EP 097 Peter Warmka former CIA Intelligence Officer and Author of 'Confessions of a CIA SPY' Artwork

The Security Circle

An IFPOD production for IFPO the very first security podcast called Security Circle. IFPO is the International Foundation for Protection Officers, and is an international security membership body that supports front line security professionals with learning and development, mental Health and wellbeing initiatives.

All Episodes

The Security Circle

EP 097 Peter Warmka former CIA Intelligence Officer and Author of 'Confessions of a CIA SPY'

October 30, 2024 • Peter Warmka • Season 1 • Episode 97

Send us a text

Peter Warmka is a former Senior Intelligence Officer with the CIA having over 20 years of experience in breaching the security of target organizations overseas. He is an Adjunct Professor at Webster University's Masters in Cybersecurity Program, Founder of Orlando, Florida-based firm Counterintelligence Institute, LLC, and author of the non-fiction books "Confessions of a CIA Spy - The Art of Human Hacking” and “Why Are You Messing with Me? – Senior Survival Guide on Fraud, Privacy, and Security.”

He is passionate about using his expertise in helping city, state, and federal government entities, non-profits, academic institutes, private companies, and individuals to safeguard their sensitive proprietary and personal data.

In addition to conducting his signature training program, Mr. Warmka is a frequent conference speaker, guest podcaster, and author of numerous publications on social engineering and the manipulation of insiders.

He received a bachelor’s degree in Liberal Arts from the University of Wisconsin-Milwaukee and a master’s degree in International Business Management from Thunderbird School of Global Management. Mr. Warmka is a Certified Fraud Examiner (CFE), a Certified Protection Professional (CPP), and Certified Instructor at CIA University (CIAU).

https://www.linkedin.com/in/peterwarmka/

Security Circle ⭕️ is an IFPOD production for IFPO the International Foundation of Protection Officers

0:01

If you enjoy the security circle podcast, please like share and comment or even better. Leave us a fab review we can be found on all podcast platforms. Be sure to subscribe. The security circle every Thursday. We love Thursdays.

Yoyo: 0:43

hi, this is Yolanda. Welcome. Welcome to the Security Circle podcast. IFPO is the international Foundation for Protection Officers. And here on the board, we are dedicating to providing meaningful education and certification for all levels of security personnel and make a positive difference to our members mental health and well being. Our listeners are global. They are the decision makers of tomorrow, and we want to thank you wherever you are for being a part of the security circle. If you love the podcast, we are on all podcast platforms. Spotify is currently trending. Don't forget to subscribe, give us five stars, or just like, comment, and share on our LinkedIn post. Well, I have a very special guest with me today. in fact, Peter, who is joining us, has a very interesting career and he's also going to tell us how he got into that career and what he's up to now and why we both appeared together for the Life Safety Alliance, recognition So welcome to the Security Circle Podcast. Peter Warmka, how are you doing?

Peter: 1:45

I'm fine. Thank you so much, Yolanda. It is a pleasure to be on your podcast. I've listened to you doing it's a great product, and it's just an honor and pleasure for me to be speaking with you today.

Yoyo: 1:58

Well, likewise, I always say the pleasure is mine. I just do the listening. Everyone else does the heavy lifting, right? but the first question I want to hit you up for quite frankly is, and you have an amazing profile on LinkedIn. As soon as I saw it, I thought, whoa, there's somebody who has a story, right? I'd love to know, how did you get into the CIA?

