NOT THAT I’M SEEKING THINGS to worry about in the coming Trump administration, but our past-and-pre-President has already declared enthusiasm for cryptocurrency: “I’m laying out my plan,” he says, “to ensure that the United States will be the crypto capital of the planet and the bitcoin superpower of the world….”
As if the man needs anything more to burnish his image of a Queens convicted thug.
This thought came to me after reading Vadim Nikitin’s “Dadada” in London Review of Books, November 21, 2024. The article (its title, Mark Zuckerberg’s Twitter password) is a review of Scott J. Shipiro’s book Fancy Bear Goes Phishing: The Dark History of the Information Age in Five Extraordinary Hacks. Fancy Bear is the prototypical Russian hacker, a bear in a KGB uniform.
Fancy Bear Goes Phishing: The Dark History of the Information Age, by Scott J. Shapiro, Farrar, Straus and Giroux, 2023.
Here are tidbits gleaned from Nikitin’s review as well as the one at IndieBound. The latter notes, “Shapiro draws on his popular Yale University class about hacking to expose the secrets of the digital age. With lucidity and wit, he establishes that cybercrime has less to do with defective programming than with the faulty wiring of our psyches and society.”
Where the Money Is. As Shapiro notes, “Cybercriminals don’t want to read your email or use your webcam to spy on you making dinner. They are, by and large, rational people out to make a living.” Nikitin recounts, “In 2023, ransomware gangs extorted more than $1 billion from victims, according to research by Chainalysis, a blockchain intelligence company. Most of the payments were greater than $1 million.”
It Flourishes as Cryptocurrency. Nikitin continues, “An even more significant source of revenue for cybercriminals is cryptocurrency. Over the same period, according to Chainalysis and TRM Labs, where I used to work, hackers stole $1.8 billion worth of bitcoin, ethereum and other crypto from institutions and investors around the world. Separately, the equivalent of more than $12 billion was paid into crypto wallets associated with scams and investment fraud.”
Laundering Cash. “Conventional money laundering,” Nikitin describes, “involves three stages, known by investigators as ‘placement’, ‘layering’ and ‘integration.’ Stolen funds or proceeds from crime are paid into bank accounts (‘placement’) before being moved around to make them harder to trace (‘layering’). Finally, the funds are used to make legitimate investments or acquisitions, from gold to prepaid gift cards (‘integration’).”
Laundering Cryptocurrency. Nikitin contrasts, “Laundering cryptocurrency involves the same logic but in reverse: rather than smuggling ill-gotten gains into the financial system, the aim is to cash them out without getting caught. Off-ramping dirty crypto is complicated.”
It’s a bit, Nikitin says, “like selling a stolen Matisse.”
Ransom Payments. “Governments and businesses claim not to negotiate with hackers,” says Nikitin. “Yet the information stolen from them is often so sensitive that ransoms are quietly paid. A member of the collective known as ShinyHunters claimed to have received $370,000 from AT&T to delete stolen customer records involving 110 million phones.”
“The payment,” he says, “was allegedly made in bitcoin by an intermediary, with some of it laundered by the recipients through an online gambling platform: Once digital chips acquired with stolen funds are cashed out for new tokens, their crypto trail goes cold.”
The Russkies? Nikitin cites an authority on Russian meddling who says that rather than being directed by Moscow, such groups probably “operate with the state’s benign neglect.”
“Furthermore,” Nikitin observes, “Shapiro devotes only one chapter to Russian state hacking: a summary of the GDU’s infiltration of the Democratic National Committee servers in 2016. The rest of the book amounts to a lively and multidisciplinary critique of America’s often neglectful and sometimes malign stewardship of the internet since its inception in the 1970s as a US military project; to this day, 70 per cent of the world’s internet traffic passes through data centres in Virginia.”
Agg! This in itself seems quite enough for Trump to start licking his cyberchops.
The Hilton Hack. Shapiro’s book surely shares plenty of digital nuggets: “Spear phishing,” for example, is focused on an individual to obtain digital access.
“The poster boy for this practice,” writes Nikitin, “was Cameron LaCroix, a 16-year-old who in 2005 hacked Paris Hilton’s mobile phone and leaked nude photographs of her online. What appeared at first to be a high-tech attack actually involved him posing as a supervisor from head office, calling a T-Mobile store in a small town in California and requesting the username and password needed to access the company’s customer accounts tools. The employee simply gave LaCroix the security information over the phone.”
Image from Vogue.
ILOVEYOU, Click Here. It doesn’t help that people are generally a gullible lot. Nikitin says, “Take the ILOVEYOU virus, which infected around 10 per cent of the world’s computers in May 2000 and caused more than $10 billion in damage.”
Image from Huffpost.
Can you imagine anyone having such a narcissistic ego to fall for that? Okay, another one without orange hair. ds
© Dennis Simanaitis, SimanaitisSays.com, 2024