More on this book
Community
Kindle Notes & Highlights
Read between
May 7 - June 17, 2022
Microsoft was getting 200,000 vulnerability reports a year.
Google encrypted users’ data as it moved from these front-end servers to the open internet, but it didn’t bother encrypting data internally between its data centers. Encrypting the links between data centers was in its long-term plans, Google said, but until Snowden, encrypting data as it flowed between its own data centers had always seemed like an unnecessarily expensive endeavor. The agencies’ hackers had used this holding pattern to their advantage. By listening in on Google’s network traffic, the NSA could access all the Gmail inboxes and messages, Google Map searches and locations,
...more
Eric Schmidt told the Wall Street Journal that the NSA was “violating the privacy of every single citizen of America” in order to find a few evil people.
“You shall not pass!” Grosse was now Silicon Valley’s Gandalf, standing on the stony bridge that was Google’s front-end servers, where he would rather die than let the world’s intelligence agencies cross into Google’s data centers.
Perfect Forward Secrecy, which made it far more labor-intensive for NSA to decode their data. Google was also now laying its own fiber-optic cable beneath the world’s oceans and rigging it with sensors that would alert the company to undersea taps.
He was a gentle soul, but he got downright angry when he found an Adobe Flash zero-day was being used to track Syrian citizens and freedom fighters.
The iPhone and Android jailbreaks that Zerodium and NSO Group and others now paid top dollar for required chains of zero-day exploits to work. If they could neuter just one flaw in the chain, they could starve spies of their intrusion tools,
Almost immediately Project Zero’s researchers found critical zero-days in Apple’s Safari browser, design flaws in some of the most reputable security products, and a Microsoft zero-day that would have given spies full control over Windows machines.
Over the next few years, Project Zero identified more than sixteen hundred critical bugs, major flaws not just in the world’s most targeted software and security tools but also in the Intel chips inside nearly every computer in the world. Its researchers eliminated entire classes of bugs, making spies’ jobs a heck of a lot harder.
Phil Zimmermann released end-to-end encryption software to the masses. Zimmermann’s Pretty Good Privacy (PGP) software
the FBI had just publicly copped to paying hackers $1.3 million for a way to bypass Apple’s security.
It was the first time in history that the government had openly copped to paying private hackers top dollar to turn over vulnerabilities in widely used technology.
Five Eyes,
One Israeli firm in particular, Cellebrite, which specialized in unlocking encrypted iPhones and Androids, was the leading suspect for the FBI’s iPhone jailbreak.
On August 15, 2012, Iranian hackers hit Saudi Aramco, the world’s richest oil company—a company worth more than five Apples on paper—with malware that demolished thirty thousand of its computers, wiped its data, and replaced it all with the image of the burning American flag.
“The main target in this attack was to stop the flow of oil and gas to local and international markets and—thank God—they were not able to achieve their goals,”
Iranians would learn from our own code. The malware the Iranians used to hit Aramco was not even that sophisticated; it was essentially plagiarized from the code Americans and Israelis had used to infect and delete data on Iran’s oil networks four months earlier. But the malware—called Shamoon after a word left in the code—did exactly what it needed to do:
We were dealing with a virus that could have just as easily been used against our own infrastructure. It was a weapon that could create as much havoc and destruction as 9/11 or Pearl Harbor.”
American data breaches had surged 60 percent year over year, and were now so commonplace that most barely registered as more than a blip on the eleven o’clock news.
trains, planes, air traffic control, banks, trading floors, oil pipelines, dams, buildings, hospitals, homes, and cars to the internet, oblivious to the fact that all those sensors and access points made for a soft underbelly. And lobbyists made sure U.S. regulators didn’t do a damn thing about it.
But then came the lobbyists at the U.S. Chamber of Commerce—itself the target of the vicious Chinese hack that had made its way into the Chamber’s thermostats and printers the previous year. The Chamber’s lobbyists yelled overregulation, big government, etc., and soon the standards were watered down, until they were voluntary.
the Republican senators who had filibustered and ultimately voted nay.If we couldn’t get it together to agree on voluntary standards, you had to wonder if the United States even stood a chance in this new battleground.
After Stuxnet, Iran poured $1 billion into new cyber technologies, infrastructure, and expertise, and began enlisting, and conscripting, Iran’s best hackers into its new digital army.
But four short years later, Iran had not only recovered its uranium but also installed eighteen thousand centrifuges—more than three times the number spinning at the time of the first attack.
Together with Mandiant, we pinpointed the exact twelve-story white military tower in Shanghai where members of the PLA’s Unit 61398 were staging thousands of attacks on American businesses, including Coca-Cola, the security company RSA, and Lockheed Martin.
If the White House could not even stop a rational actor like the Chinese, from breaking into its systems, how could it possibly expect to contain an irrational actor like Iran? Nobody had a good answer when the Iranians came for our banks.
