Why the US Military is Recruiting Hackers

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
(mysterious music) - [Johnny] It's November 10, 2008. Barack Obama just won an election, and he travels to the White House to meet with the outgoing president, George Bush. In that meeting, Bush told Obama about a top-secret weapon that the U.S. military had been developing with Israel since 2005, code named Project Olympic Games. This weapon was intended to hit one of Iran's most fortified nuclear facilities, buried deep underground, where centrifuges spin uranium to enrich it for use as energy or, with enough spinning, to be used in a nuclear weapon. (dramatic music continues) But this secret weapon wasn't a missile. They weren't planning an air strike. Instead, it was a computer file, less than a megabyte in size, 150,000 lines of pristine code. This is the weapon that the president had to tell Obama about. This little file had been planted in Iran, where it spread throughout the whole country. But it didn't do anything. It laid dormant until it found its way onto a flash drive that was then plugged in at this underground nuclear facility. (air whooshing) And then it spread, finding its way to its final target: this one machine. And then, the weapon started working, quietly reprogramming the software to very subtly sabotage these delicate spinning centrifuges, opening a valve to change the pressure, telling the centrifuge to spin a bit faster or a bit slower, all while telling the technicians that everything was working properly. (mysterious music) Over time, these subtle manipulations destroyed these centrifuges. This was one of several weapons that the U.S. had planted in Iran using sophisticated computer code. Now, if a war broke out with Iran, the U.S. could turn off their power, could turn off their military defense systems, making it so they couldn't shoot down planes. They could turn off their command and control systems so they couldn't talk to each other during the fight. This was a real war plan executed by thousands of American military personnel, hundreds of millions of dollars, and a cyber operation that would, quote, "Prepare the battlefield by weakening Iran's ability to fight," all of it using code. The code that sabotaged the nuclear facility was eventually discovered and named after some of the elements that were inside of these many lines of code: .stub or MRxNet. They called it Stuxnet. Now, this weapon did slow down Iran's progress at first, but it didn't stop them. But what this did do was showcase a new style of war: the use of quiet weapons in the form of a tiny text file that could self-replicate and wreak actual physical damage on an enemy. We call this cyber warfare, and it has become a fixture of modern conflict. Let me show you how it works. (mysterious music continues) - [Speaker] We're moving into a new era here. - [Speaker] People are actually getting killed. - [Speaker] Dismantle our communications systems. - [Speaker] At the click of a button, you can bring down nations to their knees. (mysterious music continues) - Before Stuxnet, most cyber warfare was pretty basic. Like in the '80s, you had this situation where an East German hacker broke into some military computers in the US looking for secrets for the FSB, which was like the Soviet spy agency. Or more recently, like in 2007, where Russian hackers attacked a bunch of Estonian websites in the financial, government, and media sectors, shutting them down, as retaliation against Estonia deciding to relocate a Soviet monument. These were cyber attacks, but they were pretty weak and unsophisticated, especially compared to what was soon to come. So we live in a weird time. Our information is less secure than ever. And now my phone and my email and my physical mailbox are inundated with stuff I don't want to see. I feel like my information is just leaked out to anyone and everyone who wants it. And this, of course, is a part of today's video. But it also has to do with the sponsor of today's video, which is Incogni. Incogni is a platform that allows you to get yourself off of the lists that data brokers use to get your information. It's really cumbersome and time-consuming to go through the process to be taken off these lists. The companies make it intentionally hard at times. So what you do is you sign up for Incogni and you give them permission to act on your behalf to go out and request that you be taken off of these data broker lists. There's a link in my description. It is incogni.com/johnnyharris. When you click the link, it helps support the channel, you get 60% off when you sign up for the annual plan. The annual plan allows Incogni to month after month go and strip you off of these lists so that you can retain your privacy over time. So thank you, Incogni, for sponsoring today's video. With that, let's dive into this deep, complicated, intense, wild story of cyber warfare. (dramatic music) - The true power of the internet. - [Speaker] Empowering the internet generation. - [Speaker] I got on the internet. - We have to remember that, in the early 2000s, most of the world wasn't