Nice Internet You Got There…

Tech / June 29, 2017

It would be a shame if anything happened to it.

Illustration: Tiago Galo

If you’re not paranoid, you haven’t been paying attention lately.

You probably read about NotPetya, a nasty computer worm that was unleashed in Ukraine on Tuesday, which continues to gnaw its way across the networked world, trashing computers in scores of countries. Along the way, the malware disrupted businesses ranging from the Danish shipping company AP Moller-Maersk to a Cadbury chocolate factory in Australia, reports The Guardian.

Security researchers cautioned that it is too early to know for sure who is behind it. But some say that the targeting and distribution method of the malware point to Russia.—The Washington Post

I don’t know about you, but whenever I used to hear about hackers and worms and viruses, I tuned out—which, granted, is kind of weird since the best book I ever co-wrote (with my sainted wife) was about hackers. But that was in the early 1990s when hacking was a mostly innocent pursuit and the kids who did it (they were invariably teenage boys) seemed more like folk heroes than criminals.

So over the years, when I saw quasi-hysterical stories about the hacking threat, I ignored them as tabloid rubbish. And when computer viruses became a thing, starting with the ridiculous hype of the Michelangelo Virus in 1992, and continuing with the outbreak of newer and ever-scarier-sounding bugs through the years, I ignored that stuff even harder.

The NSA Building

But it’s become impossible to look away. For me, it started with the hacking of the DNC and attempts to digitally infiltrate state elections, which could well have affected the General Election. Almost as alarming was the theft of sophisticated hacking tools from the NSA in January and then the related WannaCry “ransomware” attacks, launched in Asia two months ago. I mean, a South Korean hosting company actually paid $1 million in ransom to decrypt its files! And then last week’s NotPetya worm, which is derived from the same pilfered NSA source code as WannaCry, and which turned out to be worse than ransomware. The virus is known as a “wiper,” which irretrievably destroys the files on infected machines’ hard drives. Nothing particularly new about that but since these are but two branches of the NSA code, you have to wonder what’s next.

And who’s to blame?

A consensus is building that this was another attack by Russia on Ukraine. The Washington Post lays out a convincing argument: It lists many examples of earlier hacks that were meant to bully Russia’s strategically important neighbor to the west. “Russia, which has annexed Crimea and has backed separatists in eastern Ukraine, has carried out an aggressive campaign of cyberattacks and harassment there.”

But an even more interesting narrative is also taking shape around a person (or group) known by the nom d’hacker as the Shadow Brokers, who took credit for the initial NSA theft in the spring (another definitive Washington Post story here). He, or they, surfaced again on Wednesday, this time on the cryptocurrency-fueled site, Steemit, to gloat about the attack and try to shake down anyone who fears more of the same. The anonymous post is written (as are, apparently, all Shadow Brokers communiques) in an amusing, fractured-English patois:

Haters will be saying this is joke, not serious, who will be paying just to talk to theshadowbrokers? Some party is already paying where do you think theshadowbrokers is getting idea.—Via an anonymous post by the Shadow Brokers

If you believe the translation provided by a site called Bleeping Computer, what they’re really saying is decidedly less amusing. While the group didn’t take direct credit for the NotPetya attack, it intimates that the cybercrap we’ve experienced over the past few months is just the beginning. Expect more and variegated attacks to emerge from the cache of NSA cyberweapons. But no worries: if you want protection, you can subscribe to the Shadow Brokers’ “service” and they’ll warn you in advance of new attacks.

That service had initially been rolled out a month ago—but in yesterday’s post, the price was doubled to around $40,000 a month, payable in Zcash, a cryptocoin that masks the identity of the buyer, seller and transaction amount.

The Shadow Brokers also announced that they’d be unmasking an NSA agent in the coming days, which, needless to say, could be embarrassing to the super secret agency and dangerous to the agent. If true, of course.

Though the identities of the Shadow Brokers remain a mystery, former intelligence officials say there is no question from where the weapons came: a unit deep within the agency that was until recently called “Tailored Access Operations.”—The New York Times

Kaspersky Lab

One more scintillating bit, for you John le Carré fans, and to tie all this back to Russia in one unified Theory of Russianness: NotPetya appears to have it in for Kaspersky Lab, a Russian cybersecurity firm that seemed to be on the front lines in the battle to squelch NotPetya. According to the venerable Finnish security firm F-Secure, NotPetya was particularly savage to computers running Kaspersky security software: “If this malware finds running Kaspersky processes on the system, it writes junk to the first 10 sectors of the disk, and then reboots, bricking the machine completely.”

Please note that Kaspersky has come under intense U.S. scrutiny for its ties to the Kremlin. And on the day of the NotPetya attacks, FBI agents visited the homes of “at least a dozen employees” who work in its U.S. office, NBC reported. Also: Former Trump national security advisor Michael Flynn reportedly received an $11,000 payment from Kaspersky.

Where’s my tin foil hat? If all this cloak-and-dagger stuff isn’t enough for you, perhaps the fact that a nuclear power plant was successfully breached on Wednesday might interest you? Yes, it was “just” the business side, rather than the operations side, of the undisclosed plant. But as we’ve been seeing with ever-worsening results, practice makes perfect.

Quick Flips

The digital currency Ethereum lost $4 billion in value on fake news last week that its founder, wunderkind Vitalik Buterin, had croaked. The currency recovered after he posted a picture of himself online…A Quartz story suggests that the singularity is getting closer as engineers create an AI that can see, hear and read…Hot dog or not? Yelp is using another AI to ID foods in pictures…Paris just opened the world’s biggest tech incubator…And Facebook finally reaches 2 billion users.

Keep flipping—

JQ

P.S.: If you or someone you know wants to get my weekly reader via email on Saturdays, all you have to do is is get an account on Flipboard, and follow Technology. We’ll take care of the rest.