Peter: 2:22

It's a really, it's a long road of twists and turns that I would never imagine that would have led me to, you know, my career today. I grew up on a farm in midwestern United States in Wisconsin and I never got out of the little, you know, town, the area where I lived until I was about 17. I studied in a, decided to go into a high school seminary. I run by the Capuchin Missionaries, and they had missions in Nicaragua. And so I was invited, I was the first person that they invited from the seminary to actually travel down to Nicaragua by car. It's a long ways from Wisconsin all the way down to Nicaragua. That was in 1977. That kind of dates me, for your audience. Uh, but I loved it so much, I decided to go back two years later, 1979. And you know, when you're young and maybe some people say foolish, there were the, uh, politically, it was getting to be a little bit dicey there because there was a civil war going on. The Sandinistas were coming into power and actually they came into power while I was there. So I experienced, you know, a really interesting situation of, uh, of a dictatorship being overthrown and his new wave of, you know, optimism coming in, with the Sandinista party. And so I don't know, I got all kind of like, You know, so excited a about the international, you, environments both political, economic and cultural. And I decided to, you know, What I wanted to do is work in Latin America. Okay, that was kind of like my goal. Going, you know, we go to university and we kind of have a goal. We don't know how we're going to get there. I study Spanish, of course. A little bit of economics, a little bit of business, a little bit of everything. And when I graduated, I decided to go on to graduate school in Thunderbird. And, International School of Management and a pretty much equivalent to a MBA, but you have to have a foreign language to graduate and you have to take the various courses and not only business, but in in culture and economics and I'm sorry in geopolitical. Rena got that. And then I said, well, I want to work in Latin America. What's the best thing to do? Maybe start working in banking. So I started working for an international bank in Miami, got itchy elbows after four years, because I didn't see much of an opportunity to get promoted. There was a bank. Owned and controlled by French and Italians. And so if you weren't French or Italian, you didn't have much of the opportunity. I started to, apply for other jobs, primarily in banking. And I saw this ad in the wall street journal that just seemed kind of interesting if a foreign investment group looking to expand in Latin America, and they were looking for individuals who had a business experience, they're traveling or living in these countries, who spoke Spanish or Portuguese. I applied. And got a response back a couple weeks later saying that they wanted to forward my resume to one of their clients in the U. S. government. And I'm thinking, this is strange. I had no interest at all to work for the U. S. government. I mean, I never even contemplated it. I wanted to work in the private sector. So, uh, I didn't answer the letter. It said you had to answer within 21 days, you know, I didn't answer. And about two months later, my wife asked me whatever happened to that letter. And I said, well, it's underneath the night table. I never, you know, applied. And she said, why don't you send it in? I said, it's too late. No, it's already past the 20 days to send it in. So I send it in. Then this is the day before cell phones. This is a time before cell phones. I'm coming back from work, uh, I don't know, a week or two later and my wife says someone from Washington called you and I said who from Washington. They wouldn't say, but they asked me what time you're going to be back and I said around six o'clock and so they said you're going to call back at six exactly at six o'clock at the phone rings the landline. And I answer it and he's, and he's, the, uh, the representative said that he worked with the CIA and he wanted to know if I had some time to answer some questions. So basically we had like an hour and a half interview over the telephone. And he didn't answer very many of my questions, but they had a lot of questions for me. And if you have an understanding of security clearances, I think they were asking a lot of questions to see whether or not I would have any, you know, obvious problems with, with, with getting a security clearance. And I think I satisfied them to the point that, hey, this doesn't seem to be anything here. And they actually said, if you're interested, we can go through the formal application process. We'll send you out, um, some forms and fill them out. And then that will begin the process. And I thought, why not? You know, the only thing they told me about that we have lots of opportunities, both domestically, you know, as well as overseas. We have a lot of opportunities, uh, to work as a case officer, but they didn't go into any detail about what that type of work actually was. But it intrigued me. They sent to me this packet, I filled everything out, sent it back, and then that began the process, you know, they, they called me, come up for an interview, and here I thought I was going to have an interview, and basically I was told to go to another room in this hotel, and there was a, uh, a big chair in the middle of the room, with all these wires coming out of it, and, and this large individual said, and said, okay, welcome to the polygraph. So I was polygraphed on the spot. And then I was asked, then I asked, how did I do? And the gentleman said, they'll tell you. So I had no idea how I did. I went back to my original room. Uh, another gentleman came in and said, congratulations. Uh, you passed the polygraph and, and now we can tell you about, you know, the program, so I can't go into details about the program per se, but it was a very specialized program for myself to, you know, working with a group, you know, as, as an, as a case officer overseas in a, in a, you know, uh, On a permanent basis, for example, you'd go out two, three, four years and you could continue to stay out and move to different countries or we come back to the United States, but that was like they said we would be interested in, you know, interviewing you for this program. And I said, great. So they brought myself and my wife back to Washington. We're in a hotel room and for a week, you know, nonstop interviews, different people coming in to interview us. And I thought it went good. And they called me a few weeks later and said, Can you come back with just you, not your wife. Okay. Go back there. And then I, you know, I'm in another hotel and these three gentlemen coming and imagine two single little, little single beds and all of a sudden you got four guys sitting on the side on the edges of the beds talking, you know, that's, that's basically how we held our, uh, how we had our session. It was a psychologist and psychiatrist. And he said, everybody likes you. They're impressed by you. They think you'd be great for this job, but we have concerns about your wife. And I'm thinking, what do they know about my wife that I don't know? They said, well, there were some things where they seem that, uh, she didn't seem like she was engaged in the conversation. She was looking a little bit past the individuals. I said, well, she knew exactly what was going on. She was listening. And you had us put this. Um, you know, I've had the TV on in the background basically to distort, you know, sound masking. Right. And so she would, you know, she was listening to that and, uh, they said, okay, I guess that makes sense. But some people wonder whether or not she could handle living overseas. And she's from El Salvador, the country of El Salvador, gone through a period of 10 years with martial law, with shortages of electricity, food, and dead people laying on the streets. and I said, if she can't. If, she's more capable of living overseas than I am. So, okay. Okay. And so they said, we're going to have a murder board call us back later today by the pay phone. Yeah, that's all. I put my two quarters in there and call and they said, congratulations. You're, you're accepted. This is an October training starts in January. And, uh, and I said, great. Okay. And just to let you guys know, we're planning to go to El Salvador for holidays with my wife and her family. And then I heard a pause. He said, if you leave the country before you start, we'll have to begin the process all over again regarding the security clearance, regarding the polygraph. And I'm thinking, Oh no. So that was the beginning of big brother in my life, you know, and I had big brother for over 23 years. I'm retired now, retired a few years back, but it was a fantastic, really a fantastic career. I have no regrets. And, it was just phenomenal. I never, I mean, never envisioned something like this. Uh, And it got me, basically, for your audience that maybe doesn't know what a case officer is, there's a special type of case officer, but you're at the tip of the spear, you're going out there to spot, assess, develop, recruit individuals to provide you with intelligence. And I kind of, I kind of equate it. And now we can get into the later about how this transition, but it's sort of targeting an organization and identifying those insiders in those organization and assessing them and then manipulating them to breach the security of that organization to obtain the information, the data that we are after. So I specialize that did that for over 20 years overseas for 20 years.

Yoyo: 11:17

It's phenomenal, isn't it? It takes a certain type of person to do that. Like, uh, people say to me, I used to have a first career, Peter, as a DJ and people say, Oh, great job, you know, but I couldn't do that. And I think when you look at the skillset that they must have recognized, you had that ability to be instantly likable, not. threatening, build trust really quickly. Those skills are very, very rare, really, which is why I can see certain people get picked for these types of jobs. Did you ever feel like sometimes, crikey, what have I signed up to? Have I got in over my head?

Peter: 11:54

Maybe a little bit during my first assignment. I wouldn't say specifically where I went, but I went to a place where I think the people that were making decisions for me, knowing that I was going out as my very first place and it picked a place that, uh, was just so complicated, so difficult. And even the economy was kind of shutting down. So it didn't make much sense for, for me and the particular cover that I had to go out overseas. And I felt at that point, yes, I was over my head and I said, let me give this one more shot. And so it was a new assignment and I mean, it did very, very well. and every, everything got, I guess I was still going into the, you know, it's like baptism by fire. The very first one was so difficult. And I found that, Hey, if I could, if I can get through this, I can get through anything. So after that, it just seemed like everything was so much easier, more confident and more capable. And I just felt that. Uh, as you mentioned, you know, that building that trust is for some reason, people, everybody trusted me, I guess it's just, smiling and listening a lot of it's listening because people love to talk and people, you know, people to listen to them. That's what frustrates so many people, because they like to talk about them, you know, people talk about themselves, they don't necessarily listen to other people and I just like to listen, of course. That's why we use one of these skill sets where we are trained a lot and before we deploy and do this work is elicitation. but it's basically, I think of collecting information. You can extract information like, you know, interrogate somebody and that you don't know if that information they're providing you is true or not. Or it's an interview with a person knows. Why you're asking these questions, you could be conducting a security interview or a job interview and people know, why you're having this discussion, but then elicitation is just having what appears to be a random conversation. And elicitor is really good at moving that conversation around. To get to a lot of the points that they want to collect this information. And people have no idea that they're given up this information regarding themselves or their companies. And, uh, it's, it's tremendous. It's so powerful.

