Could viral sensation Grumpy Cat be the catalyst (pun very much intended) who will start a string of events that will end up with a full scale nuclear war and the death of all life on the planet?
Probably not. But in the wild west, almost lawless, world of the Internet if you can imagine it then it's possible. In last night's Greenwich Skeptics in the Pub talk, The Hidden Reality Of Power Today, Dr Carl Miller (a man whose CV & bio took host Professor Chris French took some time to read out and left most of us feeling more than a little inadequate) delved into that world and his speech, in keeping with fairly standard behaviour on the Internet, veered across a huge variety of subjects. Many of which, on the surface, seemed completely unrelated.
He started with Grumpy Cat. Real name Tardar Sauce, Grumpy Cat, who died in 2019, was, quite simply, a cat that looked grumpy (due to underbite and feline dwarfism) and whose owner, Tabatha Bundsen of Arizona, took a photo of looking grumpy. In a sane world she'd have shown that photo to a few friends and family members, they'd have laughed or at least feigned interest and then the whole thing would have been forgotten about.
But it's not a sane world so Grumpy Cat became a viral sensation, a meme. Grumpy Cat ended up with 2,600,000 followers on Instagram and 8,300,000 likes on Facebook. Books, mugs, t-shirts, and other, seemingly endless, merchandise appeared and Bundsen eventually resigned from her full time job to become Grumpy Cat's agent. Yes, a grown human resigned from their job to work for a cat.
Or did she? With both cats and the Internet it's never certain who's working for who. I know of someone who, on average, tweets twenty-five times per day. He's, essentially, working unpaid for Twitter (or X as it's now grudgingly supposed to be called), shilling for Elon Musk. I'm no better. I'm writing content, right now, for Blogger. Content virtually nobody will read for that matter.
Dr Carl Miller hadn't slept for thirty hours (he'd come fresh from a flight back from Cape Town - a city he made sound, and may well be, close to war torn) but, again, that seems very in keeping with the Internet age. By starting with the Grumpy Cat story, and other similar ones, he was outlining how far innocent and silly little things can go on the Internet. If a grumpy cat can travel the world that quickly, so can a lie, so can a piece of malware, and so can, potentially, interference in elections and democracies.
Hackers could, in theory, force submarines to believe they're under attack and launch what they believe to be a defensive torpedo. Hospital equipment could be rendered useless. All manner of hellish scenarios. Though Dr Miller was keen not to be alarmist and said that he felt in the case of hospitals, nuclear power stations, and military operations there is serious and ongoing work to make sure these hacks do not happen. He believes the odds are stacked hugely against such a doomsday scenario. Not least because there are far more good people out there than there are bad actors.
But what he also believed is that cyber crime is escalating wildly. It wasn't until fairly recently that most cyber crime was even listed as crime and during her tenure as Prime Minister Teresa May boasted of having cut crime when, in truth, she hadn't at all. Most of the crime had migrated online and simply wasn't being prosecuted. More often than not it wasn't being investigated or even reported.
The reason cyber crime may not be reported is that, along with many other crimes, the victims feel - incorrectly - ashamed about it. The reason cyber crimes are rarely investigated or prosecuted are many but seem to boil down to the fact that the police don't have the resources (May cut the police because she believed, or lied, that crime was on the decrease) and that policing hasn't really evolved to keep up with the online world.
If someone is mugged in a street in London then the crime, the perpetrator, and the victim will all come under the jurisdiction of the Metropolitan Police (meaning it's likely the victim will get into trouble and the perpetrator walk free but that's another story) but in the case of cyber crime you can essentially mug someone from another city, from another country, from another continent.
Whose jurisdiction is that? Discrete police forces throughout the country have, historically, not liaised brilliantly. Police forces from other countries, many of them not democracies and some actively hostile to others, may have very different ideas about what constitutes a crime and what constitutes a solution.
Dr Miller has spoken at a lot of police conferences on cyber crime and he found that often chief constables would say the solution is bringing more private sector operators to the police force. Which, quite rightly I think, fills him with anger. Take a look at the railways. Are they better for privatisation. They certainly cost us more to travel on but the service is no better. In fact, it's demonstrably worse. With privatisation, always - be it railways, health, or police - the bottom line is returning a profit for shareholders. Passengers, patients, and victims of crime are secondary concerns.
