Andy Greenberg (2019)

A history of cybersecurity with an emphasis on attacks against critical infrastructure.

Rather than bomb a power plant or dam, why not have its own IT systems turn on it? That’s the premise of a lot of modern cyberattacks, and they can be run with all the same sophistication as more conventional attacks against purely digital targets – but with the proviso that a lot of the targets don’t think of themselves as IT organisations and haven’t interalised the importance of their digital control systems. Since they don’t emphasise security at board level, it gets neglected and becomes a weak spot that can be exploited from anywhere on the globe.

The remedies aren’t always trivial. Many attacks detailed in this book are almost incredibly elongated, involving the compromise of several servers and softwate packages on the way to the target. Keeping industrial control systems up-to-date can be difficult (or impossible): physical infrastructure exists on far longer timescales than the digital systems than control it. (I’ve had personal experience of laboratory equipment with control software that can only run on Windows 95, which isn’t being upgraded. Keeping that secure needs dedicated changes in the network architecture, and has a lot of knock-on consequences for efficiency and data management.)

The value of such hacking for criminals is easy to understand, but it’s also the ultimate technique of asymmetric warefare, letting an attacker deny responsibility and avoid counterattacks. Even the most powerful countries have an incentive to stop responses going kinetic, after all. But the asymmetry works both ways, with the US as one of the primary developers of sophisticated cyberweapons and so having an incentive not to push for international controls even while at the same time the US critical infrastructure is more vulnerable than others’ to those weapons.

Greenberg is a long-time student of cyberwarfare, and writes with a lot of insight into both the politics and the technology. He highlights the impacts of many short-sighted decisions made in the interests of national security advantage, culminating in the Shadow Brokers’ release of a cache of NSA tools that form the basis for a new generation of cyberweapons. This is a great book to pair with This Is How They Tell Me the World Ends: The Cyberweapons Arms Race for a broad-ranging and highly technically literate exploration of the new arms frontier.

4/5. Finished Friday 28 June, 2024.

(Originally published on Goodreads.)