Inside the World of Teen Cybercrime | Lawfare
The upcoming main navigation can be gotten through utilizing the tab key. Any buttons that open a sub navigation can be triggered by the space or enter key.
Search Lawfare
Search
Advanced Search
Tash Buckley
Meet The Authors
Subscribe to Lawfare
In 2022, a Finnish psychotherapy center called Vaastamo suffered one of the most intimate data breaches in recent memory. Thousands of therapy patients, people who had sought help at their most vulnerable, found their private session notes stolen and held for ransom. It is with this hack that Joe Tidy opens “Ctrl+ Alt+ Chaos,” and it is an effective place to start. The man behind it, Julius Kivimäki, becomes the book’s central figure, a hacker whose activities, and the reactions he provokes from the wider hacking community, allow Tidy to trace the full arc of cybercrime culture, from its earliest incarnations in the 1980s through to the emergence of the most recent teenage cybercrime gangs. Along the way, Tidy gives voice to all sides of the story, the motivations of the hackers themselves, the experiences of the victims, and the frustrations of the investigators tasked with catching Kivimäki.<br>Tidy’s book is the latest entry in a growing literature on hacking subculture. Gabriella Coleman’s 2015 study of Anonymous, “Hacker, Hoaxer, Whistleblower, Spy,” remains the most rigorous academic treatment of a hacking group, bringing an anthropologist’s patience to questions of identity and motivation that Tidy largely leaves open. Jonathan Lusthaus’s “Industry of Anonymity” maps the more organized, financially driven end of cybercrime with similar scholarly precision. What Tidy offers is something different: not a shift in our theoretical understanding of why young men are drawn to these subcultures, but an account that makes the phenomenon feel viscerally real in a way academic work rarely achieves.<br>Reading “Ctrl+ Alt+ Chaos,” one could be forgiven for thinking one had wandered into a Nordic noir thriller. The atmospheric tension and the morally complex characters lurking in digital shadows are reminiscent of Jo Nesbø at his best. That these people are entirely real makes the characterization all the more remarkable. Tidy renders his subjects, hackers and the investigators pursuing them, with a vividness that is rare, especially when writing about cybersecurity.<br>Tidy is equally skilled at capturing the emotional texture of being on the receiving end of an attack, the palpable fear and creeping anxiety of discovering that your most personal details are in someone else’s hands, that you are being held to ransom by a stranger who knows more about you than you would ever want them to. By grounding these dynamics in real experiences, Tidy transforms what might otherwise feel like an abstract threat into something viscerally human, which is really what is needed to help translate a digital threat into an actionable concern.<br>Tidy also has a sharp eye for the peculiar rhythms of the cyber world, the long stretches of boredom and mundanity that characterize so much of cybersecurity work, punctured by sudden moments of fierce intensity, the thrill of breaking something, fixing something, or catching someone in the act. I would consider myself to have a competent, if not confident, understanding of the cybersecurity ecosystem, and there were many things within the book that I learned about the hacking subculture, and cyber incidents I wasn’t aware of. Tidy has clearly immersed himself in the research for many years.<br>Tidy is well placed to tell this story. As the BBC’s first dedicated cyber correspondent, he has spent the better part of a decade covering major cyberattacks across television, radio, and digital platforms, having previously reported for Sky News. His interest in the world of teenage hackers was sparked by covering the Lizard Squad’s Christmas Day 2014 distributed denial-of-service attack, which took down Xbox and PlayStation. And he has been following the thread ever since—traveling to the U.S., Russia, Ukraine, and beyond to track down key figures in the cybercrime world. “Ctrl+Alt+Chaos” is in many ways the natural culmination of that body of work, a long-form exploration of a subject he knows better than almost anyone in British journalism.<br>The first three chapters of “Ctrl+ Alt+ Chaos” follow Tidy’s investigation into one of the most prolific and intriguing figures in recent cybercrime, a hacker known, at the start of the story, only as “Ransom_man,” the architect behind the Vaastamo hack. Ransom_man, also known as Zeekill, was also a key member of Lizard Squad at the time of their Christmas Day 2014 attack. It is a remarkable case study, pursued with real tenacity.<br>Tidy uses his account of Ransom_man, that is, Julius Kivimäki,...