TED Radio Hour
Fri August 9, 2013
Are There Good Hackers?
Originally published on Fri December 6, 2013 10:10 am
Part 1 of the TED Radio Hour episode The Hackers.
About Mikko Hyppönen's TEDTalk
In 1986, the first PC virus - Brain - began to spread. What was once annoying has become a sophisticated tool for crime. Computer security expert Mikko Hyppönen describes discovering Brain and why the guys who wrote it never meant any harm.
About Mikko Hyppönen
Mikko Hyppönen is the Chief Research Officer for F-Secure, and he has led his team through some of the largest computer virus outbreaks in history. He named the infamous Storm Worm, was part of the Conficker Working Group and he has done classified briefings on the Stuxnet worm, the virus used to attack Iran's nuclear program. He has also helped law enforcement in USA, Europe and Asia on cyber crime cases.
As a few hundred million more Internet users join the web from India and China and elsewhere, and as governments and corporations become more sophisticated at using viruses as weapons, Hyppönen asks, what's next? Who will be defending the world's networks from malicious software?
GUY RAZ, HOST:
It's the TED Radio Hour from NPR. I'm Guy Raz. And on the show today, meet the hackers who could change everything. So recently, we called up a computer hacker. We caught him in the middle of a huge hacker convention in Las Vegas. It's called DEFcon.
MIKKO HYPPONEN: And while you're at the DEFcon conference, you don't use the ATMs. You don't check your e-mail. You don't trust any of the Wi-Fi networks at the conference either. Basically, you don't trust anybody. That's the way it works.
RAZ: Wow. So you're using, like, a pen and pad while you're at, like, this super high-tech conference.
HYPPONEN: Pen and pad works very well. That's what I recommend when you're at DEFcon.
RAZ: That's Mikko.
HYPPONEN: Mikko with a very long K. Last name is Hypponen with a very long P, so.
RAZ: Mikko is from Finland, and he's in cyber security and he's one of the good guys.
HYPPONEN: I'm a hacker, but I'm the good kind of hackers. And I've never been a criminal. Many, many guys in this field used to be breaking into stuff. And yes, there are people here who are breaking into systems, not just people who are trying to defend against systems.
RAZ: Anyway, we pulled Mikko away from DEFcon for a few moments so he could tell us a story that he told on the TED stage about two early computer hackers, the hackers behind Brain.
HYPPONEN: Originally, I first encountered Brain in 1986.
RAZ: Brain was the world's first PC computer virus. No one knew where it came from, but they knew how it was spreading.
HYPPONEN: At the time, people were moving data around on floppies 'cause there was no networks. There was no Internet. There was no e-mail. If you had to move something from one computer to another, you copied to a floppy disk and then you moved the floppy to the second computer.
RAZ: But if that floppy disk was infected with Brain...
HYPPONEN: You also moved the virus from one computer to another.
RAZ: And it didn't do anything to your computer. It just sat on it, and you were powerless to stop it. It was a simple virus, and it was actually ahead of its time - way ahead of its time.
HYPPONEN: It's surprisingly advanced, and it has surprising features, including a capability of hiding itself. So when your PC is infected by Brain, and you go and look at your floppies, you will not see Brain on the floppies. It's watching you watching it, and if you try to look at the copy of Brain, it fools you and gives you a clean image of a floppy instead. And we would call this a stealth virus, at the time.
RAZ: So Brain came and went, and since it didn't really hurt anyone for a long time, nobody really bothered to find out where it actually came from until...
HYPPONEN: 2011, when I realize it's going to be the 25th anniversary of the Brain virus. I started looking into it and I wanted to find out who wrote it. So I went back and I remembered there was text inside the virus. And sure enough, there was text inside the virus, inside the Brain code - text in English.
RAZ: What did it say?
HYPPONEN: Well, you want me to read - well, let me see what I have here. So when you took a Brain-infected floppy and you looked at the very beginning of the floppy, at the boot sector area of the floppy disk, inside the code of the boot sector was the short text which said, Welcome to the Dungeon, 1986, Brain and Amjad. And then it has an address, an address in Pakistan - 730 Nizam Block Allama Iqbal Town, Lahore. Then it ends with the text, Beware of this virus. Contact us for vaccination.
RAZ: That was very friendly of them to include all that information in their virus.
HYPPONEN: Yes, and it's a bit of a mystery. And when I started investigating this again in 2011, I basically looked up the address in the virus on Google maps. There's still this road in Lahore in Pakistan. So I decided to go there and find out if the guys are still there.
RAZ: So a couple weeks later, Mikko's walking down a street in Lahore, Pakistan, looking for the two guys mentioned in the code, Basit and Amjad.
HYPPONEN: And I tried finding 730, walking down the road, and then I see that there is a building which says Brain on the side of the building. Brain Computer Services. Obviously, that's the place.
RAZ: That's a clue, right, at least.
(SOUNDBITE OF TED TALK)
HYPPONEN: And I knocked on the door.
(SOUNDBITE OF LAUGHTER)
HYPPONEN: You want to guess who opened the door? Basit and Amjad. They are still there.
(SOUNDBITE OF APPLAUSE AND LAUGHTER)
HYPPONEN: So here, standing up, is Basit, sitting down is his brother, Amjad. These are the guys who wrote the first PC virus, and of course, we had a very interesting discussion. I asked them why. I asked them how they feel about what they started. And I got some sort of satisfaction from learning that both Basit and Amjad had had their computers infected dozens of times by completely unrelated other viruses over these years. So there is some sort of justice in the world after all.
HYPPONEN: And I had heard of these guys for so many years, and of course, they made history. So it was really exciting to actually meet them in the real, real world and shake their hands and speak with them.
RAZ: So why did they do it? Why did they make it?
HYPPONEN: Well, that was the key question, and that's exactly what I wanted to ask them. What's the motivation? Why did you do this? And it turns out that the reason was that they had been programmers for years. Even before Brain, they had been programming larger computers, UNIX-based computers.
And then when they started using PCs, they realized that these things are really insecure, and they wanted to prove how easy it would be to write a virus which would completely automatically infect computers and spread around. And Brain proved to everybody that, indeed, these new PC systems in 1986 had no security whatsoever.
RAZ: Now the thing is, if you use a PC today, the security on your computer was developed, in part, because of Brain, because of what Basit and Amjad created.
HYPPONEN: These guys weren't evil at all. They weren't evil even then, 25 years ago, when they wrote the first PC virus. Their intention was never to cause harm to anybody, and they didn't, of course, realize that they made history when they wrote the first PC virus. But Brain was the only virus they ever wrote and they never meant to destroy any data or cause any harm for anyone.
RAZ: And the thing that bothers guys like Mikko Hypponen is what the word "hacker" has come to mean, because hackers are bad, right?
Well, not all of them. And hopefully, by the end of today's show, you'll agree, because all of our TED speakers today are hackers for good - hacking into our brains, our environment, even into the DNA of extinct animals. Hackers trying to save the world. So let's go. Transcript provided by NPR, Copyright NPR.