Horizon (1964) s52e16 Episode Script

Defeating the Hackers

It's a rather unlikely group of scientists.
They're experts in codes and code-breaking .
.
leading researchers in the baffling world of quantum physics.
They may have built the most advanced computer in the universe.
And together, they're taking on one common enemy .
.
hackers.
The greatest threat today to the world is the keyboard.
In the past, it may have been nuclear weapons or weapons of mass destruction.
Today, we see that same level of capability being exercised by lone individuals using keyboards as opposed to bombs.
Hackers are trying to devise ways to steal our money, our identities, our secrets.
The internet is a bad neighbourhood.
How often are ne'er-do-wells coming by to rattle the door? In the digital world, they're rattling the door knobs all the time.
But it's not just criminals.
Recently, the extent of government eavesdropping has been revealed.
And now, powerful cyber-weapons are being uncovered.
My mouth was, like, wide open, going, "Oh, my God.
"Oh, my God.
Oh, my God.
" In this murky world, scientists are trying to harness the laws of physics and mathematics to protect us from the hackers.
Mat Honan considered himself to be pretty savvy when it came to security and the internet.
But last year, he discovered just how devious hackers can be.
The first clue that something bad was happening came when he tried to charge his phone.
When I went to plug it in, the phone had this icon on it, an iTunes icon and a plug, that's the same kind of thing that you see the very first time you turn on an iPhone.
And so I went to connect it to my computer and when I opened up my computer, the screen turned grey and it asked for a four-digit PIN.
And I knew I didn't have a four-digit PIN, I hadn't set up a four-digit PIN.
I grabbed my iPad out of my bag.
And my iPad was also in this reset state that wanted a password to proceed and the password that I knew should have worked didn't work.
At that point, I knew that I was being hacked.
That was pretty terrifying.
I didn't know what they were doing at this point.
I had no idea what their motivation was.
The whole hack took less than 45 minutes.
By five o'clock, basically, my entire digital life was wiped out.
Every device I own, everything I had had been taken over and almost all of it completely deleted.
Just about every picture I'd ever taken of my daughter, old emails, emails from people who were no longer alive even.
All kinds of stuff that was very precious to me.
Mat thought he was the victim of a classic hack.
Someone had repeatedly tried to crack his password and eventually succeeded.
He went online to write about what happened and then unexpectedly, the hackers got in touch with him.
They saw it, they saw that I had speculated that they had brute-forced my password and this hacker got in touch with me to say, "No, that's not how we did it.
" And at that point, I tried to strike up a dialogue with them because I wanted to understand both how things had happened and why they had happened.
And I basically made a deal that I wouldn't press charges if they told me how it was done.
I was angry.
I was scared.
I was concerned.
I was a lot of things like that.
But I also realised pretty quickly that this was an interesting story from a journalist's perspective.
For Mat, it wasn't just personal.
He's also a writer for Wired Magazine.
His hackers had discovered a series of loopholes in the internet which taken together, left him completely unprotected.
It wasn't like they used some crazy cracking programme to hack into all my stuff.
They didn't make my password.
They didn't break any encryption.
They didn't do any of that kind of stuff.
What they did was they socially engineered all of my accounts.
And social engineering is basically just a fancy term for a con job.
Basically, you con your way in to a company's or a person's security system by making them think that an attacker is actually a customer.
The first step was to find a way of stealing his identity for one of his many online accounts.
Their way in was a simple phone call to the online shopping service Amazon.
They gave Amazon a fake credit card number and added it to my account.
They hung up.
They called Amazon back and they told them they were locked out of my account and gave them the credit card number they had just added to my account.
Once they did that, they were able to get a temporary password from Amazon.
It was a simple deception, but effective.
The hackers now owned his Amazon account.
They didn't go on a shopping spree.
What they were after were the last four numbers of his credit card to pull off the next stage of the con.
On those recent orders, they could see the last four digits of the credit card that I had used to pay.
At the time, Apple was using those last four digits as an identity verification method.
Once they had those, Apple gave my password reset.
They now owned Mat's Apple accounts.
