More on this book
Community
Kindle Notes & Highlights
by
Kim Zetter
Read between
April 5, 2020 - March 5, 2024
Charlie Miller, a former NSA hacker who was recruited by the spy agency in 2000 after earning a PhD in mathematics from the University of Notre Dame.
In 2003, when a similar cyberattack was proposed to freeze the financial assets of Saddam Hussein, however, it was nixed by the secretary of the US Treasury out of concern that an attack like this could have cascading effects on other financial accounts in the Middle East, Europe, and the United States.26
Stuxnet stands alone as the only known cyberattack to have caused physical destruction to a system.
In amassing zero-day exploits for the government to use in attacks, instead of passing the information about holes to vendors to be fixed, the government has put critical-infrastructure owners and computer users in the United States at risk of attack from criminal hackers, corporate spies, and foreign intelligence agencies who no doubt will discover and use the same vulnerabilities for their own operations.
it’s a government model that relies on keeping everyone vulnerable so that a targeted few can be attacked—the equivalent of withholding a vaccination from an entire population so that a select few can be infected with a virus.
When Stuxnet encountered a 315 PLC, it rifled through these blocks in search of the magic values 2C CB 00 01, 7050h, and 9500h—and knew it had reached its target when it found all three.
it was clear that the dynamics of virus hunting had changed with Stuxnet, and that going forward companies like theirs would be forced to make new risk calculations about the information they exposed.
a kill date in the code forced it to self-destruct after thirty-six days, deleting all traces of itself from an infected machine.7
“Interacting Galaxy System NGC 6745.”
