VIEW 25
Genghis Khan, zero day, and the sonic boom
In the 13th century, Genghis Khan and his Mongol successors conquered most of the Eurasian continent. They created an empire that spread over 12 million square miles, from Poland and Turkey in the west to Korea in the east. This achievement was primarily due to the military prowess of the Mongol “kheshig” horsemen, but that was not the only factor. The Mongols also used biological and psychological warfare.
When you think of Mongol riders advancing across the steppe, you should also picture two “bow waves” advancing in front of them; one of disease and one of information. Bubonic plague is endemic in the rodents of the East Asian steppe, and the Mongols were known to catapult plague-ridden corpses over the walls of cities they were besieging to infect the defenders. This is the same plague that later caused the Black Death in Europe, which killed 25 million people.
The second bow wave—the informational one—relates to the practice of deliberately leaving a few survivors when sacking a city. These were sent ahead as messengers to other cities in the Mongols’ path, warning them of their impending doom. As a result, many cities surrendered without a fight to avoid destruction.
In the Covid pandemic, information about the virus travelled faster than the virus itself. It was information about the genomic sequencing of the microbe that allowed the rapid development of vaccines, which are estimated to have saved 20 million14 lives. The same is true if we read across to computer viruses. Online databases, such as the CVE, score known system vulnerabilities according to their severity, and offer patches to fix them. This means that the community response to malware infections can be robust and timely, so long as the information “bow wave” travels faster than the spread of the malware itself.
In aviation, there is a phenomenon known as the sonic boom when an aircraft is travelling faster than the speed of sound. At subsonic speeds, the sound waves in front of the aircraft travel faster than the plane does, creating the sonic bow wave shown in diagram one. But when the aircraft goes supersonic, it breaks through the so-called “sound barrier,” eliminating the bow wave and causing a massive sonic boom in its wake, shown in diagram three. Even though supersonic flight was first achieved more than 70 years ago, all passenger aircraft today are still subsonic because of the sonic boom problem.
In the cyber realm, this phenomenon is known as a zero-day exploit. This is a vulnerability that was previously unknown (known about for zero days). It is an exploit that is not preceded by an informational bow wave, like a supersonic aircraft. As with the sonic boom, they can be extremely destructive.
The two most damaging cyber attacks to date―WannaCry in 2016 and NotPetya in 2017―both used a zero-day exploit known as EternalBlue. The NSA had known of this vulnerability for five years but not shared the information. Since then, sharing of knowledge about vulnerabilities has become far more common, keeping cyberspace (as with aerospace) predominantly “subsonic”.