built off of the internet yet. Internet speeds were getting good, software was getting sophisticated, and computers and their software were becoming the foundation to many big invisible industries, like shipping, finance, and energy. And crucially, hackers, who had grown up on the internet, were getting really good at finding vulnerabilities in these systems, breaking into them, learning to exploit them. Now, how those hackers ended up selling their secrets to the U.S. government in the name of making cyber weapons is the next part of the story. (mysterious music) But first, a quick word on software, this thing that runs our modern life that is mostly invisible but that is endlessly important. That ensures that you have electricity and that you can access your bank account and do your job. All of this is made possible because of something that looks very simple: lines and lines of code. They're just basically lists of instructions on how a system should run, what it should do in every circumstance, and who has access to what. But because more and more of the world is run on software and software contains sensitive information, like your Social Security number or bank account number, whatever, developers build their software like a castle. (mysterious music) So this is our software castle. It has walls and locked doors that only authorized users are allowed to get into. But inevitably, because it's a big, complex castle, the builders of this castle, on accident, left little holes, little vulnerabilities, weak spots, secret doors, that if an intruder could find would allow them to get in, where they can steal things or even take control of parts of the castle. They can lock the owner out and only give them access in exchange for money. Or they could just leave little time bombs that will blow up later. Almost all software has some kind of vulnerability that would allow a hacker to get in and control things. But the worst kind, arguably, and the nightmare scenario for software developers is the zero-day. (mysterious music) It's called a zero-day exploit because, by the time the intruder gets into the software castle, the developers had known about this for zero days, meaning they didn't know, they were unaware. They were blindsided by this attack. It was a hole in their castle that somebody found, and now they're screwed. Now, once a hacker gets in, developers often know that there was a vulnerability. They can work on patching it, but that takes time, and then, of course, they have to get the users to update their software in order for that patch to actually work. And we all know how kind of annoying that is. A zero-day exploit is a software developer's nightmare, which, in turn, makes it a hacker's dream. Some hackers will spend their time looking for zero-day exploits in really powerful software, like the software that runs your iPhone or Google Chrome or Windows operating systems or a million other pieces of software that run our world. Some are interested in doing this so that they can get money or passwords. That's the criminals. Or others are interested in gaining control of underground nuclear facilities and electricity grids. That would be the government. (mysterious music) Okay, so let's say that you're a really sophisticated hacker and you have somehow found a zero-day exploit for an Apple iPhone iOS. You can get into someone's iPhone and control it. That's a really valuable thing. You now have a few choices on what to do with that information. Number one, you could go right to Apple and you could give it to them. And they will pay you handsomely. Right now, they will pay you $1 million in exchange for a zero-day exploit that allows you to hack into their iPhone. Every big software company does this. Like Google will give you $150,000 if you can find a way to take over one of their Chromebooks via a website. Software companies offer these bug bounties because they want to know where the holes in their castle are. They want to patch them. They want to avoid the nightmare of being hacked into and compromising the security and privacy of their users. So yeah, that's one of your options, sell it to Apple, get a million bucks, totally aboveboard. We'll call this the white market. But you could also sell it on the black market to criminals who want to use these exploits to make money, which happens. Like in 2016, there was this case where hackers that may or may not have been linked to North Korea were able to hack into the central bank of the country of Bangladesh. They were able to make all these fraudulent requests and like hijack the Swift system that transfers all the money. And in the end, they were able to get $81 million transferred to their bank account in the Philippines. Their end goal was to get closer to $1 billion, but because of a typo in one of their fraudulent requests, they got caught and it got shut down. But the point is that there's a black market for zero-days because there's a lotta money to be made if you can hack into a financial system. But you also have a third option here. If you have a zero-day exploit, you can sell it to a government or