Science & Tech
Sinead Butler
Aug 13, 2021
A cybersecurity analyst and reformed hacker has said we shouldn’t be too worried about our “nuclear arsenal being taken over movie-style” but instead we should be more concerned about the “major impacts” to financial markets.
The man - who remained anonymous - has shared his knowledge of more than 30 years of experience as a cybersecurity analysis in a major Silicon Valley firm in an interview with VICE .
According to the man it is easier to cause major disruption to countries as big as the United States than ever before, as today “ you just need a few thousand dollars and a laptop and a couple of smart hackers to write some code and send something out.”
“The kinds of things that are vulnerable to ransom attacks is literally everything that is connected to anything,” the man said.
Next, he goes on to define the two different types of hackers: a black hat and a white hat.
A black hat hacker is traditionally someone who is “not bound by any kind of ethical code, willing to break the law, and is in it for specifically his own purposes.”
While a white hat hacker is “bound by an ethical code who try to do things to improve the greater good and who are bound by the law.”
The man revealed that he at one time considered himself a black hat but has now changed to a white hat.
As a white hat hacker, he has to “look for vulnerabilities in systems that haven’t been scrutinised before, that may represent a significant risk.
“But I also do things like hunt the criminals who are targeting hospitals or who are targeting the businesses I’m looking out for. So, by looking at the attacks that take place by understanding the infrastructure that’s used by the criminals, I can work out where they’re coming from,” he added.
Though he did note how he spends most of his time “staring at code, understanding how sites are put together and how things work and then working out how you can subvert that process to take control of it.”
One of the hacking techniques that has been around for decades is ransomware which is malware that uses encryption to hold a victim’s information at ransom, and once the victims pay the ransom they receive a key that decrypts your data and gives it back to you.
The man describes the challenge to stop the criminals, as people will pay the ransom if they have no choice and shares how he’s seen a similar scenario play out.
“I’ve watched hospitals getting encrypted and people are left with a choice: do I pay to decrypt the data or do I risk lives?”
The expert also notes one of the challenges learned within the past year is that “we’re not very good at understanding which systems are the ones that are the most painful when they get encrypted” and specifically references the recent ransomware attack on the Colonial pipeline in Texas which carries gasoline and jet fuel.
“No one would have thought that a ransomware attack against someone like the colonial pipeline would cripple large amounts of the United States but it did because their supply chain dependency on that fuel caused a cascade problem throughout the whole of the US.”
Finally, the white hacker shares his worries about the new economic marketplace called the “Initial Access Broker Market,” where people sell compromised access to companies for the purpose of somebody else going in and using it to monetise it.
Instead of worrying about our “nuclear arsenal being taken over movie-style” he insists we should instead be concerned about “major impacts on the financial markets or potential impacts to things like electricity production facilities.”
You can watch the full video below.
The Conversation (0)
x