Now, they could access pretty much all of his digital life.
The ultimate prize was his Twitter account, @mat.
For the hackers, a trophy.
And to keep this prize, with a few clicks, they destroyed his digital life.
My computer, my iPhone, my iPad.
They deleted my Google account so that I couldn't get back in there and kick them out of the Twitter account again.
It was an interesting chain.
They went from Amazon to Apple to Google to Twitter.
These hackers knew the security flaws of the net and how to use them, one after another, to pull off this con.
And they were just teenagers.
It's just online vandalism.
They thought that this was going to be funny and they were teenagers, so they didn't think about the implications of deleting everything someone owns and how much precious data you may have in your life.
Data's quite precious to people now, it's valuable and they didn't really see that.
What happened to Mat is now rather routine.
Credit card stolen, social media accounts broken into.
These loopholes are now fixed, but in the anonymous realm of the internet, there will always be ways to steal someone's identity.
But if you thought the havoc that a couple of teenagers can wreak is unsettling, wait till you see what the big boys can do.
It was probably the most sophisticated hack in history and it could have gone completely unexplained but for cyber-security experts Eric Chien and Liam O Murchu.
Right from the word go, there was just red flags going up everywhere.
You can really feel it.
The hairs on the back of your neck stand up if it's something really, really big.
Their job is to investigate the viruses that pop up on your computer.
Most malicious software they see is pretty run-of-the-mill.
But then along came Stuxnet.
This was probably the biggest puzzle we'd ever seen.
There was no way we were going to step away until we understood what was happening with this particular piece of malware.
Back in 2010, they had no idea of the significance of what had just landed on their desks.
They were just curious because Stuxnet contained something rare - a zero-day exploit.
That's a flaw in the code that no-one is aware of.
Zero days are extremely uncommon.
For Microsoft Windows, there was only 12 zero-days in all of 2010.
Four of those 12 were inside of Stuxnet.
It was the most sophisticated code they had ever seen.
And it was dense.
Every bit of code in there was code that was doing something.
Much of it was written in a strange programming language.
What we discovered were big chunks of code that we just did not recognise.
We had no idea what it was.
We realised it was code for PLCs, Programmable Logic Controllers, which are small computers that control factory equipment and things like power plants.
Every time Stuxnet infected a new computer, it would start hunting for one of these Programmable Logic Controllers.
Then it would fingerprint them.
It had to be the right model, have certain key magic numbers, the right peripherals, or things attached to those PLCs had to have the right hardware.
Once it found that, it would copy itself onto the PLCs and then just sit there for a while.
They'd actually sit there for almost a month just watching what was going on.
And it had to observe what it believed was normal operation of the targeted plant, of the targeted facility.
Our first theory was that this was actually trying to commit espionage.
It was trying to steal design documents and some sort of industrial control facility.
But when they discovered where Stuxnet was spying, things took a sinister turn.
Basically, when Stuxnet infects a machine, it contacts a server to say, "Look, I've infected a machine.
" And we were able to get access to the logs on those machines to find out where the most infections were and it was in Iran.
And so that gave us a hint that it was trying to attack something in Iran.
Iran was suspected to be concealing a nuclear weapons programme.
Now, Eric and Liam had a clue to what Stuxnet could be hunting for.
But the final piece of the puzzle came when they realised two ID numbers held huge significance.
And then in November, we got a tip-off from a guy in Holland who was an expert in the communication protocol between the PLCs and the peripherals that are attached to it.
He had mentioned, "Hey, you know these peripherals, "they all have these magic IDs associated with them "and there's a catalogue that you can go look up, these magic IDs.
" It would turn out to be the defining moment of their investigation.
There was quite a moment.
I mean, Liam was searching online and I was just standing behind him watching what was coming up on the screen and when it first came, immediately there was I felt a rush of blood to my face because I was like, "Oh.
This is not good.
" They realised that they'd stumbled across something of global significance.
My mouth literally dropped.
People say that, but it literally dropped.
My mouth was wide open, going, "Oh, my God.
Oh, my God.
Oh, my God.