Private police forces are something from dystopian horror fiction and should stay that. But what can be done? Clearly, some form of agreed regulation would be the answer but that's not happened with the Internet in any significant way. With the inevitable rise of A1, it may be best for the world not to repeat the same mistakes.
Dr Carl Miller spoke of going on a police raid to a cyber criminal's pleasant suburban house. He said that beforehand he was scared, wondered if there'd be some kind of incident. Maybe a fight. He thought at least they'd drag the hacker out of his house with a blanket over his head and bundle him into a car like they do in the movies. As a bare minimum, his expectation was to find the hacker sitting in a darkened room with a hoodie on staring at a computer screen full of green data.
But that's not what happened. Instead they knocked on the door and the hacker nearly fainted before being peacefully arrested. He genuinely hadn't expected to be caught. The hacker had begun his hacking career intercepting images and videos his wife's friends had put on 'the cloud'. He was looking for footage that he could be sexually aroused by. Something to wank over.
Which, of course, is notoriously difficult to find on the Internet. When he realised he was pretty good at this hacking lark he installed some easily purchasable ransomware and put it to use. Dr Miller spoke about how easy this ransomware is to find and use. He tried it himself and when he logged on he was greeted with a message "hi Carl, do you want to commit some cyber crime YES or NO". Like the legendary computer game Jack Charlton's Match Fishing on the ZX Spectrum.
Then you're offered drop down menus on an easy to navigate website that even features banner advertising so you can upgrade to even more malicious ransomware should you wish to expand your criminal enterprise. People don't see cyber crime being committed, nobody gets smacked in the mouth, but it still ruins people's lives. People die because of it.
Yet those who carry it out are often celebrated and in some countries (most obviously, Russia) hackers are co-opted to work for the state. In South Korea, it's not uncommon for banking systems to go down for two to three days at a time because they've been hacked by the North Koreans. Dr Miller visited Kosovo to speak to a hacker who had simply bought and shared all manner of seemingly random websites from ones about pit bill terriers to ones peddling conspiracy theories.
The Kosovar hacker didn't care what he was sharing, he didn't even read it. All he was doing was harvesting eyeballs and he was doing it very successfully. The more crap he put out there the more likes he got and the more advertising he could sell. It wasn't done with malicious intent although it would have spread a lot of awful, damaging, stuff. Pictures of pit bull terriers for example.
The answer, according to our speaker, is for countries around the world to get around a table (real or virtual it matters not) and agree some kind of legislation. Both legal and more informal. It's hard, though, to see that happening during a time of such division. When the US and UK are pulling themselves apart and when Russia is physically invading Ukraine. While, of course, carrying out cyber warfare against them and many other countries to boot. When it comes to the cyber world, war is a permanent state of affairs.
The group of nations with the most serious intent, and the most power, to force through regulation is the European Union. With the UK not being part of the EU anymore we are seen as pretty much an irrelevance or an afterthought (another wonderful Brexit bonus, how you enjoying these sunlit uplands?) and as such won't have anything other than a perfunctory seat at the table. Interesting times ahead, both politically and in the cyber realms. Both of which are far closer aligned than many of us like to imagine.
It'd been a great talk. Though, much like surfing the net, very nebulous and hard to grasp. There were detours into a Las Vegas hackers conference, a story about a man who could easily hack an 'airtight' laptop using light and/or sound, and there were even a couple of jokes. Thanks to Davy's Wine Vaults, Greenwich Skeptics in the Pub, and Professor Chris French for hosting (and to Goddard's Pie and Mash for tasty food beforehand) and thanks to both Paula and Vicki (who joined me for a quick debrief in The Mitre afterwards) for keeping me company. Thanks most of all to Dr Carl Miller for an interesting, entertaining, sometimes mind-boggling, sometimes worrying talk. Hope he's managed to get some sleep now.
No comments:
Post a Comment