a military. They tend to have pretty big budgets. And more and more, they interested in developing cyber weapons, hacking tools that they can use against their enemies. We'll call this the gray market, and the money here is pretty big. (mysterious music continues) So there's all these middlemen brokers for zero-days. They're like dealers. There's one Russian zero-day dealer who, a few months ago, tweeted out that, "Due to high demand," their clients are now willing to pay $20 million, a hundreds times more, for a hacking tool that uses zero-day exploits that allows them to fully hack an iPhone or Android device. And then, they specified that their client is a non-NATO country, which experts basically say is them saying like, "This is Russia. Like our client is Russia." (mysterious music continues) These three markets for zero-days show us just how valuable these little bits of code have become, because they aren't just little bits of code. They are now weapons. They are access to very valuable castles of software. Criminals want them. Software companies want them. But more and more, governments want them. And this is how the U.S. and Israel built Stuxnet, their big weapon against Iran, using zero-days. Not just one zero-day exploit, but four. - [Journalist] And what Iranian official describe as an act of nuclear terrorism. - And this is the reason why experts and the ex-director of the CIA call Stuxnet a game-changer for warfare. Because whenever a county uses a big new weapon, all of the other countries, especially the rivals, realize that they have to match that capability and ideally one-up it. That's how arms race works. That's how nuclear weapons have worked. And that explains the concern of the ex-director of the CIA. - This has the whiff of August 1945. - 1945 being the year that a nuclear weapon was used in war, thus changing the world and the balance of power between countries forever. - Somebody just used a new weapon. And this weapon will not be put back into the box. (dramatic music) - So by the end of the early 2000s, after Stuxnet, it truly was the beginning of a new era, a new era of cyber warfare. (mysterious music) In 2012, Chinese-backed hackers broke into the computer systems of over a dozen oil and gas companies. There was an investigation, and the FBI and Homeland Security concluded that the attack wasn't to steal anything or even to sabotage the infrastructure, but rather, to quote, "Gain strategic access for future operations," meaning to gain leverage over the United States. Investigators said that this was the first time that they had seen anything like this. That same year, an Iranian hacker group attacked Saudi Arabia, Iran's enemy, using a cyber weapon that is kind of like a digital bomb. It was a virus called Shamoon, and it got into the computers of Saudi Arabia's state oil company, wiping their hard drives clean. This thing spread across the company's networks, ultimately wiping data from tens of thousands of computers and rendering them totally inoperable, a huge blow to the company. In 2015, a huge cyber attack occurred when the Russian hacking group Sandworm shut off the power to a quarter million Ukrainians by gaining control of the computers that ran the power stations. This is actual footage of them remotely controlling these stations' computers. - They used a piece of automated malware to do that, which is a sign that they will probably wanna use that again. That looked like a kinda practice rounds to develop the capability that they wanna have to use globally. - This set a new precedent. People theoretically knew that cyber weapons could be used against electricity grids, which is like the lifeblood of our economy and society, but it hadn't actually happened until this 2015 attack. (mysterious music continues) These are just a few examples, but they're examples that show how cyber weapons became employed in a war context between countries. It wasn't just hackers trying to steal money. It was countries trying to hurt their enemy, trying to demonstrate their capabilities to deter their enemy, to let them know that they have power over them, a tool of war, of national power. And indeed, in 2010, the U.S. acknowledged this very overtly by adding the U.S. Cyber Command as a new department to the military. Cyber war was here and it was here to stay. - Today we face threats that have increased in sophistication, magnitude, intensity, volume, and velocity. - But here's what's crazy is that these aren't weapons. These aren't like missiles, where a country has a monopoly over buying and using them. Cyber weapons are just bits of code. They're text files that are really small and easy to transfer around. So what happens when a cyber weapon developed by a military gets into the hands of everyone and they can use it however they want? Well, that's exactly what happened in 2016. - [Speaker] The DNC has called the FBI after a deleting attempt to hack into voter databases. - [Johnny] During the 2016 presidential election, the U.S. was hit with a barrage of cyber attacks. This included the hacking of emails of the Democratic Party, a misinformation