Skip to main content

Fancy Bear Goes Phishing - Scott Shapiro ****

In a wide-ranging book, Scott Shapiro uses five historical uses of computer worms, viruses and phishing to illustrate the processes involved in cybercrime at both the technological and human level.

We start inevitably with the ARPANET worm of 1988, with its ironic creator (his Dad worked for the NSA), that crippled many Sun and VAX computers on the proto-internet, even though it wasn't intended to do harm. This was well-documented two years later in Clifford Stoll's book The Cuckoo's Egg, but where Stoll gives a dramatic description from the point of view of a system administrator who faced the worm, Shapiro steps back more, both to give a wider context and to give reasonably accessible details of the mechanisms used by the worm. (I say 'reasonably' because some of Shapiro's analogies obscured rather than clarified what the worm's four means of attack did.)

We then move on to the early DOS viruses coming out of Bulgaria, the phone hack that released, amongst other things, Paris Hilton's personal info and pictures, the Russian state hacker team nicknamed Fancy Bear who used phishing emails to capture information from American Democratic Party political accounts, and massive denial of service attacks making heavy use of devices we tend not to think of as computers, from toasters to TVs.

Shapiro does all this with a clever mix of the technical and the human side of what's going on. Whether we are talking about programmers acting for enemy states or (quite often) bored teenagers who go from hacking for fun to trying to extort money, the people side tends to get less coverage unless we're talking about an attempt to extradite a teenager from the UK to the US, or dramas about evil state hackers like The Undeclared War. There is also enough detail on the technical side to get a feel for how the various mechanisms work without ever getting too complex. I found the denial of service details particularly interesting as it's the kind of thing that's often mentioned without giving any clue as to how it happened.

Much of the content was fascinating if, like me, you are into computers and computing history. Sometimes the text could be a little heavy going - the book is too long overall and could have been usefully slimmed down. I found Shapiro's attempt to divide the business into 'downcode' (actual computer code) and 'upcode' (human behaviour and rules) an unnecessary application of labels. And some of the historical content was a little under-researched - we're told, for instance, that Turing died 'by suicide, after eating an arsenic-laced apple' - it was actually cyanide, and it is entirely possible his death was accidental. We also get the old (incorrect) chestnut about the QWERTY keyboard being designed to avoid jamming.

Despite these occasional issues, the book worked well for me and it is great in the way that it gives an understanding of who hackers are and why they do what they do, the methods they use, the mechanisms used to find and deter them, and the whole political baggage that goes along with this potential threat to everyone from individuals to corporations and governments.

Hardback:   
Kindle 
Using these links earns us commission at no cost to you
Review by Brian Clegg - See all Brian's online articles or subscribe to a weekly email free here

Labels

Labels:

Comments

Post a Comment

Popular posts from this blog

The Language of Mathematics - Raúl Rojas ***

One of the biggest developments in the history of maths was moving from describing relationships and functions with words to using symbols. This interesting little book traces the origins of a whole range of symbols from those familiar to all, to the more obscure squiggles used in logic and elsewhere. On the whole Raúl Rojas does a good job of filling in some historical detail, if in what is generally a fairly dry fashion. We get to trace what was often a bumpy path as different symbols were employed (particularly, for example, for division and multiplication, where several still remain in use), but usually, gradually, standards were adopted. This feels better as a reference, to dip into if you want to find out about a specific symbol, rather than an interesting end to end read. Rojas tells us the sections are designed to be read in any order, which means that there is some overlap of text - it feels more like a collection of short essays or blog posts that he couldn't be bothered ...
Post a Comment
Read more

Why Nobody Understands Quantum Physics - Frank Verstraete and Céline Broeckaert **

It's with a heavy heart that I have to say that I could not get on with this book. The structure is all over the place, while the content veers from childish remarks to unexplained jargon. Frank Versraete is a highly regarded physicist and knows what he’s talking about - but unfortunately, physics professors are not always the best people to explain physics to a general audience and, possibly contributed to by this being a translation, I thought this book simply doesn’t work. A small issue is that there are few historical inaccuracies, but that’s often the case when scientists write history of science, and that’s not the main part of the book so I would have overlooked it. As an example, we are told that Newton's apple story originated with Voltaire. Yet Newton himself mentioned the apple story to William Stukeley in 1726. He may have made it up - but he certainly originated it, not Voltaire. We are also told that â€˜Galileo discovered the counterintuitive law behind a swinging o...
Post a Comment
Read more

Ctrl+Alt+Chaos - Joe Tidy ****

Anyone like me with a background in programming is likely to be fascinated (if horrified) by books that present stories of hacking and other destructive work mostly by young males, some of whom have remarkable abilities with code, but use it for unpleasant purposes. I remember reading Clifford Stoll's 1990 book The Cuckoo's Egg about the first ever network worm (the 1988 ARPANet worm, which accidentally did more damage than was intended) - the book is so engraved in my mind I could still remember who the author was decades later. This is very much in the same vein,  but brings the story into the true internet age. Joe Tidy gives us real insights into the often-teen hacking gangs, many with members from the US and UK, who have caused online chaos and real harm. These attacks seem to have mostly started as pranks, but have moved into financial extortion and attempts to destroy others' lives through doxing, swatting (sending false messages to the police resulting in a SWAT te...
Post a Comment
Read more