Skip to main content

Fancy Bear Goes Phishing - Scott Shapiro ****

In a wide-ranging book, Scott Shapiro uses five historical uses of computer worms, viruses and phishing to illustrate the processes involved in cybercrime at both the technological and human level.

We start inevitably with the ARPANET worm of 1988, with its ironic creator (his Dad worked for the NSA), that crippled many Sun and VAX computers on the proto-internet, even though it wasn't intended to do harm. This was well-documented two years later in Clifford Stoll's book The Cuckoo's Egg, but where Stoll gives a dramatic description from the point of view of a system administrator who faced the worm, Shapiro steps back more, both to give a wider context and to give reasonably accessible details of the mechanisms used by the worm. (I say 'reasonably' because some of Shapiro's analogies obscured rather than clarified what the worm's four means of attack did.)

We then move on to the early DOS viruses coming out of Bulgaria, the phone hack that released, amongst other things, Paris Hilton's personal info and pictures, the Russian state hacker team nicknamed Fancy Bear who used phishing emails to capture information from American Democratic Party political accounts, and massive denial of service attacks making heavy use of devices we tend not to think of as computers, from toasters to TVs.

Shapiro does all this with a clever mix of the technical and the human side of what's going on. Whether we are talking about programmers acting for enemy states or (quite often) bored teenagers who go from hacking for fun to trying to extort money, the people side tends to get less coverage unless we're talking about an attempt to extradite a teenager from the UK to the US, or dramas about evil state hackers like The Undeclared War. There is also enough detail on the technical side to get a feel for how the various mechanisms work without ever getting too complex. I found the denial of service details particularly interesting as it's the kind of thing that's often mentioned without giving any clue as to how it happened.

Much of the content was fascinating if, like me, you are into computers and computing history. Sometimes the text could be a little heavy going - the book is too long overall and could have been usefully slimmed down. I found Shapiro's attempt to divide the business into 'downcode' (actual computer code) and 'upcode' (human behaviour and rules) an unnecessary application of labels. And some of the historical content was a little under-researched - we're told, for instance, that Turing died 'by suicide, after eating an arsenic-laced apple' - it was actually cyanide, and it is entirely possible his death was accidental. We also get the old (incorrect) chestnut about the QWERTY keyboard being designed to avoid jamming.

Despite these occasional issues, the book worked well for me and it is great in the way that it gives an understanding of who hackers are and why they do what they do, the methods they use, the mechanisms used to find and deter them, and the whole political baggage that goes along with this potential threat to everyone from individuals to corporations and governments.

Hardback:   
Kindle 
Using these links earns us commission at no cost to you
Review by Brian Clegg - See all Brian's online articles or subscribe to a weekly email free here
Labels:

Comments

Post a Comment

Popular posts from this blog

Luna: Moon Rising (SF) - Ian McDonald ****

I'm not the natural audience for this book. Game of Thrones l eaves me cold - and it's hard not to feel the influence of GoT (and a whole lot of Dune )   underneath a veneer of science fiction and the trappings of a South American drug cartel in the cod-medieval family power battles and chivalric details. There are even dragons (of a sort). I'd be really sad if the future did involve this sort of throwback feudalism. However, remarkably, despite this I found Luna: Moon Rising kept me engaged. The fact is that Ian McDonald can put together a good plot with intricate machinations, which is enough to carry the reader through what can be a bewildering collection of characters. The two page scene-setter saying who did what to whom at the start was useful, but I could have done with family trees for the main family as I was constantly forgetting who was who - especially easy as McDonald endows many families with characters with the same first initial (e.g. Ariel and Al...
Post a Comment
Read more

Adventures of a Computational Explorer - Stephen Wolfram ***

Stephen Wolfram, the man behind the scientist's mathematical tool of choice, Mathematica, plus a whole host of other software products, including the uncanny Wolfram Alpha knowledge engine, is undoubtedly a genius of the first order. In this book, we get an uncensored excursion into the mind of genius - which is, without doubt, a fascinating prospect. The book consists of a collection of essays and speeches that Wolfram has produced over the last ten to fifteen years, covering an eclectic range of topics. Like all such collections, the result is something that lacks the coherence of a book with a narrative that runs through it, inevitably introducing a degree of repetition and a mix of interesting and not-so-interesting topics - but there's likely to be something to catch the attention anyone who is into computing or mathematics. One of the most interesting pieces is the opening one, where Wolfram describes being a consultant on the SF movie Arrival. He seems to hav...
Post a Comment
Read more

The AI Paradox - Virginia Dignum ****

This is a really important book in the way that Virginia Dignum highlights various ways we can misunderstand AI and its abilities using a series of paradoxes. However, I need to say up front that I'm giving it four stars for the ideas: unfortunately the writing is not great. It reads more like a government report than anything vaguely readable - it really should have co-authored with a professional writer to make it accessible. Even so, I'm recommending it: like some government reports it's significant enough to make it necessary to wade through the bureaucrat speak. Why paradoxes? Dignum identifies two ways we can think about paradoxes (oddly I wrote about paradoxes recently , but with three definitions): a logical paradox such as 'this statement is false', or a paradoxical truth such as 'less is more' - the second of which seems a better to fit to the use here.  We are then presented with eight paradoxes, each of which gives some insights into aspects of t...
Post a Comment
Read more