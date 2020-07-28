In today’s Vergecast interview series, Verge editor-in- chief Nilay Patel talks with Wired senior editor Andy Greenberg, author of Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin’s Most Dangerous Hackers

As the title explains, Greenberg’s book is everything about a group of hackers inside the Russian federal government called Sandworm, who was accountable for destructive cyber warfare attacks in different nations over the previous couple of years and permanently intensified what we consider “cyberwar.”

Andy and Nilay talk about the origins of Sandworm, the complexities and implications of their attacks, and what secrets and scenarios are still left unsolved. Listen here or in your favored podcast gamer to hear the whole discussion.

Below is a gently modified excerpt from the discussion.

Nilay Patel: Who is Sandworm? What do we understand about them? Where do they work? What are they like? Do we have a sense of how this operation really runs?

Andy Greenberg: That was, in some methods, the most significant obstacle of reporting this book. And I invested basically the 3rd act of the book– the last 3rd of the reporting of the book– attempting to address this concern of “Who is Sandworm? Who are these people? Where are they located? What motivates them?”

And I think, simply to partly ruin the ending here, they are a system of the GRU[the General Staff of the Armed Forces of the Russian Federation] They belong to Russia’s military intelligence firm, which is accountable for– this is not a coincidence– they are accountable for election meddling. They are accountable for the tried assassination of Sergei Skripal with chemical weapons in the UnitedKingdom They are accountable for the downing of MH17, the business traveler jet over Ukraine where 300 innocent individuals passed away.

The GRU are this extremely careless, callous military intelligence firm. But they act nearly like fierce mercenaries around the world doing Russia’s bidding in manner ins which are, I believe, really frightening.

So I tossed basically a mix of exceptional work from a lot of security scientists who I was talking to, integrated with some verification from United States intelligence firms and after that, eventually, some other ideas from the examination from Robert Mueller into election meddling. All of these things integrated produced a path that caused one group within the GRU, [where] I ultimately had some names and faces and even an address of thisgroup And all of that was really just lastly totally verified after the book came out, simply in current months when the State Department– in addition to the UK and Australian and other federal governments together– lastly stated, “Yes, Sandworm is in fact this unit of the GRU.”

So this theory that I had actually established and presumed near the end of the book was lastly generally verified by federal governments simply in current months.

One thing that strikes me that is, I believe the GRU is being foreboding. Obviously, they’re really, great at this. They’re really buttoned-up. And then they have an extraordinary social networks existence that turns up throughout the book that sidetracks from what they’re doing. They established Guccifer 2.0 when they were doing the DNC hacks that fed to WikiLeaks. That account insisted it was simply a person. They established the ShadowBrokers

I read it as simply “Here are some goofballs.” They wished to appear a lot dumber and a lot smaller sized than they were, and they were really reliable at it. First of all, discuss those that method. And then the concern I have is are we much better at seeing that method for what it is?

Well, you make a truly fascinating point. I imply, the GRU utilizes these incorrect flags throughout their currenthistory But I must state, we do not understand that they was accountable for ShadowBrokers In truth, no one understands who the Shadow Brokers really are. And they are, in some methods, the most significant secret in this entire story. This one group that hacked the NSA, obviously, and dripped a lot of their zero-day hacking strategies. Or possibly they were even NSA experts. We still do not understand the response to that concern.

But the other events you discussed, the GRU are accountable for this Guccifer 2.0 phony hacktivist that dripped a lot of the Clinton files. They was accountable for other incorrect flags. They, at one point, to call themselves “The Cyber Caliphate,” pretended to be ISIS. They have actually pretended to be patriotic pro-Russian Ukrainians eventuallies. They’re constantly using various masks, and they’re really misleading.

And then in a later chapter of the book, among the most significant attacks they did was this attack on the 2018 Olympics, where they not just used an incorrect mask, however they really had layers of incorrect flags, where, as cybersecurity scientists went into this malware that was utilized to ruin the whole back end of the 2018 Winter Olympics simply as the opening event started. I imply, this was a disastrous occasion. The malware had all of these phony ideas that made it appear like it was Chinese or North Korean or possibly Russian, however no one might inform. It was this sort of confusion nearly developed to simply make scientists toss up their hands and quit on associating the malware to any specific star. And it was just through some incredible investigator work by a few of the experts that I spoke with, that they had the ability to cut through those incorrect flags and determine that Sandworm was behind this, basically.

But, yeah. It is one really genuine attribute of the GRU, that they appear to nearly take satisfaction in displaying their deceptiveness abilities, too. And they’re progressing those abilities. They are getting more misleading in time as they get more harmful and aggressive.

I enjoy to play the video game of “imagine the meeting,” and you think of that the one conference, which is the real hackers discovering the vulnerabilities, finding out how to leap from a Windows 8 computer system to some sort of physical hardware controller that really runs a terminal. That’s an extremely tough issue in and of itself. And then there’s the other conference where they resemble, “What we’re going to do is claim to be a guy called Guccifer 2.0.” Those are not linked, right?

But throughout the book, the method they carry out these projects, they’re deeply linked. And that appears like not only simply a brand-new sort of warfare and a brand-new kind craft, however it’s something that simply regularly appears to work in unexpected methods. Like the tech press is going to resemble, “Guccifer says this,” and there’s never ever that next action of “Also, we think it’s the Russian government.”

I would enjoy to be a fly on the wall of the conference where they choose what their Twitter name is going to be today. And I’m really curious how they develop those attacks in such a manner in which it simply appears to be a growing number of reliable in time.

I would likewise enjoy to be in those conferences. It’s my one sort of remorse in this book that I never ever really got interviews. I imply, it’s nearly difficult to discover defectors from the GRU or something who will inform those stories and after that not get killed. I imply, it’s simply sort of difficult.

And in some cases, to your earlier point, they nearly appear sort of bumbling with these things. They do them in an extremely improvisational method, and Guccifer 2.0 appeared nearly like it was simply this thing they created on the area to attempt to cover a few of the unexpected faults. Like, they had actually left Russian language format mistakes in the files that they had actually dripped from the DNC. So they created this person who appeared the next day and began discussing being aRomanian And then my pal at Motherboard, Lorenzo Franceschi-Bicchierai, he began this discussion online with Gutenberg 2.0 and generally showed that the person might not really effectively speak Romanian and appeared to broadly be a Russian speaker. It was nearly funny.

You understand, at the very same time, they’re utilizing really advanced hacking strategies. They’re doing harmful attacks on an enormous scale. But they likewise simply appear like they’re sort of making it up as they go along. They do things that do not really appear really tactically wise. They sort of appear like they’re simply attempting to impress their employer for the day. Sometimes it simply appears like the GRU awakens and asks themselves, “What can we blow up today?” instead of believing, “How can we accomplish greater strategic objectives of the Russian Federation?” So they are interesting in that method and an extremely unusual and vibrantgroup

