“Fancy Bear Goes Phishing” charts the evolution of hacking

/in


Fancy Bear Goes Phishing. By Scott Shapiro. Farrar, Straus and Giroux; 432 pages; $30. Allen Lane; £25

In 1928 many countries signed the Kellogg-Briand pact, which outlawed war. Though often derided as hopelessly idealistic, it had important consequences. Until then, war had been a lawful way for states to settle their differences; by contrast, economic sanctions were illegal. After the second world war, the document served as the legal basis for the Nuremberg trials. A draft of the United Nations charter included its terms almost verbatim.

The status of computer hacking in international law is now similarly irrational. Espionage is basically legal; interfering in the internal affairs of another state is not. Yet when does cyber-espionage tip into cybercrime or even cyber-warfare? If definitions are slippery, preventing cyber-attacks is even harder. They can be ordered by one country, perpetrated by a civilian in a second, using computers in a third to disable those in a fourth, with tracks hidden along the way. To some, the prefix “cyber” suggests the associated wrongs are as resistant to regulation as old-fashioned war can seem to be.

Scott Shapiro, a professor at Yale Law School and erstwhile computer programmer, is well-placed to tackle these quandaries. He is also the co-author of “The Internationalists”, a history of the Kellogg-Briand pact published in 2017. His new book chronicles the internet’s vulnerability to intrusion and attack by forensically examining five hacks that typify different kinds of threat.

Russia, if you’re listening

It begins with the Morris Worm, the internet’s first worm (ie, a self-replicating piece of code that slithers from computer to computer). It came about in 1988 through an experiment-gone-wrong by an American graduate student, which exploited the openness of networked computers. Next comes Dark Avenger, a virus that destroyed computer data in the 1990s. Third is the hack in 2005 of Paris Hilton’s mobile-phone data, which revealed nude photos of the celebrity. The hacker didn’t compromise the phone but rather servers in the cloud on which the images were stored.

The book’s most outrageous and troubling attacks are its last two,…

Source…