This Is How They Tell Me the World Ends: The Cyberweapons Arms Race

by Nicole Perlroth

The targets came as no surprise. Under Xi, China was cracking down on the Five Poisons—Uighurs, Tibetans, pro-independence Taiwanese, the Falun Gong, and prodemocracy activists—as never before.

“The Chinese use their best tools against their own people first because that’s who they’re most afraid of,” Jim Lewis, the former government official who tracked cyber threats, told me. “Then they turn those tools on us.”

The day of Iran’s strike, Krebs urged 1,700 members of the U.S. private sector and state and local governments to lock up their systems, upgrade software, back up their data, and move anything precious offline. “You need to get in the head space that the next breach could be your last,” he told them.

“Russia’s cybercriminals are treated as a national asset who provide the regime free access to victims of ransomware and financial crime. And in exchange, they get untouchable status. It’s a protection racket and it works both ways.”

“The mantra of Russian active measures is this: ‘Win through force of politics rather than the politics of force,’ ” is how Clint Watts, a former FBI agent who specializes in Russian disinformation, explained it to me. “What that means is go into your adversary and tie them up in politics to the point where they are in such disarray that you are free to do what you will.”

As I write these final words, I am sheltering-in-place from a global pandemic. I am watching the world ask the same questions—Why weren’t we better prepared? Why didn’t we have enough testing? Enough protective gear? Better warning systems? A recovery plan?—knowing full well these questions apply to the cyber domain too.

On this, I just keep coming back to the Kiwi hacker, McManus, and his T-shirt that read: SOMEONE SHOULD DO SOMETHING.