Yoyo: 14:00

Yeah. It's amazing what people offer up without even,, thinking about it to strangers, you know, I, cause I commuted in and out of London quite a lot, and being an ex police detective in the UK, albeit only for seven years, I still used to love watching and observing people and just seeing How, when people had their guards down, they would talk about stuff and I'm thinking, crikey, I'm a random stranger, you're saying all this stuff to me. So I know when I've spoken to other, CIA veterans, they've always talked about the deception element being something that's been something they've had to live with their whole lives. And it's been hard with family as well. Did you find that a personal trial?

Peter: 14:39

Oh, yeah, very good question. I mean, I think that was probably one of the most difficult things initially is being able to lie. But I guess you kind of like rationalize it. You know, I'm a person that doesn't like to lie, of course, but I feel like there's certain things you got to do to protect yourself, protect your family and protect the mission that you're You know that you are out to accomplish and a line that deception becomes crucial. Uh, you have to do it and You know who my family knew what I was doing only my wife Knew and when I went off for my very first assignment overseas The cia said we want you to advise someone else in your family back stateside So that if there's an emergency of some point and we want to establish contact with your family that we know You We can contact them and they know, yeah, this is legit versus some crazy thing, you know. So I decided to tell my father, uh, very patriotic man, very patriotic. And I, and I, and I was assuming that he would be so proud and just like, You know, smile and say, son, I'm proud of you. And after I told him, he said, I wish you wouldn't have told me and don't tell your mother completely different reaction. But it was that we worry, you know, because a lot of people don't really know, you know, what it's like within the CIA. And it's kind of this mysterious thing. And are you gonna be that person out there? conducting assassinations. Actually, a couple of years later when I came back, it was one of the questions my father was, you know, out of the blue asked me, you're not involved in any of the assassinations, are you? And I just kind of laughed. No, dad, not at all. My work is very different. Uh, I don't do that. I never, I never would. But that, but so he, you know, Picking on. Wait, wait, wait. Nudge, nudge. When you share a secret with somebody, especially like this, it becomes a burden, right? Very much. So he bared the burden for years and years and years until maybe he got to be in his mid 80s. He began to tell my siblings, Oh, Peter works for the CIA. And they thought he was crazy, he lived a few more years, but he died at 96 but he decided to tell them. And I know now I'm just thinking, maybe he knew that his time was limited and he wanted other people in the family to know,, I don't know. I'm just speculating on that, that's when some of my siblings began to wonder, is this, what is he saying? but my children. I have three children. Two of them found out, I decided to tell them when my daughter was 16 and my son was 14. And we had to come back to the States, for administrative reasons to include, medical visits and things like that. And once in a while, they like to have a psychologist come and meet the family. And I'm thinking my kids at a certain age, they're starting to wonder like, what is all this stuff about? So I decided to tell the oldest ones, but the youngest one, I had my wife in another room with her, and I started telling them, and then my daughter said, yeah, dad. Yeah, dad, right. You do a CIA guy and you're just quick joking. My son was quiet, but his eyes got bigger and bigger and bigger. And then he said, now it all makes sense to me. I knew you're gone and I never met any people from your work and you're traveling here, traveling there. And my friends were saying, well, maybe he's a drug trafficker or a money launderer and I made sense to them, then my daughter, you know, my daughter finally said, wow, this is so cool. So they accepted it. They accepted it very well, because there are some colleagues of mine, who never ever tell their children. And I'm thinking, man, how could, you know, Langley know that you work for the CIA, but not even your children know this? I mean, it's all, it's up to you. We can all decide on our own if we want to tell our children. And the last one we had, I just come back from Brazil cause I, I was the head of the office in Brazil and, but my daughter thought I was working for the state department at that point. We came back and Langley has once a year, a family day where you can bring your children in. which is kind of cool. And I said to her, do you want to see where I work? It's family day. And she's thinking state department. Yeah. Yeah. Okay. we're driving into the CIA headquarters and there's this. There's a science in Bush Center for Intelligence. He said, what's that? I said, we're here in the CIA. And basically we walked into the building, went to the seventh floor, which is the top floor. And that's where the director's office is. And I had just met with, spent some time with the director in Brazil a few months earlier. And I said, Hey, how are you doing? And by the way, this is my daughter. She just found out where I work. and he grabbed, cussed her hand with a warm smile. This is, former director, General Hayden. And he said, young lady, welcome to our family. It was so cool. It was so cool.

Yoyo: 19:17

But then I'd be thinking if she's figured it out already and she's 16, maybe she's a little bit of a chip of the old block of her dad.

Peter: 19:25

Well, she didn't really figure it out though. It was not until I told her, it was and I think what, I think the only thing that kind of bothered her, and she never told me directly, but that her siblings knew before she did. Oh,

Yoyo: 19:36

that does bother kids. Doesn't it? Yeah,

Peter: 19:39

it does. I never thought about that, but

Yoyo: 19:42

going back to the burden of it is horrible, like keeping a big secret. And I wonder if your dad kind of like almost hated the fact that,, it kept secrets between him and his wife. As well, you know, but how do you think your mom would have reacted to it if she'd known?

Peter: 19:58

Oh, I think she'd be very, very worried. I mentioned to you earlier that I traveled to Nicaragua, right? And then when I went in 1979, when, the fall of the Somoza dictatorship, there were a lot of things that, there were, for example, all the telephone communication was cut off. The, you couldn't even send letters because the planes were all flown out of the country. And so there was no way for my family to know how I was doing, because I couldn't get off for a period of time. I couldn't communicate with them. All they saw on the front page of the newspaper every day was, you know, these deaths. And from the war in Nicaragua and so finally, it was a come across the ham radio operator who, you know, we got, we communicated with another ham radio operator and I think Louisiana, and that person made it made a call to my mom and so that was able to say hey. I'm fine. Don't worry about me. I'll be getting out of here soon and I'll be getting back. So they were just so relieved. I still remember coming back. I was almost like a war hero. because they had even had this banner painted. I know. Welcome home. You know, huge banners like I know they were worried. They don't express, you know, I don't know how you're in our generation, our parents. Sometimes they don't express. Things as much as maybe we do, at least it was in my family, but knowing, you know, what she was going through at that particular time and how worried she probably would have been if she knew later that I was also working for the CIA. I think that's what my dad wanted to protect her from, I think, that worry.