campaign on social media, and even an attempted hack of voter registration databases in several states. American intelligence agencies came together, they investigated, and they concluded that this was Russia. It was Russian hackers that were supported and directed by the Russian government itself. And the goal was to sabotage the American electoral system. - The Russians were responsible for hacking the DNC. - This was like a frenzy here in the United States. Like everyone was talking about it. It was a huge deal. But in the middle of all of this, a post quietly appears on GitHub from a user by the name of theshadowbrokers. This was a few months before the election. It was a tense time for a lotta reasons. They claimed that they had super powerful cyber weapons from the American government's most elite cyber war group, the ones who created Stuxnet, and that they would sell these hacking weapons to the highest bidder. They would take their bids in Bitcoin. They released a few pretty impressive samples that actually looked pretty legitimate. They released an encrypted file that said contained more hacking weapons, but you needed the password for it. But they held onto it, posting every once in awhile with a trickle of more information, and honestly, a lot of like bizarre rants on American hypocrisy and broken English that felt kind of intentional and caricatured. They didn't end up getting very much money, and it all looked fairly ridiculous. But then, out of nowhere came this post. (mysterious music) - [Computer Voice] "Last week theshadowbrokers be trying to help peoples. This week theshadowbrokers be thinking (beep) peoples." - They were getting pretty spicy, and indeed, they released this password, this weird, weird password that they said was the password to that encrypted file that they had posted earlier. And when you put that password in the encrypted file, you discover that it is exactly what theshadowbrokers said it was. (intense music) 67 files that comprised some of the most sophisticated and dangerous cyber weapons that the NSA had ever created. (intense music continues) And among them, the most powerful of the bunch, a tool called EternalBlue, which allowed hackers to break into and control the Windows operating system, which is what most computers in this world use. EternalBlue was like an open door. Back to our castle analogy. This was like a door into millions of castles and the power to spy inside of the castle, to unlock any door, to steal the contents of the castle, to disrupt and break and destroy whatever you wanted inside of the castle, to lock people out of their own castle. Yeah, I mean, this was like a sophisticated military weapon that had just been duplicated and sent to anyone who had an internet connection. And what it meant was that theshadowbrokers, in all of their like caricatured broken English, were actually legit. They had hacked in to our National Security Agency, our secret spy agency, and stolen the cyber weapons and sent them out to the entire world. Not just to other governments, but to anyone. So who are these shadowbrokers, and how did they do this? The answer and the kind of scary thing about cyber war is that we don't totally know. Experts think that Russia did this to send a very clear signal to the NSA and to the United States at-large that, "Hey, we can do this. We have the power to break into your biggest secrets, and we will release them if we want to." So now, after 2016, we enter a new era of cyber warfare. Stuxnet was a big turning point. Theshadowbrokers and EternalBlue is our next turning point. From here on, you see a new genre of more sophisticated, more powerful cyber attacks. (mysterious music) Barely a month after the NSA's secret weapons leak out by theshadowbrokers, a North Korean-linked hacking group uses them to deploy a virus that spreads to nearly every country on Earth within hours, locking up hundreds of thousands of computers, making them unusable, which halted hospital equipment, police departments, governments, and railways in over 150 countries. (mysterious music) You're sitting there on your computer and this pops up, saying that your files are locked and that you can get them back, but, quote, - [Computer Voice] "You have not so enough time." - [Johnny] Close quote, and that, quote, - [Computer Voice] "You need to pay $300 worth of Bitcoin to do so." - [Speaker] Malicious software (intense music) has been taking computers hostage in an unprecedented worldwide outbreak. - This is called ransomware. Basically, you ransom the computer files and you have to pay. This happened in a matter of hours. It was only stopped because a 22-year-old researcher accidentally activated a kill switch baked into the code. So the bigger crisis was kind of diverted, but even still, in just that few hours, as WannaCry was spreading to 150 countries, it caused hundreds of millions of dollars, maybe even billions of dollars, of damage and economic loss. This showed us how powerful these NSA weapons could be in the hands of bad actors. And we learned this lesson once again when these same weapons were used by the