Skip to main content

Fancy Bear Goes Phishing - Scott Shapiro ****

In a wide-ranging book, Scott Shapiro uses five historical uses of computer worms, viruses and phishing to illustrate the processes involved in cybercrime at both the technological and human level.

We start inevitably with the ARPANET worm of 1988, with its ironic creator (his Dad worked for the NSA), that crippled many Sun and VAX computers on the proto-internet, even though it wasn't intended to do harm. This was well-documented two years later in Clifford Stoll's book The Cuckoo's Egg, but where Stoll gives a dramatic description from the point of view of a system administrator who faced the worm, Shapiro steps back more, both to give a wider context and to give reasonably accessible details of the mechanisms used by the worm. (I say 'reasonably' because some of Shapiro's analogies obscured rather than clarified what the worm's four means of attack did.)

We then move on to the early DOS viruses coming out of Bulgaria, the phone hack that released, amongst other things, Paris Hilton's personal info and pictures, the Russian state hacker team nicknamed Fancy Bear who used phishing emails to capture information from American Democratic Party political accounts, and massive denial of service attacks making heavy use of devices we tend not to think of as computers, from toasters to TVs.

Shapiro does all this with a clever mix of the technical and the human side of what's going on. Whether we are talking about programmers acting for enemy states or (quite often) bored teenagers who go from hacking for fun to trying to extort money, the people side tends to get less coverage unless we're talking about an attempt to extradite a teenager from the UK to the US, or dramas about evil state hackers like The Undeclared War. There is also enough detail on the technical side to get a feel for how the various mechanisms work without ever getting too complex. I found the denial of service details particularly interesting as it's the kind of thing that's often mentioned without giving any clue as to how it happened.

Much of the content was fascinating if, like me, you are into computers and computing history. Sometimes the text could be a little heavy going - the book is too long overall and could have been usefully slimmed down. I found Shapiro's attempt to divide the business into 'downcode' (actual computer code) and 'upcode' (human behaviour and rules) an unnecessary application of labels. And some of the historical content was a little under-researched - we're told, for instance, that Turing died 'by suicide, after eating an arsenic-laced apple' - it was actually cyanide, and it is entirely possible his death was accidental. We also get the old (incorrect) chestnut about the QWERTY keyboard being designed to avoid jamming.

Despite these occasional issues, the book worked well for me and it is great in the way that it gives an understanding of who hackers are and why they do what they do, the methods they use, the mechanisms used to find and deter them, and the whole political baggage that goes along with this potential threat to everyone from individuals to corporations and governments.

Hardback:   
Kindle 
Using these links earns us commission at no cost to you
Review by Brian Clegg - See all Brian's online articles or subscribe to a weekly email free here
Labels:

Comments

Post a Comment

Popular posts from this blog

Rakhat-Bi Abdyssagin Five Way Interview

Rakhat-Bi Abdyssagin (born in 1999) is a distinguished composer, concert pianist, music theorist and researcher. Three of his piano CDs have been released in Germany. He started his undergraduate degree at the age of 13 in Kazakhstan, and having completed three musical doctorates in prominent Italian music institutions at the age of 20, he has mastered advanced composition techniques. In 2024 he completed a PhD in music at the University of St Andrews / Royal Conservatoire of Scotland (researching timbre-texture co-ordinate in avant- garde music), and was awarded The Silver Medal of The Worshipful Company of Musicians, London. He has held visiting affiliations at the Universities of Oxford, Cambridge and UCL, and has been lecturing and giving talks internationally since the age of 13. His latest book is Quantum Mechanics and Avant Garde Music . What links quantum physics and avant-garde music? The entire book is devoted to this question. To put it briefly, there are many different link...
Post a Comment
Read more

The Bright Side - Sumit Paul-Choudhury ***

When I first saw The Bright Side (the subtitle doesn't help), I was worried it was a self-help manual, a format that rarely contains good science. In reality, Sumit Paul-Choudhury does not give us a checklist for becoming an optimist or anything similar - and there is a fair amount of science content. But to be honest, I didn't get on very well with this book. What Paul-Choudhury sets out to do is to both identify what optimism is and to assess its place in a world where we are beset with big problems such as climate change (which he goes into in some detail) that some activists position as an existential threat. This is all done in a friendly, approachable fashion. In that sense it's a classic pop-psychology title. For me, Paul-Choudhury certainly has it right about the lack of logic of extreme doom-mongers, such as Extinction Rebellion and teenage climate protestors, and his assessment of the nature of optimism seems very reasonable, if presented at a fairly overview leve...
Post a Comment
Read more

Everything is Predictable - Tom Chivers *****

There's a stereotype of computer users: Mac users are creative and cool, while PC users are businesslike and unimaginative. Less well-known is that the world of statistics has an equivalent division. Bayesians are the Mac users of the stats world, where frequentists are the PC people. This book sets out to show why Bayesians are not just cool, but also mostly right. Tom Chivers does an excellent job of giving us some historical background, then dives into two key aspects of the use of statistics. These are in science, where the standard approach is frequentist and Bayes only creeps into a few specific applications, such as the accuracy of medical tests, and in decision theory where Bayes is dominant. If this all sounds very dry and unexciting, it's quite the reverse. I admit, I love probability and statistics, and I am something of a closet Bayesian*), but Chivers' light and entertaining style means that what could have been the mathematical equivalent of debating angels on...
Post a Comment
Read more