Our guest for Episode 62 is is Dmitri Alperovitch, co-founder and CTO of CrowdStrike Inc. and former Vice President of Threat Research at McAfee. Dmitri unveils a new Crowdstrike case study in which his company was able to impose high costs on an elite Chinese hacking team. The hackers steadily escalated the sophistication of their attacks on one of Crowdstrike’s customers without success, until they finally unlimbered a zero-day. When even that failed, and the producer was alerted to the vulnerability, the attackers found themselves still locked out -- and down one zero-day. We mull the possibility that there’s a glimmer of hope for defenders.
Dmitri and I also unpack the Great Cannon – China’s answer to 4Chan’s Low-Orbit Ion Cannon. Citizen Lab’s report strongly suggests that the Chinese government used its censorship system to deliberately infect about 2% of the Baidu queries coming from outside China. The government injected a script into the outsiders’ machines. The script then DDOSed Github, a US entity that had been making the New York Times available to Chinese readers along with numerous open source projects.
The attack is novel, showing a creative and dangerous use of China’s Great Firewall, and it provoked not the slightest response from the US government. I ask why any company in the US that uses the Baidu search engine or serves China-based ads should not be required to notify users that their machines may be infected with hostile code before allowing them to receive ads or conduct searches. Finally finding something good to say about the FTC’s jurisdiction I ask why it isn’t deceptive and unfair to automatically expose US consumers to such a risk.