About the Book
From The New York Times cybersecurity reporter Nicole Perlroth, the untold story of the cyberweapons market-the most secretive, invisible, government-backed market on earth-and a terrifying first look at a new kind of global warfare.
Zero day: a software bug that allows a hacker to break into your devices and move around undetected. One of the most coveted tools in a spy's arsenal, a zero day has the power to silently spy on your iPhone, dismantle the safety controls at a chemical plant, alter an election, and shut down the electric grid (just ask Ukraine).
For decades, under cover of classification levels and non-disclosure agreements, the United States government became the world's dominant hoarder of zero days. U.S. government agents paid top dollar-first thousands, and later millions of dollars- to hackers willing to sell their lock-picking code and their silence.
Then the United States lost control of its hoard and the market.
Now those zero days are in the hands of hostile nations and mercenaries who do not care if your vote goes missing, your clean water is contaminated, or our nuclear plants melt down.
Filled with spies, hackers, arms dealers, and a few unsung heroes, written like a thriller and a reference, This Is How They Tell Me the World Ends is an astonishing feat of journalism. Based on years of reporting and hundreds of interviews, The New York Times reporter Nicole Perlroth lifts the curtain on a market in shadow, revealing the urgent threat faced by us all if we cannot bring the global cyber arms race to heel.
528 pages
Published on February 9, 2021
Buy the book
Cybercrime has always fascinated me. I don’t understand a whole lot about that sort of thing. I’m not what you’d call a tech wizard or anything, but I think the internet is changing not only how humans interact, but it’s changing how much we know (we basically have the library of Alexandria at our fingertips now), it’s changing how we do business, and even the face of war. This is what fascinates me. All the ways our connectivity, unprecedented in human history, is fundamentally altering the way we do so many things.
I listen to a podcast called Darknet Diaries. It’s absolutely fantastic, and I highly recommend it. Anyway, I was listening to an episode a few weeks ago where the podcast host interviewed the author of this book and reader, I was glued to the episode. It was the first time I’d heard of “zero days” and their capabilities. It was the first time I’d heard of any of this stuff, and as soon as the interview was over, I immediately bought this book and then I proceeded to devour it.
Nicole Perlroth is a cyber security reporter for the New York Times. As she explained in her interview on that podcast, she sort of was dumped into this particular beat, and she had to learn a lot as she went. I think this is probably one big reason why this book worked so well for me. Perlroth knew how to distill the topic into digestible bites, and she understood how important it would be to not get bogged down in overcomplicated jargon which would have completely lost someone like me. She had a way with examining these complicated technical topics that was easy for me to understand, which is important considering I had no idea what a “zero day” was until that interview, and then this book.
Zero Days are a hacker term for a chink in a program’s armor, a doorway that the right person can use for certain aims. Governments use them, hackers use them, spies use them, and companies pay a lot for people to find zero days and then turn them over to the company so the hole can be plugged. But, as you’d expect, there’s also a wild and raging black market for these things as well. People who know how to find zero days can make a whole lot of money off them, and they can do a ton of damage. The right zero day used the right way could shut down an entire city, for example. The code used to hack the Iran nuclear program had four zero days in it (there’s a documentary on this on HBO which is really, really good).
Perlroth doesn’t just throw the reader into the deep end, though. She goes through the history of zero days, the first companies that dealt with zero days, the struggle to get them recognized by companies like Microsoft, and then the growth of the black market, how governments are using them now, as well as how they are used by those who spend time lurking in the internet's shadowy corners. It’s equal parts terrifying and fascinating and has completely changed how I look at the internet in fundamental ways. This book almost reads like a thriller novel, as she crosses the globe and talks to some surprising people to investigate different aspects of this zero day marketplace and impacts it has on the world, nations, and individuals. From government contractors, to spies, to weapons dealers, it's all here.
Some of these zero days she discusses in the book are incredibly surprising. For example, there was a zero day found in Jeep, which would allow a hacker to take over the entire car remotely, from the lights, to the radio, to the steering wheel. When she found out about this, she also learned the elevator at her hotel uses the same technology and started using the stairs after that (Let’s be real, I would too.). There was another zero day which she talks about that dealt with HP printers (patched now). Basically any document sent to an HP printer could be essentially stolen by using this zero day. Hackers could just hang out on these printers and nab documents. Imagine how that could have been used in government offices, for example.
Zero days are called that because no one really knows how long they’ve been hanging out in this program before they were found. So, when they are found, that’s “zero day” and the clock starts ticking after that. The US used to have a real corner on this particular marketplace, the biggest and best cyber security in the world. However, the playing field has evened out now. Now, it seems like nearly every nation has a cyber security team, all on the payroll of the local spy network, and there are an equal amount of bad actors hanging out in the digital sphere finding and selling these things to the highest bidder, whoever that might be. The world becoming increasingly digital, it means there are more chinks in more software to be found and exploited.
Perlroth goes into detail about some of these programs, like the spyware program from Israel called Pegasus, which has been used for any number of nefarious things, from allegedly finding journalists who suddenly end up dead, to tracking people of interest, and the like. This program has been traced down to Saudi Arabia, Mexico, Iran, Russia, and so many more. I believe over 100 nations have used this software. She also talks a bit about the hacking of Russia into Ukraine, where Ukraine has basically functioned as a sort of test field for all sorts of worms, hacking, and the like that Russia is trying out. And the implications of this are vast. In our age of COVID, it is chilling to realize that zero days put entire hospitals at risk.
This is a dark book, and Perlroth doesn’t hold back or pretty any of it up. In her imminently readable style, she takes you through the darkest corners of the internet, to show you not just how far hacking has come, but where it is going. I have long believed that the internet is going to change the nature of war, and in a lot of ways, I think this book examines that very concept, only it’s no longer a theory, it’s really happening. In a world where so much exists in the digital sphere, and so many aspects of our lives are plugged in and online, it’s a chilling concept indeed, to realize how vulnerable we all really are.
Part thriller, part horror, and fundamentally important, This is How They Tell Me the World Ends should be mandatory reading for anyone with an interest in the digital sphere and the interconnected world we are all part of.
5/5 stars
Comments
Post a Comment