The Cybersecurity Stories We Were Jealous of in 2019

These are the best stories on hacking and information security from this year that we wish we had reported and written ourselves.
Image: Carol Yepes/ Getty Images

Cyber! Cyber! Cyber! We all love information security here at Motherboard. It seems no one can have enough cyber in their lives these days.

Yet, 2019 was actually kind of a slow year in terms of cybersecurity news, perhaps because hackers are saving their best shots for 2020. Still, there were some truly astounding and enthralling stories published on the internet about hackers, digital privacy, and surveillance.


As we did last year, we’re rounding up our favorite stories not written by us. We call it Motherboard’s Cyber Jealousy list, our annual hat tip to our awesome competitors, friends, and enemies at other outlets. Thanks for being awesome and pushing us to do better and working with us to give readers important stories they need to care about. We love scooping you, we hate being scooped by you, but in the end we’re all working toward the same goal: writing impactful cybersecurity stories in the public interest.

Without further ado, here’s our list of the best infosec stories published elsewhere. Enjoy and see you in 2020!

The Untold Story of the 2018 Olympics Cyberattack, the Most Deceptive Hack in History

By: Andy Greenberg

This is the blow-by-blow account of how Russian government hackers targeted the Pyeongchang's Winter Olympics in South Korea, shutting down part of its IT infrastructure during the opening ceremony. The most surprising part of this hack is that the perpetrators cleverly hid their provenance, with layers of false flags to deceive investigators looking into the hack. The hackers, for example, used a data-deleting tool used by North Korean government hackers, and password-stealing code previously used by Chinese government hackers in an attempt to lead investigators to point the finger to the wrong country. In this story, an excerpt from his new book Sandworm, Andy Greenberg tells us how researchers were able to unravel the web of planted clues and find the real culprits.


The Sinkhole That Saved the Internet

By: Zack Whittaker

In May of 2017, an unprecedented ransomware outbreak hit hundreds of thousands of computers all over the world, including systems belonging to the UK’s National Health Services, forcing health care facilities to turn patients away and close emergency rooms. The virus was called WannaCry, and its viral spread was stopped by two clever security researchers who realized the malware included a kill-switch. This enthralling piece details for the first time what it was like to stop WannaCry directly from the point of view of the two researchers, Marcus Hutchins—aka MalwareTech—and Jamie Hankins.

Inside The UAE’s Secret Hacking Team Of American Mercenaries

By: Christopher Bing and Joel Schectman

DarkMatter, the shadowy cybersecurity company from Dubai, has long been under scrutiny for its alleged shady practices. Chris Bing and Joel Schectman published this bombshell of a story that finally showed faces and concrete stories: the company was using former US intelligence operatives to run espionage operations on behalf of the United Arab Emirates government. A former NSA analyst went on the record for this story, providing documents and other data that showed how American DarkMatter employees targeted journalists and human rights workers, sometimes using a sophisticated iPhone hacking tool to hack their targets. The Reuters duo followed up this deep-dive with another scoop just a few days ago, revealing that White House cybersecurity veterans played a key role in building the UAE’s intelligence apparatus in the late 2000s and early 2010s.


Beto O’Rourke’s Secret Membership In America’s Oldest Hacking Group

By: Joseph Menn

This incredible story about Texas politician Beto O’Rourke’s membership in one of the oldest American hacking collectives, Cult of The Dead Cow, is a wild ride. As part of the hacktivist group in the 1980s, O’Rourke wrote a murder fantasy in which the narrator drives over children, imagined a world without money, and stole long distance phone calls. He didn’t actually hack much, but he was an active member and attended hacker conferences. His membership in the group was kept secret for decades, until Joseph Menn revealed it in this article, part of his book on the hacktivist group. O’Rourke’s presidential bid is over, but, perhaps, his story will help normalize how Americans see hackers in the future.

Undercover Agents Target Cybersecurity Watchdog

By: Raphael Satter

This was legitimately one of the most grotesque stories of the year. Spies working for a private intelligence company targeted researchers at Citizen Lab, a digital rights watchdog known for tracking spyware companies. The spies approached the researchers under false premises and were unmasked when one of the targets, John Scott-Railton, worked with journalist Raphael Satter to set up a sting operation against the spies. When Scott-Railton met in New York City with one of the spies, Satter crashed the meeting along with videomakers to confront the spy. The spy’s operation was so weird and sloppy that Satter described it as “half John Le Carré and half Mr. Bean.”


Inside Google’s Team Fighting to Keep Your Data Safe From Hackers

By: Robert McMillan

This was a good profile of a little-known Google security team that tracks government hackers: the Threat Analysis Group, or TAG. In this piece, The Wall Street Journal’s Robert McMillan scored one of the first ever interviews with TAG’s leader, Shane Huntley, who is a former Australian government hacker himself. Huntley talked about what his team does and what hackers they track, sharing details about some of the operations they derailed for the first time. (Note: Huntley later came onto our podcast CYBER.)

