- Security TWENTY
- Women in Security
Author Charles Arthur
ISBN No 9780749482008
Review date 19/05/2019
No of pages 248
Publisher Kogan Page
Publisher URL https://www.koganpage.com/product/cyber-wars-9780749482008
Year of publication 24/07/2018
A disadvantage to any book can be that it's out of date even before it's printed; particularly with a book about anything cyber. This 'Cyber Wars' book rather gets around that problem as it's largely case studies of cyber attacks, which (broadly speaking) have a beginning (the hacker attacks, and the victim is embarrassed to find their website or social media account for example hacked) a middle (each side proceeds, the victim to mitigate such as deciding whether to pay a ransom to undo the ransomware attack, for instance; and the hacker to use anything stolen or simply to gloat) and an end (loss of reputation or other damage, maybe, maybe, comeuppance for the hacker).
Charles Arthur early on makes the intriguing point that hackers are doing what they do as a game; and the best ones do it for their country, 'like athletes competing at the Olympics'. While the sub-title, 'Hacks that Shocked the Business World' suggests that the subjects are businesses - such as Sony Pictures - one chapter covers John Podesta, the chairman of Hillary Clinton's 2016 US presidential campaign, who had emails stolen (and who would want to do that?!). As the author says on the first page: "Barely a week now passes without news of some big hack or other briefly making headline news about millions of credentials being leaked or stolen. It feels like we're awash in hacking."
Hacking is not new, and dates back decades, and more to the point many of the techniques, as used so successfully in some of the cases in the book, have been known (and in use) for decades, for example from errors in coding. One of the biggest misconceptions, he says (depressingly) is that some day, somehow, we will have completely secure devices. Rather, he suggests, as long as you have ships, you may have shipwrecks. Anything that has a programme running, or layers of programmes, may be insecure, and someone malicious may exploit that, whether to turn off the device for example. And to stay with the nautical metaphor, the author likens hackers to explorers; they can find rocks and warn everyone away from them, or direct sea-goers to them.
Arthur does make the point that you cannot help leaving 'footprints online', which means that hackers are often paranoid, fearful that their past may be held against them. As the author points out, data may be the new oil; or it may be the new asbestos. Vividly the author says that hacking may merely be 'a playground fight carried out with keyboard strokes', until a line is crossed and hacks are done for financial gain. It's then a matter of covering your (criminal tracks) and here bitcoin is a help as it's so untraceable. The title arises from nation-state use of hackers, 'with us somewhere in the middle'.