" The magic numbers were IDs for frequency converters, devices which change the speed of machinery.
But these were specific models with a dedicated task - they spin centrifuges in nuclear facilities.
I was just like, "Oh, no.
This is it.
It's uranium enrichment.
"It's nothing else.
" By matching up clues from the code to data from the International Atomic Energy Agency, they could even narrow it down to one specific nuclear plant, A place called Natanz.
Once the network was infected, Stuxnet's devious attack was designed to unfold like this.
It would then, basically, try to attack mechanisms.
One is it would speed up the centrifuges to 1,410 hertz .
.
which would cause those aluminium tubes inside of the centrifuges to vibrate uncontrollably and to shatter apart.
And the other was to lower the speed to two hertz.
So, you can imagine a kid's top that you spin and when it gets really slow, it begins to wobble and fall over.
As the centrifuges span out of control, Stuxnet would start to play back data it had recorded when everything was working normally.
It's like you see in the movies where there's a guy watching CCTV cameras and they patch in fake footage, so that the security guards don't realise they're currently robbing the safe.
It's exactly what Stuxnet did, but sort of in this virtual computer environment.
But the final trick would come when the operators tried to shut down the plant.
When they tried to hit their big red button that would send a signal to those PLCs to tell the system to shut down gracefully.
But Stuxnet infected those PLCs and cut off that signal and basically, allowed the attack to continue to operate.
And it seems to have worked.
Stuxnet reportedly destroyed around 1,000 centrifuges, setting Iran's nuclear programme back by about two years.
But there's one rather important question left - who built Stuxnet? I guess the realisation for me was, this is not hackers in their basement who are doing this.
This is the big guns here who are doing this.
We don't have, unfortunately, any evidence that tells us if it's any particular country.
I would say that it's pretty clear to us it's at the level of a nation state and pretty clear someone who is not an ally of Iran.
And politically motivated to stop uranium enrichment in Iran, so that narrows it down, pretty much narrows it down.
No-one has officially admitted to being behind it, but it's been widely reported that Stuxnet was built by the US with help from Israel .
.
something that neither country has denied.
Eric and Liam have managed to take part and understand the world's first cyber-weapon.
Stuxnet was definitely a seminal moment.
It really opened Pandora's box.
Before Stuxnet occurred, people weren't really practically thinking about the existence of cyber warfare, of malicious programmes being able to literally blow things up.
Stuxnet opened that door and every country today is talking both about offence and defence now on nation to nation, state cyber-warfare.
In today's digital world, no-one's quite sure who is hacking who .
.
whether it's criminals, teenagers or even governments.
But with so much at stake, it's not surprising that some of the most inventive minds in science are trying to make it secure .
.
hoping to stay one step ahead of the hackers.
This man spends much of his time trying to understand the murkier world of the internet.
He's worked with some of the world's largest and most secretive organisations, trying to protect their secrets.
He started off life as a mathematician and became fascinated with the world of codes and code breaking.
We've never actually been at a time where codes were more important.
Almost everything you do today uses a code.
Every time you log onto an internet service like Twitter or Facebook and send your password, every time you log into internet banking, all of that information is protected using encryption code.
Codes have long fascinated mathematicians because they are some of the most beautiful and addictive problems they can wrestle with.
And at the heart of everything that we do on the web is one sort of number - prime numbers.
We're surrounded by them every day.
Numbers like seven and 13.
What's so special about them is that they can only be divided by themselves and by one.
But what makes them so important to codes is when you combine two of them.
If you take two prime numbers and multiply them together, you get something called a semiprime.
What's interesting about semiprimes is that it is really difficult to calculate the numbers that could have been multiplied together to form them to get back to the original values.
Here's an example.
If you multiply two primes like 11 and 13, you get 143.
That's the easy bit.
But if you're given 143 and you've got to work out the two original primes, that takes a long time to figure out.
Easy multiplication one way and hard the other.
This is the key to internet codes.
You can make a big semiprime very quickly, but try to calculate the two primes that it's made of takes a very long time.
So it's a bit like un-frying an egg.
Easy one way, really hard the other.
