Essays: 2021 Archives
How to Cut Down on Ransomware Attacks Without Banning Bitcoin
Ransomware isn’t new; the idea dates back to 1986 with the “Brain” computer virus. Now, it’s become the criminal business model of the internet for two reasons. The first is the realization that no one values data more than its original owner, and it makes more sense to ransom it back to them—sometimes with the added extortion of threatening to make it public—than it does to sell it to anyone else. The second is a safe way of collecting ransoms: Bitcoin.
This is where the suggestion to ban cryptocurrencies as a way to “solve” ransomware comes from. Lee Reiners, executive director of the Global Financial Markets Center at Duke Law, …
Hacked Drones and Busted Logistics Are the Cyber Future of Warfare
“If you think any of these systems are going to work as expected in wartime, you’re fooling yourself.”
That was Bruce’s response at a conference hosted by U.S. Transportation Command in 2017, after learning that their computerized logistical systems were mostly unclassified and on the internet. That may be necessary to keep in touch with civilian companies like FedEx in peacetime or when fighting terrorists or insurgents. But in a new era facing off with China or Russia, it is dangerously complacent.
Any 21st century war will include cyber operations. Weapons and support systems will be successfully attacked. …
Russia’s Hacking Success Shows How Vulnerable the Cloud Is
The cloud is everywhere. It’s critical to computing. And it’s under attack.
Russia’s Sunburst cyberespionage campaign, discovered late last year, impacted more than 100 large companies and U.S. federal agencies, including the Treasury, Energy, Justice, and Homeland Security departments. A crucial part of the Russians’ success was their ability to move through these organizations by compromising cloud and local network identity systems to then access cloud accounts and pilfer emails and files.
Hackers said by the U.S. government to have been working for the Kremlin targeted a widely used Microsoft cloud service that synchronizes user identities. The hackers …
‘Grassroots’ Bot Campaigns Are Coming. Governments Don’t Have a Plan to Stop Them.
Artificial intelligence software can easily pass for real public comments
This month, the New York state attorney general issued a report on a scheme by “U.S. Companies and Partisans [to] Hack Democracy.” This wasn’t another attempt by Republicans to make it harder for Black people and urban residents to vote. It was a concerted attack on another core element of U.S. democracy—the ability of citizens to express their voice to their political representatives. And it was carried out by generating millions of fake comments and fake emails purporting to come from real citizens.
This attack was detected because it was relatively crude. But artificial intelligence technologies are making it possible to generate genuine-seeming comments at scale, drowning out the voices of real citizens in a tidal wave of fake ones…
What Will It Take?
View or Download in PDF Format
What will it take for policy makers to take cybersecurity seriously? Not minimal-change seriously. Not here-and-there seriously. But really seriously. What will it take for policy makers to take cybersecurity seriously enough to enact substantive legislative changes that would address the problems? It’s not enough for the average person to be afraid of cyberattacks. They need to know that there are engineering fixes—and that’s something we can provide.
For decades, I have been waiting for the “big enough” incident that would finally do it. In 2015, Chinese military hackers hacked the Office of Personal Management and made off with the highly personal information of about 22 million Americans who had security clearances. In 2016, the Mirai botnet leveraged millions of Internet-of-Things devices with default admin passwords to launch a denial-of-service attack that disabled major Internet platforms and services in both North America and Europe. In 2017, hackers—years later we learned that it was the Chinese military—hacked the credit bureau Equifax and stole the personal information of 147 million Americans. In recent years, ransomware attacks have knocked hospitals offline, and many articles have been written about Russia inside the U.S. power grid. And last year, the Russian SVR hacked thousands of sensitive networks inside civilian critical infrastructure worldwide in what we’re now calling Sunburst (and used to call SolarWinds)…
Hackers Used to Be Humans. Soon, AIs Will Hack Humanity
Like crafty genies, AIs will grant our wishes, and then hack them, exploiting our social, political, and economic systems like never before.
If you don’t have enough to worry about already, consider a world where AIs are hackers.
Hacking is as old as humanity. We are creative problem solvers. We exploit loopholes, manipulate systems, and strive for more influence, power, and wealth. To date, hacking has exclusively been a human activity. Not for long.
