Rise of the Hackers
A new global geek squad is harnessing cryptography to stay a step ahead of cybercriminals. Airing May 20, 2015 at 9 pm on PBS Aired May 20, 2015 on PBS
- Originally aired 09.24.14
(Program not available for streaming.) Our lives are going digital. We shop, bank, and even date online. Computers hold our treasured photographs, private emails, and all of our personal information. This data is precious—and cybercriminals want it. Now, NOVA goes behind the scenes of the fast-paced world of cryptography to meet the scientists battling to keep our data safe. They are experts in extreme physics, math, and a new field called "ultra-paranoid computing," all working to forge unbreakable codes and build ultra-fast computers. From the sleuths who decoded the world's most advanced cyber weapon to scientists who believe they can store a password in your unconscious brain, NOVA investigates how a new global geek squad is harnessing cutting-edge science—all to stay one step ahead of the hackers.
Rise of the Hackers
PBS Airdate: September 24, 2014
NARRATOR: The digital world: we rely on it more deeply every day, for our shopping, our banking, travel and every kind of communication. But with so much of our lives now online, how vulnerable are we?
DR. PATRICK LINCOLN (SRI International): The Internet is a bad neighborhood. In the digital world, they're ne'er-do-wells, coming by to rattle the door all the time.
NARRATOR: If you become a target, how much could you lose?
MAT HONAN (WIRED Magazine): By 5:00, my entire digital life was wiped out. Every device I owned, everything I had, had been taken over and almost all of it completely deleted.
NARRATOR: Now, computer hacking is rising to a whole other level, a new generation of cyberweapons aren't just for stealing your credit cards…
ERIC CHIEN (Symantec): My mouth was, like, wide open, going, “Oh, my god. Oh, my god. Oh, my god!”
NARRATOR: …but are designed for mass destruction, targeting factories, water supplies, power grids. And now, they're on the loose.
SEAN MCGURK (Verizon): It was never intended to get in the wild, but, unfortunately, it did.
NARRATOR: It's a digital arms race, and the stakes couldn't be higher.
SEAN MCGURK: This was truly a digital Pandora's Box. Once it was opened, you could not put the lid back on.
NARRATOR: How can we protect ourselves on this new battlefield? Rise of the Hackers, right now, on NOVA.
It's an intriguing group of scientists, from many different backgrounds. Some are experts in codes and codebreaking; others are leading researchers in quantum physics; a few are trying to build the world's most advanced computer, but together they're all taking on one common enemy: hackers.
SEAN MCGURK: The greatest threat today, to the world, is the keyboard. In the past, it may have been nuclear weapons or weapons of mass destruction. Today, we see that same level of capability being exercised by lone individuals, using keyboards as opposed to bombs.
NARRATOR: Hackers are trying to devise ways to steal our money, our identities, our secrets. But it's not just criminals. Now we know that governments are in on the action, eavesdropping on an epic scale and even launching powerful cyberweapons.
In this murky world, can scientists harness the laws of physics and mathematics to protect us from the hackers?
Mat Honan considers himself to be pretty savvy when it comes to security and the Internet, but recently he discovered just how devious hackers can be. The first clue that something bad was happening came when he tried to charge his phone.
MAT HONAN: When I went to plug it in, the phone had this icon on it, an iTunes icon and a plug. And so, I went to connect it to my computer, and when I opened up my computer, the screen turned grey and it asked for a four-digit pin. And I knew I didn't have a four-digit pin. I hadn't set up a four-digit pin. I grabbed my iPad out of my bag, and my iPad was also in this reset state that wanted a password to proceed, and the password that I knew should have worked didn't work. And, at that point, I knew that I was being hacked.
That was pretty terrifying, you know? I didn't know what they were doing at this point. I had no idea what their motivation was.
NARRATOR: The whole hack took less than 45 minutes.
MAT HONAN: By 5:00, basically my entire digital life was wiped out. My…every device I owned, everything I had, had been taken over and almost all of it completely deleted: just about every picture I'd ever taken of my daughter; old emails; emails from people who were no longer alive, even; you know, just all kinds of stuff that was very precious to me.
NARRATOR: Mat thought he was the victim of a classic hack: someone had repeatedly tried to crack his password and eventually succeeded. He went online to write about what happened, and then, unexpectedly, the hackers got in touch with him.
