Kingdom of Lies
eBook - ePub

Kingdom of Lies

Adventures in cybercrime

  1. 304 pages
  2. English
  3. ePUB (mobile friendly)
  4. Available on iOS & Android
eBook - ePub

Kingdom of Lies

Adventures in cybercrime

About this book

Would you say your phone is safe, or your computer? What about your car? Or your bank?

There is a global war going on and the next target could be anyone – an international corporation or a randomly selected individual. From cybercrime villages in Romania to intellectual property theft campaigns in China, these are the true stories of the hackers behind some of the largest cyberattacks in history and those committed to stopping them. You’ve never heard of them and you’re not getting their real names.

Kate Fazzini has met the hackers who create new cyberweapons, hack sports cars and develop ransomware capable of stopping international banks in their tracks. Kingdom of Lies is a fast-paced look at technological innovations that were mere fantasy only a few years ago, but now make up an integral part of all our lives.

Frequently asked questions

Yes, you can cancel anytime from the Subscription tab in your account settings on the Perlego website. Your subscription will stay active until the end of your current billing period. Learn how to cancel your subscription.
No, books cannot be downloaded as external files, such as PDFs, for use outside of Perlego. However, you can download books within the Perlego app for offline reading on mobile or tablet. Learn more here.
Perlego offers two plans: Essential and Complete
  • Essential is ideal for learners and professionals who enjoy exploring a wide range of subjects. Access the Essential Library with 800,000+ trusted titles and best-sellers across business, personal growth, and the humanities. Includes unlimited reading time and Standard Read Aloud voice.
  • Complete: Perfect for advanced learners and researchers needing full, unrestricted access. Unlock 1.4M+ books across hundreds of subjects, including academic and specialized titles. The Complete Plan also includes advanced features like Premium Read Aloud and Research Assistant.
Both plans are available with monthly, semester, or annual billing cycles.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, we’ve got you covered! Learn more here.
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Yes! You can use the Perlego app on both iOS or Android devices to read anytime, anywhere — even offline. Perfect for commutes or when you’re on the go.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app.
Yes, you can access Kingdom of Lies by Kate Fazzini in PDF and/or ePUB format, as well as other popular books in Computer Science & Computer Science General. We have over one million books available in our catalogue for you to explore.

1.

