CSO Perspectives (public) 5.6.24
Ep 5569 | 5.6.24

Bonus Episode: 2024 Cybersecurity Canon Hall of Fame Inductee: Tracers in the Dark by Andy Greenberg.


Rick Howard: You're listening to the 2012 song "Hall of Fame" by The Script and Will.i.am, which means it's that time of year again. The Cybersecurity Canon Committee has announced the Hall of Fame inductees for the 2024 season to coincide with the RSA Conference, and I got to interview the winning authors. [ Music ] As you all know, N2K and the leaders of the Cybersecurity Canon Project team up each year to highlight this valuable and free resource for the entire InfoSec community, to find the absolute must-read books for the cybersecurity professional. In the next book we're going to talk about, the next inductee into the Canon Hall of Fame this year is "Tracers in the Dark" by Andy Greenberg. So hold on to your butts.

Voiceover: Hold on to your butts, butts, butts.

Rick Howard: This is going to be fun.

Voiceover: Butt, butt, butt. [ Music ]

Rick Howard: My name is Rick Howard, and I'm broadcasting from the CyberWire's alternate secret Sanctum Sanctorum studios located underwater somewhere along the San Francisco/Oakland Bay Bridge in the good old US of A, and the interns can't be more ecstatic for this change of venue. [ Cheering ] Hey, hey, settle down back there. This is only temporary. [ Moaning ] You don't want to give them too much hope. And by the way, you're listening to CSO Perspectives, my podcast about the ideas, strategies, and technologies that senior security executives wrestle with on a daily basis. [ Music ] Before we get started, I have several events that I'm doing at the RSA Conference. If you're attending, I would love for you to come by and say hello. First, members of the Cybersecurity Canon Committee will be in the booth outside the RSA Conference Bookstore to help anybody interested in the Canon's Hall of Fame and candidate books. If you're looking for recommendations, we have some ideas for you. It's on Monday, Tuesday, and Wednesday at the RSA Conference Bookstore at 2 p.m. Next, I'm hosting a small group discussion, RSA calls them "birds of a feather discussions," titled "Cyber Fables, Debating the Realities behind Popular Security Myths." The idea came from the Hall of Fame book we're talking about today, "Cybersecurity Myths and Misconceptions." If you want to mix it up with a bunch of smart people on this topic, this is the event for you. RSA hasn't picked a location yet, but the session is on May 7th from 9:40 a.m. to 10:30 a.m. Next, I'm doing a book signing. I published my "First Principles" book at last year's RSA Conference. If you're looking to get your copy signed, or if you just want to tell me how I got it completely wrong, come on by. I would love to meet you. It's at the RSA Conference Bookstore on May 8th from 2 to 3 p.m. I'm also hosting a Cyware sponsored panel on the latest developments in sock fusion, and Cyware is paying for breakfast, so how can you turn down a free meal? It's at the Billiard Room at the Metreon on May 8th from 8:30 to 11 a.m. And finally, Simone Petrella and I have been talking about Moneyball for Workforce Development since the last RSA Conference. For those of you that don't know, Simone is the N2K president, and I love this Moneyball idea. Come see us at Moscone South on the Esplanade level on May 9th from 9:40 to 10:30 a.m. So with all those announcements out of the way, it's time to talk about the book.

Voiceover: Oh, yeah, ha-ha-ha. [ Music ]

Rick Howard: Andy Greenberg is a longtime tech and security writer and has been working as a journalist for Wired magazine since 2014. He's also the author of three books, one a New York Times bestseller in 2012 called "This Machine Kills Secrets about WikiLeaks," a second in 2019, a Cybersecurity Canon Hall of Fame book called "Sandworm" about the Russian cyberattacks against Ukraine from 2014 to 2017, and now a third book published in 2022 called "Tracers in the Dark, the Global Hunt for the Crime Lords of Cryptocurrency." And by the way, this is his second book inducted into the Cybersecurity Canon Hall of Fame, which puts him in the same rarefied author air as Bruce Schneier, Neal Stephenson, and the writing team of Richard Clarke and Robert Mackey. I talked to Andy at the end of 2022 right after he published his book.

Andy Greenberg: Thank you so much for that, Rick, I really appreciate -- well, I appreciate your review of "Sandworm," and I'm really glad to be talking about this new one.