masters of cyber warfare: Russia. (mysterious music) - [Speaker] The single biggest attack on record. - [Johnny] It was June of 2017, the night before Ukraine's Constitution Day, when the Russian hacking group Sandworm deployed an attack that was similar to their 2015 electrical grid attack. But this time, they had the NSA weapons in their hands, so it was a whole new level. This one was called NotPetya. This thing was potent. It spread very quickly, and soon, Ukrainians were seeing this scary screen on their computer that literally started with, quote, - [Computer Voice] "Ooops, your important files are encrypted. Perhaps you are busy looking for ways to recover your files, but don't waste your time. Nobody can recover your files without our decryption service." - It looked like another ransomware attack, saying that you have to pay $300 worth of Bitcoin in order to get your files released. But meanwhile, it was spreading super fast and wiping everything out in its path. It took down Kyiv's mass transit system, airports, hospitals, and it rapidly spread through government agencies. Gas stations and power grids went down, credit cards stopped working, and it shut down almost every ATM machine in the capital. One person who was caught in the middle of this cyber attack described it as, "Life went very fast from, 'What's new on Facebook?' to, 'Do I have enough money to buy food for tomorrow?'" And it's a moment like this that we can really grasp just how fundamental this infrastructure is to our lives. And in this case, there was no kill switch. It was so viral that it spread beyond its target of Ukraine into other parts of the region, hitting the systems of a bunch of companies, like FedEx or the shipping company Maersk, and soon tens of thousands of trucks were stuck for days with no computers to guide them. I mean, that's a lotta trucks. And many, many others. It affected tons of companies and agencies and systems, all because of this one virus. Unlike a missile or an invasion, cyber can hide behind this hackery-looking screen. This doesn't look like a state entity. This looks like a hacker doing a ransomware attack so they can make some money in Bitcoin. But that's not what this was. This was a coordinated, sophisticated attack by the Russian government using an American cyber weapon to make it more viral that caused an estimated $10 billion in economic loss and damages. And in the process, really blurring the lines of the rules of war, where usually like, you know what a country did to you and you know how you're supposed to respond. And all of that creates this nice balance of like deterrence. That's kind of the lifeblood of stability in our global order. When you've got these like shadowy, like deniable attacks, it makes it way harder to know how to respond, to whom to respond, and like what's proportional. It just changes our view of conflict. Which is why regimes like North Korea or Russia have leaned very heavily on this type of engagement, because as they become more isolated and as their military becomes less effective, this is a way for them to stay relevant, for their enemies to continue to fear them, because cyber is an actual weapon of war now. (mysterious music continues) But let me just say something that is probably not obvious and might be surprising to you here at the end of the video. Which is that the biggest threat in the future, the thing that's gonna be the biggest part of cyber warfare isn't gonna be these big, splashy, like shut down the electrical grid, doomsday scenario situations. Those might happen. Those are real threats. We need to prepare for them. But like any weapon of war, cyber is turning into a weapon that is being deployed subtly, that countries will use to get into the minds of their enemies. Like right now, we could be pretty certain that Russia and China have quietly infiltrated parts of our infrastructure systems. They haven't done anything with that. But they're probably there, at least that's what a lot of analysts and experts think. And that we have probably done the same to them. And that we're all just sitting there with our little time bombs put into our enemy's castle in case we need to use them. And we want our enemy to kind of know that we're there. There's this list that I've been looking at of all of the cyber attacks. CSIS, the think tank that I used to work at, documents these. And I was surprised that I hadn't heard of almost any of them because they're small, but they're frequent. To me, this is the future of cyber warfare. It's not Stuxnet and WannaCry. It's these death by 1,000 pokes, psychological warfare, revealing to your enemy that you have capabilities to infiltrate their systems. And in that sense, cyber warfare starts to look a lot like nuclear deterrence, like a shadowy, hidden submarine with nuclear weapons floating through the ocean somewhere, capable of hitting your enemy. And your enemy knows that. They don't know where it is, but they know that it's there. And any calculation that they make on conflict takes into account that that weapon is there and could be used at any point. This is the weird