Great Documentary Example of How Stealth Hacks Versus Destructive Hacks By Ralph Langner

I've highly recommended the documentary Zero Days by Alex Gibney in the past, as the interviews with cybersecurity experts and military personnel are gold. One of the people in the film that Alex interviews is Ralph Langner, who provides great information about the digital world, security and Stuxnet in Alex's film. He created his own documentary about Stuxnet, highlighting two campaigns of it in his video The Stuxnet Story: What really happened at Natanz.

He compares and contrasts the two campaigns - the first campaign being the worst nightmare for anyone, as it operated in stealth and did little damage over time that could have been easily dismissed as normal operations. Some of the points he brings up about the first campaign remind me of how people always talk about attacks because the sound more interesting, but it's the recon that hackers do that can be far worse, even though it's only informational. Intellectual property theft, as an example, can be very costly for a company, but for an attacker, it can be a short and stealthy campaign that never is discovered if done right.

By contrast the second campaign sounds worse, but actually results in the underlying problem being solved faster because it's identified quicker: it does more damage, it spreads all over, uses zero days and stolen certificates, and makes noise which results in it being discovered. This is like an attack group that takes on a big target and causes major disruptions: they then become the focus of a lot of people, rather than operating by stealth (the recent pipeline attack is a good example of this, as the attack made many people aware of the group and has created a lot of enemies for the group).

His documentary is definitely worth watching. Check out Ralph Langner's YouTube channel at Langner Group. Security is one of the most important topics in the digital community, as security is assumed. If this assumption turns out to be wrong, nothing is secure. If your personal security concerns you, my course Consumer Guide To Digital Security teaches key principles to protecting your security.