The revelation is part of an excerpt in The New York Times from a new book by the newspaper’s cybersecurity reporter Nicole Perlroth. The book is titled 'This Is How They Tell Me the World Ends.' As summarized by USA Today, the book “lifts the curtain on the cyberweapons market, revealing a terrifying look at a new kind of global arms race.”
Perlroth, in the Times excerpt, writes, “At this very moment, we are getting hacked from so many sides that it has become virtually impossible to keep track, let alone inform the average American reader who is trying to grasp a largely invisible threat that lives in code, written in language that most of us will never fully understand.”
As an essay by The New Yorker’s Jill Lepore notes, the book takes readers through the history of U.S. cybersecurity policy, starting with a 1968 Pentagon report recognizing that “contemporary technology cannot provide a secure system in an open environment.”
Then, in 1984, the NSA discovered a bug in electric typewriters that allowed Russian spies to snoop on the U.S. Embassy in Moscow. A cyberattack on Iran in 2010 using Stuxnet computer worm, originally developed by the U.S. and Israel, unleashed into the world an offensive weapon that could swiftly be turned back around on its creators.
These days, as the Pittsburgh Post-Gazette’s book review relates, Perlroth sees a world where cyber-attacks have become a free-for-all, with Russia, China, and North Korea at the door, zero-day bugs looming in various systems and cities nationwide suffering crippling outages. “For all the internet’s promise of efficiency and connectivity,” Perlroth writes, “it [is] now a ticking time bomb.”
To fix all this, Perlroth calls for an online equivalent of a Geneva Convention: an agreement between nation-states not to undertake peacetime attacks on civilians, hospitals, electrical grids and voting systems, or to pilfer private companies’ intellectual property. She also suggests that private companies should essentially shift from Mark Zuckerberg’s slogan of “move fast and break things” to “move slowly and fix your [expletive].”
The Times’ review of the book notes that such proposals, while reasonable, “feel like long shots.” But the reviewer, Foreign Policy editor at large Jonathan Tepperman, adds that “Perlroth has done a valuable service in highlighting the need for big changes in how America approaches its cybersecurity—which, these days, means its security, period.”