Scan barcode
A review by alisarae
This Is How They Tell Me the World Ends: The Cyberweapons Arms Race by Nicole Perlroth
5.0
Required reading. I was shocked.
This covers the last 20 years of cyber warfare and one of the best things about this book is setting a record of a lay of the land: major hacks, players, and gov’t operations that got buried too quickly under the flood of jargon, inferior reporting, and more visible news.
My favorite hack was Stuxnet, an offensive operation that strung together several zero-day exploits that targeted Iranian nuclear centrifuges, spinning them just enough to knock them out of commission while leaving nuclear engineers none the wiser. This program was started during the Bush era as an attempt to pacify Israel and keep air force jets on the ground. It was successful.
Of course human error is always the weakest link in security, and it makes for hilarious stories. Like the time Iranian hackers thought they were opening the floodgates at the Arthur R. Bowman Dam in Oregon, but they got a bit lost and hit the twenty-foot Bowman Avenue Dam in New York, which keeps a babbling brook from flooding neighborhood basements. “Not exactly Hoover.” Another story that had me cackling was the time Russia scattered infected USB drives around the parking lot of a US military base, hoping someone would pick one up and plug it in. Someone did, and when the Pentagon found out, their solution to prevent future “attacks” was to squirt superglue into USB ports.
On a more sobering note, I think all Americans need to know what their government is and isn’t capable of (namely: protecting nuclear weapons and controlling the outcomes of their own cyber attacks). Every major piece of critical infrastructure in the US has already been hacked by hostile governments, including hundreds of hospitals, universities, power plants and the grid, dams, and nuclear arsenals. Not to mention intellectual property theft and corporate espionage resulting in the losses of billions of dollars of research outputs every year, voting registrations, and the generalized societal chaos that most of us experience on a daily basis on social media.
Tech lingo is very hard to understand, but I’m so thankful for diligent reporters like Nicole Perlroth, who didn’t actually come from a tech background btw—she learned how things work by asking questions after she was assigned the tech beat. Her work deserves to be respected and even more important, protected; imagine being personally disliked by governments and black market dealers around the world. At the end of the book are some guidelines for cyber security policy that should be adopted by organizations, governments, and individuals. It is easy to understand and sound advice, with case studies from other countries that prove its effectiveness. I hope decision makers will listen and act.
This covers the last 20 years of cyber warfare and one of the best things about this book is setting a record of a lay of the land: major hacks, players, and gov’t operations that got buried too quickly under the flood of jargon, inferior reporting, and more visible news.
My favorite hack was Stuxnet, an offensive operation that strung together several zero-day exploits that targeted Iranian nuclear centrifuges, spinning them just enough to knock them out of commission while leaving nuclear engineers none the wiser. This program was started during the Bush era as an attempt to pacify Israel and keep air force jets on the ground. It was successful.
Of course human error is always the weakest link in security, and it makes for hilarious stories. Like the time Iranian hackers thought they were opening the floodgates at the Arthur R. Bowman Dam in Oregon, but they got a bit lost and hit the twenty-foot Bowman Avenue Dam in New York, which keeps a babbling brook from flooding neighborhood basements. “Not exactly Hoover.” Another story that had me cackling was the time Russia scattered infected USB drives around the parking lot of a US military base, hoping someone would pick one up and plug it in. Someone did, and when the Pentagon found out, their solution to prevent future “attacks” was to squirt superglue into USB ports.
On a more sobering note, I think all Americans need to know what their government is and isn’t capable of (namely: protecting nuclear weapons and controlling the outcomes of their own cyber attacks). Every major piece of critical infrastructure in the US has already been hacked by hostile governments, including hundreds of hospitals, universities, power plants and the grid, dams, and nuclear arsenals. Not to mention intellectual property theft and corporate espionage resulting in the losses of billions of dollars of research outputs every year, voting registrations, and the generalized societal chaos that most of us experience on a daily basis on social media.
Tech lingo is very hard to understand, but I’m so thankful for diligent reporters like Nicole Perlroth, who didn’t actually come from a tech background btw—she learned how things work by asking questions after she was assigned the tech beat. Her work deserves to be respected and even more important, protected; imagine being personally disliked by governments and black market dealers around the world. At the end of the book are some guidelines for cyber security policy that should be adopted by organizations, governments, and individuals. It is easy to understand and sound advice, with case studies from other countries that prove its effectiveness. I hope decision makers will listen and act.