As I lay out in a report I just published, artificial intelligence will eventually find vulnerabilities in all sorts of social, economic, and political systems, and then exploit them at unprecedented speed, scale, and scope. After hacking humanity, AI systems will then hack other AI systems, and humans will be little more than collateral damage…
Bitcoin’s Greatest Feature Is Also Its Existential Threat
The cryptocurrency depends on the integrity of the blockchain. But China’s censors, the FBI, or powerful corporations could fragment it into oblivion.
Security researchers have recently discovered a botnet with a novel defense against takedowns. Normally, authorities can disable a botnet by taking over its command-and-control server. With nowhere to go for instructions, the botnet is rendered useless. But over the years, botnet designers have come up with ways to make this counterattack harder. Now the content-delivery network Akamai has reported on a new method: a botnet that uses the Bitcoin blockchain ledger. Since the blockchain is globally accessible and hard to take down, the botnet’s operators appear to be safe…
Illuminating SolarStorm: Implications for National Strategy and Policy
This essay appeared as part of a round table on how to respond to the SolarWinds attack.
This operation was a tremendous intelligence success for the Russian government, and recovering from it is going to be much harder than people think. It might not even be possible. It requires much more than simply patching the Sunburst vulnerability. It means burning the infected networks to the ground and rebuilding them from scratch, just as you might reinstall your computer’s operating system after a bad virus. But even that won’t be enough.
The Russians were slow and deliberate, using the backdoor in the SolarWinds update to obtain initial footholds in only a few of the 18,000 vulnerable networks, and then working over months to establish persistence by creating alternative means of access that would survive discovery of the initial vulnerability…
Perspectives on the SolarWinds Incident
View or Download in PDF Format
Excerpt
A serious cybersecurity event was recently revealed: malicious actors had gained access to the source code for the SolarWinds Orion monitoring and management software. They inserted malware into that source code so that, when the software was distributed to and deployed by SolarWinds customers as part of an update, the malicious software could be used to surveil customers who unknowingly installed the malware and gain potentially arbitrary control over the systems managed by Orion. Of course, such a level of control has given attackers opportunities for further exploitation as well…
Why Was SolarWinds So Vulnerable to a Hack?
It’s the economy, stupid.
Early in 2020, cyberspace attackers apparently working for the Russian government compromised a piece of widely used network management software made by a company called SolarWinds. The hack gave the attackers access to the computer networks of some 18,000 of SolarWinds’s customers, including U.S. government agencies such as the Homeland Security Department and State Department, American nuclear research labs, government contractors, IT companies and nongovernmental agencies around the world.
It was a huge attack, with major implications for U.S. national security. The Senate Intelligence Committee is scheduled to …
The Government Will Guard Biden’s Peloton from Hackers. What About the Rest of Us?
The Security Threat to Worry About Is the One Facing the Public, Not the President
President Biden wants his Peloton in the White House. For those who have missed the hype, it’s an Internet-connected stationary bicycle. It has a screen, a camera and a microphone. You can take live classes online, work out with your friends or join the exercise social network. And all of that is a security risk, especially if you are the president of the United States.
Any computer brings with it the risk of hacking. This is true of our computers and phones, and it’s also true about all of the Internet-of-Things devices that are increasingly part of our lives. These large and small appliances, cars, medical devices, toys and—yes—exercise machines are all computers at their core, and they’re all just as vulnerable. Presidents face special risks when it comes to the IoT, but Biden has the National Security Agency to help him handle them…
The Solarwinds Hack Is Stunning. Here’s What Should Be Done
The information that is emerging about Russia’s extensive cyberintelligence operation against the United States and other countries should be increasingly alarming to the public. The magnitude of the hacking, now believed to have affected more than 250 federal agencies and businesses—primarily through a malicious update of the SolarWinds network management software—may have slipped under most people’s radar during the holiday season, but its implications are stunning.
According to a Washington Post report, this is a massive intelligence coup by Russia’s Foreign Intelligence Service (SVR). And a massive security failure on the part of the United States is also to blame. Our insecure internet infrastructure has become a critical national security risk—one that we need to take seriously and spend money to reduce…
Sidebar photo of Bruce Schneier by Joe MacInnis.