MAT HONAN: They saw it. They saw that I'd speculated that they had brute-forced my password, and this hacker got in touch with me to say, “No, that's not how we did it.” And at that point, I basically tried to strike up a dialogue with them, because I wanted to understand both how things had happened and why they had happened. And I basically made a deal that I wouldn't press charges if they told me how it was done.
I was angry. I was scared. I mean, I was, I was concerned. I was, I was a lot of things like that, but I also realized pretty quickly that this was an interesting story from a journalist's perspective.
NARRATOR: For Mat, it was personal, but also professional, because he happens to be a writer for WIRED magazine. His hackers had discovered a series of loopholes in the Internet which, taken together, left him completely unprotected.
MAT HONAN: It wasn't like they used some crazy cracking program to hack into all my stuff. They didn't, you know, they didn't, they didn't break my password. They didn't break any encryption. They didn't do any of that kind of stuff.
What they did was they socially engineered all of my accounts. And social engineering is basically just a fancy term for a con job. Basically, you con your way into a company's or a person's security system by making them think that an attacker is actually a customer.
NARRATOR: The first step was to find a way of stealing his identity from one of his many online accounts. Their way in was a simple phone call to the online shopping service, Amazon.
MAT HONAN: They gave Amazon a fake credit card number and added it to my account and then they hung up, and then they called Amazon back and they told them they were locked out of my account and gave them the credit card number they had just added to my account. Once they did that, they were able to get a temporary password from Amazon.
NARRATOR: It was a simple deception, but it was effective. The hackers now owned his Amazon account. But they didn't go on a shopping spree. What they were after were the last four numbers of his credit card, to pull off the next stage of their con.
MAT HONAN: On those recent orders, they could see the last four digits of the credit card that I had used to pay. At the time, Apple was using those last four digits as an identity verification method. Once they had those, Apple gave them a password reset.
NARRATOR: They now owned Mat's Apple accounts. So they could access pretty much all of his digital life. The ultimate prize was his Twitter account, @Mat; for the hackers, a trophy. And to keep this prize, with just a few clicks, they destroyed his digital life.
MAT HONAN: …my computer, my iPhone and my iPad. And they deleted my Google account so that I couldn't get back in there and, you know, kick them out of the Twitter account again.
It was, it was an interesting chain. They went from Amazon to Apple to Google to Twitter.
NARRATOR: These hackers knew the security flaws of the net and how to use them, one after another, to pull off this con. And they were just teenagers.
MAT HONAN: It's just online vandalism. They thought that this was going to be funny, and they were teenagers, and so they didn't think about the implications of deleting everything someone owns and how much, kind of, precious data you may have in your life. You know, I mean data's quite precious to people now. It's valuable, and they didn't really see that.
NARRATOR: Once revealed, the loopholes involved in this hack were quickly closed.
But in the anonymous realm of the Internet, there will always be ways to steal someone's identity. Using the Internet to take control of valuable data is now pretty routine. And the victims aren't just individuals like Mat. Hackers have stolen millions of credit card numbers from big companies like Target and Bank of America, and have broken into social media accounts.
But even this pales in comparison to what the big boys can do.
It was probably the most sophisticated hack in history, and it could have gone completely unexplained, but for a small group of cybersecurity sleuths, including Eric Chien and Liam O'Murchu.
LIAM O'MURCHU (Symantec): Right from the word “go,” there was just red flags going up everywhere. You can really feel it, like the hairs on the back of your neck stand up, if it's, like, really something really, really big.
NARRATOR: As analysts for the giant cybersecurity firm Symantec, Eric and Liam investigate the viruses that pop up on computers around the world. Most malicious software, or malware, they see is pretty run of the mill. But in July, 2010, they started analyzing a baffling and crafty piece of code that another security company had just posted online: a virus nicknamed Stuxnet.
ERIC CHIEN (Symantec): This was probably the biggest puzzle we'd ever seen. There was no way we were going to step away, until we understood what was happening with this particular piece of malware.
NARRATOR: At first, they had no idea of the significance of what had just landed on their desks. They were just curious, because Stuxnet contained something rare, a “zero-day exploit.” That's a weakness in a computer program or an operating system, like Microsoft Windows, that not even the software maker knows about.
ERIC CHIEN: Zero days are extremely uncommon. You know, for Microsoft Windows there was only twelve zero days in all of 2010. Four of those 12 were inside of Stuxnet.
NARRATOR: It was the most sophisticated code they had ever seen.
ERIC CHIEN: And it was dense. Every bit of code in there was code that was doing something.
NARRATOR: Much of it was written in a strange programming language.
ERIC CHIEN: What we discovered were features in this code that we just did not recognize. We had no idea what it was and we realized that it was code for P.L.C.s, programmable logic controllers, which are small computers that control you know factory equipment and things like power plants.
NARRATOR: Every time Stuxnet infected a new computer, it would start hunting for P.L.C.s, devices that control machines.
ERIC CHIEN: Then it would fingerprint them. Had to be the right model, had to have certain key magic numbers, had to have the right what's called peripherals or things attached to those P.L.C.s, had to have, basically, the right hardware. Once it found that, it would copy itself onto the P.L.C.s and then just sit there for a while. It would actually sit there for almost a month, just watching what was going on, and it had to observe what it believed was a normal operation of the targeted plant, of the targeted facility.
Our first theory was this was actually trying to commit espionage. It was trying to steal design documents in some sort of industrial control facility.
NARRATOR: But when they discovered where Stuxnet was spying, things took a more sinister turn.
ERIC CHIEN: Basically, when Stuxnet infects a machine, it contacts a server to say, “Look, I've infected a machine.” And we were able to get access to the logs on those machines to find out where most of the infections were, and it was in Iran. And so that gave us a hint that it was trying to attack something in Iran.
NARRATOR: They found another piece of the puzzle, when they realized two ID numbers in the code held huge significance.
ERIC CHIEN: And then, in November, we got a tip-off from a guy in Holland, who was an expert in the communication protocol between the P.L.C.s and the peripherals that are attached to it. And he had mentioned, “Hey, you know, these peripherals, they all have these magic IDs associated with them. And there's a catalogue that you can go look up these magic IDs.”
NARRATOR: It would turn out to be the defining moment of their investigation.
ERIC CHIEN: It was quite a moment. I mean Liam was searching online, and I was, actually, just standing behind him, watching what was coming up on the screen, and when it first came up, immediately there was…
LIAM O'MURCHU: I felt, like, a rush of blood to my face, because I was like, “Oh, this is not good.”
NARRATOR: They had discovered evidence of exactly what kind of machine Stuxnet was targeting.
ERIC CHIEN: My mouth literally dropped. You know? People say, “literally dropped.” My mouth was, like, wide open, going, “Oh, my god. Oh, my god. Oh, my god!”
NARRATOR: The magic numbers were IDs for frequency converters, devices which change the speed of machinery, but these were specific models with a dedicated task: they spin centrifuges in nuclear facilities.
LIAM O'MURCHU: It was just like, “Oh, no. This is, like, this is it. It's uranium enrichment. It's nothing else.”
NARRATOR: By matching up clues from the code to data from the International Atomic Energy Agency, they could even narrow it down to one specific nuclear plant, a place called Natanz.
Iran was suspected to be secretly enriching uranium to develop nuclear weapons. Stuxnet seemed to be designed to thwart such a plan, in an attack that would unfold like this.
ERIC CHIEN: It would then basically try two attack mechanisms. One is it would speed up the centrifuges to 1410 hertz, which would cause those aluminum tubes inside the centrifuges to vibrate uncontrollably and to shatter apart. And the other was to lower the speed to two hertz, so you can imagine a top, a kid's top that you spin, when it gets really slow, it begins to wobble and fall over.
NARRATOR: As the centrifuges spun out of control, Stuxnet would guard against detection with a strategy straight out of the movies. It's a clever con, like you see in heist films such as Ocean's Eleven. When the robbers want to rob a carefully watched vault, they seize control of the security cameras.
ERIC CHIEN: They patch in fake footage.
DANNY IN OCEANS ELEVEN/FILM CLIP: And we're up and running.
NARRATOR: The security guards are watching video previously recorded, when all was well.
ERIC CHIEN: The security guards don't realize they're currently robbing the safe.
NARRATOR: Meanwhile, behind the door, havoc reigns.
ERIC CHIEN: It's exactly what Stuxnet did, but, sort of, in this virtual computer environment.
NARRATOR: While Stuxnet was directing the centrifuges to spin at dangerous speeds, at the same, it was playing back data that made it appear as if everything were operating normally.
But the final trick would come if the operators noticed something was wrong and tried to shut things down.
ERIC CHIEN: When they tried to hit their big red button, that would send a signal to those P.L.C.s to tell the system to shut down gracefully, but Stuxnet infected those P.L.C.s and cut off that signal and basically allow
the attack to continue to operate.
NARRATOR: And it seems to have worked. Stuxnet reportedly destroyed around a thousand centrifuges, setting Iran's nuclear program back, perhaps, by several months.
But there's one important question left: who built Stuxnet?
LIAM O'MURCHU: I guess the realization, for me, was, like, this is not hackers in their basement who are doing this. This is like, this is the big guns, here, who are doing this.
ERIC CHIEN: We don't have, unfortunately, any evidence that tells us if it's any particular country. I would say that it's pretty clear to us it's, you know, at the level of a nation-state and pretty clear it's someone who is not an ally of Iran.
LIAM O'MURCHU: And politically motivated to stop uranium enrichment in Iran. So that narrows it down, pretty much narrows it down.
NARRATOR: No nation has officially admitted to being behind it, but it's been widely reported that Stuxnet was built by the U.S. with help from Israel, something that neither country has denied.
Eric and Liam had played a vital role in taking apart and understanding the world's first cyberweapon.
ERIC CHIEN: Stuxnet was definitely a seminal moment. It really opened Pandora's Box. Before Stuxnet occurred, people weren't really, practically, thinking about the existence of cyberwarfare, of malicious programs being able to literally blow things up, and Stuxnet now opened that door. And every country, today, is talking both about offense and defense now, on nation-to-nation-state sort of cyberwarfare.
NARRATOR: In today's digital world, no one's quite sure who is hacking who, whether it's criminals, teenagers or even governments. But with so much at stake, it's not surprising that some of the most inventive minds in science are trying to make the digital realm secure, hoping to stay one step ahead of the hackers.
This man spends much of his time trying to understand the murky world of the Internet. He's worked with some of the world's largest and most secretive organizations, trying to protect their secrets. He started out as a mathematician and became fascinated with the world of codes and code-breaking.
JAMES LYNE (Sophos): We've never actually been at a time where codes were more important. Almost everything you do today uses a code. Every time you log onto an Internet service like Twitter or Facebook and send your password, every time you log into Internet banking, all of that information is protected using encryption code.
NARRATOR: Codes have long fascinated mathematicians, because they are some of the most beautiful and addictive problems they can wrestle with. And at the heart of almost everything we do on the web is a special kind of number: a prime number.
We're surrounded by primes every day, numbers like seven and 13. What's so special about them is they can only be divided by themselves and by one, but what makes them so important to codes is when you combine two of them.
JAMES LYNE: If you take two prime numbers and multiply them together, you get something called a semi-prime. What's interesting about semi-primes is that it is really difficult to calculate the numbers that could have been multiplied together to form them to get back to the original values.
NARRATOR: Here's an example. If you multiply two primes, like 11 and 13, you get 143. That's the easy part. But if you're given 143 and you've got to figure out the two original primes, the only way is by trial and error. That's harder.
JAMES LYNE: Easy multiplication one way and hard the other.
NARRATOR: This is the key to many Internet codes. You can make a big semi-prime very quickly, but trying to calculate the two primes that it's made of takes a very long time.
JAMES LYNE: So, it's a bit like un-frying an egg: easy one way, really hard the other.
NARRATOR: And the bigger the number, the longer it takes.
JAMES LYNE: It takes mere seconds to go one way, but the other way would take thousands of computers millions of years.
NARRATOR: It's a problem many of us take advantage of every day, when we buy something online. An online store's website will take two secret prime numbers and multiply them, resulting in a big semi-prime, which is used to create a public key.
The website then uses this key to scramble your credit card details, encrypting them before they travel from your computer over the Internet.
If someone steals that data in transit, they won't be able to unscramble the information unless they know the private key, which is based on the original prime numbers.
This key is private and secure, because it would take longer than the age of the universe for any hacker to figure it out.
This system of public and private keys is known as the RSA algorithm, named after the three mathematicians who first published it: Rivest, Shamir and Adleman.
JAMES LYNE: So, that beautiful piece of mathematics has fundamentally changed the world around us. Without this technology, without the ability to form these connections, Internet banking, social media, stock trading, all the things we take for granted online, fundamentally, wouldn't work. Our information would be far too accessible to any prying neighbor.
NARRATOR: It's made the hunt for very, very large prime numbers one of the most important quests in the field of mathematics. And here's the current largest, all five thousand pages of it.
JAMES LYNE: Seventeen-and-a-half-million digits, a very big prime number indeed.
NARRATOR: Yet divisible only by itself and one. But as prime numbers get bigger, so do the computers trying to crack them.
JAMES LYNE: All the time, computers are gaining in power. All the time, new mathematical methods are being discovered. So far, we've stayed ahead of the code-crackers, but that could just be a matter of time.
NARRATOR: Codes like RSA are effectively uncrackable, because, however powerful today's PCs are, they can only process one computation at a time. But now, scientists are working on a new form of computer that harnesses the most complex physics in the universe.
The world we are all used to is a fairly reassuring place. The laws of physics mean we can know where things are, how fast they are moving, and predict where they are going to go. But as things get smaller, a lot smaller, they also get a whole lot weirder, as you enter the world of quantum mechanics.
DR. ERIK LUCERO (University of California, Santa Barbara): Quantum is like trying to see music. It's like even trying to hear color, right? It's very weird.
NARRATOR: It's the world that Erik Lucero studies every day.
ERIK LUCERO: Take a single grain of sand, and in that single grain of sand there are billions and billions of atoms, and what we're interested in is looking at what happens with a single atom.
These kinds of scales are where nature shows itself in a completely different way, and that is this, in quantum mechanical nature.
NARRATOR: The laws of quantum physics have baffled the greatest scientists, even Einstein. At the smallest scales, the idea that we can know exactly where anything is starts to break down. The mathematics that describe the world of the very small means things can be in many places at the same time.
ERIK LUCERO: One of the very important features of quantum mechanics is this idea of “superposition.” And superposition is the idea that a particle can be both in one place or another place at the same time. We speak about it even at binary sense like at 0 or 1. It can be both 0 and 1 at the same time, which is a very odd idea.
NARRATOR: Superposition means that objects have no fixed location. They really are in several places all at the same time. These ideas may be mind-bogglingly weird, but they can also be very useful. And for Eric, they may be a way to crack the world's most powerful codes.
Here at the University of California at Santa Barbara, Erik has constructed a machine that operates within this fantastical world. He's harnessed this quantum weirdness to design a computer chip, a processor, that could be the first, big step in creating the ultimate code-cracking machine.
But first, it has to get very, very cold.
ERIK LUCERO: We have a dilution refrigerator, and this base plate, right here, is what gets a fraction above absolute zero, orders of magnitude colder than space.
NARRATOR: All of this machinery exists just to cool down the processor.
ERIK LUCERO: So, inside of this specially engineered box, we have a quantum processor. It's a solid state quantum processor. On this chip there are four qubits, and the qubits themselves are what are doing, performing the calculation.
NARRATOR: Classical computers use data in the form of bits, each a 0 or a 1. Even with parallel processors tackling a problem at the same time, at the most basic level of computing, there is always a 0 or a 1. But a quantum bit, called a qubit, uses the feature of quantum physics that means things can be in two places at once. It can be a 0 and a 1, all at the same time. This gives the quantum processor the power to do many calculations simultaneously.
ERIK LUCERO: And we mount this quantum processor onto the base plate here, and we then make all these electrical connections, and then we're able to move the quantum information all around that chip and then actually extract the answer.
From a scientist's point of view, it's a very exciting tool that we could use to probe nature.
NARRATOR: But it's so fast that it could also, eventually, break the codes that now protect much of our secret data. To prove it, in principle, Erik set out to use his processor to find the two prime numbers, the factors, of a small semi-prime.
ERIK LUCERO: And so it's, sort of, at the level of technology that I would say is maybe like an Atari, right? It's kind of eight-bit technology. And it was a very kind of neat toy problem in that we tried to find, using a quantum processor, the factors of 15.
And I'll let everyone kind of think about that for a minute, but that is probably something that we all can do, even in grade school, and it took me seven years to get my physics Ph.D. to do that with a quantum processor.
NARRATOR: What's remarkable is not the answer but the way the processor does it. The quantum chip considers every possible solution, all at the same time, instead of sequentially.
ERIK LUCERO: And you collapse into this one answer that will actually be the answer you're after, right? Which is a huge speed-up that you, kind of, explore all of this, these, these possible places and possible answers, and you get the one that you want. And we learn, yeah, yes indeed, 15 equals 3 times 5.
NARRATOR: If the same can be done with giant prime numbers, then quantum computing has the potential to smash the codes that protect the Internet, in the form of RSA encryption.
ERIK LUCERO: It blows the doors off of RSA encryption, right? All we need is more and more qubits. We just need a larger quantum computer.
Really, all that's left to do is to scale up this particular architecture. It's a big task, and there's a lot of very bright people that are all working towards that. And I think that what's exciting is it really puts kind of a milestone in the ground about where things are and, kind of, what we need to do next.
INTERVIEWER: You do realize you've broken the Internet now?
ERIK LUCERO: Oh, yeah, I'm sorry about that.
NARRATOR: For now, at least, the web survives.
But if quantum computing holds the possibility of someday breaking the world's most secure codes, it may also provide an even cleverer way of keeping secrets safe.
SETH LLOYD (Massachusetts Institute of Technology): Quantum mechanics is funky in a kind of James Brown kind of way: very, very funky. It's strange and counter-intuitive.
NARRATOR: Seth Lloyd co-directs the Center for Extreme Quantum Information Theory at MIT. It's sometimes hard to appreciate just how extreme.
SETH LLOYD: Quantum computers are particularly fine for teasing out the subtle interactions between atoms and molecules and elementary particles, so for simulating what happens as a black hole collapses, or, for that matter, a recent experiment that we did to actually implement a version of time travel. So you can use quantum computers for all kinds of exciting things.
NARRATOR: And you can use the laws of quantum physics to create the ultimate way of sharing secrets.
SETH LLOYD: Current codes that are used to send information securely over the Internet are called public key codes, and they could be broken by a quantum computer. But quantum mechanics also supplies methods for communicating securely, in a way that's guaranteed by the laws of physics, so these methods go under the name of “quantum cryptography.”
NARRATOR: It's really a way of telling if someone is eavesdropping on your conversations. In the weird world of the very small, things can be in more than one place at once, but all that changes at the moment you actually look and measure where something is. It's known as the observer effect.
SETH LLOYD: One of the basic principles about quantum mechanics is that when you look at something, you change it. And this simple feature allows you to communicate in a way that's provably secure.
NARRATOR: But the reason it's useful is that this theory applies to a photon of light, which can be used to carry a message, a 1 or a 0. It means that if you are sending a quantum message, you can tell if someone else is observing it, if there is an eavesdropper on the line.
SETH LLOYD: A good way to understand quantum cryptography is to think of three people: Alice, Bob and Eve. Alice wants to send secret information to Bob, and Eve wants to listen in—to “Eves-drop.” Alice takes her information, a string of 0s and 1s or bits, and encodes them on photons, particles of light. Now, the encoding is done in such a way that Eve, if she looks at these photons, will inevitably mess them up. She'll change them in a way that Alice and Bob can figure out, so after Alice has sent the photons to Bob, she and Bob can confer to find out which photons have been tampered with. The photons that haven't been tampered with, the pristine photons, now constitute a secret key—shared only by Alice and Bob—whose security is guaranteed by the laws of physics.
NARRATOR: Alice and Bob now have a secret code word, one they know no one had listened to, which they and only they know. And they can use this code word to send their messages.
This system, using the behavior of some of the smallest particles in the universe, is already being used.
SETH LLOYD: Quantum cryptography is already used by folks who want extreme security, by banks and by agencies whose job is to protect information. And nowadays, there are a number of commercial companies that actually build quantum cryptographic systems. And, for a fee, you too can communicate in complete and utter privacy, guaranteed by the laws of quantum mechanics.
NARRATOR: But whatever the technology, all codes ultimately have one very human vulnerability.
SETH LLOYD: No matter what you do with quantum cryptography or any cryptographic system, they're always going to be, you know, they're always going to be susceptible to a kind of attack where Eve ties up Alice and imitates her, so when Bob thinks he's communicating with Alice, he's actually communicating with Eve.
NARRATOR: So even if you can't crack a code yourself, it may be possible to pull off an inside job, either by spying or buying secrets.
Perhaps the greatest vulnerability for anyone trying to keep a secret isn't the science, but us. So, out there are scientists thinking dark paranoid thoughts, imagining a future where every computer in the universe is infected: your phone, your laptop, your work or bank. In this nightmare scenario, the thing that scares people most is not knowing who is at the other end.
On the surface, Patrick Lincoln's real life may appear rather peaceful, but the world that he spends his life imagining is one in which threats lurk around every corner.
PATRICK LINCOLN: If you think of it as a neighborhood in asking how often are ne'er-do-wells coming by to rattle the door, trying the doorknob, to see if they can get into your house. In the digital world, they're rattling at doorknobs all the time, and, therefore, I think it is appropriate for us to start to be paranoid about what devices can we really trust our personal, private, corporate information to, and in the end moving to an ultra-paranoid mindset where I can't trust any one device.
NARRATOR: He's a leading researcher in a field called ultra-paranoid computing.
PATRICK LINCOLN: Ultra-paranoid computing is taking a point of view that no one machine is something you can count on completely.
NARRATOR: In the past, we've relied on the unique details in a human fingerprint, the unique quality of an iris, but even these things can be stolen.
PATRICK LINCOLN: Unfortunately, those systems are subject to theft or copying, so folks can copy a fingerprint and make something that fools a fingerprint reader, even making copies of irises. Photographs, in some cases, can fool iris scanners. So, those are imperfect ways to try to authenticate that the user is who they say they are.
NARRATOR: So Patrick turned to a part of the body that no one can steal. He started exploring whether he could implant a password into an unconscious portion of the mind.
PATRICK LINCOLN: Modern cognitive science has found portions of the brain that are able to record sequence information, like muscle memory, the way you learn to ride a bike or the way to learn to play a musical instrument, and that allows one to remember long sequences but not necessarily have conscious access to details of the inside information in that sequence.
What is the thirteenth note of Beethoven's symphony? Even if you can play the symphony on a violin, you may need to start at the beginning in order to have your muscle memory continue through to that note and then reveal it.
NARRATOR: But how do you get a password in there? Now, Patrick's dark imaginings are taking shape. In this paranoid world, it hasn't been easy to find a way of logging on, but Daniel Sanchez is part of a research team that may have found an intriguing solution.
DANIEL SANCHEZ (SRI International): We have a guitar interface that's based off of popular rhythm video games that people play, and, essentially, what this is, these keys correspond to the four different targets on the screen.
NARRATOR: As circles fall across the screen in four columns, the player tries to press corresponding buttons, or keys, on the guitar at precisely the moment that each circle passes through its target.
The game looks utterly random, but the order of circles is actually carefully programmed in a pattern, a sequence of 30 key strokes, that repeats over a hundred times. Your conscious mind can't pick it out, but, as you repeat the sequence, your subconscious recognizes it, imprinting a unique “muscle memory” in your brain. You gradually get better and better at performing the sequence.
DANIEL SANCHEZ: Now, what we're doing is the sequence is repeating. We don't tell people the sequence is repeating, and as they perform it, over and over again, they become able to perform a sequence, even though they don't know that they're learning it. So, that's how we're able to, sort of, store information in people's brains without them knowing it's being stored there.
NARRATOR: After 45 minutes, your improved performance on that sequence becomes your subliminal password, embedded in your muscle memory, by the basal ganglia, a deep unconscious part of the brain. To prove your identity, you play along with the same task as before, but this time you're actually playing your password, in your own signature style.
DANIEL SANCHEZ: And so, essentially, what someone would do is sit down at a computer and start performing it. And what the computer does is takes that data, and it will look at their performance on the trained sequence versus novel sequences they've never performed before. And you could use that information to say, “This participant knows that particular data or knows that particular information, therefore it's Bob.” You would have to know nothing else about them. It's simply their performance and their motor abilities that can tell you who they are, based on what they know.
NARRATOR: It may seem strange, but this could be how you log on in a paranoid future, with a password you have learned through practice, that only your subconscious knows.
DANIEL SANCHEZ: After this entire protocol is done, a participant will leave the lab knowing something they don't know that they know. That's the password of the information that we're able to store that they can't divulge to anyone else.
NARRATOR: Right now, we are in the grip of a new arms race: on one side, the code makers and scientists, defenders of our digital lives; on the other side, the hackers are becoming ever more devious.
Quantum physics and ultra-paranoid computing are just the latest places where this battle is being fought out. But it is one that is constantly shifting. And perhaps the greatest danger we face doesn't come from any one computer but from the giant networks of interconnected computers that run the most complex systems on the planet: from power grids, to banking systems, to transportation networks. Today, these are all vulnerable in an entirely new way.
Sean McGurk works to protect America's complex networks, like power stations and water companies, from the hackers.
SEAN MCGURK: They can hack into transportation networks, into computer networks, emergency communications networks, even air transportation are all susceptible to the hackers today.
NARRATOR: It's Sean's job to try and find the unexpected weak points that an attacker could exploit to get into these networks.
SEAN MCGURK: What we look at, as far as vulnerabilities are concerned, are really three things: people, processes and technology. The technology is great. The encryption is great. It's very difficult to break. It takes a tremendous amount of computing capability, but the bottom line is a person can circumvent any layer of security, simply by their actions.
NARRATOR: So, in spite of the complex and sophisticated technology, once again it's people who are the weak link. Even if computers are cut off from the Internet, hackers can find a way to get their viruses inside. All it takes is something costing just a few dollars, like a USB thumb drive and a person to attach it to the targeted computer.
SEAN MCGURK: Removable media is one of the largest security challenges that we face today, simply because it comes in so many different shapes and sizes, so many different forms, and people are unfamiliar with its capabilities. They believe that it's just used for storing files, but, unfortunately, it can also be used to introduce malicious code into a network environment.
NARRATOR: It may seem unlikely that such a simple tactic would be effective, so it's one that Sean was asked by the U.S. government to test.
SEAN MCGURK: When we took a USB stick that had a corporate logo on it and placed it in a public area, we had between a 70 and 80 percent assurance that someone would take that device and insert it in the corporate network. When we did the experiment with a CD-ROM that had the year and pay and compensation tables, just written with a Sharpie®, on the disc, we had almost a 100 percent guarantee that that piece of media, that CD would be introduced into a corporate environment.
NARRATOR: And it is this tactic, using a removable media device, like a USB drive, which may have launched one of the world's most powerful cyberweapons, Stuxnet. Starting in 2009, this sophisticated piece of malware struck at a uranium enrichment plant in Iran, causing significant damage. This nuclear facility at Natanz was in a highly secure environment, cut off from the Internet, but still vulnerable to someone bringing a removable device into the plant.
With the help of one or more spies, and even unwitting accomplices, perhaps this simple action unleashed the power of Stuxnet.
SEAN MCGURK: The challenge with Stuxnet was it didn't take advantage or try to break any of the encryption or the security boundaries, because it actually exploited the natural communications capability of the network, so when you plug devices together, they want to identify each other. That's part of this plug and play technology that we use today. So these particular individuals took advantage of that. They wrote the code to actually insert into a network environment inside the security perimeter, so you were already within the walls of the keep, if you will. And then it just used the natural communications capability of the network, and it moved from computer to computer, until it found specifically what it was looking for.
NARRATOR: But nothing in this world of high-stakes hacking is quite as simple as it seems, because Stuxnet has escaped. It has now been found outside its intended target.
ERIC CHIEN: You know, what's interesting about Stuxnet and how we were able to discover it to begin with, is that it didn't just target machines in Iran. It didn't just target machines in the Natanz facility. Stuxnet has an ability to spread to any machine, any Windows machine across the world.
NARRATOR: It has now infected more than 100,000 machines.
SEAN MCGURK: It was never intended to get in the wild, but, unfortunately, once it did get into the wild, it demonstrated a level of sophistication and capability that, up to that point, no one had taken advantage of.
This was truly a digital Pandora's Box. Once it was opened, you could not put the lid back on.
NARRATOR: Today, Stuxnet is out in the public domain. And now, this sophisticated weapon offers a blueprint for cyberwarfare: a way to target the computers that run machines to control our water distribution, our power grids, our transportation systems—in other words, the machines that run our world.
SEAN MCGURK: You could take the modules which are most effective for you, and actually repurpose them or retool them, and launch them against a private company, an individual, potentially a host nation. It just depends on what your intent and what your desire is.
NARRATOR: It highlights the risks of creating these sorts of weapons: that they may indeed become uncontrollable and even be used against the nations that developed them. There's nothing new about codes and trying to keep secrets, but the advent of global digital communications has created a new battleground, without borders, one where mischievous teenagers, nation-states and organized criminals go head to head, as equals. This murky world is set to become the defining battleground of the 21st century.
Dr. Franco Wong
A NOVA Production by BBC for WGBH Boston.
© 2013 BBC
Rise of the Hackers Additional Material © 2014 WGBH Educational Foundation
All rights reserved.
This program was produced by WGBH, which is solely responsible for its content.
- Image credit: (Carna Botnet)
- Courtesy: Anonymous
- Eric Chien
- Mat Honan
- Patrick Lincoln
- SRI International
- Seth Lloyd
- MIT Department of Mechanical Engineering meche.mit.edu/people/faculty/index.html?id=55
- Erik Lucero
- UC Santa Barbara
- James Lyne
- Sean McGurk
- Liam O'Murchu
- Senior Development Manager, Symantec
- Daniel Sanchez
- SRI International
Preview | 00:30
Full program available for streaming through
Full program available