a companion program called Flame that somehow. This is the part that's the biggest mystery. The m Iran's nuclear program is not connected to the Internet, so somebody got that in on thumb drive, infected their local system. UM and Flames sat there and basically just studied everything, told the US how the configuration was set up, and then they built it, and then they inserted stucks net and basically it made all of their data looked like everything was operating normally, but it was telling their centrifuges to spin out of control and basically break themselves. It's like Oceans eleven when they built the Replica vault exactly showed the Replica video. There's nothing going on. So basically, the Pentagon has been watching a lot of movies pretty much as skuld. But this is a hugely successful attack UM, if not at the very least for American cyber warfare UM, because it's supposedly set Iran's nuclear program back by at least a year, if not more, and that this would let us continue talk. Yeah, and I think it said one of the aims was to make them feel stupid, and then they said it worked like they that they done something wrong and that's why this these systems were failing. It's pretty scary, man. But the point is now is Okay, that's out there. Stuck Snut is out there for anybody who can get their hands on it. And that's the name of it. It's a great name, alright, stuck Snut within with an X with a new guetas center. But it's out there, and the US is now basically just the the computer equivalent of Hiroshima was just launched by the United States. Yeah, and nice little set up there. A lot of people are comparing these days of the early days of cyber warring to the early days of of nuclear bombs, and that there's not a ton of defense. Not anyone really knows what they're doing. It's sort of a chaotic mess that everyone's trying to get their finger in the bie though. Yeah, and the other countries like China, believe Russia, who are apparently better equipped to defend against a cyber attech than the US. So basically the US is really playing with fire. Well, and that's why Clinton and Bush we're declining to use these is one of the reasons where like, you know, this opens us up to counterattacks and just may not be the smartest way to Like we wouldn't go out and just drop a nuclear bomb on a country. Right, Oh wait did all? Right? Oops? Twice? What else you got? Let's see, Uh we talked about the system controls and UM data acquisition systems. Yeah, that was UM. Basically that is the achilles heel of infrastructure and the United States. One of the reasons why we're not set up to defend against UM a cyber attack is because we are so connected to the internet. Yeah everything is. Yeah. Iran North Korea, Yeah, not quite as much because a lot of their stuff is off the grid just by default because they don't have the infrastructure that we have. So just the robustness of our own infrastructure is one of the one of its vulnerabilities as well. Yeah, that's a good point as far as defense goes to I forgot about this stuff. Um. Strickland says that like the first step is education as far as educating consumers over you know, antivirus software and how they search the Internet and stuff like that. So I give that a medium. But uh, this guy, Richard Clarke, he's a security expert. He blames things on companies like Microsoft too. He feels like rushes through programs UM but for their fully security tested because they want to make you know, they want a few coins rub together by selling this stuff, and the consumer doesn't want to wait, and the stockholders don't want lots of testing because they want those new products on the market. So it's a bit of a rough position. And um, you know, private companies run most of the net, you know, it's not like this big government thing. So he contends, Clark does that it's up to these private companies who own the Internet's infrastructure to really make it more robust in a defensive sense, right, which is good in one sense, because then you have a dollar amount in the form of lost profits attached to UM a security breach, right, so company is going to try to protect it UM, which is good. Yeah, But at the same time it's like, yeah, if you're putting out products though, and you have competition and your competitors products are safer, UM, and you're just rushing stuff to market and you're gonna lose out ultimately pretty bit the same economic forces. And Jonathan also points out to that, you know, a scary way this can be implemented is as a one two punch with a physical attack. Yeah. So, I mean, this is the one that wakes me up in the middle of the night is a cyber attack is launched and the electric power grid is shut down, and gas lines and waterlines start going haywire, and then all of a sudden incomes the Red Dawn team parachuting in. Well, that's what we did to a Rock in two thousand three. We sent a cyber attack that messed with their UM I guess their air defense systems, and then we invaded. So that's happened before we've done it, doesn't surprise me. Yeah, cyber war, we're in the midst of it. We're in the midst of it. Pretty crazy stuff. Get your what Norton anti virus that'll just solve everything. Yeah. Education, education, that's all. That's the only thing, that's all we can do to prevent cyber war. UM. If you want to learn more about cyber War and read this article by Jonathan Strickland. You can type cyber war one word in the search bar how stuff works dot com and will bring it up, I said Jonathan Strickland, which means it's time for a listener. May all, it's time for a lot more than that. Uh. I'm gonna call this beer and Fire. Hi, guys, I'm a professor of history and a long time act of your show. I use a podcast in my college classes to talk about how we use history and entertainment. I'm writing about the Great Chicago Fire podcast, especially as it relates to my research. See. I study the history of alcohol, and I teach a class on the history of beer. Uh. Pretty cool. We study the economic, social, and cultural history of beer, and we make beer in class into weekly beer tastings. What anyway, Aside from the stuff you mentioned the show, the Chicago fire is important because it wiped out about three quarters Chicago's breweries. Something like eighteen breweries were destroyed by the fire. Of course, people still wanted beer. Uh. Chicago and the Upper Midwest has was populated about a lot of Germans at the time. This gave birth to the beer industry in Milwaukee before the Great Fire. Milwaukee was a beer town, but not a major supply center. Schlitz especially as a good example of how the Milwaukee beer industry reacted to the fire. Joseph Schlitz, the founder it, first donated thousands of barrels of beer to Chicagoans and the weeks after the fire. Been Sensing an opportunity, he then opened a distribution point in the city. After all, there were still hundreds of thousands of thirsty Chicagoans, he opened Schlitz Tide saloons. By the eighteen eighties, he was selling about fifty thousand barrels of beer in Chicago alone, which is about seventeen percent of their total. And the slogan, the slogan for Schlitz, the beer that made Milwaukee famous, came out of this period, and it's because of the beer sold after the fire, so that's where they got the name. By nineteen two, Schlitz was the largest brew in the world, a title it would trade back and forth with Budweiser until the nineteen fifties. And he goes on to point out that Blats and perhapsed followed similar trajectories stucks net, stucks net, and UH. The Chicago brewing industry sadly never recovered from the fire, although beer drinking remained steady. And I don't have Professor Beer's name, so we'll just call him Professor Beer. Oh, I'm sure he'd appreciate that. Yeah, I'm sure that's what the students call him. Thanks, Professor Beer. Yeah. And if you want to write in, I'll say your name on a later show. Okay. Um. And if you teach, especially something interesting or you stuff you should Know? To hell. If you teach, we're always interested in hearing that. We want to know about it. Okay. You can tweet it to us at s y s K podcast, put it on Facebook dot com slash Stuff you Should Know, or you can send us an email. The Stuff podcast at how Stuff Works dot com and has always joined us at our home on the web Stuff you Should Know dot Com. Stuff you Should Know is a production of iHeart Radio's How Stuff Works. For more podcasts for my heart Radio, visit the iHeart Radio app, Apple Podcasts, or wherever you listen to your favorite shows. H