by Kate Fazzini
FIPS 1, CST, RAILROAD CLUB AT MIT
The first incarnation of the Federal Information Processing Standards (or FIPS) was published in 1968, followed by several standards on encryption and data security throughout the 1970s that would underpin the field of cybersecurity into the twenty-first century.
CST probably refers to the Computer Sciences and Technology Lab. One of its first publications, in 1978, is “Effective Use of Computer Technology in Vote-Tallying,” which focuses on accuracy and security controls in vote counting done by computer.
The Tech Model Railroad Club at the Massachusetts Institute of Technology (MIT), which formed in 1946, became a hotbed of early hacker activities in the 1970s and early 1980s, a result of actual model railroad enthusiasts’ interest in “signals and power” circuits and switches that make the trains run. This group utilized the term “hacker” in its current form as early as the 1940s.
VOTE COUNTS, JARGON FILE, LINUX KERNEL ONE
Electronic voting has a long history in the United States going back to the 1960s. By the 1980s, several states, wary of traditional punch-card systems, began favoring electronic readers for counting vote cards and punch ballots.
The jargon file is a record of hacker lingo first developed at Stanford in the mid-1970s. It records the history and development of casual cybersecurity terms. The first Linux kernel, version 0.01, an open-source computer code, was released in 1991 by Linus Torvalds.
BILL JOY, LARRY WALL, LINUS, GUIDO VAN ROSSUM
Bill Joy was a cofounder in 1982 of Sun Microsystems, an early computer company. Around the same time, Larry Wall was developing Perl, an influential computer language. Linus Torvalds is mentioned above, and Guido van Rossum developed the Python programming language, one of the most popular languages today.
CAPTAIN CRUNCH, MA BELL, TWENTY-SIX HUNDRED
John Draper, aka Captain Crunch, was an early and influential hacker, part of a loose collective that referred to themselves as Phone Phreaks because they used telephones to hack into various organizations through the phone lines, especially those owned by the Bell Telephone Company, aka Ma Bell. The 2600 was a magazine catering to phreaks and other early hackers that detailed how to achieve various malicious activities. Founded in 1984, the title refers to the 2600-hertz tone, which hackers found could be replicated with a toy whistle found inside Cap’n Crunch cereal boxes.
Sources
My observations and conclusions in Kingdom of Lies are based exclusively on unclassified, open-source information; my personal observations; and my interviews with individuals who claim knowledge of specific events. None of the information in this book involved access to classified intelligence.
PROLOGUE TO CHAPTER 5
Seleznev, Roman. (2017, April 21). “Roman Seleznev Letter.” New York Times. www.nytimes.com/interactive/2017/04/21/technology/document-Seleznev-Letter.html.
U.S. Attorney’s Office for the Northern District of Georgia. (2017, May 19). “Convicted Russian Cyber Criminal Roman Seleznev Faces Charges in Atlanta.” www.justice.gov/usao-ndga/pr/convicted-russian-cyber-criminal-roman-seleznev-faces-charges-atlanta.
CHAPTERS 6 TO 10
Bhattacharjee, Yudhijit. (2011, January 31). “How a Remote Town in Romania Has Become Cybercrime Central.” Wired. www.wired.com/2011/01/ff-hackerville-romania/.
Carr, Jeffrey. (2011). Inside Cyber Warfare: Mapping the Cyber Underworld. Sebastopol, CA: O’Reilly Media.
Healey, Jason. (2013). A Fierce Domain: Conflicts in Cyberspace 1986 to 2012. Cyber Conflict Studies Association.
Hinsley, F. H. (1979). British Intelligence in the Second World War: Its Influence on Strategy and Operations. London: Stationery Office Books.
Mandiant/FireEye. (2013). “APT1: Exposing One of China’s Cyber Espionage Units.” www.fireeye.com/content/dam/fireeye-www/services/pdfs/mandiant-apt1-report.pdf.
