Saying Goodbye To The Kojo Nnamdi Show
On this last episode, we look back on 23 years of joyous, difficult and always informative conversation.
In the digital era, critical and trivial information can break down commercial and personal barriers to connect people around the globe. But there’s a stark divide between those who want to protect this ocean of information and those who want to exploit for ill. Author Mark Bowden joins us to talk about the promise and peril of the Internet age.
Excerpt: “Worm: The First Digital World War,” by Mark Bowden. Copyright 2011 by Mark Bowden. Reprinted with permission of the publisher, Grove/Atlantic Inc:
MR. KOJO NNAMDIFrom WAMU 88.5 at American University in Washington, welcome to "The Kojo Nnamdi Show," connecting your neighborhood with the world. The Internet age has brought invaluable access to information and connections we hold dear. But it has also unleashed a veritable Pandora's box of potential risk that governments, utilities and banks grapple with behind the scenes. As online threats continue to evolve, there's growing concern that, as now, Secretary of Defense Leon Panetta told the Senate armed services committee this June...
SENATOR LEON PANETTAThere's a strong likelihood that the next Pearl Harbor that we confront could very well be a cyber attack.
NNAMDISo who is protecting us from this nebula's looming threat? The answer may surprise you. Joining us in studio to discuss it is Mark Bowden. He is a journalist and author who writes for Vanity Fair, The Atlantic and other magazines. Mark has written seven books including the best sellers "Black Hawk Down" and "Killing Pablo." His latest book is "Worm: The First Digital World War." Mark Bowden, thank you for joining us.
MR. MARK BOWDENThank you, Kojo.
NNAMDIYou, too, can join the conversation at 800-433-8850. You can send us email to kojo@wamu.org, you can send us a tweet @kojoshow or you can simply go to our website kojoshow.org and join the conversation there. You've written about everything from football to the drug trade. How did you find this story?
BOWDENWell, I usually just follow my curiosity and in the case of this story, it was just an article of the front page of The Wall Street Journal in January of 2009 which described this epic international struggle going on to try to protect the Internet from this computer worm. And I read this story realizing, well here it is on the front page of The Wall Street Journal, it must be important, at least in someone's eyes and yet I didn't understand a word of it. I didn't know what a worm was, I didn't know what a botnet was and really when I thought about it hard, I didn't even understand what the Internet was other then, you know, something I used every day.
NNAMDIReporters face a learning curve when they tackle a new story, but malware, botnets and ican (sp?) aren't part of most people's regular everyday vocabulary. How hard was it for you to get passed the glaze and learn the language of the tech world?
BOWDENWell, if you were to listen, Kojo, to some of the earliest interviews that I did for this book, you would laugh because I literally had to stop people every sentence and say, well, what's a router? You know, what's a server? What's an ISP? You know, and there's an entire vocabulary of acronyms and jargon that was completely unfamiliar to me. And it took quite a while before I got to the point where I really could understand these folks.
NNAMDIAnd what is the glaze?
BOWDENWell, I'd refer to it -- I coined it as an expression to describe the look of utter incomprehension and confusion that falls over your face when some IT guy or techie tries to explain to you, you know, what's gone wrong with your computer or what happens when you press the button and send an email.
NNAMDIAnd even though we have the glaze, we certainly pretend that we understand what's going on. We shake our heads, but they can see by the glaze that we're not really understanding.
BOWDENMostly we just say, never mind dude, just fix it.
NNAMDIJust fix it. Before we can begin to understand the conficker worm, we should understand how the Internet was developed, a story often mythologized and misunderstood. What is the truth?
BOWDENWell the truth is that it -- there was an agency at the Pentagon that, back in the 1950s, that was charged, really, with sponsoring scientific research that was unrelated to any particular military need or program. And because the biggest university laboratories in the country were all beginning to utilize computers and because all these computers were designed by separate companies, had their own language, had their own operating systems.
BOWDENThis little office at the Pentagon found itself with four or five or six different monitors or different portals to communicate with these various labs. And so they set about to try to simply things by creating a method of communications that would link all of these various computers together in one very simple to use way.
NNAMDIAnd we think of it as a military operation, but you say that these were people who were basically civilian researchers.
BOWDENThat's right. Because -- you know, it's because I think this was a Pentagon program. People, you know, jumped to the conclusion that it must've had a military purpose but in fact this particular office existed to encourage and underwrite basic research which had no application. So -- and as I explained, you know, the growth of the Internet was really more just trying to cope with their efforts to communicate directly to all these different computers and with different languages.
NNAMDIThree decades after its creation, you say the Internet resembles, quoting here, "nothing so much as a single cell." What do you mean by that?