Yoyo: 21:22

And what was it like being in the CIA for the term that you were? You've had a great service. Thank you for your service. What was it like understanding how technology played a part, both in the early days and then afterwards? I take it you stopped using phone boxes because they don't exist anymore. I don't want you to necessarily talk about anything that's secretive. We've seen technology as consumers and as business people or security professionals change over the years. How was it for you?

Peter: 21:53

It's very different and I think I have because of this I have a great appreciation for how Vulnerable people have become because I remember the days pre internet when how many people really knew intimate details about you, you know, maybe a couple dozen, people that really knew you. and now with social media, you know, we've got like 4. 9 billion people in the world that use social media. That potentially, a big percentage of those can have access to you, to your profile, at least. And if you're not using these privacy settings, I mean, they can see a lot. So it really opens a lot of people up for being vulnerable as far as their information being out there. when I was out in the field, you know, we identify an organization, we identify within that organization, what we wanted to target, and then try to find individuals. Who were in those positions, not easy at all. Some of it became just like trolling, being out there and coming across people and finding out where they were. Say, whoa, that person's in a good position. Or,, maybe an organizational chart that might mention names and who reports to who. And then trying to get, find a way to get in that person's circle, you know, be able to meet with them, and then slowly begin to learn about them. Right? Uh, we call it time on target, but the technology piece. really, from a standpoint of targeting individuals, it didn't exist. Now, I mean, if I want to target somebody, or how it's done today, number one place, the number one, and it's a goldmine, LinkedIn.

Yoyo: 23:20

Yeah.

23:24

Phoenix Monitoring is an NSI gold approved alarm receiving center. Phoenix provides cross discipline monitoring services for CCTV, intruder, fire and lone worker, and vehicle tracking alarms. Since the beginning, Phoenix have been challenging perceptions and redefining the way monitoring services are delivered. Customer experience drives everything they do, so every client receives a tailored solution to meet individual requirements and risk, meaning Phoenix truly practice what they preach with their hashtag not a number ethos. Independent award winning and forward thinking. Phoenix is all about forging partnerships and delivering smart solution driven results. Its very foundations are built on collaboration and innovation. They hold a real understanding of the real world challenges faced by installers and end users and are on a mission to fix the industry's pain points one by one. And they're doing it with style. Contact Phoenix at phoenixmonitoring. com

Peter: 24:41

you know, you can do the searches on LinkedIn for, you know, Companies and look for people within those companies and you can change the parameters of, you know, maybe geographically where they live or where they've studied or what their title is, et cetera. So you can come across, a short list of, potential candidates. Then you want to get to know them, assess them. And you can through social media, I mean, I would give you four. Platforms, LinkedIn, it's a resume on steroids, right? It tells you everything about that person that they wanna put out there at least, where they've worked. They're where they studied, the awards they've won, certificates that they have, uh, even their volunteer work. I mean, we can learn about what they have a passion for outside of the workplace. Then you go to Facebook, all of their, you know, their hobbies, their interests, sports teams that they follow, music genre they like, where they, you know, favorite foods, where they travel, who they traveled with, pictures are worth a thousand words. I can pretty much get an idea of someone's social economic status. By studying these pictures, then, you know, you have, uh, X, right? Twitter, get into someone's mind. How are they thinking? What are their viewpoints on different things? Uh, the politics, religious convictions, what especially, what are the things that they really, you know, Get them, get them a little bit, you know, angry. Then Instagram, you know, there's people that every place they go, they go to a restaurant and they order. And then before the food arrives, before anybody can touch their food, they get their camera out, take the picture. I'm eating this right now at this, you know, or I'm at happy hour with my friends, or, you know, I'm at the gym pumping iron, look at me pump my, you know, we can learn about their pattern of life, where can we find them? I mean, where do they go outside of going to and from their, their work? So all these things help us to develop a personality assessment profile on people. What are their motivations and what are their vulnerabilities? And these are the things, you know, we all have those, right?, and these are the things that we can leverage when we try to conduct, you know, various types of social engineering, operations, meaning we're using this information to target people. Specific individual, and it's not like this phishing thing you hear, well, you know, someone sends out a hundred or a thousand emails. They're all the same, and they're hoping to get a certain percentage of people to take the bait. No pun intended. No, these are specific targeting where we know enough about this individual that we can formulate this approach. They're almost certainly going to fall for it. So that, you talk about technology, that technology is helping us collect a considerable amount of information. On people and me and information, uh, information is power. Information also makes us very, can make us very, very vulnerable. And, uh, so many people are not aware, you know, because it's not just intelligent, I mean, intelligence services do this, criminal groups. Do this industrial competitors do this activist group, you know, activist groups. I mean, Uh, it's not just your classic intelligence. Uh, so there's a lot of people that are, I mean, there's a lot of threat actors who are out there that, can target us and do target us. So that's, that's kind of like the evolution. I mean, the psychology, psychology of this has not changed. We pretty much, you know, we had the same needs, same not wants, uh, we'd use the same influence factors to try to influence people, whether it's the liking or, you You know, reciprocity or scarcity or fear. These are all things are the same. And number one, trust. That is the number one area. As you mentioned earlier, that's the number one area why people are so susceptible to these types of things. I call it human hacking because it's more visual, I think. Social engineering. People hear social engineering, they think it's a bunch of engineers hack at happy hour, but no human hacking. it's here and, it's only becoming more and more powerful. I think even now with ai. It has, I try, I speak a lot to the ai when I, when I give conferences and AI is really, really, really, uh, bringing this to another level.

Yoyo: 28:35

In fact, I'm going to go one step further and say heart hacking because, there's a lot of people out there using social engineering techniques to literally convince people that they're in love with them so that they'll hand over money. the romance scams, yeah, we've become a lot more knowledgeable now about those. I just think, you know, it's crazy, Peter. I was walking out of Wimbledon as one does, and there were these two older women in front of me. And one in front said, so how's it going with, Neil? And she said, I really thought he was a special guy. I really thought he was, you know, we were getting on so well. And I just wanted to keep following them to find out where the conversation went. I think when women and men become a certain age and become lonely, They become more vulnerable than they realize, and this is being massively exploited. And, we've all heard stories about, how, Nicolas Cage is not following you. It's a fake account, and I don't know about you all to ask your opinion on this. I think Big Tech needs to take a lot more accountability, and I get it. There's a lot of John Smiths out there, certainly in the UK. And where does, social media draw the line when they say, are you the real Jordan Smith or are you not? And I think LinkedIn's going some way, isn't it, to the verifying technique where you can actually verify with legal documents who you are. It's not easy to do, by the way. I've tried to do it twice and I have a new passport. It's ridiculously hard. What's your view around where big tech sits, because I see it facilitating the bad guys.