And the bigger the number, the longer it takes.
It takes mere seconds to go one way, but the other way would take thousands of computers millions of years.
It's something we all use every day.
A big semiprime is used as a code word, a key, to scramble your credit card details when you buy something online.
But only you and your bank know the two original primes that can unscramble it.
These keys are private and secure because it would take longer than the age of the universe for any hacker to figure them out.
This system of public and private keys is known as the RSA algorithm.
So that beautiful piece of mathematics has fundamentally changed the world around us.
Without this technology, without the ability to look up public keys and form these connections, internet banking, social media, stock trading, all the things we take for granted online, fundamentally wouldn't work.
Our information would be far too accessible to any prying neighbour.
It's made the hunt for very, very large prime numbers one of the most important quests in maths.
And here's the current largest all 5,000 pages of it.
17.
5 million digits.
A very big prime number indeed.
Yet divisible only by itself and one.
But as prime numbers get bigger, so do the computers trying to crack them.
All the time, computers are gaining in power.
All the time, new mathematical methods are being discovered.
So far, we've stayed ahead of the code crackers.
But that could just be a matter of time.
Codes like RSA are effectively uncrackable because however powerful today's PCs are, they can only process one computation at a time.
But now scientists are working on a new form of computer that harnesses the most complex physics in the universe.
The world we are all used to is a rather reassuring place.
The laws of physics mean we can know where things are, how fast they are moving and predict where they're going to go.
But as things get smaller, a lot smaller, they also get a whole lot weirder as you enter the world of quantum mechanics.
Quantum is like trying to see music.
It's like even trying to hear colour.
It's very weird.
It's the world that Erik Lucero studies every day.
Take a single grain of sand and in that single grain of sand, there are billions and billions of atoms and what we're interested in is looking at what happens with a single atom.
These kinds of scales are where nature shows itself in a completely different way and that is this quantum mechanical nature.
The laws of quantum physics have baffled the greatest scientists, even Einstein.
At the smallest scales, the idea that we can know exactly where anything is starts to break down.
The mathematics that describes the world of the very small means things can be in many places at the same time.
One of the very important features of quantum mechanics is this idea of superposition.
Superposition is the idea that a particle can be both in one place or another place at the same time.
We speak about it even in a binary sense, like zero or one.
It can be both zero and one at the same time which is a very odd idea.
Superposition means that objects have no fixed location.
They really are in several places all at the same time.
Quantum physics may be mind-bogglingly weird, but it's starting to be very useful indeed and it might be a way for Erik to crack the world's most powerful codes.
Here at the University of Santa Barbara, Erik has constructed a machine that operates within this fantastical world.
He's built one of the world's most advanced quantum computers.
He's harnessed this quantum weirdness to design a computer that has the potential to become the ultimate code-cracking machine.
But first, it has to get very, very cold.
We have a dilution refrigerator and this base plate right here is what gets a fraction above absolute zero - orders of magnitude colder than space.
All of this machinery exists just to cool down the computer chip, the processor.
So, inside of this specially-engineered box, we have a quantum processor, a solid-state quantum processor.
On this chip, there are four cubits.
The cubits themselves are what are performing the calculation.
Classical computers use data in the form of bits, each a zero or a one.
But quantum bits, called cubits, use the feature of quantum physics that means things can be in two places at once.
It can be a zero and a one and everything in-between all at the same time.
This gives it the power to do many calculations simultaneously.
We mount this quantum processor onto the base plate here and we then make all these electrical connections.
Then we're able to move the quantum information all around that chip and actually extract the answer.
From a scientist's point of view, it's a very exciting tool that we can probe nature.
It's so fast that it could be the kind of computer that finally cracks RSA encryption.
To prove it in principle, Erik used his computer to find the two prime numbers making up a small semiprime.
And so it's sort of at the level of technology that I would say is maybe like an Atari.
It's kind of 8-bit technology.
It was a very neat toy problem and we tried to find, using a quantum processor, the factors of 15.
I'll let everyone think about that for a minute, but that is probably something that we all can do, even in grade school.