Rick Howard: So I want to congratulate you on this book. I just finished reading it and I have to say it's the best cybercrime book I've read in over five years easily. I would place it on the same shelf with two other Cybersecurity Canon Hall of Fame books on cybercrime, "Future Crimes" by Marc Goodman and "Kingpin" by Kevin Poulsen back in 2011. Can you give the audience a summary of what the book is about?

Andy Greenberg: It's about essentially the advents of cryptocurrency tracing as a law enforcement investigative technique. I mean, people forget this, but a little over a decade ago, when Bitcoin kind of first came into the limelight, people believed, including even, I would say, to some degree, Satoshi Nakamoto himself or herself believed that Bitcoin could be used anonymously, that it might be this kind of digital cash for the internet that you could put like a briefcase full of unmarked bills into a package and send it across the Internet, essentially, without revealing your identity.

Rick Howard: As Andy said, we're not sure who Satoshi Nakamoto is. He or she published the seminal paper called "Bitcoin, a Peer-to-Peer Electronic Cash System" in October of 2008, essentially the beginning of Bitcoin as arguably the first viable cryptocurrency. Nakamoto has never appeared in public, and the last time anybody has heard from him or her was in April 2011 via email. As far as anybody can tell, Satoshi Nakamoto is a pseudonym. It may represent one person or a collective. In 2014, Newsweek wrongly pointed to a 64-year-old Japanese American named Dorian Prentice. Researchers from Aston University attribute the author to be Nick Szabo based on writing style comparisons, something called "stylometry," from the original paper and Szabo's public writing. Nakamoto gives credit to Szabo in the original paper for a precursor cryptocurrency called "Bitgold." Whomever the Nakamoto collective is, they're worth about $8.8 billion because of all the bitcoins in their possession. [ Music ] That seems so crazy to me that a system that rides on the blockchain which is supposed to be transparent that we would think that it would be anonymous, so how do we rectify those two ends of the equation there?

Andy Greenberg: Well, we can get into like how cryptocurrency tracing works, which is such a big part of the techniques used by the main players in this book, but back in 2011, when I wrote the first print magazine piece about Bitcoin, you know, I'm guilty of this, too, I believed that Bitcoin could be used anonymously because, yes, there was this thing called the "blockchain" that recorded every single Bitcoin transaction, but those transactions, as they were listed there, only seemed to be between Bitcoin addresses, these like long inscrutable strings of characters, and there were no, you know, no identifying details on the blockchain and you couldn't figure out who somebody's addresses were and how were you going to follow their money or identify their transactions, and that seemed to have convinced even -- you know, Satoshi Nakamoto wrote in the first email to a cryptography mailing list introducing Bitcoin that participants can be anonymous, in quotes. Even Satoshi believed in this potential anonymity or untraceability of Bitcoin and that soon led to its use on the dark web, on sites like the Silk Road. I guess like I first heard about Bitcoin in 2011 from Gavin Andresen, one of the first Bitcoin programmers, and he had given a talk about it where he described it as a kind of cyberpunk invention. The cyberpunks were this movement of like privacy advocates, who I was super interested in, who believed that you could use encryption technologies to take power away from governments and corporations and give it to individuals, and Gavin described Satoshi as having kind of created this cyberpunk holy grail, as he put it, like truly anonymous, potentially untraceable digital cash for the Internet. That's what Bitcoin was perceived to be back then. And so I interviewed Gavin and wrote a piece for Forbes magazine about Bitcoin back then. I even like tried to get comment from Satoshi, who back then had not yet disappeared, and Gavin even relayed a message to Satoshi for me, and I, you know, I include it in the story, like Satoshi Nakamoto declined to comment, which I think is maybe like the only media story that ever has that -- had that phrase in it because he actually did decline, or she or they or whoever Satoshi is.

Rick Howard: Because we don't know, right? Nobody knows who Satoshi is, right? That's the whole -- that's the whole game here.

