Remember former President Trump’s remark about Russia hacking the Democratic National Committee?
“It could’ve been anyone — from the Chinese to a 400-pound guy lying in his bed,” Trump said.
Would that it were. The international cyberwars portend something much worse. To better understand that a “Cyber Pearl Harbor in waiting,” you have three choices.
One. Read the book: Nicole Perlroth’s This is How They Tell Me the World Ends near 500-page tome with terrifying information.
Two. Wait for the television series from West Wing director-producer, Tommy Schlamme, that is already in the works with FX.
Three. Jump to the conclusions. Hint: “You are on your own.” Or as New Zealand’s top bug-hunter and hacker, Greg McManus, opined on his T-shirt, “SOMEONE SHOULD DO SOMETHING.”
Hospitals, automakers, banks, railroads, telecom companies, big-name corporations and tech giants will be held for ransom. Whole countries will be blackmailed and destroyed, and slammed with disinformation.
Sound familiar? That’s the kindergarten version of cyberwarfare. These seem like elementary disasters compared to the cyberwars already upon us.
How about the forever wars somewhere, everywhere, all the time? And the sophistication of attacks like the Stuxnet worm responsible for the destruction of Iran’s uranium centrifuges. Or the availability of such malware attacks on electrical grids, water treatment plants, dams and satellites.
The traditional strategies of defense, like the Cold War’s policy of Mutually Assured Destruction, are increasingly ineffectual.
“We failed to see that the world of potential war has moved from land to sea to air to the digital realm,” writes Perlroth.
Think this is an exaggeration?
Think again. According to Perlroth, an award-winning cyber-security journalist for the New York Times, “American computers are attacked every 39 seconds.”
She explains the malicious repercussions of hackers, hacktivists, and even rogue nations hoarding “zero-days — “one of the most coveted tools in a spy [or hacker’s] arsenal.”
Pronounced “Oh-days”, a zero-day “has the power to silently spy on your iPhone, dismantle the safety controls at a chemical plant, alter an election, and shut down the electric grid.” Think Russia’s assault on the Ukraine.
As quoted succinctly in the book’s blurb, “Zero-day: a software bug that allows a hacker to break into your devices and move around undetected. Sometimes for years.”
And much more. First, the hackers find the vulnerability, then they devise a way to patch it, then they ransom off the fix and remain silent. All for a price.
The United States was once the dominant hoarder of zero-days. And it became a hugely lucrative game to play agencies against agencies. The ransomware industry took off, highest bidders became a crowded international field, and eventually a network of “shadow brokers” pushed the limits.
“Soon, the hackers found hungry buyers among America’s own tech companies, anxious to avoid messy malware attacks, bad press, and seriously compromised platforms. Bugs became features; patches became easier to buy outright from hackers” that to create internally, according to Perlroth.
Which, in turn spawned an underground new network of “cash for bugs” market. The “zero-day” market had become a full-fledged gold rush. And the malware became not just prolific, but pervasive and destructive.
Up to 18,000 customers of SolarWinds may have been compromised as part of the cyber espionage effort, and agencies including the Commerce, Defense, Homeland Security, Justice, and Treasury departments were among those impacted.
The guy on the couch has morphed into a monster, aided and abetted by the dark money fueling Bitcoin and other cryptocurrencies. Those demanding ransoms often required payment in anonymous Bitcoin.
As Janet Yellen, Secretary of the Treasury, remarked, “I see the promise of these new technologies, but I also see the reality: cryptocurrencies have been used to launder the profits of online drug traffickers; they’ve been a tool to finance terrorism.”
Bitcoin and cryptocurrencies may be both financial bubbles that collapse and/or shields that protect the cyberterrorists.
Perlroth is trying to do just that by exposing the boomerang effect of global interconnectivity and vulnerability in our everyday reliance on digital devices.
“My goal in writing This Is How They Tell Me The World Ends was always to crack open the closed-door discussions about cyber threats, about our vast digital vulnerability,” she says. “But it was more than that. I wanted to shake us of our complacency and demonstrate just how interconnected our digital universe has become.”
“SOMEBODY DO SOMETHING.”
Colleen O’Connor is a native San Diegan and a retired college professor.