For months Iranian hackers hit American banks, one after the one, in a sustained and increasingly powerful series of attacks that crippled some four dozen banks in all and marked the longest-running cyberattack in the history of the internet.
Brennan told Daniel that Iranian hackers were inside the Bowman Dam—in the PLC controllers—and it looked as if they might open the sluice gates. A breach of the towering Arthur R. Bowman Dam on the Crooked River in Oregon would be catastrophic. The dam, 245 feet tall and 800 feet long, holds back 150,000 acre-feet of water from inundating 10,000 residences in downstream Pineville.
Iranian programmer named Ali Abbasi took the stage and hacked into the computers that controlled the power grid—in five seconds.
With his access to the grid, Abbasi told us, he could cause all kinds of destruction: sabotage data, turn off the lights, blow up a pipeline or chemical plant by manipulating its pressure and temperature gauges.
Two months after the Bowman attack, Iran struck Sheldon Adelson’s Sands casino empire. Early on the morning of February 10, 2014, Sands casino’s computers went dark. Just like Aramco before it, its computers became useless bricks. Email and phones were inaccessible. Hard drives were wiped clean.
Iran’s hackers had retaliated against the billionaire casino magnate for recent remarks in which he suggested that the U.S. nuke Iran.
(Sands disclosed in a security filing that the cyberattack had cost the casino roughly $40 million).
this would inevitably lead to an erosion in free speech, perhaps not all at once but little by little, bit by bit.
Chinese hackers had taken everything from the designs for the next F-35 fighter jet to the Google code, the U.S. smart grid, and the formulas for Coca-Cola and Benjamin Moore paint.
Security firms reported a 90 percent dropoff in Chinese industrial cyberattacks. For eighteen months, the world’s first cyberarms-control agreement appeared to stick.
Xi appeared genuine. But then came Trump, who turned the table over with tariffs and the trade war. If it weren’t for that, some officials told me, Chinese industrial cyberattacks might have slowed to a trickle.
“Under current conditions, timely reconstitution of the grid following a carefully targeted attack if particular equipment is destroyed would be impossible; and according to government experts, would result in widespread outages for at least months to two years or more, depending on the nature of the attack.”
At a conference in Moscow the following year, Russian academics, government officials, and cybersecurity experts ranked cyber escalation the most critical threat of our time.
Russia’s minister of telecommunications pushed for an international treaty banning computer warfare, while Russian officials back-channeled with their American counterparts to come up with a bilateral ban. But Washington dismissed Moscow’s bids, believing them to be a Russian diplomatic ploy to neuter the U.S. lead in cyberwarfare. With no treaty in sight, it appeared that Russia was now implanting itself in the American grid—and at an alarming pace.
Sandworm had started embedding itself in the computers that control the world’s critical infrastructure, not just in Ukraine and Poland but in the United States as well. Sandworm had not yet used this vast access for destruction, but reading the report that October, it became clear that is what Moscow had planned.
By now, Russian hackers were so deeply embedded in the American grid and critical infrastructure, they were only one step from taking everything down. This was Putin’s way of signaling the United States. If Washington intervened further in Ukraine, if it pulled off a Stuxnet-like attack in Russia, they would take us down.
The Russians code-named their creation the Translator Project, and its stated goal was to “spread distrust toward the candidates and the political system in general.”
In September 2014 the IRA launched a Heart of Texas Facebook group and started pumping out pro-Texan secessionist memes, #texit hashtags, and the usual scare tactics:
Within a year the group had generated 5.5 million Facebook likes. Then, in a countermove, the IRA created a separate Facebook group, the United Muslims of America, and promoted rallies and counterrallies outside the Islamic Da’wah Center in Houston.
Demonstrators from the Heart of Texas group confronted pro-Muslim protesters across the street in a terrifying real-world standoff that Russia’s digital puppeteers were coordinating from five thousand miles away. Even the Russian trolls back i...
This highlight has been truncated due to consecutive passage length restrictions.
The Russians put up Black Lives Matter pages and Instagram accounts with names like Woke Blacks that tried to convince African Americans, a crucial Clinton demographic, to stay home on Election Day.
By the time the IRA campaign was fully revealed, years later, Putin’s trolls had reached 126 million Facebook users and received 288 million Twitter impressions—a staggering number, given that there are only 200 million registered voters in the United States, and only 139 million voted in 2016.
That March, Fancy Bear’s Russian hackers had sent John Podesta, Hillary Clinton’s campaign chairman, a fake Google alert, declaring that he had to change his Gmail password. Podesta had forwarded the email to the DNC’s IT staff for vetting, and in what would become the most tragic typo in American election history, a campaign aide wrote back, “This is a legitimate email.” He had intended to type “illegitimate,” but the damage was done.
Attached to the message was a link to 300 megabytes of data—the equivalent of text in three hundred novels—only in this case the files contained hacking tools with code names like Epicbanana, Buzzdirection, Egregiousblunder, and Eligiblebombshell.