And it took me seven years to get my physics PhD to do that with a quantum processor.
What's remarkable is not the answer, but the way the computer does it.
The quantum chip considers every possible solution all at the same time, instead of sequentially.
And you're collapsing to this one answer that will actually be the answer you're after which is a huge speed up.
You explore all of these possible places and possible answers and you get the one that you want.
And we learn, yes, indeed, 15 = 3 x 5.
Erik's proved that quantum computing has the potential to smash the codes that protect the internet.
It blows the doors off of RSA encryption.
All we need is more and more cubits.
We just need a larger quantum computer.
Really, all that's left to do is to scale up this particular architecture.
It's a big task and there's a lot of very, very bright people that are all working towards that.
I think that what's exciting is that it really puts kind of a milestone in the ground about where things are and what we need to do next.
You do realise you've broken the internet now? Oh, yeah.
I'm sorry about that.
For now, at least, the web survives.
But if quantum computing holds the possibility someday of breaking the world's most-secure codes, it may also provide an even cleverer way of keeping secrets safe.
Quantum mechanics is funky in a kind of James Brown kind of way.
Very, very funky.
It's strange and counter-intuitive.
Seth Lloyd runs the Center for Extreme Quantum Information Theory at MIT.
It's sometimes hard to appreciate just how extreme this research can be.
Quantum computers are particularly fine for teasing out the subtle interactions between atoms and molecules in elementary particles, or for simulating what happens as a black hole collapses.
Or, for that matter, a recent experiment that we did to actually implement a version of time travel.
So, you can use quantum computers for all kinds of exciting things.
And you can use the laws of quantum physics to create the ultimate way of sharing secrets.
Current codes that are used to send information securely over the internet are called public key codes, and they could be broken by a quantum computer.
But quantum mechanics also supplies methods for communicating securely in a way that's guaranteed by the laws of physics.
So, these methods go under the name of quantum cryptography.
It's really a way of telling if someone is eavesdropping on your conversations.
In the weird world of the very small, things can be in more than one place as once.
But all that changes at the moment that you actually look and measure where something is.
It's known as the 'Observer Effect'.
One of the basic principles about quantum mechanics is that, when you look at something, you change it.
And this simple feature allows you to communicate in a way that's provably secure.
But the reason it's useful is that this theory applies to a photon of light, which can be used to carry a message, a one or a zero.
It means that if you were sending a quantum message, you can tell if someone else is observing it.
If there is an eavesdropper on the line.
A good way to understand quantum cryptography is to think of three people - Alice, Bob and Eve.
Alice wants to send secret information to Bob and Eve wants to listen in - to eavesdrop.
Alice takes her information, a string of zeros and ones, or bits, and encodes them on photons - particles of light.
Now, the encoding is done in such a way that Eve, if she looks at these photons, will inevitably mess them up.
She'll change them in a way that Alice and Bob can figure out.
So, after Alice has sent the photons to Bob, she and Bob can confer to find out which photons have been tampered with.
The photons that haven't been tampered with, the pristine photons, now constitute a secret key shared only by Alice and Bob, whose security is guaranteed by the laws of physics.
Alice and Bob now have a secret code word, one they know no-one had listened to, which they and only they know, and they can use this code word to send their messages.
This system, using the behaviour of some of the smallest particles in the universe, is already being used.
Quantum cryptography is already used by folks who want extreme security, by banks and by agencies whose job is to protect information.
And, nowadays, there are a number of companies who build quantum cryptographic systems and, for a fee, you too can communicate in complete and utter privacy guaranteed by the laws of quantum mechanics.
But whatever the technology, all codes ultimately have one very human vulnerability.
No matter what you do with quantum cryptography, or any cryptographic system, there are always going to be They are always going to be susceptible to attack where Eve ties up Alice and imitates her, so when Bob thinks he's communicating with Alice, he's actually communicating with Eve.
So, even if you can't crack a code, it may be possible to get around it.
To pull off an inside job, whether by someone leaking or selling secrets.
Perhaps the greatest vulnerability for anyone trying to keep a secret isn't the sciencebut us.
