Countdown to Zero Day Quotes

“As Mike McConnell, the former director of national intelligence, told a US Senate committee in 2011, “If the nation went to war today, in a cyberwar, we would lose. We’re the most vulnerable. We’re the most connected. We have the most to lose.”
― Kim Zetter, Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon

“But withholding information about vulnerabilities in US systems so that they can be exploited in foreign ones creates a schism in the government that pits agencies that hoard and exploit zero days against those, like the Department of Homeland Security, that are supposed to help secure and protect US critical infrastructure and government systems.”
― Kim Zetter, Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon

“The horrors and costs of war encourage countries to choose diplomacy over battle, but when cyberattacks eliminate many of these costs and consequences, and the perpetrators can remain anonymous, it becomes much more tempting to launch a digital attack than engage in rounds of diplomacy that might never procedure results”
― Kim Zetter, Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon

“Under a $652-million clandestine program code named GENIE, the NSA, CIA, and special military operatives have planted covert digital bugs in tens of thousands of computers, routers, and firewalls around the world to conduct computer network exploitation, or CNE. Some are planted remotely, but others require physical access to install through so-called interdiction—the CIA or FBI intercepts shipments of hardware from manufacturers and retailers in order to plant malware in them or install doctored chips before they reach the customer.”
― Kim Zetter, Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon

“This wasn’t the only mistake they made. They also botched the cleanup operation on the servers they could access. They had created a script called LogWiper.sh to erase activity logs on the servers to prevent anyone from seeing the actions they had taken on the systems. Once the script finished its job, it was also supposed to erase itself, like an Ouroboros serpent consuming its own tail. But the attackers bungled the delete command inside the script by identifying the script file by the wrong name. Instead of commanding the script to delete LogWiper.sh, they commanded it to delete logging.sh. As a result, the LogWiper script couldn’t find itself and got left behind on servers for Kaspersky to find. Also left behind by the attackers were the names or nicknames of the programmers who had written the scripts and developed the encryption algorithms and other infrastructure used by Flame. The names appeared in the source code for some of the tools they developed. It was the kind of mistake inexperienced hackers would make, so the researchers were surprised to see it in a nation-state operation. One, named Hikaru, appeared to be the team leader who created a lot of the server code,”
― Kim Zetter, Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon

“There was nothing like staring down the barrel of a suspected cyberweapon to clear the fog in your mind.”
― Kim Zetter, Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon

“But he insisted his reasons for supplying to governments went deeper than money: “We mainly work with governments who are facing national security issues … we help them in protecting their democracies and protecting lives.… It’s like any surveillance method. The government needs to know if something bad is being prepared and to know what people are doing, to protect national security. So”
― Kim Zetter, Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon

“Each time Stuxnet infected a system, it “phoned home” to one of two internet domains masquerading as soccer fan sites—mypremierfutbol.com and todaysfutbol.com. The domain names, registered by someone who used fake names and fraudulent credit cards, pointed to servers in Denmark and Malaysia”
― Kim Zetter, Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon

“After two months passed and they were still finding holes, the company canceled the testing and just shipped the kiosks out. O”
― Kim Zetter, Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon

“The main Stuxnet file was incredibly large—500 kilobytes, as opposed to the 10 to 15 KB they usually saw. Even Conficker, the monster worm that infected more than 6 million machines the previous two years, was only 35 kilobytes in size. Any malware larger than this usually just contained a space-hogging image file that accounted for its bloat—such as a fake online banking page that popped up in the browser of infected machines to trick victims into relinquishing their banking credentials. But there was no image file in Stuxnet, and no extraneous fat, either. And, as O’Murchu began to take the files apart, he realized the code was also much more complex than he or anyone else had previously believed. When”
― Kim Zetter, Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon

“Civil War general Robert E. Lee said famously that it was a good thing war was so terrible, “otherwise we should grow too fond of it.”
― Kim Zetter, Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon

“These incidents were all accidental, but in Poland in 2008 a fourteen-year-old boy in Lódz caused several trains to derail when he used the infrared port of a modified TV remote control to hijack the railway’s signaling system and switch the tram tracks. Four trams derailed, and twelve people were injured.”
― Kim Zetter, Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon

“Like conventional weapons, most digital weapons have two parts—the missile, or delivery system, responsible for spreading the malicious payload and installing it onto machines, and the payload itself, which performs the actual attack, such as stealing data or doing other things to infected machines. In this case, the payload was the malicious code that targeted the Siemens software and PLCs.”
― Kim Zetter, Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon

“The nations, of course, that are most at risk of a destructive digital attack are the ones with the greatest connectivity. Marcus Ranum, one of the early innovators of the computer firewall, called Stuxnet 'a stone thrown by people who live in a glass house'.”
― Kim Zetter, Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon

“Under the new policy, any time the NSA discovers a major flaw in software, it must disclose the vulnerability to vendors and others so the flaw can be patched.”
― Kim Zetter, Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon

“Richard Clarke, former cybersecurity czar under the Bush administration and a member of the panel, later explained the rationale for highlighting the use of zero days in their report. “If the US government finds a zero-day vulnerability, its first obligation is to tell the American people so that they can patch it, not to run off [and use it] to break into the Beijing telephone system,” he said at a security conference. “The first obligation of government is to defend.”40”
― Kim Zetter, Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon

“In amassing zero-day exploits for the government to use in attacks, instead of passing the information about holes to vendors to be fixed, the government has put critical-infrastructure owners and computer users in the United States at risk of attack from criminal hackers, corporate spies, and foreign intelligence agencies who no doubt will discover and use the same vulnerabilities for their own operations.”
― Kim Zetter, Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon

“Germany, a Wassenaar member, already has a law that effectively prohibits the sale of exploits as well as the practice of giving them away for free, something that security researchers do regularly among themselves to test systems and improve security.”
― Kim Zetter, Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon

“One such middleman is a South African security researcher based in Thailand who is known in the security community by his hacker handle “The Grugq.” The Grugq brokers exploit sales between his hacker friends and government contacts, pocketing a 15 percent commission per transaction. He only launched his business in 2011, but by 2012 sales were so good, he told a reporter he expected to make $1 million in commissions.”
― Kim Zetter, Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon

“The attackers had no doubt assumed, even counted on, the Iranians not having the skills to uncover or decipher the malicious attacks on their own. But they clearly hadn’t anticipated that the crowdsourced wisdom of the hive—courtesy of the global cybersecurity community—would handle the detection and analysis for them.”
― Kim Zetter, Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon

“In one case, the NSA and the UK spy agency Government Communications Headquarters, or GCHQ, used a sophisticated method called Quantum Insert to hack the machines of Belgian telecom workers to gain access to the telecom’s network and to a router the company used for processing the traffic of mobile phone users. The elaborate attack involved using high-speed servers the NSA had set up at key internet switching points to intercept the surfing traffic of system administrators who worked for the telecom. The spy agencies first collected extensive intelligence on the workers—their e-mail addresses, IP addresses, and possible surfing habits—then the high-speed servers watched for requests from the employees’ machines for specific web pages, such as the victim’s own LinkedIn profile page. When the victim tried to access the LinkedIn page, the server would intercept the request before it reached LinkedIn and would feed a fake LinkedIn page to the victim that injected malware into his machine. Once on the system administrator’s machine, the spy agencies could then use his credentials to gain access to other parts of the telecom network to subvert the router.”
― Kim Zetter, Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon

“Perhaps the biggest consideration of all was the risk of tipping off Iran and other enemies to US cyber capabilities. The problem with using a cyberweapon, says one former CIA agent, is that “once it’s out there, it’s like using your stealth fighter for the first time—you’ve rung that bell and you can’t pretend that the stealth fighter doesn’t exist anymore. So the question is, which air battle do you really want to use that stealth fighter for?”
― Kim Zetter, Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon

“That’s when the British captain, Eric Moody, made one of the most famous understatements in the history of aviation. “Ladies and gentlemen,” he told the passengers, “this is your captain speaking. We have a small problem. All four of the engines have stopped. We are doing our damnedest to get them going again. I trust you are not in too much distress.”
― Kim Zetter, Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon

“Before Stuxnet’s malicious commands went into action, the malware sat patiently on the PLC for about two weeks, sometimes longer, recording legitimate operations as the controller sent status reports back to monitoring stations. Then when Stuxnet’s malicious commands leapt into action, the malware replayed the recorded data back to operators to blind them to anything amiss on the machines”
― Kim Zetter, Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon

“FALLIERE WAS TWENTY-EIGHT, with the dark, Gallic looks of someone who seemed like he’d be more at home DJing trance music in an underground Paris nightclub than poring over reams of printed computer code during a commute on the Métro. In reality, he was fairly shy and reserved, and sifting through dense computer code was in fact a much bigger draw to him than spending sweaty nights in a throbbing club.”
― Kim Zetter, Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon

“In addition to these spreading mechanisms, Stuxnet had a peer-to-peer component that let it update old versions of itself when new ones were released. This let them update Stuxnet remotely on machines that weren’t directly connected to the internet but were connected to other machines on a local network. To spread an update, Stuxnet installed a file-sharing server and client on each infected machine,”
― Kim Zetter, Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon

“0x19790509. If it found the string, Stuxnet withdrew from the machine and wouldn’t infect it. Chien had seen “inoculation values” like this before. Hackers would place them in the registry key of their own computers so that after unleashing attack code in a test environment or in the wild, it wouldn’t come back to bite them by infecting their own machine or any other computers they wanted to protect. Inoculation values could be anything a hacker chose. Generally, they were just random strings of numbers.”
― Kim Zetter, Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon

“Two of the underground buildings were each about the size of half a dozen football fields and were heavily reinforced with concrete walls about six to eight feet thick. The Iranians were obviously fortifying them against a possible air strike. The tunnel leading down to the buildings was also built in the shape of a U instead of a straight line—a common tactic to prevent missiles sent into the mouth of a tunnel from having direct aim at a target on the other end.”
― Kim Zetter, Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon

“Packers are digital tools that compress and mangle code to make it slightly harder for antivirus engines to spot the signatures inside and for forensic examiners to quickly determine what a code is doing.”
― Kim Zetter, Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon

“But one person’s national security tool can be another’s tool of oppression, and there’s no guarantee that a government that buys zero days won’t misuse them to spy on political opponents and activists or pass them to another government that will.”
― Kim Zetter, Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon