CyberWire Daily - Bonus Episode: 2024 Cybersecurity Canon Hall of Fame Inductee: Tracers in the Dark by Andy Greenberg. [CSOP]
Episode Date: May 6, 2024Rick Howard, N2K’s CSO and The Cyberwire’s Chief Analyst and Senior Fellow, interviews Andy Greenberg about his 2024 Cybersecurity Canon Hall of Fame book: “Tracers in the Dark.” References: A...ndy Greenberg, 2022. Tracers in the Dark: The Global Hunt for the Crime Lords of Cryptocurrency [Book]. Goodreads. Larry Pesce, 2024. Tracers in the Dark: The Global Hunt for the Crime Lords of Cryptocurrency [Book Review]. Cybersecurity Canon Project. Rick Howard, 2024. Tracers in the Dark: The Global Hunt for the Crime Lords of Cryptocurrency [Book Review]. Cybersecurity Canon Project. Ben Rothke, 2024. Tracers in the Dark: The Global Hunt for the Crime Lords of Cryptocurrency [Book Review]. Cybersecurity Canon Project. TheScriptVEVO, 2012. The Script - Hall of Fame (Official Video) ft. will.i.am [Music Video]. YouTube. Satoshi Nakamoto, 2008. Bitcoin: A Peer-to-Peer Electronic Cash System [Historic and Important Paper]. Bitcoin. Rick Howard, 2023. Cybersecurity First Principles: A Reboot of Strategy and Tactics [Book]. Goodreads. RSA Presentation: May. 9, 2024 | 9:40 AM - 10:30 AM PT Rick Howard, Simone Petrella , 2024. The Moneyball Approach to Buying Down Risk, Not Superstars [Presentation]. RSA 2024 Conference. Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
You're listening to the Cyber Wire Network, powered by N2K.
Air Transat presents two friends traveling in Europe for the first time and feeling some pretty big emotions.
This coffee is so good. How do they make it so rich and tasty?
Those paintings we saw today weren't prints. They were the actual paintings.
I have never seen tomatoes like this.
How are they so red?
With flight deals starting at just $589,
it's time for you to see what Europe has to offer.
Don't worry.
You can handle it.
Visit airtransat.com for details.
Conditions apply.
AirTransat.
Travel moves us.
Hey, everybody.
Dave here.
Have you ever wondered where your personal information is lurking online?
Like many of you, I was concerned about my data being sold by data brokers.
So I decided to try Delete.me.
I have to say, Delete.me is a game changer.
Within days of signing up, they started removing my personal information from hundreds of data brokers.
I finally have peace of mind knowing my data privacy is protected.
Delete.me's team does all the work for you with detailed reports so you know exactly what's been done.
Take control of your data and keep your private life private by signing up for Delete.me.
Now at a special discount for our listeners.
private by signing up for Delete Me. Now at a special discount for our listeners,
today get 20% off your Delete Me plan when you go to joindeleteme.com slash n2k and use promo code n2k at checkout. The only way to get 20% off is to go to joindeleteme.com slash n2k and enter code
n2k at checkout. That's joindeleteme.com slash n2k code n2k. And now, a message from our sponsor, Zscaler, the leader in cloud security.
Enterprises have spent billions of dollars on firewalls and VPNs, Thank you. that are exploited by bad actors more easily than ever with AI tools.
It's time to rethink your security.
Zscaler Zero Trust Plus AI stops attackers by hiding your attack surface,
making apps and IPs invisible, eliminating lateral movement,
connecting users only to specific apps, not the entire network,
continuously verifying every request based on identity and context, Thank you. organization with Zscaler, Zero Trust, and AI. Learn more at zscaler.com slash security.
You're listening to the 2012 song Hall of Fame by The Script and Will.i.am,
which means it's that time of year again. The Cybersecurity Canon Committee has announced the Hall of Fame inductees for the 2024 season
to coincide with the RSA Conference.
And I got to interview the winning authors.
As you all know, N2K and the leaders of the Cybersecurity Canon Project team up each year to highlight this valuable and free resource
for the entire InfoSec community
to find the absolute must-read books
for the cybersecurity professional.
And the next book we're going to talk about,
the next inductee into the Cannon Hall of Fame this year,
is Tracers in the Dark by Andy Greenberg.
So, hold on to your butts.
Hold on to your butts.
This is going to be fun.
My name is Rick Howard, and I'm broadcasting from the CyberWire's alternate secret sanctum sanctorum studios located underwater somewhere along the San Francisco-Oakland Bay Bridge in the good old U.S. of A.
And the interns can't be more ecstatic for this change of venue.
Hey, hey, settle down back there. This is only temporary.
You don't want to give them too much hope.
And by the way, you're listening to CSO Perspectives,
my podcast about the ideas, strategies, and technologies
that senior security executives wrestle with on a daily basis.
Before we get started, I have several events that I'm doing at the RSA conference.
If you're attending, I would love for you to come by and say hello.
First, members of the Cybersecurity Canon Committee will be in the booth outside the RSA Conference bookstore
to help anybody interested in the Canon's Hall of Fame and Candidate books.
If you're looking for recommendations, we have some ideas for you.
It's on Monday, Tuesday, and Wednesday at the RSA
Conference Bookstore at 2 p.m. Next, I'm hosting a small group discussion, RSA calls them birds of
a feather discussions, titled Cyber Fables, Debating the Realities Behind Popular Security Myths.
The idea came from the Hall of Fame book we're talking about today, Cybersecurity Myths and
Misconceptions. If you want to mix it up with a bunch of smart people on this topic, this is the event for you. RSA hasn't
picked a location yet, but the session is on May 7th from 9 40 a.m. to 10 30 a.m. Next, I'm doing
a book signing. I published my first principal's book at last year's RSA conference. If you're
looking to get your copy signed, or if
you just want to tell me how I got it completely wrong, come on by. I would love to meet you.
It's at the RSA conference bookstore on May 8th from 2 to 3 p.m. I'm also hosting a SciWare
sponsored panel on the latest developments in SOC Fusion. And SciWare is paying for breakfast,
so how can you turn down a free meal?
It's at the Billiard Room at the Metron on May 8th from 8.30 to 11 a.m. And finally, Simone
Petrella and I have been talking about Moneyball for workforce development since the last RSA
conference. For those of you that don't know, Simone is the N2K president, and I love this moneyball idea. Come see us at Moscone
South on the Esplanade level on May 9th from 940 to 1030 a.m. So, with all those announcements out
of the way, it's time to talk about the book. Oh, yeah.
Andy Greenberg is a longtime tech and security writer
and has been working as a journalist for Wired magazine since 2014.
He's also the author of three books,
one, a New York Times bestseller in 2012 called
This Machine Kills Secrets about WikiLeaks.
A second in 2019, a cybersecurity Canon Hall of Fame book called Sandworm about the
Russian cyber attacks against Ukraine from 2014 to 2017. And now a third book published in 2022
called Tracers in the Dark, the Global Hunt for the Crime Lords of Cryptocurrency. And by the way,
this is his second book inducted into the Cybersecurity
Canon Hall of Fame, which puts him in the same rarefied author air as Bruce Schneier,
Neil Stevenson, and the writing team of Richard Clark and Robert Nackey.
I talked to Andy at the end of 2022, right after he published his book.
Thank you so much for that, Rick. I really appreciate it.
Well, I appreciate your review of Sandworm,
and I'm really glad to be talking about this new one.
So I want to congratulate you on this book.
I just finished reading it, and I have to say,
it's the best cybercrime book I've read in over five years, easily.
I would place it on the same shelf with two other
Cybersecurity Canon Hall of Fame books on cybercrime,
Future Crimes by Mark
Goodman and Kingpin by Kevin Paulson back in 2011. Can you give the audience a summary of what the
book is about? It's about essentially the advent of cryptocurrency tracing as a law enforcement
investigative technique. I mean, people forget this, but a little over a decade ago, when Bitcoin kind of
first came into the limelight, people believed, including even, I would say, to some degree,
Satoshi Nakamoto himself or herself, believed that Bitcoin could be used anonymously, that it
might be this kind of digital cash for the internet, that you could put like a briefcase
full of unmarked bills into a package and send it across the internet that you could put like a briefcase full of unmarked bills
into a package and send it across the internet, essentially, without revealing your identity.
As Andy said, we're not sure who Satoshi Nakamoto is. He or she published the seminal paper called
Bitcoin, a peer-to-peer electronic cash system in October of 2008, essentially the beginning of Bitcoin as arguably the first
viable cryptocurrency. Nakamoto has never appeared in public, and the last time anybody has heard
from him or her was in April 2011 via email. As far as anybody can tell, Satoshi Nakamoto is a
pseudonym. It may represent one person or a collective. In 2014, Newsweek wrongly pointed to
a 64-year-old Japanese-American named Dorian Prentice. Researchers from Aston University
attribute the author to be Nick Szabo based on writing style comparisons, something called
stylometry, from the original paper and Szabo's public writing. Nakamoto gives credit to Zabo in the original paper
for a precursor cryptocurrency called Bitgold.
Whomever the Nakamoto collective is,
they're worth about $8.8 billion
because of all the Bitcoins in their possession.
It seems so crazy to me that a system that rides on the blockchain was supposed to be transparent, that we would think that it would be anonymous.
So how do we rectify those two ends of the equation there?
Well, we can get into like how cryptocurrency tracing works, which is such a big part of the techniques used by the main players in this book.
But back in 2011, when I wrote the first print magazine piece about Bitcoin, I'm guilty of this too. I believed that Bitcoin could be used anonymously because,
yes, there was this thing called the blockchain that recorded every single Bitcoin transaction.
But those transactions, as they were listed there, only seemed to be between Bitcoin addresses,
these long, inscrutable strings of characters. And there were no identifying
details on the blockchain. If you couldn't figure out who somebody's addresses were,
then how were you going to follow their money or identify their transactions?
And that seemed to have convinced even... Satoshi Nakamoto wrote in the first email
to a cryptography mailing list introducing Bitcoin that participants can be anonymous.
In quotes, even Satoshi believed in this potential anonymity or untraceability of Bitcoin.
And that soon led to its use on the dark web
on sites like the Silk Road.
I guess like I first heard about Bitcoin in 2011
from Gavin Andreessen, one of the first Bitcoin programmers.
And he had given a talk about it where he described it as a kind of cyberpunk invention.
The cyberpunks were this movement of privacy advocates who I was super interested in,
who believed that you could use encryption technologies to take power away from governments
and corporations and give it to individuals.
And Gavin described Satoshi as
having kind of created this cyberpunk holy grail, as he put it, like truly anonymous,
potentially untraceable digital cash for the internet. That's what Bitcoin was perceived to
be back then. And so I interviewed Gavin and wrote a piece for Forbes magazine about Bitcoin back then.
I even tried to get comment
from Satoshi,
who back then had not yet disappeared.
And Gavin even relayed a message
to Satoshi for me.
And I included in the story
Satoshi Nakamoto declined to comment,
which I think is maybe
the only media story
that ever had that phrase in it
because he actually did decline.
Or she or they or whoever Satoshi is.
Because we don't know.
Nobody knows who Satoshi is, right?
That's the whole game here.
But this is like the funny thing about it.
Satoshi wrote,
participants can be anonymous about Bitcoin.
And it has since turned out
that that may be true in a sense,
but only in the sense
that Satoshi himself
has remained anonymous and almost no one else ever has been able to use Bitcoin anonymously, it turns out.
I mean, the story of this book is about how over the last decades, it slowly became apparent that, I mean, as is now clear, as is now clear to you from what you just said about the blockchain, that Bitcoin is incredibly traceable.
clear to you from what you just said about the blockchain that Bitcoin is incredibly traceable,
that it is actually far more traceable once you know how to crack the code of the blockchain,
Bitcoin addresses, than even the traditional financial system. And a small group of detectives who are really the main characters of this book figured this out. I mean, first in the research
world, then the tech industry, then law enforcement. And this group kind of went on just a spree of one massive cybercriminal takedown after another, each one bigger than the last, that, you know, kind of still is persisting to this day.
I guess that's the takeaway from the book.
Take away from the book, if there's any doubt in anybody's mind today, I think we can wipe that away.
That cryptocurrencies, specifically Bitcoin, but others for sure, we can use the same techniques.
Not all of them, I would say.
But, you know, almost all of them, except the ones that are specifically designed.
I think you're about to get to this, you know, to foil that kind of tracing.
Like, you know, Monero and Zcash or others that are we call them privacy coins.
But everyone that's sort of based on a blockchain, like the sort of
traditional blockchain the way that Bitcoin
is, yeah, they're like, they turned out
to be not only traceable, but like
given the way that they were perceived
originally, almost like a trap
for people seeking
financial privacy and for all
kinds of criminals.
So the technique's called Chainalysis.
Is that right?
Well, Chainalysis is the company.
Chainalysis is the tech startup
that has become kind of the world's leading purveyor
of cryptocurrency tracing tools and services.
They're now, you know,
Chainalysis' origin story
is a big part of this book,
the way that they figured out
how to trace cryptocurrency.
And then they,
and now a whole industry
of companies like them,
are playing this cat and mouse game
with all of these cryptocurrency users
and criminals trying to stay a step ahead.
So I'm glad you clarified that
because I was thinking Chainalysis
was the name of the technique
they were using,
but you're right,
that's the name of the company
that developed
a lot of these algorithms.
Is there a different name
for the technique
that they are using
or is it just a bunch
of different techniques
that this company uses?
Well, it's,
I mean, I think that
the techniques as a whole
are called blockchain analysis,
which is where, I guess,
the name chain analysis
comes from,
that company.
But yeah,
I mean,
the chain analysis adopted like a whole bunch I guess the name Chainalysis comes from that company. But yeah, I mean, Chainalysis adopted
a whole bunch of techniques
and built them into a kind of slick
piece of software called Reactor
that became this very powerful
tool in the hands of law enforcement.
But those techniques really
came from, or at least
originally, the sort of
most core techniques that Chainalysis built a company out of, came from, or at least originally, the sort of most kind of core techniques
that Chainalysis built a company out of,
came from the research world,
and specifically from the work of one
University of California, San Diego researcher
at the time, Sarah Micklejohn,
who in 2013, a couple of years after
the appearance of the Silk Road,
and when I first discovered Bitcoin,
she and her co-authors published a paper that laid out these really surprising...
And that's our show. Well, part of it. There's actually a whole lot more,
and it's all pretty great if I do say so myself. So here's the deal. We need your help so we can
keep producing the
insights that make you smarter and keep you a step ahead in the rapidly changing world of
cybersecurity. If you want the full show, head on over to the cyberwire.com slash pro and sign up
for an account. That's the cyberwire, all one word, dot com slash pro. For less than a dollar a day,
you can help us keep the lights on,
the mics rolling, and the insights flowing.
Plus, you get a whole bunch of other great stuff,
like ad-free podcasts, my favorite,
exclusive content, newsletters,
and personal level-up resources like practice tests.
With N2K Pro, you get to help me and our team
put food on the table for our families. And
you also get to be smarter and more informed than any of your friends. I'd say that's a win-win.
So head on over to thecyberwire.com slash pro and sign up today for less than a dollar a day.
Now, if that's more than you can muster, that's totally fine. Shoot an email to pro at n2k.com, and we'll figure something out so you can join.
I'd love to see you over here at N2K Pro.
This episode was produced by Liz Stokes.
Our theme song is by Blue Dot Sessions, remixed by Elliot Peltzman,
who also mixes the show and provides original music.
Our executive producer is Jennifer provides original music. Our executive
producer is Jennifer Eidman. Our executive editor is Brandon Karp. Simone Petrella is our president.
Peter Kilpie is our publisher. And I'm Rick Howard. Thanks for listening. Thank you. and data products platform comes in. With Domo, you can channel AI and data
into innovative uses that deliver measurable impact.
Secure AI agents connect, prepare,
and automate your data workflows,
helping you gain insights, receive alerts,
and act with ease through guided apps tailored to your role.
Data is hard. Domo is easy.
Learn more at ai.domo.com Learn more at ai.domo.com.
That's ai.domo.com.