Monday, July 5, 2021

A Hack Too Far

This is how they tell me the world ends.

 


That’s the title of Nicole Perlroth’s explosive book detailing her beat as a New York Times journalist with the thankless task beating the bushes for nuggets of cyberwarfare and cybersecurity. Most hackers avoid her. Some speak to her, but obfuscate in their answers. But a very few give up gold – enough to put together an intriguing and scary tale that will have you questioning your phone, your computer, your Nest products, and anything you do on the Internet.

 

I now see news articles related to tech in a different light – yesterday’s Kaseya ransomware attack, or today’s announcement of the Didi app under scrutiny. Hacking is big business globally and growing at an exponential rate thanks to the cyber arms race as detailed by Perlroth and others. I’ve seen how easy it is for an individual with not much experience to get off-the-shelf hacking tools. Governments and nation-states have orders of magnitude more resources at their disposal, and they use it. And there’s everything in between. Perlroth begins the story with zero-day exploits, but things get heated up with the sprouting of cybersecurity start-up outfits, both for defense and attack. The money that flows through has also increased exponentially. What Snowden reveals is only the tip of an iceberg.

 

Coincidentally, I’ve been watching the TV series Person of Interest. God’s-eye A.I. is a prevalent theme in entertainment this century. While you might classify this as “action-drama”, I’m starting to think that “horror” might be an apt inclusion to the genre. There are some cool action sequences, but the interesting part of the story is the evolution of the A.I. and what people are trying to do with or to it. Some want to protect it, some want to use it, some want to break it, and I’m sure more motives will be uncovered as new characters are added to the show. (I’m in Season 2 out of 5. The dialogue is sometimes crummy, but overall the show is engaging enough for me to keep watching.)

 

There’s what we know, and there’s much that we don’t know. Perlroth gives the reader an engaging peek into the underbelly of cyber breaking-and-entering. Yet she regularly admits that she has bits and pieces, strung together by what sources are willing to tell her, or inadvertently let drop. And they’re a tight-lipped bunch. The whole point of a zero-day, before it becomes known, is to embed itself as long as it can in secret while stealing your data and possibly doing extra damage. If you’ve heard of Stuxnet, you know what I’m talking about. Yet there is likely much more, and most of us are blissfully unaware.

 

Everything is plugged in now. For automation, for efficiency, for sheer complexity, and for many other reasons. The energy grid. The food supply chain. The monetary system. Traffic lights. Air traffic control. GPS. We’ve seen how a tiny coronavirus can multiply and quickly infect humans in a globally-connected system. I suspect it’s only a matter of time before a cyber virus does something similar. Likely the only reason we know about Stuxnet is because it ‘escaped’ and spread far beyond its confines, and we’re lucky it didn’t do more damage because it was ultra-specific in what it was looking for. We might not be so lucky next time.

 

It wasn’t that long ago when I taught classes without the internet. I wrote out my own lecture notes. Made photocopies of problem sets and handouts. In class I mostly used the board interspersed with occasional overhead projector slides. I think my students would adapt, and possibly even concentrate more in class without their digitally-connected distractions. As a computational chemist, my research program in its present form would die without the internet. Adaptation would require very significant change in how I do research and the questions I would seek to answer.

 

But my work-life is only a slice of life in the modern era. The chaos of a cyber-virus gone wild is, I think, a realistic threat. A hack too far. And the boundaries are being pushed. This may be how the world of modern humanity ends.

No comments:

Post a Comment