Cybersecurity’s Unsung Stories of 2023

2023 saw a relentless barrage of cyber threats, but some of the most impactful stories went largely uncelebrated – until now.

As the year draws to a close, TechCrunch takes a moment to reflect on the cybersecurity narratives that resonated deeply, offered crucial insights, and often exposed critical vulnerabilities. In a world saturated with headlines, these stories deserve a spotlight for their impact and the dedication of the journalists who brought them to light. This isn’t an exhaustive list – the sheer volume of cybersecurity news is staggering – but rather a curated selection of the year’s most compelling and significant tales.

The Shadowy World of Iranian Hackers and High Stakes

Shane Harris’s deeply personal and gripping account of cultivating a source within Iran’s intelligence apparatus stands out. Starting in 2016, Harris spent months building a relationship with an individual claiming to be a hacker working for the Iranian government. This source detailed involvement in major cyber operations, including the infamous downing of a U.S. drone and the devastating hack of Saudi Aramco. Initially skeptical, Harris’s belief grew as their correspondence continued, culminating in a chilling discovery after the hacker’s death. The story offers a rare glimpse into the challenges faced by cybersecurity journalists in verifying information from anonymous sources operating in high-stakes geopolitical environments.

Apple Under Pressure: Leaked UK Surveillance Order

A landmark story from The Washington Post revealed a clandestine order from the U.K. government compelling Apple to create a backdoor in its iCloud data, granting authorities access to users’ encrypted information globally. This unprecedented demand, kept secret through a gag order, sparked a significant diplomatic dispute between the U.K. and the United States. Apple’s subsequent decision to halt opt-in end-to-end encrypted cloud storage in the U.K. underscored the profound implications for user privacy and the ongoing battle between government surveillance and tech company safeguards. The story ignited crucial public scrutiny of U.K. surveillance powers.

The Moment Trump’s War Plans Were Accidentally Shared

The Atlantic’s editor-in-chief, Jeffrey Goldberg, experienced a truly remarkable moment of on-the-record access when he was inadvertently added to a Signal group chat containing the U.S. President’s senior advisors discussing war plans. This accidental inclusion provided unprecedented insight into the operational security practices of the Trump administration, revealing significant lapses. Goldberg’s reporting meticulously detailed the discussions, from strategic bombing targets to concerns about OPSEC, ultimately leading to a months-long investigation into government security failures and the vulnerabilities of seemingly secure communication platforms.

Tracking Down a Hacker: The Persistence of Brian Krebs

Veteran cybersecurity reporter Brian Krebs once again demonstrated his exceptional investigative skills by tracking down Rey, an administrator for the notorious Scattered LAPSUS$ Hunters hacker group. Krebs’s persistent digging led to a conversation with someone close to Rey and, eventually, a direct interview with the hacker himself. Rey’s confession marked a significant development in understanding the motivations of this prolific cybercriminal and his desire to leave that life behind. Krebs’s work exemplifies the dedication required to uncover the identities behind cyberattacks.

Exposing Surveillance: 404 Media’s Impactful Reporting

Independent media outlet 404 Media achieved a major victory this year by exposing a massive air travel surveillance system operated by the Airlines Reporting Corporation (ARC). For years, ARC, owned by major airlines, had been selling access to billions of flight records, including sensitive personal and financial data, to government agencies like ICE and the IRS – often without warrants. 404 Media’s months-long reporting and the ensuing public outcry led to ARC’s decision to shut down the warrantless data program, highlighting the power of independent journalism to hold powerful entities accountable.

Testing the Boundaries: Wired’s 3D-Printed Gun Investigation

Wired took on a challenging and ethically complex investigation by attempting to build a 3D-printed firearm, similar to the one allegedly used in the killing of UnitedHealthcare CEO Brian Thompson. This deeply researched and meticulously documented piece explored the increasingly blurred legal and ethical landscape surrounding “ghost guns” – firearms built privately without serial numbers and often without background checks. The accompanying video was particularly chilling and provided a stark illustration of the growing threat posed by these unregulated weapons.

The DOGE Fallout: Whistleblower Account Reveals Government Data Theft

NPR’s in-depth reporting on the “DOGE” incident – the unauthorized access to sensitive government data by a group linked to Elon Musk – offered a crucial look at the resistance efforts of federal workers. A whistleblower shared their account with Congress, detailing not only the data theft but also the significant personal threats they faced. The letter containing threatening language and personal information underscores the serious consequences faced by those who attempt to safeguard government information.

Unmasking Surveillance Victims: Mother Jones’s First Wap Investigation

Mother Jones’s investigative reporting uncovered a disturbing dataset belonging to a mysterious surveillance company called First Wap. This dataset contained the phone location data of thousands of people worldwide, including high-profile figures like former world leaders, a Vatican adversary, and a Hollywood actor. The story highlighted the shadowy world of phone surveillance facilitated by the SS7 protocol and the potential for widespread privacy violations.

The Peril of “Swatting”: Wired Chronicles Nationwide Attacks

Wired’s comprehensive report on the escalating problem of “swatting” provided a chilling portrait of this dangerous hoax. From its origins as a prank, swatting has evolved into a serious threat, resulting in at least one death. The article profiled the individuals involved, including prolific swatters and the call operators who bear the brunt of these malicious calls. It offered a stark reminder of the real-world consequences of online threats and the vulnerabilities within emergency response systems.

These stories, among many others, demonstrate the critical role cybersecurity journalism plays in informing the public, holding power accountable, and ultimately contributing to a more secure digital world. They are a testament to the dedication and courage of the reporters who tirelessly investigate the evolving threats in our increasingly interconnected lives.