The Futurethreat

Carl knows that if bank systems are flooded with packets, they won’t be able to handle the traffic, web applications will overload, and the bank’s websites will go down. People won’t be able to bank or pay bills. Twitter will blow up. Call center phones will start ringing like a sadistic chorus. Bank executives will look bad.
That’s what happened in September. And that’s what the terrorists are trying to do now, for a second time.
But it had better not fucking work, Carl has been told over and over these past few weeks. This can’t happen again.
Carl doesn’t care why this is happening, but bankers always want to know why. So, in Joe’s report, he explains the reason that the terrorists have provided for their attack, a rationale that makes little sense but was apparently proposed by the Izz ad-Din themselves online: There’s an American preacher named Terry Jones who is threatening to burn Qurans and a YouTube video criticizing Islam, and the Izz ad-Din want both to stop. And also Israel. The group has lots to say about Israel.
The Izz ad-Din claim they have waited four months because they are merciful. They delayed their second action due to the U.S. presidential election and Hurricane Sandy.
But that is all B.S.
Because this kind of thing happens to banks all the time. DDoS (distributed denial-of-service) attacks come from aggrieved teenagers and foreign ne’er-do-wells and every class of hacker in between. They are a dime a dozen. Especially after the financial crisis, when a surge of hostility from Anonymous and activists against “the 1 percent” spiked.
Carl and Joe and the cybersecurity team have stopped DDoS attacks many, many times before. The Izz ad-Din are different. They have the skills and they have the hardware. And people. Lots and lots of people. They are not a loosely defined network of 20-something terrorists scattered across Eastern Europe. Not some kids in a basement somewhere. They are an entire nation-state.
Iran, to be specific.
Over the course of the next several days, Carl and a team of five other security professionals battle the bad guys.
Carl spends all his time in the room. They turn the heat down in the room until it is freezing so everyone can stay awake. Somebody keeps bringing up sandwiches from the cafeteria. Executives drift in and out of the room. Some stand next to him, look over his shoulder, and make significant gestures and solemn sighs before leaving again.
They code name the attack Deep Blue, have daily and nightly and sometimes hourly phone calls about it. More and more people get involved. Some of them Carl has never seen before. Some of them, he knows, are consultants not even affiliated with the bank. The longer the attacks go on, the more people get involved in the crisis. And it is a crisis. No one has ever seen anything like this before. From the outside looking in, from the inside looking out, one fact becomes obvious to all: The bank’s management needs to make cybersecurity a priority. Not tomorrow, not next week, but right now.
As the suits pile in, act interested, and watch Carl sit at the computer and fight the Iranian Army every fucking day, he becomes more detached and more alone. The attacks surpass the skills of his colleagues, relegating them to supporting roles on the sidelines. Carl is a real hacker, an extremely good one, and he’s seen it all, but never an attack this big.
Then just as suddenly as it began, it ends. Somebody has finally taken down the stupid anti-Islam YouTube video. The Izz declare the war is over. Carl can’t believe it. He sits at his desk, fingers poised over the keyboard, exhausted, overcaffeinated, buzzing just a little bit, wondering if it’s really over.
Everyone goes home. Carl stays behind, putting together one more security report for the bank’s board of directors. They have asked him to predict when the next strike will come. He considers the request and begins to type. “Futurethreat, a type of cyberthreat from a heavily weaponized nation-state . . .”
Carl reconsiders, hits delete. “Futurethreat” is a garbage term, he thinks. It was probably invented by some government lunkhead. It will make the bankers’ eyes glaze over. He can’t have that. He has their attention and he wants to keep it because Deep Blue has created a golden opportunity for Carl and his colleagues’ cybersecurity team.
And his boss. Joe Marcella, beloved by his employees, reviled by his superiors, bursts into the room. He has never, Carl has noticed, entered a room any other way. It is what earned him the nickname among some of his colleagues of Kool-Aid Man. Taller and with about 150 pounds on Carl, when Joe opens a door it has the same look and feel of a giant pitcher of punch smashing through a wall.
“Where the fuck have you been? The fucking suits want another fucking PowerPoint about this shit if you can believe it.”
Carl smiles. Joe’s his friend. Joe is unpolished—to say the least—but he has a way of earning a great deal of loyalty from his employees, which starts and ends with fighting with the higher-ups to pay them very well. Joe won’t make it long past the DDoS attacks. He’ll be replaced by executives who don’t fight hard for good pay, with predictable consequences.
But those days are more than a year away. Right now, Carl is dealing with the fact that the top-level executives at NOW Bank suddenly care about cybersecurity, and the way bankers show that they care is with money.
Carl writes, “Other hostile nations will have used DDoS attacks as cover for entering and persisting on our networks, with the goal of gathering information covertly over long periods of time.”
Carl rubs his eyes, closes his laptop. As he walks into the lobby, now dark, he blows on his knuckles like a gunslinger.
At around that same moment, Bob Raykoff, a former Air Force commander, reads some of the text he and a ghostwriter have cobbled together for the next edition of his textbook.
