Scan barcode
A review by julcoh
This Is How They Tell Me the World Ends: The Cyberweapons Arms Race by Nicole Perlroth
4.0
I read [b:Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon|18465875|Countdown to Zero Day Stuxnet and the Launch of the World's First Digital Weapon|Kim Zetter|https://i.gr-assets.com/images/S/compressed.photo.goodreads.com/books/1404960332l/18465875._SX50_.jpg|26123986] five years ago, and this book was a fantastic follow-up to understand the contemporary zero day and cyber exploit environment.
Perlroth was one of The New York Times' primary cybersecurity journalists for a decade and covered much of this history in real-time, from Edward Snowden through Guccifer 2.0, the Shadow Brokers, and the 2016 and 2020 presidential elections. This history allows her to weave a comprehensible and interesting story tying together the full scope and history of the zero day exploit market's development, and its effect on our geopolitics.
If I may, likely unfairly and certainly incompletely, sum it up:
With Stuxnet, America (AGAIN) was the first nation-state to use a new class of WMD against a foreign adversary.
American agencies then spent the next five years developing a grey market for zero day exploits to enable its offensive cyber hacking capabilities, assuming 1) that it would maintain its lead in cyber exploitation for years, and 2) that it would be able to balance national security with the privacy and security of private firms and the public community, by deciding unilaterally which exploits should be turned over to (American) firms to patch, and which should be kept secret.
They were grossly and explicitly wrong on both assumptions.
In 2016 The Shadow Brokers leaked the NSA's entire suite of hacking tools to the open web, followed in 2017 by Wikileaks publishing the CIA's Vault 7 suite of hacking tools to the open web.
These American weapons have since been turned on us, our closest allies, and the rest of the world in a sustained new-normal global "cold" cyberwar. The WannaCry ransomware attack that took down the NHS for days, the NotPetya attacks by Russia on Ukraine, and the scores of hacks by North Korea, China, Iran, UAE and others around the world represent what must be the most enormous boomerang effect in all of human history.
In effect, the US developed a digital nuclear bomb which was stolen, copied, then dropped on us and our closest allies.
Perlroth ends the book with a few notes of potential optimism and a roadmap for change, but I am not optimistic.
*I listened to the Audible audiobook narrated by Allyson Ryan, not my favorite voice actor.
Perlroth was one of The New York Times' primary cybersecurity journalists for a decade and covered much of this history in real-time, from Edward Snowden through Guccifer 2.0, the Shadow Brokers, and the 2016 and 2020 presidential elections. This history allows her to weave a comprehensible and interesting story tying together the full scope and history of the zero day exploit market's development, and its effect on our geopolitics.
If I may, likely unfairly and certainly incompletely, sum it up:
With Stuxnet, America (AGAIN) was the first nation-state to use a new class of WMD against a foreign adversary.
American agencies then spent the next five years developing a grey market for zero day exploits to enable its offensive cyber hacking capabilities, assuming 1) that it would maintain its lead in cyber exploitation for years, and 2) that it would be able to balance national security with the privacy and security of private firms and the public community, by deciding unilaterally which exploits should be turned over to (American) firms to patch, and which should be kept secret.
They were grossly and explicitly wrong on both assumptions.
In 2016 The Shadow Brokers leaked the NSA's entire suite of hacking tools to the open web, followed in 2017 by Wikileaks publishing the CIA's Vault 7 suite of hacking tools to the open web.
These American weapons have since been turned on us, our closest allies, and the rest of the world in a sustained new-normal global "cold" cyberwar. The WannaCry ransomware attack that took down the NHS for days, the NotPetya attacks by Russia on Ukraine, and the scores of hacks by North Korea, China, Iran, UAE and others around the world represent what must be the most enormous boomerang effect in all of human history.
In effect, the US developed a digital nuclear bomb which was stolen, copied, then dropped on us and our closest allies.
Perlroth ends the book with a few notes of potential optimism and a roadmap for change, but I am not optimistic.
*I listened to the Audible audiobook narrated by Allyson Ryan, not my favorite voice actor.