BOWDENWell, there was a wonderful diagram made by a university in Israel, attempting to illustrate the structure of the Internet. And what they came up with something that looks a lot like a cell in that there were, at its center, a small number of very brightly lit heavily traffic nodes which would be the root servers of the Internet. And then it splays out into a, sort of, a blank space with scattered individual nodes representing, like, universities, science centers, whatnot that handle fairly heavy amount of traffic but not like the root servers at the core.
BOWDENAnd then out on the fringe, you had like a shell, if you've ever seen a diagram of a cell. It's the skin of the cell and those represent the almost billion, actually more than a billion, individual computers that -- as people use, that don't -- none of which are heavily traffic but each of which is linked to one another. So if you look at this diagram, it calls out cell.
NNAMDIMark Bowden is with us. He's author of his latest book "Worm: The First Digital World War." We're inviting your calls at 800-433-8850. Are you worried about a potential large scale cyber attack, why or why not, 800-433-8850? Or you can go to our website to ask that question or answer it at kojoshow.org. This was a fairly difficult story to pursue. As a long time reporter who has transitioned from print to the online age, do you worry that the resourcing for reporting these kinds of in depth stories are drying up?
BOWDENI do worry about it. You know, I think that, you know, I owe my career to large journalist institutions. I, you know, was taught how to be a reporter and a writer at the Philadelphia Enquirer which I was hired to work for as a reporter when I was in my 20s. And, you know, I was very fortunate to work with extraordinarily gifted reporters and editors and really learn my craft.
BOWDENAnd about the time newspapers began to sort of erode and diminish, I was fortunate to be at a point in my career where I could step out and write books and magazine stories. But I worry about where writers, journalists like myself will get that kind of experience and instruction that I think is important to learn how to do this well.
NNAMDIIt allowed you to take it as they would say, to the next level. And by virtue of taking it to the next level, you now have a sudden level of access, I take it, as a result of having written books in the light.
BOWDENYeah, I think access and confidence, knowing that it's not anything to be alarmed about if when you start working on a story, you don't know anything about it. That's actually not a bad place to start, learning how to find information, how to get people to feel comfortable talking to you. You know, how to write, how to organize a story, how to conceptualize a story. I mean, these are kinds of things, I don't think they're intuitive for most people. They weren't for me. I learned how to do them by writing, you know, literally, daily for many years.
NNAMDIIn the newspaper business -- many computer users dread the way they accidentally click on the wrong pop-up and unwittingly invite a virus onto their computer. How is a virus different from a worm?
BOWDENWell, a virus is what you just described. It's something that enters your computer because you do something stupid, you open an attachment from someone who you're not familiar with or you open a contaminated email and you effectively, inadvertently introduce the malware into your computer. A worm doesn't require you to do anything. It spreads and infects all on its own. And you would not, unless you're very sophisticated computer user, be aware that it had infected your computer or was using it.
NNAMDIConficker was not the first botnet-creating worm to spread around the Internet. But it did set off red flags really early on among the people who watched this stuff. What was troubling about it and what is, in general, troubling about worms?
BOWDENWell, this particular worm spread so rapidly and so effectively, it really -- that's the first thing that got everyone's attention. And it really forced computer security people to pay attention to it because it literally crowded out most of the other malware that was normally floating around in cyberspace. And then, as they began to examine the software itself, how it was written, how it was packaged, the sophisticated encryption methods, the way that it invaded a computer, the method it developed for communicating with its controller.
BOWDENBecause what it was doing is assembling an elicit network of literally millions of computers...
NNAMDIWhich is what a worm does, is my understanding, that makes it different from a virus. The worm itself does no damage, but the connection of numerous computers all infected by the worm is what forms a botnet that causes trouble.
BOWDENRight. And the botnet is effectively a super computer. I mean, there's two ways you can have a super computer. You can build one as big as a house or you can link five million individual computers together and -- and if they're all under a single remote control operator -- operators authority, they -- you know, it can be turned at just about any task that you like whether that's crime or sabotage or even in the case of a botnet as large as conficker, a, what's called, denial of service attack, which could crash the Internet itself.
NNAMDIAnd one of the people who was the first to notice this Phil Porras, took note because apparently the security program that he runs matched this conficker worm to zero of 37 possible anti-virus vendors. Apparently he went through all of these vendors, these 37 vendors and none of them were aware of this at all.
BOWDENRight. He knew that this was something...
NNAMDIThat's a danger signal.
BOWDENYeah, he knew it was something new. I mean, he's a security professional for Stanford or SRI International. It used to be Stanford Research Institute but now it's just SRI International. But his job is really to study and monitor the spread of malware and so he's used to seeing, on a given day, you know, a 100 to 200 new strains of malware. But most of those strains match up quite readily with the known malware. The anti-virus industry is pretty effective at recognizing and combating most of what we see out there. But to see something that drifts in that was not recognized by any of the anti-virus industry -- anyone in that industry was -- it got his attention.
NNAMDIAs more and more transaction and records move online, do you worry that we, as a society, expect more security from the Internet that -- then it can realistically provide?
BOWDENI think that's in fact what we're doing and we've -- we get further and further down that road every year. You know, I’m not just talking about protecting your personal data on your computer. Things like the electric grid in this country, the air traffic control system, the water and waste sewage treatment plants in many major cities, the traffic signals in many major cities, these are all being run or layered on top of the Internet. And the Internet itself, it turns out, has very few protections against people who would like to, you know, vandalize it or steal from it or -- it's designed, in other words, to share data, not to protect data.
NNAMDI800-433-8850 is the number to call if you'd like to join the conversation. Do you think we put too much faith in the internet? 800-433-8850 or you can send us a Tweet at kojoshow or go to our website, kojoshow.org. Because no one authority polices the internet, a sort of Wild West atmosphere has prevailed pitting tech idealists versus tech nihilists. Who is on the dark side, if you will, of that struggle?
BOWDENWell, there are, we know, very sophisticated malware companies in Eastern Europe which employ well educated, experienced techies who are every bit the match or the equal of the highest level of IT guys in the Western world. And we also know that China has been very actively supporting efforts to develop various kinds of malware and are particularly interested in spying both on companies and on the government and use malware to infiltrate the computer networks that are owned by government or industry in order to steal privileged information.
NNAMDINow that you've destroyed my sense of security, we have to take a short break. We'll be right back. If you have already called stay on the line, we'll get to your calls. 800-433-8850. If you've read "Worm" and have questions for Mark Bowden, give us a call, 800-433-8850 or send email to kojo@wamu.org. I'm Kojo Nnamdi.
NNAMDIWelcome back. Our guest is Mark Bowden. He is a journalist and author who writes for Vanity Fair, The Atlantic and other magazines. Mark has written seven books including the best sellers "Black Hawk Down" and "Killing Pablo." His latest book is "Worm: The First Digital World War." We're taking your calls at 800-433-8850. We will start with Nathaniel in Alexandria, Va. Nathaniel, you're on the air. Go ahead, please.
NATHANIELHi, good morning. Yes, Kojo. I just got to first congratulate Mark here for doing such a good job at becoming -- from someone who, quote/unquote, "had the glaze" to such a avid speaker on the subject of IT securities, very well informed.
BOWDENThank you.
NATHANIELAnd yes, I was going to say, yes, I'm almost certain, I mean, as a brand new student as I was, a student of two years in the IT field, that the more I learn and the more I see as America becomes more dependent in so many new ways on the internet and the contrasting parallel threats that develop each day in network security threats that we are almost on the brink of becoming in some sort of cyber warfare engagement with another country. I would not (unintelligible) ...
NNAMDINathaniel, you're dropping off, I guess because you're on a cell phone. But Nathaniel, I'm sure like other people, is pretty sure that the United States is going to be a target of a big cyber attack not -- in the not-too-distant future.
BOWDENWell, it makes a lot of sense. One thing that we have learned in modern times is that the strength of our conventional military forces and national security institutions are -- is overpowering to most nations. And so what we see is terrorist attacks and, you know, ways of getting at the United States other than confronting it head on.
BOWDENHere we have in our dependence on the internet a highway of vulnerability that someone smart enough could use to really launch a damaging attack on this country. We know we have enemies. It makes a lot of sense to assume that at some point one of those enemies is going to learn or hire someone with the skills to use it against us.
NNAMDINathaniel, thank you very much for your call. Before I get back to the telephones, however, there's an aspect of this book that I find truly fascinating. The good guys, as you describe them, sound almost like a techie version of, well, "Ocean's Eleven." Who are the people who make up the Cabal?
BOWDENWell, it turns out, Kojo, that there are very few people in the world who have the degree of proficiency in computer security, computer languages, knowledge of the internet and how it functions, to really understand the nature of a threat like conficker. And so they come from major research institutes like SRI or from Microsoft, which employs engineers obviously to write the Windows operating system. They come from the antivirus industry. They come from academia.
BOWDENAnd these were the folks who early on, when conficker appeared in November of 2008, recognized that it posed a kind of unique and very potent threat. And so the book details their efforts. They formed a kind of ad hoc group. They're calling themselves the Cabal and they went to work trying to defeat this worm and this botnet with mixed results. But part of their effort was a determined outreach to government to try and get the agencies responsible for national security, for protecting the government's own computer networks to help them in this effort and encountered incomprehension, the glaze, if you will. They went to Washington and they were rebuffed by ignorance.
NNAMDIThe government departments that they went to essentially had no clue what they were talking about.
BOWDENRight. And it was -- what's funny to me about the story is that these folks who have no -- most of them no experience working with high level government officials just had the same kind of assumption that a lot of us would have, that there would be this tremendous level of sophistication to be found at the NSA or in the Pentagon or, you know, in these government agencies. And to their great surprise they learned that these folks really didn't have a clue.
NNAMDIBut one aspect of sophistication is imagination. At the beginning of each chapter there's a quote from an X-Men comic. Why?
BOWDENWell, partly because the culture that these geeks, as I call them, come out of is one with a real affection for science fiction and comic books. And so -- and the fact that they saw themselves as outsiders, mutants if you will, banding together to save the world, you know, to save the internet. And it also just so happens that I downloaded this fabulous Marvel Comics app on my iPad. And now for the first time in many, many years I was looking at X-Men Comics, which I hadn't even looked at since I was in my, you know, teens. And so that was on my mind and it really just seemed to fit.
NNAMDIIt also seems to fit that the guys in the Cabal had not only sophistication but imagination. That's what makes them do what they do.
BOWDENYep.
NNAMDISo more about this story later. Back to the telephones. Here is Andrew in Alexandria, Va. Andrew, you're on the air. Go ahead, please.
ANDREWGood morning, Mark and Kojo.
NNAMDIHi Andrew.
BOWDENGood morning.
ANDREWI actually have some pretty good faith in the ability of technical people in the internet to route around damage. That is any attacks could -- attacks could be -- could give us problems temporarily. But, you know, these things like denial of service attacks can be dealt with. But I have a -- I actually have a greater fear from our own legislatures to break the internet and how the internet works for us as end users. That is net neutrality is super important. And what -- they have -- Mark, I'm sure you're familiar with the idea that common carriers can now be sort of legislative. Like mobile carriers can now (unintelligible) ...
NNAMDIYeah, we've discussed net neutrality quite a bit on this show and I guess your concern, Andrew, is that legislatures will tie the hands of people who are in groups like the Cabal to be able to do what they do. And therefore further endanger us. Do I interpret you correctly?
ANDREWThank you for paraphrasing me. Yes.
NNAMDIHere's Mark Bowden.
BOWDENWell, there are two points that Andrew raised. You know, the issue of the threat, I think he's right. I don't think that a major attack by a botnet that crashed the internet would crash it permanently. And one of the features of the internet is that it has this almost organic structure. So that if one big chunk of it were to go down traffic would just be routed around it. That's true unless you bring down the root servers themselves, which something the size of the conficker botnet could do.
BOWDENAnd even though that damage wouldn't be permanent, you could get it back up and running. If you don't know who the controller of the botnet is, if you have no capability of shutting it down, there's nothing to prevent that controller from launching attack after attack after attack. It could bedevil computer users and network security people very, very seriously for a sustained period.
BOWDENYou know, the -- and I agree with Andrew's concern about, you know, steps that -- the first kinds of steps that might be considered to enhance the level of security on the internet. For instance, doing away with the ability of people to launch data to publish what they want to publish with near perfect anonymity, which has been such an important part of revolutions in the Arab Spring.
NNAMDISure.
BOWDENAnd it's such an important part of ability of people in a country like Iran, you know, to organize. Tyrants of the world trembled before the freedom that the internet gives individuals. However, I do think that we are all recognizing that there is information, both personal information and public information that is legitimately private that needs to be protected. And I think what appeals to me is the idea of constructing parallel internets.
BOWDENNot messing with the internet that has -- that we all enjoy today and that serves so many useful purposes as well as dangerous ones but allowing users to opt to do their ecommerce, to transfer their medical records on a more secure system that doesn't allow people, let's say, to perfect anonymity when they enter it. Just a simple step like that would do a lot to enable enforcement of, you know, protective measures that would give you a little bit more security with your data.
NNAMDIAndrew, thank you very much for your call. We move on to Bob in Washington, D.C. Bob, your turn.
BOBWell, and a good morning to you, sir. I'm a great fan of yours, Kojo. You've got it together. Mark, I was struck by two things. In my day the mighty American military did just great until it got the Black Hawk down and somehow we met the new world. In my day the world was one of electronic warfare where you got a hard kill and a soft kill and the rest of the system remained dead.
BOBBut here's the thing. You're speaking of the internet as its extent. One or a very few EMP -- there's EMP bombs. There's different kinds. There's conventional -- but one of these things about over Omaha would take down every one of the billions, you know, the American component is a billion, never to be seen again. They're damaged or like that. And then all the controllers that you mentioned, all of the power systems, aviation systems, it on and on, banking systems, are now junk.
BOBWhat's your view of the hard kill aspects of this? We're -- and let me just finish by saying I'm working with a outfit called Intech selling LF protection for people like the president and others where LF is the thing that burns out all those little chippies. So, anyway, I'll let you have -- I'll just take your answer off the air.
NNAMDIMark.
BOWDENWell, Bob is talking about an electromagnetic pulse, which would be a weapon that would shut down...
NNAMDII guess he saw my glaze, huh? Yes, go ahead, please.
BOWDENYeah, which would shut down all telecommunications in the area, you know, over which it was exercised. You know, that kind of an attack would require a very high level of sophistication. It would come from a nation state almost certainly, or at least some organization backed by a nation state. It involves essentially setting off a bomb, you know, over the territory of the United States and that's a real threat. And that's something that our national defense has considered for many, many years.
BOWDENThe kind of threat I'm talking about can be launched by a single computer user in front of a keyboard. Someone with the control of a botnet the size of confickers in the Ukraine...
NNAMDIWhich, in fact, is some 12 million computers, correct.
BOWDENRight -- sitting in the Ukraine could decide to launch an attack behind his keyboard tomorrow, you know, that could crash the root servers of the internet for a time. And then he could wait until it got back up and running and crash it again. You know, to me, it used to be that -- you know, this is alarming. It used to be that in order to sow mayhem in an entire society you would have to have a fleet of aircraft, you know, with bombs. Or you would have to have access to plutonium or some weapon of mass destruction. This internet gives an individual with the knowledge that kind of capability.
NNAMDIBob, thank you very much for your call. We're talking with Mark Bowden. His latest book is called "Worm: The First Digital World War." On with the narrative. Once the conficker worm was discovered, a sort of cat and mouse game between these two groups began. And the fixes that the Cabal came up with seemed to serve a kind of -- as a kind of double edged sword. Please explain.
BOWDENWell, it -- you know, the -- one of the features -- I'll give you one example, Kojo, and this is also, you know, one of the things that made this story so interesting to me. If you want to kill a botnet, the way to do it is to locate where the controller is and shut down access to that space in cyber space, find that domain and shut it down. If you do that, you've effectively cut the head off of the botnet.
BOWDENSo in order to prevent security folks from killing the conficker botnet, the original worm generated 250 random domains every day. It had an algorithm in it that every day would spit out 250 new domains. The controller only had to be behind one of those doors. So in order to shut it down, they now had to -- the Cabal had to shut down in advance 250 domains every single day forever, right. So they did it.
BOWDENThey actually -- you know, a guy named Rick Wesson out in San Francisco bought up -- he -- they -- first of all, at SRI, they figured out the algorithm so they could determine what the domains would be for every day in the future. And Rick Wesson went around with his credit card and started buying them all up. It was that basic an effort.
BOWDENSo when the next strain of Conficker appeared they introduced an algorithm that generated 50,000 domains every day. So -- I mean, Rick might've been bold enough to put 250 a day on his credit card, but 50,000 showed that the people behind this worm understood the nature of the effort against them and knew that just by upping the ante to 50,000 domains a day they could very well break the back of this ad hoc group that was trying to defeat it.
NNAMDIFascinating story. "Black Hawk Down," your most famous work, is a story of modern war. "Worm" is also about a new kind of war. Do you think that just as "Black Hawk Down" gave us a glimpse of wars to come, "Worm" essentially does the same?
BOWDENWell, I hope not, you know, but I think it does. You know, I think -- in fact, just in the couple of years that I've spent researching and writing this book I've seen cyber attacks much more in the news than they've been in the past. And, you know, examples like Stuxnet, this fascinating little piece of malware which was used to sabotage the uranium enrichment centrifuges in Iran to try and set back their nuclear program. I mean, these are examples of the level of sophistication that we're beginning to see in cyber attacks. So I don't think that's about to go away. I think we're going to see more and more of it. And, you know, people will become more and more aware of the threat.
NNAMDIBack to the telephones. Here now is Ayub (sp?) in Annandale, Va. Ayub, you're on the air. Go ahead, please.
AYUBHi, how are you, Kojo?
NNAMDII'm well.
AYUBHi, how are you, Mr. Bowden?
BOWDENI'm good, thank you.
AYUBYes. My question for you is what knowledge can you shed on the Deep Net?
NNAMDIWhich is something we discussed on -- I think it was Tech Tuesday earlier this week, the notion of Dark Net or Deep Net.
