“We were plugging anything we could into the internet, at a rate of 127 devices a second. We had bought into Silicon Valley’s promise of a frictionless society. There wasn’t a single area of our lives that wasn’t touched by the web. We could now control our entire lives, economy, and grid via a remote web control. And we had never paused to think that, along the way, we were creating the world’s largest attack surface.”

~ Nicole Perlroth - This Is How They Tell Me the World Ends 1

Thoughts

The last sentence in the introduction sums up the goal of the book - “My hope is that my work will help shine even a glimmer of light on the highly secretive and largely invisible cyberweapons industry so that we, a society on the cusp of this digital tsunami called the Internet of Things, may have some of the necessary conversations now, before it is too late.

The book does a great job of shining the light on the cyberweapons industry as the unknown shadow adversary. Many of the situations are dramatic and unbelievable that one could think that there is no hope. But the truth is there are many more cyber security professionals now than before and there is better understanding of the threats. Also Presidential Directives like PDD-63 (1998), HSPD-7 (2003), PPD-21 (2013), National Security Order on Cybersecurity (2021) and so forth have put significant federal funds towards bolstering security of Critical Infrastructures. But the book leaves you away with the feeling of doom.

One of the first things that “GitHub Copilot · Your AI pair programmer” could solve is this. Make sure developers are not putting in security vulnerabilities inadvertently.

Interplanetary internet.

85% of the businesses fail in the first 5 years. Out of the 15% that succeed, 85% fail in the next 5 years. It is an intensely competitive field. you may have to do things swiftly with the resources that you have than plan things out.

Notes

Prologue

2019 - Nicole is flying into Kiev and finds that large parts of Ukraine has lost power and people are wondering if it is another attack by Russia. She goes through a series of dramatic events in the last decade or so that were the result of cyber warfare.

  • She talks about the 2017 attack in Ukraine which was timed to happen during the Independence Day. Ukraine was a digital test kitchen for Russian hackers and they had been testing since 2014, when the US was busy with violence in Ferguson, ISIS crisis, North Korean hack of Sony, etc.
  • Russian hackers had hit Ukraine in Dec 2015 cutting off power for around 6 hours, and again in Dec 2016.
  • Chinese hackers at the same time were stealing American IP. Former NSA director Keith Alexander, called Chinese cyberespionage the “greatest transfer of wealth in history.”
  • Iranian hackers brought down servers at Sands casino in Vegas as a retaliation to Sands owner Sheldon Adelson’s public comment about bombing Iran.
  • Russian hackers brought down the entire nation of Estonia offline after Estonians dared to move a Soviet-era statue.
  • Russian hackers apparently bombarded the Brexit referendum, hacked the American grid, meddled with the 2016 U.S. elections, and the French elections.
  • The US always thought it was far ahead of other countries in the world when it came to cyber skills but b/w 2016 and 2017, the gap b/w the US and other bad-faith nations closed considerably. One reason could be the “Shadow Brokers” who leaked a lot of cyber tools from NSA. Snowden leaked data, the Shadow Brokers leaked the actual code which was more damning.
  • After getting hold of NSA’s hacking tools, Russian hackers launched an offensive attack against Ukraine (called “NotPetya”), hitting companies like Maersk, Merck, FedEx, Cadbury, etc. By 2019, the total tally of losses was $10B.

PART I: MISSION IMPOSSIBLE

    1. Closet of Secrets
    1. The Fucking Salmon

PART II: THE CAPITALISTS

    1. The Cowboy
    1. The First Broker
    1. Zero-Day Charlie

PART III: THE SPIES

    1. Project Gunman
    1. The Godfather
    1. The Omnivore
    1. The Rubicon
    1. The Factory

PART IV: THE MERCENARIES

    1. The Kurd
    1. Dirty Business
    1. Guns for Hire

PART V: THE RESISTANCE

    1. Aurora
    1. Bounty Hunters
    1. Going Dark

PART VI: THE TWISTER

    1. Cyber Gauchos
    1. Perfect Storm
    1. The Grid

PART VII: BOOMERANG

    1. The Russians Are Coming
    1. The Shadow Brokers
    1. The Attacks
    1. The Backyard

Footnotes

  1. Perlroth, N. (2021). This Is How They Tell Me the World Ends: The Cyberweapons Arms Race. United Kingdom: Bloomsbury Publishing.