This month I read more non-fiction: This Is How They Tell Me the World Ends: The Cyberweapons Arms Race by Nicole Perlroth. Throughout the entire tale, from the first critical vulnerability all the way to the offensive cyber strikes by nation states and their impact on my life all I could think about is how would Napoleon have dealt with the Austrian army exploiting a chain of 0-day exploits in order to silently offset the navigation of his calvary in order to prevent a French victory on the battlefield.
Actually, I didn’t think about Napoleon during this book and not just because I think that Napoleon’s password would probably have been motdepasse on every online account he had. Reading about the history of cyber surveillance and their evolution into attacks has grounded me solidly in the present.
Of course, the impact on my life has mainly been having to patch systems over the past fifteen years due to vulnerabilities like Heartbleed, notpetya and all the others that have emerged in the wake of cyber attacks in that time. And yes, even Bradism.com was hacked in the early days and all my witticisms were replaced with anti-American messages of support for Palestine.
I also realised that, as the American intelligence agencies’ lust for data ramped up post September 11, at the same time as system and internet security was terrible, and I was completing my final year of University, that this was the perfect storm that probably lead to Data Mining being an encouraged elective topic in case someone had any bright ideas on how to handle the firehose of scraped and stolen data from hacked servers and jailbroken Nokias.
The main thing I learned from this book is how prevalent is has been over the years for exploits to be kept hidden from vendors and traded on black markets to government organisations where they use them for surveillance or more, sometimes for years, before they get revealed and patched. (Ironically, a lot of the exploits are revealed when the government agency or state themselves gets hacked and their tools exposed.)
Is it really worth worrying about being tracked by QR codes or even social media when multiple governments are probably already in your kernel?
With such sophisticated cyberweapons out there now, can you really trust your firewall or network traffic monitor or “In use in 0 other locations” message?
Along with my recent reading about climate change, and my daily exposure to pandemic coverage, the future is not feeling particularly chipper.
I think we might need to teach children in school how to write their own kernel and build their own smartphones. And also how to grow tomatoes in acidic soil with no electricity, and manufacture their own hand sanitizer.