Out there are scientists thinking dark, paranoid thoughts, imagining a future where every computer in the universe is infected.
Your phone, your laptop, your work or bank.
In this nightmarish scenario, the things that scares people most is not knowing who is at the other end.
ACOUSTIC GUITAR MUSIC PLAYS On the face of it, Patrick Lincoln's real life is rather peaceful even content.
But the world that he spends his life imagining is one in which threats lurk around every corner.
If you think of it as a neighbourhood and asking, "How often are ne'er-do-wells coming by to rattle the door?" Trying the doorknob to see if they can get into your house.
In the digital world, they are rattling doorknobs all the time.
And therefore I think it is appropriate for us to start to be paranoid about what devices can we really trust our personal, private, corporate information to.
And, in the end, moving into an ultra paranoid mindset where I can't trust any one device.
He's a leading researcher in a field called ultra paranoid computing.
Ultra paranoid computing is taking a point of view that no one machine is something you can count on completely.
In the past, we've relied on the unique quality of a human fingerprint .
.
the unique quality of an iris but even these things can be stolen.
Unfortunately, those systems are subject to theft or copying, so folks can copy a fingerprint and make something that fools a fingerprint reader.
Even making copies of irises, photographs, in some cases, can fool iris scanners.
So, those are imperfect ways to try to authenticate that the user is who they say they are.
So, Patrick turned to a part of the body that no-one can steal.
He started exploring whether he could implant a password into an unconscious portion of the mind.
Modern cognitive science has found portions of the brain that are able to record sequence information like muscle memory.
The way you learn to ride a bike or the way to learn to play a musical instrument, that allows one to remember long sequences, but not necessarily have conscious access to details of the inside information in that sequence.
What is the 13th note of Beethoven's Symphony? Even if you can play the symphony on a violin, you may need to start at the beginning in order to have your muscle memory continue through to that note and then reveal it.
But how do you get the password in there? MUSIC: "Eruption" by Van Halen Now his dark imaginings are taking shape.
In this paranoid world, it's not been easy to find a way of logging on.
But Daniel Sanchez may have found an intriguing solution.
We have a guitar interface that's based off of popular rhythm videogames that people play.
And, essentially, what this is is these keys correspond to the four different targets on the screen.
The left hand responds to the order that the circles are scrolling, and the right hand responds to the timing.
So, essentially, what you're doing is you're making a bi-manually coordinated interception response to the circles as they cross through the targets.
In other words, using both hands.
The game looks utterly random but buried within it is a pattern one that repeats nearly 200 times.
Your conscious mind can't pick it out but what this is doing is creating a unique muscle memory.
What we're doing is, the sequence is repeating.
We don't tell people the sequence is repeating and, as they perform it over and over again, they become able to perform a sequence even though they don't know that they're learning it.
So, that's how we're able to sort of store information in people's brains without them knowing it's being stored there.
After 45 minutes, the password is embedded in your muscle memory, right here in the basal ganglia, a deep, unconscious part of the brain.
To prove your identity, you play along with the same task as before but, this time, you're actually playing your password in your own signature style.
So, essentially, what someone would do is sit down at a computer and start performing it.
And what the computer does is it takes that data and it will look at their performance on the trained sequence versus novel sequences they've never performed before.
And you can use that information to say this participant knows that particular data, or knows that particular information, therefore it's Bob.
You would have to know nothing else about them.
It's simply their performance and their motor abilities that can tell you who they are based on what they know.
It may seem strange, but this could be how you log on in a paranoid future.
After this entire protocol is done, a participant will leave the lab knowing something they don't know that they know.
That's the password and the information that we're able to store that they can't divulge to anyone else, and that's essentially how the cortical cryptography works.
Right now, were in the grip of a new arms race.
On one side, the code makers and scientists, defenders of our digital lives.
On the other side, the hackers are becoming ever more devious.
Quantum physics and ultra paranoid computing are just the latest place where this battle is being fought out .
.
but it is one that is constantly shifting.
Noisebridge, San Francisco, a workshop for hackers in the original sense of the idea.
