Nicole Perlroth: Cybersecurity and the Weapons of Cyberwar | Lex Fridman Podcast #266

Perlroth explains the underground market for zero-day exploits, where hackers sell software vulnerabilities to governments for millions and where intent and ethics get blurred when operating in secret. She details how nation states like Russia, China, and the Gulf states use cyber weapons for sabotage, surveillance, and war planning, leaving America's privately-owned critical infrastructure dangerously exposed. The conversation covers ransomware's real human cost, the NSA and Snowden, the impossibility of a digital Geneva Convention, and practical defense advice. She ends on a hopeful note, urging young people to become defensive hackers and trusting that people are fundamentally good.

• Android remote zero-day exploits now sell for more than iOS exploits, possibly signaling Apple's security is slipping.
  00:03:38
• An Argentine hacking-scene godfather told her they would rather sell zero-days to Iran, Russia, or China than to the United States.
  00:19:40
• Lex reveals he was personally hit by DeadBolt ransomware that encrypted his 50TB QNAP storage via a zero-day, demanding 0.03 bitcoin.
  00:25:57
• A Saudi petrochemical plant safety-lock attack blamed on Iran was actually traced to a graduate research institute outside Moscow.
  00:47:18
• In 2018 US Cyber Command hacked into Russia's power grid and the NSC had no problem with the NYT publishing it, as a deterrent message.
  00:47:49
• Perlroth names LastPass as 'the worst case example' when discussing password reuse and breaches.
  01:00:43
• Saudi Arabia planted spies inside Twitter to identify regime critics who couldn't be unmasked from the outside.
  01:01:45
• The murder of Jamal Khashoggi destroyed her belief in the 'invisible shield' that protected journalists.
  01:42:35

• A zero-day is named because engineers have had zero days to fix the bug since it was discovered.
  00:01:32
• A remote zero-click iOS exploit once sold to brokers for around 2.5 million dollars, on condition of total silence.
  00:03:38
• Russia's NotPetya attack crippled Merck so badly it had to tap the CDC's emergency Gardasil vaccine stockpile.
  00:32:45
• A classified assessment found the US had only two to three days of margin during the Colonial Pipeline shutdown, due to diesel.
  00:33:15
• There were a record 80 zero-day attacks in the prior year, roughly double the 2019 figure.
  00:42:39
• Roughly 80 percent of ransomware attacks trace back to a simple lack of two-factor authentication.
  00:30:39
• Colonial Pipeline was breached via an old employee account with a leaked password and no two-factor authentication.
  00:53:28
• Over 80 percent of US critical infrastructure is owned by the private sector with no mandate to report breaches.
  00:41:04
• There are about 3.5 million unfilled cybersecurity positions worldwide, with defense roles hardest to fill.
  01:49:53
• China uses surveillance of the Uyghurs as a 'test kitchen' it intends to eventually export abroad.
  01:31:11

Books, products and media the guest or host genuinely endorsed here — with the buy link.

Affiliate link — we may earn a commission at no extra cost to you.