Futurethreats in cyberspace will require that we take some type of offensive action, heretofore under the characterization active defense. The only way to ensure the safety of these active defense measures is to design clear military protocols around them, and to the extent possible, engage other nations—even hostile nations—in creating a more robust international norm for cyberattacks, cyber-reconnaissance and other tactics.
Bob Raykoff was one of the first people to use the term “futurethreat.” He is working on his latest book and writing a chapter with that name. He is obsessed with futurethreat. He has been watching the DDoS attacks against the banks and wonders who will make use of the distraction caused by the Islamists. The Chinese? The Russians?
Definitely the Russians. Bob hates the Russians.
Military men and women who engage the enemy today may give little thought . . . to the damage they may cause digitally. As with military actions from the air or by drone, military personnel may not be significantly or closely engaged with the people who are affected at the other end of their attack. The collateral damage in cyberwarfare, particularly in the private sector, where these battles will most likely be fought, could be catastrophic.
A little over a year from now, Bob will be Carl’s boss. Neither of them knows it; nor can they even fathom the possibility. There are a lot of things that Bob knows about cybersecurity, but there are even more things that he doesn’t know. But he’s right on the money when it comes to the fallout from the DDoS attack at NOW Bank. It will be catastrophic. There will be considerable collateral damage, and he will be right in the middle of it.
From his office in the Washington, D.C., suburbs, Bob considers the futurethreat again.
Definitely Russia, he thinks. Or China.
As it turns out, the futurethreat is neither Russia nor China, It is a 15-year-old girl living in the Romanian countryside, dancing to music so loud she can barely hear herself think.
RenĂ© Kreutz shouts in ecstasy as another wave of her high school friends makes it through the door of a pop-up nightclub in a small Transylvanian town called Arnica Valka. It’s a town hardly anyone has ever heard of. It is known mostly as an acceptable place to stop for lunch between Bucharest and Budapest.
RenĂ© is a little bit drunk. The club is the center of the world, as far as she’s concerned. Everywhere else is orbiting around this spot. Around her.
She dances, the eye of a sweaty storm of teenagers, and screams the lyrics to a Bucharest rapper’s hit song, spoken in half English, half Romanian, called “Americandrim.” It references every pop-culture trope, one after the other: Coca-Cola, MTV, George W. Bush, McDonald’s.
I can be what I want to be
Losing my identity
René’s friends scream the last line into the sooty air above them. Everything around her smells like cheap liquor and cherry-flavored lip gloss. In fact, René’s drink tastes like cherry-flavored lip gloss.
Is there anything more to life than this? she wonders, happily, drunkenly.
There is. A great deal more, in fact. In three years, RenĂ©, who is no good at computers but who is utterly charming, will become one of the world’s most influential hackers practically overnight.
René squeezes next to her friends and flashes a peace sign for a selfie on an old Motorola cell phone.
At around this same moment in Moscow, one of the world’s most influential hackers, Valery Romanov, is taking a selfie, too. It’s his favorite pose: Valery Romanov, hacker extraordinaire, with stacks and stacks of cash.
Valery is dressed like an extra in an American office-based situation comedy. A short-sleeved, button-down shirt, wrinkled khakis. Blond and pudgy, he isn’t really focusing on his own bland countenance. He centers the photograph on the cash instead, the real star of this portrait. He flashes a peace sign.
Romanov has just finished watching the DDoS attack against NOW Bank from inside the bank’s networks. He’s in there, too. But not for silly Islamist reasons. He enjoys live-action fighting. Like pay-per-view only without the pay. He smiles and contemplates the bottle of vodka beside him.
The DDoS attack presents a big opportunity for somebody, he thinks as he looks at the open ports at the bank, the unguarded sections of a huge, vast enterprise. The data has been left unguarded because the bank is pouring all its resources into fighting the DDoS attack.
Valery notices that all of the credit cards issued by the bank are now expired. Somebody has slipped in while the bank was fighting off the Iranians and made the change. But it wasn’t him. Not this time.
Valery is a little preoccupied these days. The FBI is after him. And Interpol. And now the surprisingly fast and frightening Direction GĂ©nĂ©rale de la SĂ©curitĂ© ExtĂ©rieure in France. He’s drinking too much. His new fiancĂ©e is pregnant. The selfies with the cash make him feel better.
Two years earlier, he got caught up in stupid Islamist bullshit when the cafe in Marrakesh he happened to be eating at was blown up in a terrorist attack. Now part of his head is missing. Before that, and for a little while afterward, he was one of the greatest, most prolific, and most influential hackers in the world.
Now it’s 2012, and his number is just about up.

2.

The Charlatan

Caroline Chan is a killer.
Her new boss doesn’t know...

Table of contents

  1. Cover
  2. Title
  3. Copyright
  4. Dedication
  5. Contents
  6. Before: The Swallows
  7. Preface: Kingdom of Lies
  8. 1. The Futurethreat
  9. 2. The Charlatan
  10. 3. The Wall
  11. 4. The Baby
  12. 5. The Italians
  13. 6. The Gig Economy
  14. 7. The Tryout
  15. 8. The Father
  16. 9. The Teenager
  17. 10. The Medium
  18. 11. The Lovers
  19. 12. The Researcher
  20. 13. The Volunteers
  21. 14. The Mother
  22. 15. The Ghost
  23. 16. The Recruiters
  24. 17. The Insider Threat
  25. 18. The Terrorist
  26. 19. The Long Trip
  27. 20. The Reason
  28. 21. The Spaniard
  29. 22. The Project Manager
  30. 23. The Reporter
  31. Epilogue: We Didn’t Start the Fire
  32. Appendix A: Glossary of Cyberterms
  33. Appendix B: Epilogue Explained
  34. Sources
  35. Author’s Note
  36. Acknowledgments
  37. Index