Usdin, Steven T. (2005). Engineering Communism: How Two Americans Spied for Stalin and Founded the Soviet Silicon Valley. Binghamton, NY: Vale-Ballou Press.
CHAPTERS 11 TO 16
Department of Justice. (2017, November 27). “U.S. Charges Three Chinese Hackers Who Work at Internet Security Firm for Hacking Three Corporations for Commercial Advantage.” www.justice.gov/opa/pr/us-charges-three-chinese-hackers-who-work-internet-security-firm-hacking-three-corporations.
Department of Justice. (2014, May 19). “U.S. Charges Five Chinese Military Hackers for Cyber Espionage Against U.S. Corporations and a Labor Organization for Commercial Advantage: First Time Criminal Charges Are Filed Against Known State Actors for Hacking.” www.justice.gov/opa/pr/us-charges-five-chinese-military-hackers-cyber-espionage-against-us-corporations-and-labor.
Trustwave. (2017). “Post-Soviet Bank Heists: A Hybrid Cybercrime Study.” www2.trustwave.com/Post-Soviet-Bank-Heists-Report.html.
Wang, Helen. (2004). Money on the Silk Road: The Evidence from Eastern Central Asia to c. AD 800. London: British Museum Press.
Whitfield, Susan. (2018). Silk, Slaves and Stupas: Material Culture of the Silk Road. Oakland: University of California Press.
CHAPTERS 17 TO EPILOGUE
Department of Justice. (2018, July 13). “Grand Jury Indicts 12 Russian Intelligence Officers for Hacking Offenses Related to the 2016 Election.” https://www.justice.gov/opa/pr/grand-jury-indicts-12-russian-intelligence-officers-hacking-offenses-related-2016-election.
Department of Justice. (2015, October 15). “ISIL-Linked Hacker Arrested in Malaysia on U.S. Charges (with complaint).” www.justice.gov/opa/pr/isil-linked-hacker-arrested-malaysia-us-charges.
Hadnagy, Christopher. (2018). Social Engineering: The Science of Human Hacking. Indianapolis: Wiley.
Næringslivets Sikkerhetsråd. (2016, September). “Norwegian Computer Crime and Data Breach Survey 2016. Mørketallundersøkelsen 2016.” www.nsr-org.no/getfile.php/Bilder/M%C3%B8rketallsunders%C3%B8kelsen/morketallsundersokelsen_2016_eng.pdf.
National Institute for Standards in Technology. (Created October 12, 2010; updated August 27, 2018). “ITL History Timeline 1950–2018.” www.nist.gov/itl/about-itl/itl-history-timeline.
U.S. Attorney’s Office for the Southern District of New York. (2015, November 10). “Attorney General and Manhattan U.S. Attorney Announce Charges Stemming from Massive Network Intrusions at U.S. Financial Institutions, U.S. Brokerage Firms, a Major News Publication, and Other Companies.” www.justice.gov/usao-sdny/pr/attorney-general-and-manhattan-us-attorney-announce-charges-stemming-massive-network.
Author’s Note
Thank you for taking the time to read this book.
I didn’t set out to write a book, certainly not after I joined the cybersecurity field. I wanted to leave my brief, youthful background as a journalist behind and do something real. And I did.
As I wrote in the beginning, that’s when I noticed the holes in the narrative we have grown to accept about security and insecurity of technology, and the real people who were working in or even leading various factions within it.
WHAT JUST HAPPENED?
After going to work for The Wall Street Journal, I was mostly prohibited from using anonymous sources, which is a good thing and strengthens news coverage. But it also meant that the majority of people I talked to would never see their names—or pseudonyms—in print.
This book gave me the flexibility to tell controversial stories, or see events through the eyes of people who lived them. I acknowledge that these people might not always have told the truth. My father, a Navy vet, once said that sailors had a tendency to tell tall tales, and here we are looking through the lens of sailors on a rough, digital sea.
