This Is How They Tell Me the World Ends: The Cyberweapons Arms Race

by Nicole Perlroth

The documents were littered with references to NSA backdoors in nearly every piece of commercial hardware and software on the market. The agency appeared to have acquired a vast library of invisible backdoors into almost every major app, social media platform, server, router, firewall, antivirus software, iPhone, Android phone, BlackBerry phone, laptop, desktop, and operating system.

For the unindoctrinated: zero-days offer digital superpowers. They are a cloak of invisibility, and for spies and cybercriminals, the more invisible you can make yourself, the more power you will have. At the most basic level a zero-day is a software or hardware flaw for which there is no existing patch. They got their name because, as with Patient Zero in an epidemic, when a zero-day flaw is discovered, software and hardware companies have had zero days to come up with a defense. Until the vendor learns of the flaw in their system, comes up with a fix, disseminates its patch to users around the globe, and users run their software updates—Dear reader: run your software updates!—or swaps out, or otherwise mitigates, the vulnerable hardware, everyone who relies on that affected system is vulnerable.

“The most likely way for the world to be destroyed, most experts agree, is by accident. That’s where we came in; we’re computer professionals. We cause accidents.”

Mandiant’s clients could spend millions of dollars on the latest and greatest in newfangled firewalls and antivirus software, but security was only as good as the weakest link. And usually the weakest link was a human who clicked on a simple phishing email or message containing something nasty.

The day patches become available is the day you see the bugs exploited the most.