top of page

How did Russia get under our Cyber Skin?

US Intelligence was stymied by Stalin's spies who used an American super cipher, which we dismissed... It was the notorious Vernam contraption that is based on lavish use of randomness. Too boorish for the taste of the refined Western cryptographers who prefer an algorithmic alternative, and covet mathematical aesthetics. The same battleground is marked in the looming first global conflict of the 21st century. The Russians are using new generation of super powerful Vernam Ciphers (Trans Vernam), and we use mathematical elegance.

The vast majority of American passwords are written for memorization, and thereby lack in randomization. The Russians are using past (obsolete) passwords to be AI-processed to better guess the current password. For fear of hacking passwords are not kept in plain form in servers, only their hash is. Alas, a hash can be hacked. After all, Bitcoin miners 'hack' a hash every 10 minutes. Surely a well-funded state actor can do the same. The first thing that Russian malware does is proliferate while remaining absolutely harmless. This too is Russian style. The Soviets have been planting spies in the West to remain totally inactive for decades; gradually gain the trust of their enemies and then erupt.

We have a ton of forensic tools. My cyber security students in the university of Maryland kept asking me how robust are these tools? They were quite disappointed when I described assorted attack scenarios that will not be picked up by these tools despite their impressive sophistication.

We have a major drawback. So much of our cipher defense is advertised and is being boasted about. This renders our defense into the Russian innovation target. We are totally unmindful of this factor. I see time and again, cyber security companies listing certain attack scenarios and detailing how to counter them. What they ignore is the fact that once our defense posture is exposed, then our attackers are using their innovation power, and develop new attack vectors that we are not aware of -- they were not aware of before. When we at BitMint Security propose to our prospects to do an adversarial innovation assessment, we are dismissed by price-conscious executives who are satisfied with countermeasures to a plan of attack we expect our adversary to use. This touch of arrogance is what needs to change for the US to get ready for the coming global cyber match. Defend your cyber assets against a hacker smarter than yourself! Are you humble, smart, and resolute enough for this?

31 views0 comments

Recent Posts

See All


bottom of page