Nicole Perlroth

For more reviews and bookish posts visit: https://www.ManOfLaBook.com

This Is How They Tell Me the World Ends: The Cyberweapons Arms Race by Nicole Perlroth tells of the government-backed secretive market to get zero-day vulnerabilities. Ms. Perlroth is the New York Times cybersecurity reporter and a published author.

This thrilling book is a cautionary tale of how weaponized computer vulnerabilities can change our lives, decide policy, and even start wars. Ms. Perlroth tells of secretive, underground markets where large amounts of money change hands, as well as the increasing support of nation-states to get their hands on those weapons.

This Is How They Tell Me the World Ends by Nicole Perlroth contains interviews with hackers, cyber arms dealers, infosec specialists, and even spies. Together comes a coherent story of a seedy underworlds where both criminals and nation-states compete for new computer exploits for their wars around the globe.

Even though most of the book concentrates on the United States, the author traveled to Europe and South America, conducting interviews about the technological arms race. In the process, she exposes the readers into different points of view where the US is not necessarily trusted, nor considered the obvious choice to responsibly administer and user zero-day hacks.

In the process we get an excellent primer on the history of cyber-attacks. From Russia turning off Ukrainian internet-connected infrastructure, to the weaponized Stuxnet which destroyed Iran’s nuclear capabilities.

Almost half of the books is dedicated to the National Security Agency (NSA) quest to collect information about America’s enemies. From the earliest digital listening devices (bugs) placed in Moscow’s American embassy, to the vulnerability discovery program.

The last part of the book describes America’s vulnerabilities. From reliance on the Internet of Things, to congressional bipartisanship which hinders American security.

The book is an easy read, you don’t have to be a techy to understand it. Ms. Perlroth smartly stays away from technical jargon. This makes the book difficult to put down, while informing and entertaining at the same time.… (más)

As Charles Darwin so eloquently put it in his “Origin of Species,” and as evolutionary biologists confirmed later on, life flourishes and sometimes doesn’t depending on a series of trade-offs.

When a living cell establishes a border, it lets some fluids enter the membrain and keeps some out. Hopefully, that which it lets in nourishes the life of the cell and that which it keeps out are harmful.

Or at least, that which it lets in is good enough to keep life going.

I held this thought in my little brain as I drove home from cottage country, from the robust and fragrant air of the arboreal forests to the dust and dirt of city air.
This highway I travelled — one of the widest in the world — allowed hundreds of thousands of cars to pass from one state of wellbeing to a wholly different state.

We think of the highway as “infrastructure” intended to allow the free flow of people and cargo through states of being. Generally beneficial to society.

But what if the highway contaminates society at the same time it brings well-being to the city’s residents?

Each year our governments pour billions of our money into the maintenance of these highways, and somewhat fewer billions into maintaining the electronic highways even as the physical highways help compound the problems of pollution and global warming, and the electronic highways spew the filth of misinformation through social media, spam e-mail, and websites of propaganda, hatred, and racism.

I thought about our investments in infrastructure as I read Nicole Perlroth’s dire look at the state of our electronic infrastructure and the government agencies who contribute to the leaky ship.

Nefarious and sometimes just entrepreneurial programmers across the globe are busy establishing vulnerabilities in the software and hardware that runs our electronic infrastructure, and often sell these vulnerabilities to middlemen who then convert them into “exploits” that undermine the privacy and security of our computer networks.

The highly publicized Stutsnet intrusion likely developed by US and Israeli agencies, for example, clobbered the operation of centrifuges in Irans nuclear facilities, then leaked into the hands of Russian hackers who developed the exploit not-Petya which devastated Ukrainian networks, global logistics networks, hospitals, and other installations.

More recently there was the Solarwinds hack that compromised the networks of 10,000 corporations or more.

Just a few of these exploits gain any publicity but it’s becoming more apparent that the agencies who are tasked with maintaining our security are holding back on the extent and variation in vulnerabilities to help keep their options open, or to be more specific, to keep the “spying” options open.

We are seeing more of these exploits leak back into the public sphere and wind up in the hands of unfriendly nations and organizations for intelligence operations and/or profitable ransomware ventures.

Just as we are being fooled into believing that our social media chatter is just that, instead of seeing it as the raw material for increasingly sophisticated advertising tools, maybe we are gullible in building an electronic infrastructure for the spooks first and us second. With the complicity of the major corporations who are actually in charge of building and maintaining the highways.

Much has been made recently of the efforts of the US and other Western governments to hold back the diffusion of Huawei routers and switches in the new 5G networks out of fear that the Chinese Government is insisting on back doors to this technology to compromise the security of our networks,

But it is highly likely that America’s National Security Agency has built their own back doors into Huawei switches and everybody else’s for that matter. And as go the US Government, so goes their Five Eyes intelligence partners, and possibly wider network of NATO partners.

This book contained some great accounts of the struggle Google had to maintain the integrity of its networks facing the onslaught of Chinese intrusions, and equally harrowing (for me anyway) stream of intrusions on Apple iPhone.

If you are wondering why so many “interim” upgrades to the iOS just think of the struggles Apple faces with known and sometimes evolving exploits to gain access to iPhone data. I can think of the Pegasus intrusion which helps Middle Eastern governments spy on their journalists and critics and most likely played a significant part in the assassination of Washington Post journalist and Saudi national Jamal Kashoggi.

As I drove along the summer highway I somehow wanted my government to exercise better control of the infrastructure to privacy and security objectives. Maybe if we cut back on the proliferation of polluting highway lanes (to the tune of billions in savings) and re-prioritize it for the management of our electronic infrastructure we could be making a safer and happier future.

That would be a trade-off I could live with.… (más)