Who gets hacked like this?! - CoinGeek Banner

Who gets hacked like this?!

If you have been following the Satoshi Trial with me since last week, you have heard A LOT of stories about hackers, stolen credentials, malware, spyware, extortion, and more.

If you haven’t, it’s time to pay attention!

Do security pros get hacked?

In December 2020, a sophisticated cyber espionage campaign targeted SolarWinds, a major network management tools provider. The breach, first identified by cybersecurity firm FireEye, affected numerous global organizations, including U.S. government agencies. This attack, one of the most significant cybersecurity breaches in history, was executed through a supply chain attack. Attackers infiltrated SolarWinds’ software development process, embedding malicious code into the Orion platform, a widely used network management tool. This code, pushed out in a routine software update, created a backdoor for data espionage and potential disruption in the affected systems.

Attributed to a state-sponsored Russian hacking group, the attack’s sophistication and stealth highlighted critical vulnerabilities in software supply chains and raised questions about security practices in crucial infrastructure. The long-term consequences have been profound, leading to a reevaluation of cybersecurity practices, a push towards enhanced security measures, better threat detection, and a shift towards a “zero trust” security model. 

But how common are attacks like this?

Well, this was a vanguard sort of event among nation states, but most espionage is actually commercial in nature, and there are some very interesting items in the history of corporate espionage as well that are not so sophisticated as Solar Winds, but similarly shocking!

Everything from simple subterfuge to spying and theft of trade secrets—plays a more significant role than many would like to admit in the success of major brands. Some companies don’t just compete. Some infiltrate, steal, and sabotage to gain an edge. This clandestine warfare between corporations sometimes necessitates legal intervention to address and rectify the injustices committed.

Three notable cases underscore the pervasive shadow of espionage in the corporate world:

  1. Unilever vs. Procter & Gamble (2001): This infamous episode saw P&G (NASDAQ: PG) operatives sifting through Unilever’s (NASDAQ: UL) trash to glean insights into their product development strategies. The scandal underscored not just the lengths to which companies will go to outmaneuver each other but also the necessity of maintaining ethical boundaries in competitive intelligence. If you find yourself asking, “who would do that?” Well, the answer is someone who is willing to do anything to win!
  2. Cadence Design Systems vs. Avant! Corporation (Early 1990s): This is a really interesting story of intellectual property theft. Avant was found to have copied code from Cadence Design Systems (NASDAQ: CDNS), leading to a landmark legal battle. The case highlighted the critical importance of protecting proprietary technology and the severe consequences of corporate theft.
  3. Waymo vs. Uber: A more recent dispute that captured public attention, this legal battle centered around the alleged theft of confidential information related to self-driving car technology by a former Waymo employee who subsequently joined Uber (NASDAQ: UBER). The lawsuit brought to light the fierce competition in emerging tech sectors and the lengths companies will go to acquire cutting-edge technology.

In the Satoshi Trial: COPA vs Wright, critics have been asking two key questions about Craig’s testimony and evidence.

1. How does someone so good at security get hacked so often or badly?

Well, as you’ve seen above, anyone can get hacked and make critically bad decisions amid a threat event.

Something I learned early in my cybersecurity career is that the white hats have to be right every single time. The black hats only have to be right once. And since Craig was widely discussed as possibly being Satoshi and, therefore, a high-value target for theft, we should expect lots of malicious actors to target him. And if any of Craig’s evidence is real, he has been the victim of what seems like a great many attacks, but in reality, it seems to come down to two major campaigns against Craig: The Wilson/Kleiman/Maxwell/ATO-adjacent extortion attack and the more recent COPA focused attacks that might also involve Maxwell… Even if Craig’s attacks aren’t agreed upon, at the very least, we know Satoshi’s email was taken over by a black hat in 2014, and we know he accidentally leaked his own IP address at least once, so nobody should be saying “Satoshi wouldn’t get hacked.”

2. Why would COPA companies care about nChain or Craig’s corporate intellectual property? 

This is important. Corporate espionage and legal strategy are a big part of every serious company’s dealings. If Unilever and P&G can be digging through each other’s garbage in order to get ahead of product development, is it hard to believe that nChain, DeMorgan, or other companies in the disruptive blockchain space might have moles or threat actors trying to take over the systems of the most prolific patent holder in the space?

I think it’s pretty obvious that COPA‘s “Mr Niceguy” schtick is a paper-thin cover for their desire to become the gatekeepers to the blockchain economy through brutal enforcement of their collectivist patent portfolio.

It is also important to note that amid all the drama of the Satoshi Trial, one thing is not in question. Dr. Wright is very, VERY interested in immutable, distributed logs and
timestamps that act as a tripwire system and storage of critical data so that corporations can’t cheat on their own books and malicious actors cannot exfiltrate data without detection ever again.

Whether or not Judge Mellor understands the implications remains to be seen, but BlackNet, Timecoin, Metanet, and Bitcoin itself can make the world more secure, more honest, and more able to engage in low-friction global commerce, and that is a goal worth fighting for—even if COPA’s Silicon Valley connections would rather keep everyone’s data, identities and property as siloed as they can.

Watch: Breaking the misconception between ‘crypto’ & blockchain

YouTube video

New to blockchain? Check out CoinGeek’s Blockchain for Beginners section, the ultimate resource guide to learn more about blockchain technology.