BOWDENI don't know anything about it.
NNAMDIYes. And I am not recalling exactly the nature of the conversation we had about it, but it was raised, I suspect, Ayub, by a caller, in the same way that you just raised this issue. Ayub, care to expand a little bit on it?
AYUBWell, I don't have too much knowledge, I just have general knowledge of it, and I've heard that it's the part of -- since the Internet is so vast and deep that it's part of the Internet which can't be reached by search engines such as Google, Baidu, or Yahoo.
NNAMDIYes. I seem to remember that being a part of the discussion. We'll dig it up for you and tell you exactly when it aired, Ayub, so you can go back and listen to that from our archives. But for the time being, that'll have to suffice. Thank you so much for your call.
AYUBYou're welcome. Thanks for taking me. Bye.
NNAMDIGot to take a short break. When we come back, we will continue our conversation with Mark Bowden about his latest book. it's called "Worm: The First Digital World War." I'm Kojo Nnamdi.
NNAMDIWelcome back. We're talking with Mark Bowden. His latest book is called, "Worm: The First Digital World War." Mark Bowden writes for Vanity Fair, the Atlantic, and other magazines. He has written seven books, including the best sellers, "Black Hawk Down," and "Killing Pablo." We're taking your calls at 800-433-8850. You can send email to kojo@wamu.org.
BOWDENAmong the agencies that were approached by the cabal were the Department of Defense and NSA, and even though you said this earlier, it still boggles the mind to think that no one that had any clue of what was going on. Do you think that's changed?
BOWDENI do. I think, you know, President Obama in April of 2009, not long after he took office, gave a speech about cyber security in which he specifically cited the conficker worm as an example of how ill-prepared the federal government is to protect the Internet. Since there, there's been a cyber security command created at NSA. There's been this fascinating public-private partnership at Carnegie Mellon University where FBI agents work alongside industry experts including some of the folks who I write about in "Worm" who have been hired by government agencies.
BOWDENSo I do see a greater awareness in the government to the nature of the threat, and I hear indirectly through some of the friends that I've made in working on this book, that there's a much higher level of understanding and proficiency in these government agencies that was there a few years ago.
NNAMDIWe do indeed have a clip from President's Obama's Speech on that issue.
PRESIDENT BARACK OBAMANo single official oversees cyber security policy across the federal government, and no single agency has the responsibility or authority to match the scope and scale of the challenge. Indeed, when it comes to cyber security, federal agencies have overlapping missions and don't coordinate and communicate nearly as well as they should, with each other, or with the private sector. We saw this in the disorganized response to conficker, the Internet worm that in recent months has infected millions of computers around the world.
NNAMDISo, changes seem to be taking shape in the government, but is the U.S. considering the possibility of going on the cyber offensive?
BOWDENOh, I'm certain it is. In fact, I would be surprised if the United States hadn't had a hand in stuxnet which I mentioned a little bit earlier. I think if you're -- if you have a sophisticated national defense, you need to develop both offensive and defensive capabilities, and certainly any warfare that will take place in the 21st century, and as we've seen already, war is still very much with us, will include both cyber attacks as well as conventional attacks, particularly as more developed societies lean more and more heavily on computer networks.
NNAMDI800-433-8850 is the number to call. Are you worried about a potential large-scale cyber attack? Why? Call us, 800-433-8850. Here is Scott in Manassas, Va. Scott, you're on the air. Go ahead, please.
SCOTTOh, thank you for taking my call, Kojo. I just have two quick questions for mark. I've heard of something called, I believe it's a zero-day flaw, or a zero-day virus, and I was wondering if you could explain what exactly that is, and when you hear about a virus being in the wild, if you could explain what that is.
NNAMDIZero-day flaw, zero-day virus, virus in the wild. You have now become apparently in the eyes of -- or in the ears and minds of some of our listeners, an expert on all of these things.
BOWDENYou know, well, unfortunately I'm not. You know, I don't know what those things are. What you're revealing here is the nature of writing a journalism or non-fiction articles and books, and that is you focus very intensely on the subject matter that you're writing about, and it sometimes gives the impression that you carry a much wider knowledge set than you in fact do. I remember once after having written "Black Hawk Down," a Colonel out at the War College in Carlisle asked me if I thought a Bradley armored vehicle should have been part of the force protection package, and I remember telling him that I think before you're allowed to have an opinion, you have to know what a Bradley armored vehicle is, which I didn't. So I apologize, but I don't know what those things are.
NNAMDIWhat you are hearing is the results of Mark Bowden's research for this book, "Worm: The First Digital World War." So Scott, I'm afraid he cannot answer that question. We'll move on, therefore, to Maria in Annandale, Va. Maria, you're on the air. Go ahead, please.