A place for pioneers.
People taking apart technology, improving it, upgrading it, having fun.
But you don't have to look far to see how connected everything has become.
Phones with powerful computers, cars with satellite navigation, electronic books, even fridges.
And this world of connected devices is the latest battleground for the hackers.
Barnaby Jack has been probing this world of connected devices, looking for weakness.
His aim, to hack these devices before the hackers do.
I've always been doing research, so I would look at devices or software, and I would try and find ways to break into that code.
And once I found out a way to break into the code, I'd write the software that did it.
Hacking proficiently, I guess I would say, so I take the same route that a normal hacker would take to find these vulnerabilities and exploit them.
Like any hacker, Barnaby set out to find the weak points.
The easiest way to bypass the security systems.
Everyone has wanted to jump on the wireless bandwagon.
But by going wireless like this, a lot of people haven't realised the security ramifications of doing so.
Everything that has a wireless capability can potentially be hacked remotely.
So, I decided to look at software that runs on these devices because, once you compromise those devices, there's a very immediate and real world effect.
His target was something we all rely on every day.
Something you might think had the ultimate security Banks.
Or, more precisely, a certain form of stand alone cash machine.
I decided to look at ATMs because, you know, they're full of money.
And I looked online, and I basically just bought them directly from the distributor.
I took the software off the ATM and then I reverse engineered that software, and I saw that there was a remote update mechanism.
This was the undefended part of the system, the way in.
Typically, it would require usernames and passwords to access, but I found a vulnerability which let me bypass all the username and password requirements, and would let me remotely access the ATM and upload my own software anonymously.
Now, the machine was his to control.
It may sound farfetched, but here's the proof it worked.
And put my software here, I'd go here and add a group, so add San Francisco.
I then go ahead and add an ATM, so I put the name Barnaby's ATM.
So, now I can go ahead and upload my own software to that ATM.
It connects to the ATM, it sends the authentication bypass, it succeeds.
And now I could dispense money from the cassettes, I could capture people's credit card details, I could do all that remotely.
So the software is now uploaded, so we could go ahead and issue a remote jackpot command.
That way, anyone near the ATM at the time can get some money.
So, that could be carried out over the phone line or over thenetwork, whatever it may be.
This flaw, which only affected some of these sorts of stand alone ATMs, has, needless to say, now been fixed.
And Barnaby hopes he gets to these flaws before the hackers.
We're hoping, by actually releasing these details and actually demonstrating some of these risks, that the security of these devices will actually improve quite a bit.
We're working with these manufacturers to actually help them improve their codes.
It's estimated there are now over a billion Wi-Fi-enabled devices, and hacking and defending these gadgets is just the latest battleground.
But perhaps the greatest danger we face doesn't come from any one computer, but from the giant networks of interconnected computers that run the most complex systems on the planet.
From power grids to banking systems to transport networks.
Because once someone has hacked one part of it, they may have hacked the whole network.
It began with just one computer.
And now it's spreading through our networks like wildfire.
Power stations are being targeted, plunging the nation into darkness.
The transport networks are being targeted, too.
And now the infection is spreading all across the world.
But this attack isn't real.
It is a simulation being run by some of Britain's top cyber security experts.
Cyber security in the UK is considered to be a tier one threat alongside terrorism.
This drill is part of a strategy to pinpoint weaknesses in a network.
They're attacking it to see if, and where, it breaks.
If we're going to defend our networks, we need to understand what an attacker might do to us.
You need to understand what the threats are to you, and you need to understand what your own vulnerabilities are that someone might take advantage of.
And if you don't understand what the attacker might be able to do to you, you will not develop the best defences.
The Cyber Range helps us do that.
Once, the only way to test a network was for a company to attack it from the inside.
But today, you can come to this Cyber Range, Europe's first.
This black box is a kind of internet firing range.
Engineers can programme these 120 computers to create a perfect mirror image of the company's global network.
One rack houses their existing cyber defences, the other contains the nastiest malware on earth.
Then the two banks of computers go to war.
You can emulate a normal day-to-day email interconnection that a company would have and, at the same time, you can introduce malware into the system.