Peter: 30:17

Yeah, unfortunately, I agree with you. LinkedIn has over 1 billion profiles, 1 billion worldwide. Okay. And the estimates, and it might be kind of conservative, but the estimates that I'm hearing, that 15 percent of those profiles, 15 percent doesn't mean that all of these fake profiles are built by, bad people, threat actors, right? Because there are people in law enforcement, right? That will create avatars. We call them, it's so that they can get into and try to get into some of these circles of people and try to bring down these, you know, groups, whether it's, you know, intelligence service or bringing down criminal groups and private investigators will also create these. So it's not that they're all bad, but a significant portion of them definitely are. And it's so easy, I would teach people basically, and I, I've created fake profiles basically to show individuals how easy it is to create them, how easy it has been until recently to detect that they're fake. And basically, you know, the type of, uh, hygiene that they should, People should use when they're online in general and especially with, with LinkedIn. I mean, you can create, you know, actually you can create a really, really, really good profile in less than 30 minutes and you can go from zero connections because you're not to about 500 in a matter of 10 days without, ringing alarm bells at LinkedIn. Because if if you're going like trying to invite 300 people in a day, they're going to say, shut this down. You know, for a while, but they can see if someone is you're just trying to create a profile, but if you kind of like know what their algorithms are, you can a pretty much even setting up your account a you want to do this in a. False name, of course. And you want to make it a non attributable. So you pick for a phone cash, right? And you set up that area code to wherever you want to establish your fake persona. Let's say Los Angeles, fake area called Los Angeles. And then you have to, um, You have to create an email and you use that phone, phone number to verify that you are who you say you are to set up your Gmail account or whatever. And then you use that fake email to set up your LinkedIn, you know, because you want to verify who you say you are. So they're using that fake, email, right? So it's pretty easy to do all these things. And a lot of people will accept them, but most, some people say they, a lot of people say they don't accept invitations from people they don't know, but, that's not so many people accept them. And that's why it's so easy to build up a profile and for these bad people really to use you and others. You know, who blindly accept you're basically, you might be unwitting accomplices in whatever devious thing they have planned for the future because you're helping build their credibility.

Yoyo: 32:55

I think with the security community, I think it's very easy in a sense. To connect with the right people because I've only gotta look at people who are suggested to, for me to connect with. And we've got 600 people in common. We've got 52 people in common, 11 people in common. And I think that is very powerful when you're connecting and building your network.'cause you know, like even like I've just got off a meeting with Matthew Pelli and we have got 672 connections in common. That speaks to a lot. I think I'm always very dubious when we have no connections in common, and I think that's the flag. You check it. And if it's only one person in common or two, then check who those people are you have in common.

Peter: 33:39

You're absolutely right. But if I'm going to, if I would be targeting somebody, then I knew that they're kind of like cautious. I would target people around them first. It's pretty easy to find out who are people that are around them. Right. And that target those people first. So that when I ultimately send an invitation request to the person, that's my ultimate target. They see that they have a lot of connections, mutual connections, and they'll likely trust that more. Right. So there's, yeah. It can be kind of devious as human hackers to, uh, to, to get around some of these things that we think that people will, you know, people will trust a lot. Uh, in regard to though the, the tech companies and especially these platforms, what really kind of upsets me about them is, yeah, they have the technology, they have the capability of being more, scrutinize more, uh, these accounts and taking down more of these accounts, but it's not in their financial interest really, because they're getting money based on the number of an amount of engagement on the platform, which leads to, to, uh, revenue. So I don't think they're doing near as much. And I think this has to go hand in hand. Unfortunately, it has to go in with regulation. Because there has to be a downside where if you don't comply at the platform with certain, level, there's going to be fines, you know, or that's going to be probably the only thing that's really going to force them more and more and more to help, you know, to help regulate their own platform because there's not in their own financial interest to do so.

Yoyo: 35:01

It feels like the Wild West at the moment. And I think even though there's great people out there who are being vigilant, who are reporting suspicious profiles, I know somebody who was being wooed by somebody who said they were a prince from one of the UAE. it was quite obvious they weren't. it was a typical romance fraud target. I mean, notwithstanding, I said, not being funny, but if this man needs to go around chatting women up on LinkedIn, he has a whole service of people who can introduce him to any woman he wants to be introduced to. So don't think for one minute that this is genuine, but when the, when it was time to report the account, we found out that the account was never removed. And I think. This is where the crux of the problem is. It's almost like the social media and big tech mindset is, well, you're an adult if you haven't figured it out. Your loss.

Peter: 35:59

Yeah, I agree with you. It's kind of, that's how we approach it. There was a, uh, a lot of these fake profiles to give them more credibility. Make them more attractive. I mean, one thing is the picture, right? You might have a picture of a very attractive young lady or a handsome man. So that sort of, that visual appeal is one thing, but then also building their profile, you see a lot of them will have, you know, claimed, claimed to work for a very, you know, prestigious company. Uh, and I've noticed, you know, this is actually in the newspaper, so it's not like it's a secret, but it was like in 2019, I think, you know, uh, Elon Musk's company, SpaceX. Okay. They, they were like in 2019, LinkedIn took down after these things were discovered, I think it was 1500 profiles of, you know, they're almost all, young, attractive Asian women who Yes. Studied in China, got a job in China, then came to the United States and got a, you know, a master's degree from one of five or six different universities. And then they actually become senior programmers for SpaceX. And I guess one of the reasons why they were doing this, it was a bit, um, Bitcoin scams, you know, they would approach people and, you know, they wouldn't, they would be very, you know, do this very clever, Carefully, you know, not rushed and get, you know, develop this, whatever relationship, social, really social, professional relationship with this person, the person would be like, wow, this person is smart, you know, and it's, and it's a friend. And then that person will later say that they, you know, they have, they're involved in, in, and made a lot of money from Bitcoin or they know somebody, you know, and then they get them into that and they'll get hundreds of thousands of dollars from this person that's sucked in by it. And, uh, apparently it works. So in that point though, it seems like their companies could even share more of a responsibility. It shouldn't be that difficult to, for them to pull from LinkedIn. What are people that are claimed to work for me? Who claimed to work for, who are using my name out there and, you know, for credibility, because that's also damaging to the brand, right. Of the company. And I don't think Barry did that enough. And it was funny that, it was the reason why I came across SpaceX is because all of a sudden I started to see all these profiles popping up and it was almost like a cookie cutter and this is before, this is like, well, after thought, 2019, and I decided I'm going to report it. You know, I reported to, uh, to LinkedIn, never get any response back from them, of course. And then I find that they actually took down these 1500 in 2019, but it doesn't matter. They have all these other ones that are coming back and doing more and more of them. So it's a never ending flow. Uh, it just continues.

