Skip to main content

Fancy Bear Goes Phishing - Scott Shapiro ****

In a wide-ranging book, Scott Shapiro uses five historical uses of computer worms, viruses and phishing to illustrate the processes involved in cybercrime at both the technological and human level.

We start inevitably with the ARPANET worm of 1988, with its ironic creator (his Dad worked for the NSA), that crippled many Sun and VAX computers on the proto-internet, even though it wasn't intended to do harm. This was well-documented two years later in Clifford Stoll's book The Cuckoo's Egg, but where Stoll gives a dramatic description from the point of view of a system administrator who faced the worm, Shapiro steps back more, both to give a wider context and to give reasonably accessible details of the mechanisms used by the worm. (I say 'reasonably' because some of Shapiro's analogies obscured rather than clarified what the worm's four means of attack did.)

We then move on to the early DOS viruses coming out of Bulgaria, the phone hack that released, amongst other things, Paris Hilton's personal info and pictures, the Russian state hacker team nicknamed Fancy Bear who used phishing emails to capture information from American Democratic Party political accounts, and massive denial of service attacks making heavy use of devices we tend not to think of as computers, from toasters to TVs.

Shapiro does all this with a clever mix of the technical and the human side of what's going on. Whether we are talking about programmers acting for enemy states or (quite often) bored teenagers who go from hacking for fun to trying to extort money, the people side tends to get less coverage unless we're talking about an attempt to extradite a teenager from the UK to the US, or dramas about evil state hackers like The Undeclared War. There is also enough detail on the technical side to get a feel for how the various mechanisms work without ever getting too complex. I found the denial of service details particularly interesting as it's the kind of thing that's often mentioned without giving any clue as to how it happened.

Much of the content was fascinating if, like me, you are into computers and computing history. Sometimes the text could be a little heavy going - the book is too long overall and could have been usefully slimmed down. I found Shapiro's attempt to divide the business into 'downcode' (actual computer code) and 'upcode' (human behaviour and rules) an unnecessary application of labels. And some of the historical content was a little under-researched - we're told, for instance, that Turing died 'by suicide, after eating an arsenic-laced apple' - it was actually cyanide, and it is entirely possible his death was accidental. We also get the old (incorrect) chestnut about the QWERTY keyboard being designed to avoid jamming.

Despite these occasional issues, the book worked well for me and it is great in the way that it gives an understanding of who hackers are and why they do what they do, the methods they use, the mechanisms used to find and deter them, and the whole political baggage that goes along with this potential threat to everyone from individuals to corporations and governments.

Hardback:   
Kindle 
Using these links earns us commission at no cost to you
Review by Brian Clegg - See all Brian's online articles or subscribe to a weekly email free here
Labels:

Comments

Post a Comment

Popular posts from this blog

The Infinite Alphabet - Cesar Hidalgo ****

Although taking a very new approach, this book by a physicist working in economics made me nostalgic for the business books of the 1980s. More on why in a moment, but Cesar Hidalgo sets out to explain how it is knowledge - how it is developed, how it is managed and forgotten - that makes the difference between success and failure. When I worked for a corporate in the 1980s I was very taken with Tom Peters' business books such of In Search of Excellence (with Robert Waterman), which described what made it possible for some companies to thrive and become huge while others failed. (It's interesting to look back to see a balance amongst the companies Peters thought were excellent, with successes such as Walmart and Intel, and failures such as Wang and Kodak.) In a similar way, Hidalgo uses case studies of successes and failures for both businesses and countries in making effective use of knowledge to drive economic success. When I read a Tom Peters book I was inspired and fired up...
Post a Comment
Read more

God: the Science, the Evidence - Michel-Yves Bolloré and Olivier Bonnassies ***

This is, to say the least, an oddity, but a fascinating one. A translation of a French bestseller, it aims to put forward an examination of the scientific evidence for the existence of a deity… and various other things, as this is a very oddly structured book (more on that in a moment). In The God Delusion , Richard Dawkins suggested that we should treat the existence of God as a scientific claim, which is exactly what the authors do reasonably well in the main part of the book. They argue that three pieces of scientific evidence in particular are supportive of the existence of a (generic) creator of the universe. These are that the universe had a beginning, the fine tuning of natural constants and the unlikeliness of life.  To support their evidence, Bolloré and Bonnassies give a reasonable introduction to thermodynamics and cosmology. They suggest that the expected heat death of the universe implies a beginning (for good thermodynamic reasons), and rightly give the impression tha...
Post a Comment
Read more

The War on Science - Lawrence Krauss (Ed.) ****

At first glance this might appear to be yet another book on how to deal with climate change deniers and the like, such as How to Talk to a Science Denier.   It is, however, a much more significant book because it addresses the way that universities, government and pressure groups have attempted to undermine the scientific process. Conceptually I would give it five stars, but it's quite heavy going because it's a collection of around 18 essays by different academics, with many going over the same ground, so there is a lot of repetition. Even so, it's an important book. There are a few well-known names here - editor Lawrence Krauss, Richard Dawkins and Steven Pinker - but also a range of scientists (with a few philosophers) explaining how science is being damaged in academia by unscientific ideas. Many of the issues apply to other disciplines as well, but this is specifically about the impact on science, and particularly important there because of the damage it has been doing...
Post a Comment
Read more