MARIAHi, Kojo. Love your show, and Mark, I can't wait to read the book.
BOWDENThank you.
MARIAAnd my question has two parts. To the extent that many financial and non-financial institutions, including telecom companies, are increasing turning to outsourcing core aspects of their mobile financial services business model to Internet-based Cloud service providers, should we be concerned about security issues related to emerging payment systems, including mobile banking, both within and outside of the U.S. context. And part two, related to this, can you also comment on the extent to which malware and other security features can realistically be applied to a handset compared to a desktop computer within an online banking context.
NNAMDIAnd I have a part three on that, Maria. Can you tell us about whether or not these contractors with the U.S. government, especially contractors with the Defense Department are also vulnerable?
MARIAGood question.
NNAMDIYes. That's for Mark.
BOWDENFor me. Okay. First, yes. The tendency to outsource is not just happening in the financial industry and banking industry, it's happening with the government as well, because the Internet is free. You know, it's the lowest cost way of putting your own computer network in touch with the rest of the world, and, you know, I think that you're seeing a lot of outsourcing for that reason alone. It's not a terribly costly thing to do. All of the things that I'm saying about the vulnerability of the Internet apply.
BOWDENSo, I mean, I'm not just talking about the electrical grid in the United States, I'm talking about the Bank of America. And if you have a botnet like confickers, what you have if you're collecting all of the calls home that come from every single computer infected, you have a list of computers that haven't had a security update since the day that computer was infected. So you know how to invade and how to pillage, you know, these infected computers. So you could go to the conficker botnet and you could lease, and people do this online, a subcontractors, let's say to Lockheed Martin, or a local bank in Tucson, and you could invade their system and pillage their files for data, for information, or in the case of a known criminal operation in Eastern Europe where the folks were actually arrested earlier this year, they drained $72 million from American bank accounts overnight by utilizing a portion of the conficker botnet.
BOWDENSo the answer to that question is yes. And, you know, cell phones are personal computers. I mean, they're just a different delivery system. So, you know, they rely on the same Internet that your personal computer does. They're every bit as vulnerable to these kinds of attacks and, you know, every time -- and getting now, bleeding into question number three, every time we lean on the Internet we lean on a very vulnerable instrument.
NNAMDIMaria, thank you very much for your call. We do have answers to a couple of questions that came up earlier. Deep net, or dark net came up yesterday on Tech Tuesday, and in that conversation it came up in almost exactly the same way as it did today, so we're going to be taking a look at it as a potential subject for a future show, and Joey in Chantilly, Va, may have the answer to another question that was raised. Joey, you're on the air. Go ahead please.
JOEYHey, thank you, Kojo. Yeah. I actually work in information securities, so I just wanted to answer the caller about the zero-day flaws and viruses being in the wild. A zero-day vulnerability or flaw, it's not really a virus. It refers to a problem, a bug in a software or a product that can be exploited in an attack, and it's been discovered, it's known by attacked or by the public, and there's no patch that's been released by the vendor to fix it. So it can be actively exploited.
JOEYThere are zero-days, you know, until you are vulnerable to it. It's an issue right now. And then a virus in the wild just refers to a virus that has been observed out on the Internet or out on systems, not in a research environment, it's not theoretical, but it's actually been seen to be spreading amongst computers.
NNAMDIOkay. Thank you so much, Joey, for sharing that with us.
JOEYYou're welcome.
NNAMDIMark Bowden, the government was not the only group slow to react to conficker. When the media try to cover stories like this one, we don't always get a lot of traction. Why is that?
BOWDENWell, I think because, as I learned, you know, when I began working on this story, there's a big learning curve and, you know, I'm fortunate because I write articles and books that I can spend years working on. Most journalists work on a much shorter time frame. And so what tends to happen is you get a lot of misinformation. They tend to seize upon the worst-case scenario. So what happened in the case of conficker is that because the c-strain of conficker was set to activate on April 1, reporters would ask the very sensible question, well, what's the worst thing that could happen?
BOWDENAnd so members of the cabal would say, well, you know, they could launch a denial of service attack that would shut down the Internet itself. And so if they'd ask then the next question, how likely is that to happen, they would have said, well, probably not gonna happen because these people most likely want to use the Internet to steal. But what became the lead on all the stories about conficker was it was going to destroy the Internet on April 1st of 2009, and this became -- this then snowballed into a big story. It was on "60 Minutes," it was on the front page of a lot of newspapers, and of course, April 1st came and went, and the Internet is still with us.
NNAMDIOn to the telephone again. Here is Emmanuel in Washington D.C. Emmanuel, you're on the air. Go ahead, please.