You may also note that I’ve fictionalized some locations—such as Arnica Valka, Romania, which does not exist—but kept other real locations. In some cases, creating fictional locations or companies was the only way to adequately convey the story while ensuring that I was protecting the identity of sources and other innocent parties.
WHY DOES IT MATTER?
I’m completing this book a
fter yet another contentious election—the 2018 midterms. There will be more. Some predicted this election would be “the World Cup of cyber influence.” Another lie, of course. Our elections boards did a fine job of mucking up local elections without needing any interference from Russian elites. Just another in a long line of dire predictions that we have somehow turned a corner into a heretofore unimagined apocalypse.
The idea we are somehow in a strange and very different time is dangerous for three reasons. One, it negates history and historians unfairly, as if all knowledge we’ve acquired up until this moment is meaningless in the face of this new threat. Two, it gives governments, corporations, and institutions an out that they don’t deserve—specifically, the excuse that things have become so incomprehensible and troubling that they can’t possibly be expected to fight against them. And three, it makes people feel helpless, as if they can have no part in understanding security or threats, working on it or having opinions on it, because it’s all so new and frightening that trying to grasp it won’t matter.
If I could support any outcome of reading this book, it is that people feel more empowered to make decisions in their lives that support their own best idea of personal privacy. And that they feel empowered to hold governments, media, and institutions accountable for doing their jobs and providing them with timely, accurate, and actionable information.
Above all, I hope people can start to see that what is happening is more like decades of erosion and less like having the ground disappear from underneath our feet. And that there are ways to stop erosion.
Acknowledgments
First and foremost, I’d like to thank Elisabeth Dyssegaard from St. Martin’s Press and Peter McGuigan from Foundry Literary Media—and all of their staff—for taking a chance on this first-time author. To the people who made endorsements for this book, it’s meant so much to me—thank you.
For their support in trying to turn me into a proper journalist: Matt Rossoff, Jeff McCracken, Mike Calia, Mary Duffy, Elisabeth Cordova, Lauren Hirsch, and Steve Kovach from CNBC; Ben DiPietro, Nick Elliott, Rob Sloan, Will Wilkinson, and Kim Nash from The Wall Street Journal; and Ken Clark, Allan Ripp, John Garger, and Paul Comstock.
I’d like to thank several people who were incredibly supportive during my time working on this book, earlier in my career, and through some trying experiences—without whom it wouldn’t have been possible: Judith Pinto, Jennifer Flores, Jamal Raghei, and Britt-Louise Gilder; Seth Kaufman, Elena Tisnovsky, Victoria and Justin Meyer, Amy Edelstein, Frederic Lemieux, Susanne Gutermuth, Ida Piasevoli, Ang Johnson, Steven Greene, Pete Cavicchia, Anish Bhimani, Michael Spadea, Marc Loewenthal, Mike Joseph, and Earl Crane.
There are many people who served as anonymous sources for this book who I can’t name here, but I would like to acknowledge: thank you for taking a risk and telling me your stories.
To Mrs. Belcastro, Miss Kristy, and all the staff and teachers at PS 002 in Queens and New Milestone Preschool for their incredible work with my kids. To the staff at Porto Bello Restaurant in Astoria, Queens, for their patience and excellent Wi-Fi.
Thanks to all my teachers who made my life better, especially Tim Henige, Paul McClintock, Tim Rice, and Cindy Polles.
And, of course, Mom and Dad and sister Ann for their enduring and lifelong support.
Index
The index that appeared in the print version of this title does not match the pages in your e-book. Please use the search function on your e-reading device to search for terms of interest. For your reference, the terms that appear in the print index are listed below.
