The American Insecurity State
In March 2013, a 17 year old Russian hacker began selling some malware for hacking retail point of sale systems. This software was called Kaptoxa, which is “potato” in Russian slang. He was selling it for $2,000 a pop plus 50% of the loot from any sale of stolen credit cards. After some initial success, he rebranded the malware “BlackPOS” (much cooler) and proceeded to sell over 40 builds of the software to the cyber mafia across easter Europe.
By November this malware was active across the US, as part of the massive cyber attack on Target and other major US retailers. BlackPOS, inserted into point of sale system at numerous Target stores, was able to transmitted the credit card numbers, identity, and CCV number (that pesky three digit number on the back of the card) of 40 million customers to the attackers securely located outside the US. An additional database hack was able to net the attackers 70 million additional customer profiles — name, address, etc. as well as (as is likely) purchase history at the store.
These cards and the American identities attached to them are being sold all across the world for countless millions of dollars. This makes it one of the largest cyber attacks on the US financial system to date since it impacted the financial lives of at least a quarter of the US adult population.
This makes it a great example of how people are using the leverage afforded by modern technologies to rig the world’s socio-economic system to great personal gain.
It’s also a great example, since nothing was done to stop it, how little our bureaucracies can do in this new world.
Let me restate why. One of the biggest cyber attacks in history just occurred and the national security bureaucracy we spend half a trillion dollars on a year did nothing. The most embarrassing aspect of this to the national security bureaucrat: the attackers didn’t even spend a moment worrying about the national security system. Its existence was irrelevant to the attacker’s decision making process.
Of course, the idea of a small unknown group successfully conducting a large scale attack on the US is something we’ve heard before. The same thing occurred on 9/11. In that case, as well as this, the attackers didn’t see the US national security system as a difficulty to overcome. It was just furniture in the room.
Unfortunately, 9/11 was misinterpreted. Instead of using it as an opportunity to rethink security in the 21st Century, it was used to justify a decade long national security spending spree that did nothing to make us safer. It just doubled down on the bureaucracy, which dug us deeper into debt.
It also, given the recent attack on Target attests, didn’t make us any safer. We’re as vulnerable as we were before the spending occurred.
What does this mean? The national security bureaucracy is unable to deliver security in the 21st Century. The instability of underlying socio-economic processes prevents it from doing anything proactive.
All the national security bureaucracy can do in the 21st century is Monday morning quarterbacking.
PS: I’m writing a book online. This is a page of it. Will package it and the rest of the pages for Amazon. If you want to join me for free in the meantime, sign up with your e-mail in the space below.