Andy Greenberg: But this is like the funny thing about it. Satoshi wrote participants can be anonymous about Bitcoin, and it has since turned out that that, you know, may be true in a sense, but only in the sense that Satoshi himself has remained anonymous, and almost no one else ever has been able to use Bitcoin anonymously, it turns out. I mean, the story of this book is about how over the last decades it slowly became apparent that, I mean, as is now clear, as is now clear to you from what you just said about the blockchain, that Bitcoin is incredibly traceable, that it is actually far more traceable once you know kind of like how to crack the code of the blockchain Bitcoin addresses than even the traditional financial system, and a small group of detectives who are -- who are really the main characters of this book figured this out, I mean, first in the sort of research world, then the tech industry, then law enforcement, and this group kind of went on a -- just a spree of one massive cybercriminal takedown after another, each one bigger than the last that, you know, kind of still is persisting to this day.

Rick Howard: I guess that's the takeaway from the book. If there's any doubt in anybody's mind today, I think we can wipe that away, that cryptocurrencies, specifically Bitcoin, but others for sure, we can use the same techniques.

Andy Greenberg: Not all of them I would say, but, you know, almost all of them except the ones that are specifically designs. I think you were about to get to this, that, you know, to foil that kind of tracing, like, you know, Monero and Zcash or others that are -- we call them "privacy coins," but everyone that's sort of based on a blockchain, like the sort of traditional blockchain the way that Bitcoin is, yeah, they're like -- they turned out to be not only traceable, but like, given the way that they were perceived originally, almost like a trap for people seeking financial privacy and for all kinds of criminals.

Rick Howard: So the technique's called "chainalysis," is that right?

Andy Greenberg: Well, Chainalysis is the company. Chainalysis is this -- the tech startup that has become kind of the world's leading purveyor of cryptocurrency tracing tools and services. They're now -- you know, they -- Chainalysis's like origin story is a big part of this book, the way that they figured out how to trace cryptocurrency, and then they, and now a whole industry of companies like them, are playing this cat and mouse game with all of -- all of these cryptocurrency users and criminals trying to stay a step ahead.

Rick Howard: So I'm glad you clarified that because I was thinking "chainalysis" was the name of the technique they were using, but you're right. That's the name of the company that develop a lot of these algorithms. Is there a different name for the technique that they are using, or is it just a bunch of different techniques that this company uses?

Andy Greenberg: Well, it's -- I mean, I think that the techniques as a whole are called "blockchain analysis," which is where I guess the name "Chainalysis" comes from, the company, but yeah, I mean, the -- Chainalysis adopted like a whole bunch of techniques and built them into a kind of slick piece of software called "Reactor" that became this very powerful tool in the hands of law enforcement, but those techniques really came from, or at least originally the sort of most kind of core techniques that Chainalysis built a company out of came from the research world and specifically from the work of one University of California San Diego researcher at the time, Sarah Meiklejohn, who in 2013, you know, a couple of years after the appearance of the Silk Road and, you know, when I first discovered Bitcoin, she and her co-authors published a paper that laid out these -- [ Music ]

Rick Howard: And that's our show. Well, part of it. There's actually a whole lot more, and it's all pretty great, if I do say so myself. So here's the deal. We need your help so we can keep producing the insights that make you smarter and keep you a step ahead in the rapidly changing world of cybersecurity. If you want the full show, head on over to thecyberwire.com/pro and sign up for an account. That's "thecyberwire," all one word, "dot com slash pro." For less than a dollar a day, you can help us keep the lights on, the mics rolling, and the insights flowing, plus you get a whole bunch of other great stuff like ad-free podcasts, my favorite, exclusive content, newsletters, and personal level-up resources like practice tests. With N2K Pro, you get to help me and our team put food on the table for our families, and you also get to be smarter and more informed than any of your friends. I'd say that's a win-win. So head on over to thecyberwire.com/pro and sign up today for less than a dollar a day. Now, if that's more than you can muster, that's totally fine. Shoot an email to pro@n2k.com and we'll figure something out so you can join. I'd love to see you over here at N2K Pro. This episode was produced by Liz Stokes. Our theme song is by Blue Dot Sessions, remixed by Elliott Peltzman, who also mixes the show and provides original music. Our executive producer is Jennifer Eiben. Our executive editor is Brandon Karpf. Simone Petrella is our president. Peter Kilpe is our publisher, and I'm Rick Howard. Thanks for listening. [ Music ]