paradox of war and peace and deterrence. That one of the forces that has kept our world stable and rid of great powers conflict since 1945 has been the fact that we have very powerful weapons all pointed at each other. And therefore, we don't use them. Cyber weapons are going the way of that kind of deterrence. Hopefully, they'll never be used in the way that we fear, that the sort of doomsday scenario of like they shut down the electrical grid and they do a full-scale attack. Yes, there will continue to be these moments where viruses spread, and to avoid those, just update your damn software. I hate it as much as you do, but like, two-factor authentication, we gotta do it. All that stuff, it's there for a reason, because we live in a new world, and we should be prepared for that world. As for the war and the geopolitics of it all, I'm gonna keep an eye on it, because one thing in all of this is certain: cyber is here to stay. It is something we have to think about and understand if we're going to understand the future of war. (mysterious music continues) Did you guys notice that this thing is here? Nick, the studio manager, who's right over there, brought this in and made it amazing. And every time I talk, it moves. And that is just freakin' cool. Good job, Nick. Also, Alex, (hands clapping) good job to Alex as well, who is the visual producer. I want to say a giant thank you for all of those who are here and especially those who are a part of The Newsroom, which is our Patreon community. We're doing this thing called independent journalism on YouTube, and it is exciting and fun and it's a lot of work. And it is a lot of meticulous effort. So I am very grateful for all those who support monthly over on Patreon. For those who do support over on Patreon, you get access to my scripts. You get this behind-the-scenes vlog where you get to meet the team. You get to see some behind-the-scenes action of like what we're up to, including like setting up this set. We like filmed some of this, and like you get to see sort of how it works. You get to meet all of the like creative people who are a part of it. If you're looking for other ways to support the channel, we have a poster that has a bunch of maps on it. I don't know if by the time you're watching this, it is still in print. It could be sold out because we're only doing like 1,000, I think. So go click on the link in the description and see if it's still there if it's interesting to you. We also have LUTs and presets, which is what we use to color our videos and our photos. And oh, I don't know if you know this, Tom Fox, who composes all of our music, is now offering all of his music for free for you to use in your videos. That is a thing. You can now use all of the music that you heard in this video, (mysterious music continues) which is like sick synth music that we developed just for this video. This is Tom Fox's synth. You can download it for free, you can use it for free. The caveat is, if you use it and you monetize your videos, we will split the revenue 50/50. And if you wanna license it for like one of your projects or something, like you're making a documentary, reach out to music@johnnyharris.ch and we license music for your projects. So that's cool. A lot of you don't know, but we launched a new channel. It is called Search Party. It is with my old Vox colleague, Sam Ellis, who is leading out on building this amazing new like news brand that explains geopolitics, as well as global sports, which strangely intersect in more and more ways in our modern world. That is Search Party. It is live now. There's loads of videos you can go check out. They're similar to what I do here, but Sam has his own style, his own approach, very good, concise, journalism. So go check that out, go subscribe, support that channel. And I think that's it. So yeah, that's it for me. I guess I should say the thing that is strange. Subscribe to my channel. There's some real psychology around if I say, like if you're not subscribed to the channel, let me tell you that here, it matters. Like the subscriber number really matters, and it means that the video has a better chance of doing well, which is the lifeblood of everything we do here, is like getting this journalism out to as large of an audience as possible. So if you're not subscribed, click the button. And yeah, that's it, that's all I have to say. Thank you all for being here. Thanks for watching. We've got a lot more videos coming up, and I will see you in the next one. (mysterious music continues) Bye. (screen hissing and whooshing)
Info
Channel: Johnny Harris
Views: 1,630,530
Rating: undefined out of 5
Keywords: Johnny Harris, Johnny Harris Vox, Vox Borders, Johnny Harris Vox Borders, Vox, NotPetya, Sandworm, Wannacry, ShadowBrokers, Shadow Brokers, EternalBlue, Eternal Blue, Stuxnet, Operation Olympic Games, Cyber Warfare, Zero Days, Zero Day Exploit, ZeroDay, 0Day, Zero Day Brokers, Fancy Bear, 2016 DNC Hack, 2016 Election Hack
Id: 15MaSayc28c
Channel Id: undefined
Length: 31min 45sec (1905 seconds)
Published: Wed Feb 14 2024
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.