The bored teenagers who can disrupt the world

/in


Most of us live a strange double life when it comes to hacking. We read headlines saying that our toaster might spy on us, that Russia is trying to hack into our social media, and that society as a whole could be under threat. At the same time, we install smart speakers in every room of our house, post more than ever to social media, and the worst we see of hacking attempts is the occasional email from a Nigerian ‘prince’. Trying to calibrate whether we should be terrified or unconcerned is a difficult task, so it’s refreshing when Scott Shapiro – a Yale law professor who also serves as the director of the university’s cybersecurity lab – says early in his book that neither is the correct approach.

The Mirai botnet wasn’t the work of a nation state but of three young men hoping to make a few quick bucks

If Fancy Bear Goes Phishing – the title a reference to the ‘Fancy Bear’ codename given to a Russian military hacking team – has any one message, it’s that hacking is not really about code, databases or infrastructure. It’s much more a story at the human level, about bored teenagers, under-employed twentysomethings, badly-drafted liability law and even social norms. As if to emphasise this, it sets out its case by describing five major hacks at different stages of the internet’s development.

The first was largely accidental, the work of the graduate student son of a senior National Security Agency official in the late 1980s.The second carried a tribute to a woman whom the hacker was trying to impress – the respected security researcher Sarah Gordon, who had jokingly asked for a virus to be dedicated to her, and who came to deeply regret that attempt at humour. The third hack, of Paris Hilton’s phone, was by a disaffected American teenager just looking for an outlet. Fancy Bear comes fourth, with Shapiro detailing how Hillary Clinton’s close adviser, John Podesta, and the Democratic National Committee were compromised by Russian state hackers. But it’s the fifth that is perhaps most striking: the creation of the Mirai botnet (named after an anime character) in 2016. This was a force that could have ‘taken down the internet’, which…

Source…