You can have a look at the effect it would have.
You can introduce new software to the system to see how effective it is against malware.
You can test new intrusion detection capabilities, so you can test how well they perform against intrusions that you introduce yourself, all in a safe environment.
The hope is, that by hacking yourself, you can find those security flaws and patch them before a hacker works out how to get in.
Sean McGurk works to protect America's complex networks, like power stations and water companies from attack.
The greatest threat today to the world is the keyboard.
In the past, it may have been nuclear weapons or weapons of mass destruction.
Today, we see that same level of capability being exercised by lone individuals using keyboards, as opposed to bombs.
They can hack into transportation networks, into computer networks, emergency communications networks, even air transportation are all susceptible to hackers today.
It's Sean's job to try and find the unexpected, surprising weak points that an attacker could exploit to get into these networks.
What were look at, as far as vulnerabilities are concerned, are really three things - people, processes and technology.
The technology is great.
The encryption is great - it's very difficult to break.
It takes a tremendous amount of computing capability, but the bottom line is a person can circumvent any layer of security simply by their actions.
So, in spite of the complex and sophisticated technology, once again, it's the people who are the weak part.
All it can take is something costing just a few pounds to get inside the best protected network.
Removable media is one of the largest security challenges that we face today, simply because it comes in so many shapes and sizes, so many different forms, and people are unfamiliar with its capabilities.
They believe that it's just used to store files but, unfortunately, it can also be used to introduce malicious code into a network environment.
It may seem unlikely that such a simple tactic would be effective, so it's one that Sean was asked by the US government to test.
When we took as USB stick that had a corporate logo on it and placed it in a public area, we had been a 70 and 80% assurance that someone would take that device and insert it in the corporate network.
When we did the experiment with a CD ROM that had the year and pay and compensation tables just written with a Sharpie on the disk, we had almost a 100% guarantee that piece of media, that CD, would be introduced into a corporate environment.
And it is this tactic, using a removable media device, which seems to have launched the world's most powerful cyber weapon Stuxnet.
In 2010, this sophisticated piece of malware struck at a uranium enrichment plant in Iran, causing significant damage.
This nuclear facility at Natanz was in a highly secure environment, cut off from the internet, but still vulnerable to someone bringing in a removable device into the plant.
Whether it was spies or unwitting accomplices, we will probably never know.
The challenge with Stuxnet, for instance, was it didn't take advantage or try to break any of the encryption or the security boundaries, because it actually exploited the natural communications capability of the network.
So, when you plug devices together, they want to identify each other, that's part of this plug and play technology that we use today.
So, these particular individuals took advantage of that.
They wrote the code to insert into a network environment inside the security perimeter, so you were already within the walls of the keep, if you will.
And then it just used the natural communications capability of the network, and it moved from computer to computer until it found specifically what it was looking for.
But nothing in this world of high stakes hacking is quite as simple as it seems .
.
because Stuxnet has escaped.
It has now been found outside its intended target.
What's interesting about Stuxnet and how we were able to discover it to begin with is that it didn't just target machines in Iran, it didn't just target machines in that Natanz facility, Stuxnet has the ability to spread to any machine, any Windows machine across the world.
It has now infected more than 100,000 machines.
It was never intended to get in the wild but, unfortunately, once it did get into the wild, it demonstrated a level of sophistication and capability that up to that point, no-one had taken advantage of.
This was truly a digital Pandora's box.
Once it was opened, you could not put the lid back on.
Stuxnet is now out in the public domain.
You can take the modules which are most effective for you and actually repurpose them, or retool them, and launch them against a private company, an individual, potentially, a host nation.
It just depends upon what your intent and what your desire is.
It highlights the risks of developing these sorts of weapons.
That they may indeed become uncontrollable and even be used against the nations that developed them.
There's nothing new about codes and trying to keep secrets .
.
but the advent of global digital communications has created a new battleground without borders.
One where teenagers nation states and organised criminals go head-to-head as equals.
This murky world is set to become the defining battleground of the 21st century.

Previous EpisodeNext Episode