Attacking the Heart of the German Industry

By: Hakan Tanriverdi, Svea Eckert, Jan Strozyk, Maximilian Zierer, and Rebecca Ciesielski

It's always impressive and rewarding when reporters take tools usually reserved for cybersecurity professionals but use them to uncover something journalistically. In this case, a joint investigation by German public broadcasters BR and NDR found that Chinese state-backed hackers had broken into German companies. They didn't do this based entirely on talking to sources, but by scanning company servers for signs of Chinese malware.

"In all cases where Winnti was installed, the malware will respond to our request. This tells us: That company has been hacked," the article reads, referring to the specific strain of malware.

A Multimillionaire Surveillance Dealer Steps Out Of The Shadows . . . And His $9 Million WhatsApp Hacking Van


By: Thomas Brewster

Perhaps the most bizarre cyber story of the year. This is the profile of a shady Israeli surveillance maker, who sells a $9 million hacking van, which is supposed to be able to hack nearby phones equipped with WhatsApp—“the A-Team truck spliced with a Bond car,” as the author of the piece, Thomas Brewster, put it. In the article, the surveillance maker, named Tal Dilian, defended his industry’s reputation, saying people like him, or the controversial spyware maker NSO Group, “are not the policemen of the world, and we are not the judges of the world,” meaning it’s up to their customers to do the right thing, they just provide the tools. Dilian clearly is a believer, as he agreed to show Brewster the van for an accompanying video.

These Hackers Made an App That Kills to Prove a Point

By: Lily Hay Newman

Medical devices’ security has been under scrutiny and under suspicion for a few years now. But this story drives home how dangerous flaws in these devices can be. A group of researchers made an app that can remotely control insulin pumps, potentially giving hackers the ability to hurt—and perhaps kill—patients. "We’ve essentially just created a universal remote for every one of these insulin pumps in the world," said one of the researchers in what’s truly a terrifying quote captured by Lily Hay Newman.

The Inside Story Of The World's Most Dangerous Malware

By: Blake Sobczak


In 2017, an oil refinery in Saudi Arabia was hit by what some described as the most dangerous malware ever used, which had the ability to interact with the plant’s safety systems, potentially causing physical damage and hurting people in the refinery. At the time, the identity of the victim, as well as many of the details of the attack, stayed out of the public’s view. In this long and well-sourced feature, E&E News’ Blake Sobczak revealed the name of the company hit by the malware, the oil giant Petro Rabigh, the people who investigated it, and how the hackers played cat-and-mouse with attempts to kick them out of the company’s network. This story wasn’t easy, as most of the people and organizations involved declined to talk to Sobczak on the record, as it usually happens in such high-profile cyberattacks.

How The U.S. Hacked ISIS

By: Dina Temple-Raston

It’s very rare for hackers who work for intelligence agencies—especially those fighting terrorists—to talk to journalists, given that their work is often classified. NPR veteran reporter Dina Temple-Raston somehow convinced several people who worked for the U.S. military on operations to hack ISIS to do just that. In this story, she reveals how the U.S. Cyber Command and the NSA identified and took down key infrastructure used by the terrorist organization at the height of its popularity—an absolute must-read.

The Cyber speaks: What will actually happen in 2020


By: Kelly Shortridge

As we approach the end of the year, cybersecurity companies—for some reason I can’t really fathom—rush to compile relatively vague, mostly meaningless predictions of what will happen in the hacking world. It’s a yearly tradition very few cherish. No one made fun of it in such a smart was as Kelly Shortride did in this article on Cyberscoop. Shortridde forced a bot to read more than 1,000 (!) cybersecurity predictions and then come up with its own predictions using machine learning. The results are simply hilarious. “Don’t be chilled by what you don’t know. You ain’t cybersecurity.” Amen, dear bot.

Ghost Ships, Crop Circles, And Soft Gold: A GPS Mystery In Shanghai

By: Mark Harris

This story has it all. How do you not want to read this after seeing that headline? Summarizing it may be spoiling it, so just trust us and read this bamboozle of a piece.

Tracking Phones, Google Is a Dragnet for the Police

By: Jennifer Valentino-DeVries

These two companion pieces are as shocking as well reported by veteran Jennifer Valentino-DeVries, someone who was writing about digital surveillance way before many cared about it. In this investigation, she reveals how investigators are using precise locations gathered by Google to track criminals all over America. These investigations relied on a giant, and previously unknown, Google database eerily called Sensorvault, which “turn the business of tracking cellphone users’ locations into a digital dragnet for law enforcement,” as the Times put it.


All The Incredible Ring Scoops All Over The Internet

By: Sam Biddle; Dell Cameron and Dhruv Mehrotra; Kari Paul; Alfred Ng

Ring, Amazon’s dystopian front-door camera surveillance startup, has really been one of the hottest stories of the year. It’s been thoroughly written about and meticulously dissected by so many journalists that it would be almost unfair to single out just one story. So we decided it’s better to name a bunch of them (and forgive us to remind you to read

Motherboard own series

by Caroline Haskins):

Subscribe to our cybersecurity podcast, CYBER.