Here is the full transcript of Distrix Networks’ CEO Eric Winsborrow’s TEDx Talk: Confessions of a Cyber Spy Hunter at TEDxVancouver conference. To learn more about the speaker, read the bio here.
Right click to download the MP3 audio:
Eric Winsborrow – CEO, Distrix Networks’
We see it every day, in the news, for the past decade the battles that are being waged across the Middle East. On the YouTube and Facebook we get instant updates through satellites, to give us a front-row seat into the action like never before.
But what the cameras don’t capture is that there is another war going on beneath the surface — a digital cyber world where the battles are not being fought with bombs and bullets but with bits and bytes.
My name is not Doug Schmidt, but it could be if I wanted it to. My real name is Eric Winsborrow, and for the past two decades, I have been involved in creating the next-generation disruptive technologies at companies, such as Symantec and McAfee. I currently run a cyber-security company made up of PhDs from MIT and scientists from the National Labs who were tasked by the U.S. government to create the next generation of cyber technology. Our customers include the Office of the Secretary of Defense, and the Department of Homeland Security.
If there’s one thing I’m certain of, it’s this: that what’s going on today in cyber espionage will profoundly impact our lives, and we may never even realize it. If you think about it, a lot of technologies that impact our lives have been coming from government-sponsored research into next-generation defense technologies.
Last generation, the Cold War created technology such as the computer, satellite communications, and navigation and even the Internet. It is so permeated our everyday lives it’s gotten to the point where we can’t imagine ever having lived without it, to be able to see halfway around the world instantly or just navigate around the block.
So if yesterday’s next-generation technology has such a profound impact on us today, then what’s today’s next generation technology? I’m going to show you the future of cyber espionage with technology that’s actually being created today to protect nations. There are cyber battles taking place throughout the world and we don’t even realize it.
It’s gotten to a point of a confluence, emerging between man and machine in a digital cyber world where we can never tell them apart. This is the age of the cyber spy.
Now when we think of spy, we might share Hollywood’s image of a dashing and daring secret agent who sneaks into some underground nuclear facility, somewhere halfway around the world to protect us from a nuclear threat. Sometimes Hollywood goes a bit too far. In this case, however, they don’t go far enough.
You see governments today would never send a human operative into such a secret location he’d never get in. Today’s spies are cyber spies. You see it used to be that James Bond used technology. Today James Bond is technology.
I want to walk you on a journey into the future. But before I can take you there, I have to take you to the past to where the first virus actually started and the beginning of this journey of convergence.
The first virus was actually written into a floppy disk video game and inserted into a Macintosh. Yes, ironically the world’s first virus was aimed at a Mac. My, have the world has changed and we call these types of viruses ‘sneakerware’, because you literally had to walk around to install it. This is the first level of convergence where man is completely separate from machines, joined only by a pair of red sneakers. If James Bond wanted to insert a virus into a computer in a nuclear facility, he’d have to sneak in in his scuba gear and install it himself.
I love you. Well, not you, we’ve only just met. I’m talking about Melissa. Melissa is not my wife, she’s a stripper from Miami. You see around the year 2000 or Y2K, the Melissa virus named after the virus writer’s favorite stripper from — was the world’s first email born virus. It was inserted into an email attachment and sent with the subject line: I love you. Once the attachment was opened, the process repeated itself and within three months the world’s email systems were clogged up, inadvertently becoming the world’s first spam. But this also marks the second leg of our convergence story, because this is now the first time where man is leveraging technology to do work. This would be the time that James Bond used technology.
But then in the September of 2001, the world changed, and I’m not talking about 9/11. I’m talking about one week later when the Internet world changed. This was the introduction of Code Red. Code Red wasn’t an email virus; it wasn’t a zombie, a trojan; it was all of the above. It was the world’s first complex blended threat and it went around the world in three days.
By September 21st, it infected 2.2 million systems worldwide. Governments took notice, because they realized they could take this technology and bring it up to a whole other level, to do the work its human spies could not. This enters the third phase — the phase where technology replaces people. This is the beginning of the era of the cyber spy.
I’m going to tell you a little bit about how this cyber spy technology works. I’m going to take you on a real life mission that happened just before the end of last decade, way off in the Middle East. You might already have guessed its mission: to sneak in to an underground nuclear facility, halfway around the world to protect us from a nuclear threat.
This is the Natanz nuclear fuel enrichment facility in Iran and so is this from space. The Allied nations were worried that this man, President Ahmadinejad, was using those very centrifuges to create more nuclear fuel than he needed for electrical energy production. And they were right. He was also using those centrifuges to create nuclear fuel for atomic weapons. They needed to destroy those centrifuges.
But how are they going to do it? They couldn’t send in a human agent in a scuba gear, they’re in the middle of a desert. And they actually debated sending in fighter jets to drop bombs and blow the place apart. A little messy and not good PR. I mean, imagine the fallout — you know, I know, I know. You just wait.
So instead of dropping a bomb they dropped a bug. Very clean. It was — they called it Operation Olympic Games. What a great name for such a clean operation! I was here for the Olympics in Vancouver; it was clean, it was fun; it’s a great name. It’s great name.
You know, if they wanted to stick with their old plan and set fire to everything and have fallout for years they would have called it Operation Stanley Cup. I was actually expecting some booze there a little bit. But they had to get the agent in and there are several ways they do it. I can’t describe them all but one that was at least publicly shared was this one, so that’s what we’ll go with. And it’s true. They did insert the agent program into USB sticks and then they scattered those USB sticks around the compound, some workers did manage to pick them up and insert them in their computers. You know the story.
Before you get too judgmental, think about this: what would you do if you found a USB stick? Think about that the next time you go to a trade show and some stranger from marketing he says hand your USB and says read my collateral. I don’t know how many security trade shows I’ve been to where that’s happened. Now that is a different story.
But the agents did get in. Then they did what all good agents do. They started doing reconnaissance. They started working their way around the network, walking the hallways so to speak, looking for its target, and its target was that Siemens box. That Siemens box was a controller for the centrifuges and once they found it, they inserted a rootkit and a weapons payload that, forgive me, altered the programmable logical controller of the Step7 software in the application. And then it phoned home in several ways. Phoned home and gave the Americans and Israelis full command and control over that Siemens controller which then of course went and spun up the centrifuges to such a state of supersonic speed that they literally fell to pieces. They destroyed the centrifuges for months quite frankly without ever stepping foot into the facility. The program was a smashing success.