Yoyo: 38:38

they've monopolized the market as well, LinkedIn. So there's no other alternative. They've now absolutely got the monopoly. So even if they majorly piss you off as a user, you've got no option other than to stick with their platform. And I'm going to share this with you, Peter. I think, I mean, I did a state working with Facebook, so I got to see and understand the business. I was very privileged to have that experience, but I just think, My passion and dedication, like I was always a huge fan of Facebook, always advocating for it. But over the last five years, I find myself becoming more frustrated with them and LinkedIn. I loved LinkedIn, huge fan, loved it, loved it, loved it. But now I'm like, because I don't see them really doing anything around corporate responsibility to prevent fraud, keep people safe. They have the best, they have the ability to keep their platform safer. so imagine that the, What do you call it? It's like appreciation for them is just going down and down and down and down and down and it will get to apathy. And eBay did this, eBay started to let their customers getting abused by having fake Chinese customers selling fake Chinese shit tap. And instead of clamping down on those businesses, they took their money. And then realize that their customers were being adversely affected. Now they've had to do an about turn and give people the opportunity to sell for free online. I just think you wouldn't have had to have got people back into your loyalty. If you hadn't allowed your platform to disrespect them in the first place. And I think the same is happening for Facebook. When I speak to more and more people now. They are less and less inclined to put anything on Facebook. The trust is being eroded with big tech. how far are they going to let it go? Do you think?

Peter: 40:29

Good question. I really don't know. I mean, uh, I don't think they can let it go too much further. I mean, if they want to stay in business, right., some of these particular companies, um, there's a lot of money there and I think they got to find a balance, right? A, they got to find ways to, to build that trust. I'm kind of, I'm a spokesperson for kind of like getting out there and, and, and trying to help people protect themselves from these things. And I even, I want to put together a podcast. Or webinar and regarding the problems with the, you know, with fakes and how you got to really in different ways that you can maybe identify, protect yourself from them. And I invited, I reached out to a few people on LinkedIn because I wanted to invite somebody on LinkedIn about, you know, how they viewed this problem. And, you know, what are they doing? You know, give them an opportunity to talk about what do they do. And, and, and I never got a response and then I sent it again and I never got a response. And all of a sudden my account was shut down for, you

Yoyo: 41:23

know,

Peter: 41:24

they said it was for something else that they were investigating. I don't know. But if you put all your eggs in one, you know, like, for example, some of us professionals that we, you know, you mentioned even at the beginning of the show,, uh, all the stuff I got there on LinkedIn. And if, you have all of your, we want to call it, um, capital, all your equity in and someone else's platform, but they decide they're going to flip the switch. You, you lose it all, you know? So, yeah,

Yoyo: 41:48

I lost it for three weeks. Three weeks, and I have to say I got very upset about it. It felt like a huge violation because I hadn't done anything. I didn't have any bots. I didn't, I wasn't cheating the system. I wasn't bombarding people with in mail. You know, I couldn't figure out, I thought my account had been hacked. They were not telling me what happened. I don't really want to go into such a waste of time, but three weeks I was bereft. And I kept picking my phone up looking at LinkedIn and I just thought you're turning me from a super fan into an absolute apathetic hater now. Like, why would you do this to me? You know, and I wasn't trying to be cheating the system. I wasn't trying to buck everything, you know, and I wasn't aware of any guidelines. I read, I actually understood the guidelines. I read them all. So I thought, which one could I have broken without realizing it? And I'll tell you what it was. The podcast was launched that year. It did so well that my followership doubled and it, yeah, it triggered an algorithm. That made them think I had artificially manipulated it in some way, because I had that much of an impact on, and look, what can I say? Success hurts.

Peter: 43:06

Yeah, that's crazy. I mean, it seems like, you know, they value, you know, they're the companies that are paying big bucks for the advertising revenue, but they really don't value, apparently.

Yoyo: 43:16

No, they don't. No, they don't. But let's look at everyday normal guy now. When we look at everyday normal guy back in the 80s, back in the 90s, I mean, look, the most strife you could get up to is going into an internet chat room and, you know, getting a bit naughty in there, but we all did that. But, I'm thinking now there's an awful lot more attack vector. isn't there. A person has a footprint a lot bigger than they did back in the day. And you alluded to this earlier. I get it that maybe big tech doesn't want to help adults, but I think they have a graver responsibility to help children and anyone registered with their service under an age. Well, that is a whole other subject, but adults themselves, do you remember the old days You know, you didn't want to walk down a dark lane cause you didn't know who you bump into, or maybe the taxi driver looked a bit dodged, so you waited for another one, you know, or the phone call, maybe you got some guy ringing up, hang up, ringing up, hanging up, that was about it. But now, whoa, now you can be attacked in several different ways, just through your mobile phone. What's, uh, what's on the agenda for what you're teaching and trying to help people around, you know, the social engineering piece, what's on your mind right now?

