Best Infosec Long-Reads of the Week, 7/16/22

Best Infosec Long-Reads of the Week, 7/16/22

An attorney found her face for sale on NFT marketplace OpenSea, How a teen from an upscale suburban community pulled off a $23.8 million crypto heist, DARPA wants to understand open source risks, more


Metacurity is pleased to offer our free and paid subscribers this weekly digest of long-form infosec pieces and related articles that we couldn’t properly fit into our daily crush of news. Let us know what you think, and feel free to let us know if we missed something important by sending us a note to info@metacurity.com. Happy reading!

woman reading book on orange sofa
  • Jillian York, an attorney at EFF, wrote this can’t-miss tale in The Record about this misuse of her face in a non-fungible token (NFT) that was for sale in a collection of images entitled Cipherpunks for sale on NFT marketplace OpenSea back in December when NFTs were hot commodities. Included in the collection were some troubling tech figures accused of sexual misconduct and assault.
  • Rolling Stone writer Alex Morris has this fantastic interview with Ellis Pinsky, a bright suburban teenager in leafy Irvington, New York, who was drawn into the underworld of malicious internet hackers and pulled off a $23.8 million heist by targeting cryptocurrency heavyweight Michael Terpin. After the hack, Pinsky says he ended up with 562 bitcoins, worth close to $10 million at the time, which he returned to Terpin under a deal with the U.S. Attorney’s office. But Terpin, who believed Pinsky was a “Baby Al Capone,” reached out to those he thought were involved in the hack seeking information. Later, four men looking for some of the stolen money broke into Pinsky’s parents’ house, two of whom were apprehended and sentenced to 60 months in jail.
  • Patrick Howell O’Neill examines in MIT Tech Review how a project of the U.S. military’s Defense Advanced Research Projects Agency (DARPA) called the “SocialCyber” program will examine the widespread use of open source code such as Linux to understand better the risks open source technologies pose to security. Using a combination of sociology with recent technological advances in artificial intelligence, DARPA seeks to “map, understand, and protect these massive open-source communities and the code they create.”
  • Nathaniel Fick and Jami Miscik of the Council of Foreign Relations offer a report entitled “Confronting Reality in Cyberspace: Foreign Policy for a Fragmented Internet,” which looks at how what was an essentially American vision of an open, reliable, and secure global network has not been achieved and is unlikely ever to be realized. Instead, they argue that the internet is now “less free, more fragmented and less secure” because countries worldwide are asserting more control over the internet and using it, along with criminal actors, to launch malicious campaigns and spread misinformation.
  • Lennart Maschmeyer, a Senior Researcher at the Center for Security Studies at ETH Zurich and a Fellow at Citizen Lab, examines in Lawfare Blog how the subversive nature of nation-state cyber operations faces a “trilemma” of challenges concerning operational speed, intensity of effects, and degree of control. The track record of Russia’s hybrid warfare in Ukraine, which by and large failed to provide strategic value to Moscow, underlines the limitations imposed by the trilemma.

Read more