EMMANUELGood afternoon. Thanks for taking my call.
NNAMDIYou're welcome.
EMMANUELWhat are the potential threats to Cloud computing, the threats that your guest had just outlined, what are the potential threats to Cloud computer number one. Number two, is there the possibility of the creation of a parallel system for the financial systems services, and for government so that if the phone system is attacked, we just shut that off and then, you know, government continues to operate on the second lines.
NNAMDIHere's Mark Bowden.
BOWDENWell, the answer to your first question, Emmanuel, is that Cloud computing really -- what it does is it takes data that you would ordinarily store on the hard drive of your personal computer and effectively moves into Internet space or cyberspace. So your personal data, your software, is stored offsite. All that means is that you are relying more on the Internet in Cloud computing than you are when you store data on your own hard drive, which means as you move more and more heavily into cyberspace, you're more and more vulnerable to these sophisticated threats.
BOWDENIt depends obviously if your Cloud computing with Amazon or with Google on the security measures that these various companies can provide. But a botnet the size of conficker could crack the codes of these commercial providers without any problem at all, and in fact has. So Cloud computing is very, very vulnerable. Parallel systems I think is probably the answer, not so much to provide an alternative in the event that the Internet goes down, the Internet is fairly robust, and even if it went down it would probably pop back up fairly soon.
BOWDENBut I think what we're talking about are systems have built in security measures that allow for the protection of data so that you as a consumer of the Internet will be able to decide to perform certain functions on a more protected net than the public or the open Internet. You might want to for instance do your banking on a more protected system.
NNAMDIEmmanuel, thank you very much for your call. We got this question from Michael by way of email. "Recently I read that if we install updates to our operating systems, access to the conficker virus is closed off. Two questions, one, is that true, and two, what can be done to anticipate the next conficker?"
BOWDENWell, the answer to the first question is yes, absolutely. If you're Windows operating system has been downloading its security updates faithfully, you will not be infected by conficker, but here's the problem. The vast majority of people don't faithfully download security updates, and a very large number, if not the majority of Windows Operating Systems, if you take into consideration China for instance, or much of Southeast Asia is operating on pirated Windows systems which don't get security updates.
BOWDENSo in fact, what happens is, Microsoft issues a patch which effectively protects your computer from a piece of malware, but because most people don't use the patch, that -- the patch itself becomes an advertisement to the malware industry to exploit the problem that the patch is meant to shut down, and that's exactly the origin of conficker. Microsoft patched conficker before the virus appeared. Before the worm appeared, two months before to be exact. And so almost certainly what happened was they issued their patch and some malware group in Eastern Europe went to work on exploiting it, knowing that most windows operating systems would not be patched even though Microsoft had made the patch available. So that's the -- that's the dilemma that they face.
NNAMDIWe got a tweet from Don. "Is there a chance the Internet will ever just be shut down because of threats like conficker?"
BOWDENAbsolutely. I mean, that would be the worst case scenario for conficker. It could launch a denial of service attacks so large that the 13 route servers which are -- which the Internet depends on, every piece of data that you launch into the Internet, whether you send an email or an attachment or a document, passes through or gets instructions from one of those 13 route servers, and they're labeled A, B, C, D, E, F, I think whatever letter of the alphabet the 13th is, and they're scattered around the world but, I mean, they are the hub of Internet traffic. And if you shut those suckers down, you're not gonna be getting any Google searches any time soon.
NNAMDIMark Bowden, thank you so much for joining us.
BOWDENYou're welcome, Kojo.
NNAMDIMark Bowden is a journalist and author who writes for Vanity Fair, the Atlantic and other magazines. He's written several books, including the best sellers "Black Hawk Down" and "Killing Pablo." His latest book is "Worm: The First Digital World War." "The Kojo Nnamdi Show" is produced by Brendan Sweeney, Michael Martinez, Ingalisa Schrobsdorff, and Tayla Burnie, with assistance from Kathy Goldgeier and Elizabeth Weinstein. The managing producer is Diane Vogel. Our engineer is Andrew Chadwick. A.C. Valdez is on the phones. Thank you all for listening. I'm Kojo Nnamdi.
On this last episode, we look back on 23 years of joyous, difficult and always informative conversation.
Kojo talks with author Briana Thomas about her book “Black Broadway In Washington D.C.,” and the District’s rich Black history.
Poet, essayist and editor Kevin Young is the second director of the Smithsonian's National Museum of African American History and Culture. He joins Kojo to talk about his vision for the museum and how it can help us make sense of this moment in history.
Ms. Woodruff joins us to talk about her successful career in broadcasting, how the field of journalism has changed over the decades and why she chose to make D.C. home.