Peter: 44:36

Well, I used to, you know, I used to say like number one thing you can do is try to control and limit the amount of information you put out there. And I still say that, but, you know, uh, almost every single one of us, especially here in America, we have all got our PII information out there. It's been stolen, you know, we've been all victimized. But I probably at least one, if not several, I know in my case, it's like, I'm very, very cautious, but there, you know, it was a mortgage company. There was another government off the office of personal management that had 20 million individuals with security clearances that had their information breached and it's in the hands of the Chinese. Uh, that's a whole nother show we could talk about that, but I mean, so a lot of that information is out there, even if we're really careful. So. it can't be the only solution because some of that stuff, you know, is used, can be used and will be used big data to target us by people that are, are, are, have malicious intent, right? So I think we gotta look, take more of the defense, defensive side and look at what is approaching us because a nefarious actor is going to find some way to approach us. That can be in an email. It can be in a text message, it can be in a DM, it can be through a social media, which is growing. A lot of people are not aware that's a great channel for social engineering. It can be through a phone call, it can be face to face. So that individual could have selected us, could have studied us, could have developed a pretext for, you know, annoying motivations, vulnerabilities, and try and establish contact with us and attempt to manipulate us. And basically a lot of it is Is there an ask? You know, are they asking us or trying to entice us to take an action? an example, making a payment, making a wire transfer, you know, off of a phone conversation. Um, is there, you know, or giving out sensitive information? Is there an ask? If there's an ask, Then I need to sit back and I need to think about this. If this is a fraudulent ask that could be very detrimental, have detrimental consequences for me or my company, then I need to verify this. I don't need to be paranoid about every single thing. And, you know, but if there's asking me to do something, that is what I need to verify. And so I talk a lot about the need to first verify. Before trusting you, we hear this expression, trust, but verify. And I said that, maybe that's too old school. These digital world things move too quickly. If we, if we trust just for a few seconds, it's too late already. You know, we can verify all we want. We verify and say, oh yeah, we're now we're in trouble, but we need to, you need to verify then, you know, before trusting, if we kind of take that approach, we can really protect ourselves. You know, the wolves are always going to be out. The wolves are always going to have their dinner. There's always going to be the sheep out there that they're going to. You know, they're going to get you. We just have to make ourselves hard. We have to harden ourselves as individuals and let the wolf have dinner with some other ones. You know, there's some people that are never going to pay attention. You know,

Yoyo: 47:36

I've been the number of women I've spoken to around the world who will just not buy anything on a Facebook ever anymore because it's a load of bollocks.

Peter: 47:45

That are shying away from using some of these platforms. Just

Yoyo: 47:47

literally fraudulent ads, fraudulent companies like, Oh, closing down the business with a nice handbags. Yeah. That's going to trigger a few people are going to remember that one. And then you get this like plastic bag in the mail and it's not the leather bag you thought you were paying, you know, X amount of money for. People are being conned so much that they can only get conned so many times. Before it just, it just, well, it won't work, you know, and I think everybody's seeing these kind of, I know you have, call it Walmart. We call it Asda here in the UK, for, you know, 20, you can get a whole pallet of something or a whole bag for free. And it's like, Oh, do you know how many people are falling? Because they've got an organized group that are saying, Oh, this is great. I'm going to do this. I'm going to do this. Oh, this is great. I've done this. I've done this. And so you've got these gullible people genuinely thinking, especially Brits, we love a bargain.

Peter: 48:37

Well, here in America as well,

Yoyo: 48:39

you want good price, very cheap, good price. Every time I go on holiday, when they find out you're a Brit, what else have we got to look out for now? Anything emerging that is creeping up on us?

Peter: 48:49

Well, I think when I, when I speak to AI, uh, and I was, I've been speaking about this for like the last four years and finally people are starting to follow and understand a little bit, but just still, you know, you just pick something like ChatgPT. That platform for, you know, in the hands of people that, you know, have a nefarious intent. Fortunately, Chattopadhyay has some guardrails where if without those guardrails, the people could get on there and do a lot of research on everybody, not just celebrities and politicians, but you could dig up a lot of information. And so there's other platforms like Chattopadhyay that don't have those guardrails on that can collect that information. So the ability to collect information for targeting people is a big thing. But then, you know, we have seen as believing in so many things now, Images can be created, manipulated, videos can be created and manipulated. The voice can be cloned. And so that is, you know, playing upon the trust. You know, we automatically trust it too easily, but now we start seeing these things reinforced, you know, if, if you're looking at even the news and we talked about right. And how powerful it is now people don't read long text articles anymore, withdraws them to the news is going to be either a, you know, a scandalous headline and or a picture or video. People just love the videos, right? Rather than reading something. So, so many of these, um, uh, defaked, disinformation campaigns that also impact, our, you know, our viewpoints are how we think. Biden was

Yoyo: 50:16

caught out, wasn't he? Biden was he, was he sounding a little bit too compasmentous? Is that why they realized it wasn't him? There's been

Peter: 50:22

a lot of things. You know, there's been a lot of things with him. Uh, he's targeted a lot these days and I mean, you're probably having a great time seeing how this is playing out. We, we are having a great time playing out as well, but yeah, this, this is probably more than any previous election. We're seeing a lot more of these, uh, disinformation and deep fakes of videos and audios. I mean, not only here in America, but there's been a lot of this has been going on between Russia and Ukraine and even in Europe, I mean, so, and I think I think what we really need, number one, is, you know, and unfortunately it comes to be like number four or five on people's list, um, awareness. We need to become more aware of these things because, well, if we're not aware, then we kind of like, you know, ignorance is bliss, but I think we're, it has to come, you know, be come down from not only have us having that responsibility, but the government, you know, governments put something out. Usually it's like this blurb on a little bulletin on their website who goes into the websites to read these little bulletins, they need to use some of the same channels of communication that we use. Right. Whether it's a TV spot, a radio announcement, or a video on, on, on social media, educating people about these types of risks. Companies need to do this too. Not only for their employees, you know, they have this training, compliance training. Who do the employees care about this? Compliance training regarding cyber security. They're doing this, you know, multitasking while they're listening to these cheesy videos. And then, oh yeah, they got a little test here. If they don't get the 70%, they can take the test again. Eventually they'll pass. They'll, you know, send their certificate to their supervisor. Supervisor sends all these certificates to their supervisor. We're a hundred percent in compliance until next year. The employees don't care. They only did this so that they can keep their job. Did they really learn anything? I think get on the soapbox here. I think they should present this type of training to employees as a benefit because employees, if they can learn how to protect themselves and their family from this type of fraud, that naturally that awareness is going to also help them, you know, in the workplace. So companies need to train their employees and they should train in clients. What, how many banks or financial institutions or other ones that have clients actually take on the role of trying to educate their employees? Clients regarding these things, you know,

Yoyo: 52:37

How many banks aren't even really as compliant with cyber security legislation that they need to be in. Oh, I think it was, this is an old statistic. Now, I do need to get the new PCI statistic payment card industry, PCI reported that in 2018, so this is pre covid only 54 percent of those businesses that needed to be credit card compliant were compliant. 54%, the rest were accepting fines. So, I know the figures better, but that means back then, when we all know there were a lot of different breaches, there's an awful lot of businesses that were processing our credit card information and not doing it in a safer manner.