2016 US presidential election
See also elections; Putin, Vladimir; Trump, Donald
2600 magazine
access control
Acecard
Achinsk Antivirus
adversaries
Air Force
air gap
alert
antivirus software
Anthony (online source)
Apple
Applied Mathematics Laboratories
Arab American
Arnica Valka, Romania
community college
assets
cybercrime and
defined
management
attacks
Deep Blue
Defense Department and
defined
hackers and
man-in-the-middle
terrorism
See also cyberattacks; cybersecurity; DDoS (distributed denial-of-service) attacks; passive attacks; ransomware
August Malware
Australia Post
authentication
BaFin
Ballybane, Galway, Ireland
Banca Transilvania
Behring Breivik, Anders
Bell Telephone Company
Belvedere, Tony
Benghazi, Libya
big shot
birth dates, data theft and
Bitcoin
blacklist
blockchain
Blomkvist, Mikael
Boeing
Booz Allen Hamilton
botnets
bots
Brik, Jakub
Brooks Act
bugs
Bush, George W.
Cafe Americain
Captain Crunch
Carnegie Mellon
Ceauşescu, Nicolae
Central Intelligence Agency (CIA)
CEX.IO
Chan, Caroline
cybersecurity
hack-a-thon
Kreutz, René, and
Mack, Charlie, and
mentoring
Raykoff, Bob, and
SOC
chief of staff, role of
childcare
China
DDoS attacks
futurethreat and
hacking
government intelligence/spying
intellectual property theft
NOW Bank and
ransomware
Silk Road
See also Chou, Bolin
Chou, Bolin “Bo”
Citibank
City Italia
Clarksburg Federal Credit Union
Clinton, Hillary
cloud computing
Cold War
compliance
Computer Sciences and Technology Lab (CST)
Craigslist
credentials
credit card numbers
ATMs and
creation of fake numbers
credit fraud
dark web and
NOW Bank and
ransomware and
theft of
value
See also identity theft
credit unions
critical infrastructure
cryptocurrency
cryptography
CryptoLocker
cryptomining
Curtiss, John
cyberarmy
cyberattacks
cyber-extortion
cyberinfrastructure
cyber-means
cyberoperations
cyber-reconnaissance
cybersecurity
challenges of
Chan, Caroline, and
cost
credentials
defined
hackers and
Israel and
military and
NOW Bank and
Raykoff, Bob, and
risk and
See also security operations center (SOC)
cyberspace
cyberwar
Daenerys Targaryen (fictional character)
dark web
See also Silk Road
data breaches
data integrity
See also integrity
data loss
data mining
DCLeaks
DeBuffet, Lydia
decryption
See also encryption
Deep Blue
denial of service (DoS) attacks
Depeche Mode
Depository Trust & Clearing Corporation
Deutsche Bank
Dev, Yuval
digital forensics
Direction Générale de la Sécurité Extérieure
distributed denial-of-service (DDoS) attacks
defined
financial sector and
NOW Bank and
terrorism and
See also attacks; cyberattacks; cybersecurity
Drake
Draper, John. See Captain Crunch
Eastern Europe
eBay
Eisenhart, Churchill
elections
encryption
apps and
defined
FIP and
malware and
engine control modules (ECMs)
enterprise risk management
Estonia
euros
event
exfiltration
exploit
exploit kits
See also rootkits
exposure
Fantastical Autographs
Federal Bureau of Investigation (FBI)
Federal Information Processing Standards (FIPS)
Ferizi, Ardit
financial crisis
fingerprints database
firewalls
First Local Bank of Tallinn
Fiverr
flat network
Fleur Stansbury
fog walls
Fort Lauderdale
Fox News
Frances (communications specialist)
fraud
banking
credit cards
social engineering
US Computer Fraud and Abuse Act
See also identity theft; phishing
futurethreat
Gabe (former spy)
Gaddafi, Muammar
gatekeepers
General Maleur Street
General Motors (GM)
Georgetown University
Gerie, Brendan “Tahir”
Girl with the Dragon Tattoo, The (Larsson)
GMBot
Gomer Pyle (fictional character)
Google
Grand Central Station
Gunther, Mikael