How criminals can hold up a distorted mirror and conceal the real world.

Dr. David Gelernter of Yale University made the mistake of writing a book called Mirror Worlds, which suggested that reality will be replaced gradually, piece-by-piece, by a software imitation; we will live inside the imitation. I read it in my library, and the Unabomber, a man who mailed bombs to technical people he didn’t like, may have read it (if he did, he probably borrowed it from the library in the nearest town in Montana). The Unabomber, Ted Kaczyinski, then lovingly and meticulously crafted a bomb in his cabin, and mailed it to Professor Gelernter.

The bomb blinded Dr. Gelernter in one eye, tore off part of his right hand, deafened him in one ear and wounded him in the chest.

I should say at this point that the book was a mistake only because it attracted a terrorist, it was a good book, and in fact Steve Jobs of Apple was interested in Gelernter’s ideas.

We have the letter that the Unabomber sent. He says:

Dr. Gelernter:

People with advanced degrees aren’t as smart as they think they are. If you’d had any brains you would have realized that there are a lot of people out there who resent bitterly the way techno-nerds like you are changing the world and you wouldn’t have been dumb enough to open an unexpected package from an unknown source.
… In any case, being informed about computers won’t enable anyone to prevent invasion of privacy (through computers), genetic engineering (to which computers make an important contribution), environmental degradation through excessive economic growth (computers make an important contribution to economic growth) and so forth…
As for the inevitability argument, if the developments you describe are inevitable, they are not inevitable in the way that old age and bad weather are inevitable. They are inevitable only because techno-nerds like you make them inevitable.

Gelernter has not let the bomb derail his life. He is a futurist of sorts, and so is Marc Goodman, a former policeman and the author of “Future Crime” a book which has two chapters on our current mirror world of computer screens. Criminals have found that they can alter what we see on such screens, whether on our laptops or our mobile phones.

Even without reading Goodman’s book, most of us have heard of misdirection by hackers. You think you are accessing your stock broker’s website, when you are accessing a facsimile produced by a criminal. Or you think you are chatting with a handsome young man you made friends with on Facebook when he is really somebody neither handsome or wholesome. I had even heard of a man who was turned down for a job he really wanted, because his “girlfriend” sent an email to the would-be employer, impersonating the applicant, and saying he did not want the job. The applicant only found out when the interviewer sent him another email later, saying he was such a good fit for the job, and he (the interviewer) could not understand his rejection.

Marc Goodman gives more examples.

There was the case of Mark Jakob, a community college student, who created a fake press release. He copied the stationary and style of previous Emulex press releases, spoofed the company’s email-address and forwarded a release saying there was a SEC investigation into Emulex, and that the company’s CEO had resigned in response. The story was picked up by major newswires, and Emulex lost $2.2 billion in market capitalization. The truth came out in a few days, of course, but by that time:

investors in the market lost more than $110 million because a kid at a community college manipulated the trust they had in their screens.

Then there was the case of Elizabeth Thrasher, who was jealous of her ex-husband. He had a new girlfriend, and that girlfriend had a daughter, who Thrasher decided to attack.  Thrasher copied two photos from the teen’s MySpace account and posted them to Craigslist in the ‘Casual Encounters’ section of the site. As part of the impersonation, she also posted contact information for the girl, including her email address and home address, and said that she was looking for sex. So phone calls and photographs, including nude pictures, and requests for sex began to swamp the poor girl’s inbox and phone.

There there is the practice of “swatting”.

Bored hackers have been able to phone police with spoofed phone numbers in order to report nonexistent crimes. The hacker may be in Maine, but because he “used your phone number in Miami, that’s where the cops are heading.
The deadly game begins when criminals spoof your phone number and then dial 911. A woman screams into the phone, “My husband shot my mother and baby, and now he’s holding me hostage…PLEASE come quick…He’s got a shotgun and an AK-47…Hurry…he’s crazy!” A recording of gunshots can be played in the background for good measure….
In the meantime, you’re sitting at home on the couch eating ice cream with your wife and kids, enjoying the latest episode of ‘The Big Bang Theory’. The cops think a woman inside is moments away from being murdered, and [the local SWAT team is gathering outside your house].
The cops have surrounded the house and are yelling for you to put your hands up and come out. Your kids are screaming, and your wife is confused…You don’t want to go out of your house and confront a group of maniacs (even if they are cops) pointing rifles at you. To the police, your refusal to cooperate heightens the tension. Their next stop is to shoot some flash-bang grenades through the windows of your house and see what happens…

Swatting is sometimes done for revenge, and sometimes just for the fun of it.

Your mobile phone is also a potential target.

If your phone is hacked, then when you phone person X, you may be talking to impersonator Y. Conversely, if caller id says the call is coming from person X, it may be coming from impersonator Y.

If are navigating a boat, the global positioning signals that tell you where you are going may be coming from a bad-actor in your crew, who plans to steer your cargo to a waiting den of thieves. As far as we know, this has not happened, but graduate students from the University of Texas managed to send a yacht off course to prove the vulnerability was real. This kind of thing could also lead soldiers into an ambush.

So far, all the examples are temporary – the truth comes out eventually, though people can get hurt before it does.

But what if the truth never comes out? For instance, what if you want to reconcile with someone you knew a long time ago who you had a misunderstanding with, and a jealous friend does not want that to happen? Or conversely, what if you wish to communicate with a person who could tell you unpleasant facts about someone you trust? There would be motives to permanently intercept and derail your efforts, in that case.

Cyber-crime is lucrative, and so criminals who in the old days might have robbed your car are learning techniques in how to deceive ordinary people. And those criminals who simulate reality are creating a false world in order to spy on your credit card, bank account, private life, etc.

Marc Goodman says a few complimentary things about techno-criminals:

“Anything that would motivate a startup employee would motivate a criminal. They want money, they want shares in the business, they want a challenge, they don’t want a 9-5 environment. They want the respect of their peers, and they are engaged in a game of us against them.”

“Cybercriminals are highly innovative and adaptive, they have so many ways of being clever and imaginative because they never take the straight-on approach. They always find the side way to go about something that the good person would never have considered”

The conclusions that I draw include that we should validate the simulated world we get from our digital devices against direct talk with real live human beings.  If we don’t put full trust in our devices, or in the friendly sounding strangers we talk to on the phone, we are not really being paranoid, we are being prudent.   And if we hope for mercy for those who have just gotten hold of our identity or bank account, we are probably not being realistic.


Crimesourcing and how data criminals are like startup employees

Future Crimes – Marc Goodman (Doubleday – 2015)


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s