Peter: 53:19

Yeah. I mean, so you have these companies that they can figure out, well, what can I afford? What can I afford to lose as a company? Right. Are they doing the right thing? I mean, they have a, a moral and social responsibility for the general public as well. So when all of a sudden you debrief, you know, there's a breach of your PI information and they can just send out a letter saying, Oh, so sorry, we've been breached and we'll pay for one year of your credit monitoring. And that's all they can, you know, is that really caring about the general public? No, not at all. It's just dollars and cents, pounds and, what can they afford to lose? And anything having insurance also? Yeah, we'll just cover it with insurance. At the end of the day, they're not, you're not trying to really resolve these problems.

Yoyo: 53:57

Let me tell you this. I know now for a fact that Big corporate is actually not worried about reputational damage in the event of cyber security breaches anymore, because they've seen the bounce back from previous firms who were hit like Equifax, for example, the bounce back has been phenomenal. They've actually been stronger than ever. What they do suffer is a temporary. Yeah. Financial glitch with, with their stocks and shares, but then that's only temporary and then it bounces back. So if there's an attitude like that, I don't know. There's no win win.

Peter: 54:36

It makes you wonder if it's ever going to really,

Yoyo: 54:38

Peter: 54:40

question for

Yoyo: 54:40

you, though. Question for you. I've always thought, to look at the motivation, the why behind any kind of threat actor. And we know that the Chinese have been collecting data on the Western world, specifically America, for many, many years now, and they've been building profiles of individuals. And it kind of occurred to me that if you get enough information on an individual, And on as many individuals as you can, let's just say it's going to take 40 years, but there'll come a point where they have enough information. And then I figured, supposing they just literally managed to get the bank account details for every single one of those accounts they had managed to successfully profile, and then just switch all the money over to them, you'd have an awful lot like the big bank account. Switch over day, I imagine that imagine all of a sudden 20 percent of Americans, all the money in their accounts gone.

Peter: 55:38

I really haven't thought of from that aspect, but your point of them having this information and collecting information is spot on. I mean, we know of, and it's been confirmed that at least the breaches of the office of personnel management, the, um, Antheum, which is major healthcare provider. A Equifax 150 million breached accounts there and the most recent one was Marriott hotels, right? That's what we know. Okay. And so yeah people We know that that information is not found on the dark web for resale like you would find with a typical criminal activity It's being collected vacuumed up and for use and I never thought about that a particular aspect of the You know, financial or taking that sort of money from individuals, but from a, from any sort of targeting respect, it is huge because think about even with, um, with a, the credit from the credit bureaus, all this information that you're collecting in individuals. And one big vulnerability usually is it's financial, right? That people have. And so they want to target somebody. Strategically, let's say within the U. S. government or, you know, even maybe a defense contractor, somebody that has access to really sensitive information, pretty easy to pick and choose individuals and to use that information either to incentivate them or to potentially blackmail them. So, to collect information as well as use them as agents of influence. in the jobs that they have. So undoubtedly they're working toward that, you know, they're working toward some kind of goal like that, to use this information., and I think it's huge and hardly anybody knows about it. I wasn't so I'm so pleased that you brought it up, but very few people. Are you even aware, you know, of this, it's been confirmed by the US government, but they don't really talk about what could be the ramifications.

Yoyo: 57:23

even Colin Powell said in interviews and I liked what Colin Powell said, he said, we're never going to be at war with China, because you don't, blow up your number one customer. And I think if it wasn't for the significant trade agreements, whether agreed or not agreed with China, I think there would be a different type of relationship. Yeah. But there is a war going on. We know it's a war. You've only got to speak to Chris Cubbage, who's a specialist in space security to look at how all the satellites are being nudged and bumped, out of position. There's an awful lot of. star wars going on, certainly in our upper hemisphere. And I think we can't underestimate. We can't stop being alert and look, we're going from space to governments and let's go down to everyday people, everyday normal guy., I think protect your hearts, protect your money, protect your wit, because there's people out there. And if you're not sure, I would say to anybody, if you're not sure, Ask somebody, does this look dodgy to you? And you see it a lot on Facebook now, especially in the neighborhood groups. Does this look dodgy? And you'll see 20 people go, yeah, mate, avoid. So I think it's working to a degree. What's your lasting advice?

Peter: 58:38

My lasting advice? Be happy. Find your peace in this world. I think having peace in your heart. Is the most important thing we can have in our lives, you know, we, some people. Put value in a lot of different things and we change during our life. But I think at the end of the, during our life, but I think at the end of the day, there's having that peace within us and, you know, we can, we get really stressed out by some of the things we see and hear and, you know, what, watching my wife gets really stressed after watching the news and I'm saying, maybe you should turn the channel off, you know, and we really, you know, a lot of things, why get stressed out about things that we can't necessarily change, we can do within our world. We can, you know, we have an impact. Within our world. But there's a lot of the bigger thing, bigger picture, we don't have necessarily the ability to change those bigger things. So we got to find within ourselves still that, that, that piece, right?

Yoyo: 59:33

Yeah.

Peter: 59:33

You know, be miserable or being hateful or being discouraged or just frustrated. We got to find that.

Yoyo: 59:44

I found out this week because obviously everyone's talking about politics., there's a psychologist, psychiatrists are basically saying that those people believe in far right wing extremism. you're fascist, so to speak. They are, the most depressed in all of society. And that's because they are circulating a rhetoric that's all doom and gloom and negative and it makes utter sense. Liberals tend to be a lot happier because we're full of hope and optimism, however naive it is, but there's hope. And there's even a good organization that I've discovered called Hope Not Hate. So, um, I say to anybody, if you're curious is listen. And, and, and look them up, hope, not hate, absolutely phenomenal. Trying to counteract hate in society with hope. And, you know, I think, I think we need more stuff like that. Really don't we Peter?

Peter: 1:00:38

We do. And I think your podcast actually, helps bring that into,

Yoyo: 1:00:43

we're an evangelist here of security. We are. And listen, I came across you simply because you were also recognized in the life safety alliance, top 40 global thought leaders. And I'm sure everybody would be in agreement with me. You can utterly see why. Congratulations. And thank you for joining us on the security circle podcast.

Peter: 1:01:06

Thank you so much, Yolanda. I really appreciate it. And I hope maybe we have an opportunity to do this again sometime.

Yoyo: 1:01:11

I hope so. I'll hunt you down next year.

Peter: 1:01:14

That's fine. I'm always ready.