Confessions Of A Nation-State Penetration Tester — Facing Centralized Tech
I was a developer and cybersecurity expert for a government-level institution. My responsibilities included various implementations in the area of IT and cybersecurity.
It started with integrating and implementing various technologies such as intrusion detection systems. That is, detecting attacks and tracking down malicious packages in the network in real-time, deducting them, and implementing countermeasures on a physical and routing protocol layer.
Basically, I worked on everything related to modern (government) technology from a security standpoint. These included threats in cyberspace, like attack scenarios and the attack surfaces which malicious actors might exploit.
Seeing it all from the inside
I learned a lot about the technologies available to state actors in the field of OpSec.
For example, technologies exist that inject small pieces of data into malicious data packages. Thus, allowing authorities to gather information regarding the source and destination of the package.
With our clearance, we could communicate with various internet service providers and centralized network relay nodes. You would track the malicious packets to the final destination and learn about where it all came from.
If someone, for example, were hiding behind the virtual private network or various proxy routing protocols, I would track the package on the physical layer. So, we were still able to determine where the package came from.
We would study man-in-the-middle attacks. We would determine in real-time how we could spy on two connections to understand how malicious actors think and execute attacks.
As part of our duties, we also trained those working in other government departments. These included teaching law enforcement agencies and others about tracking cybercriminals.
Over the years working in the OpSec field, I came to understand a lot about how the world works. I learned there is a cyber war going on.
Threats in cyberspace are growing beyond the rate and scope that countermeasures can be implemented.
No matter how decentralized the software is that we’re using, no matter how huge this peer-to-peer network is, we’d always have to ask ourselves one question: Where is this software running? All too often, blockchain technology—DeFi included—runs on centralized technology.
The crypto industry faces the existential threat of centralized tech
In the crypto industry, we are still married to centrally controlled infrastructure. We are using government infrastructure, ISP infrastructure, centralized DNS nodes, and providers.
So the technology we create in crypto may very well be decentralized, but, at the end of the day, the underlying physical layer—indeed, the whole base foundation—is pretty centralized.
Unless there’s a real alternative—a second or decentralized internet—the industry faces a problem at the cyber OpSec and DevSec layer. Addressing this shortcoming with a truly decentralized Web3 is of the utmost importance for the future of money.
We’re at the point where there are so many threats and risks in the cyber world that we all must be aware and extra cautious. This is true, even if we keep a low profile online.
The majority of internet users nowadays don’t take OpSec seriously—even people in the crypto industry.
Unless you’ve been a victim of a hack, scam, virus, or worm, you might not even have proper antivirus or basic firewalls set up. These are, admittedly, just the beginning of good operational security.
Protecting decentralized technology
Indeed, as the cyber wars wage on, the public will become increasingly aware. The future of the modern world depends in some ways on cybersecurity. We must protect privacy and decentralization.
It is abundantly clear that an unsecured physical layer poses an existential threat to any decentralized technology since the users themselves are the network.
Security might seem like an inconvenience, but it is essential. If we are going to share the global Bitcoin network and broader crypto networks, which could one day underpin a future iteration of the web, our own security is part of greater social responsibility.
We must all be willing to learn simple security precautions and implement them in our use of crypto.
All the information contained on our website is published in good faith and for general information purposes only. Any action the reader takes upon the information found on our website is strictly at their own risk.