The recent Sony hacking scandal just proved what's already been clear to a lot of people for years: cyberattacks are an ever-increasing threat, and we're not ready. Luckily, a book released last year provides an excellent primer on this sort of situation: P.W. Singer and Allan Friedman's Cybersecurity and Cyberwar: What Everyone Needs to Know.
This book is an indispensable resource for anyone who wants to know more about just what the difference between Cybersecurity and Cyberwar is, but also for what constitutes a hack, how these sorts of crimes are carried out, and how anyone with a computer can begin to think about protecting themselves on the internet.
Last year, cybercrime was in the headlines a lot. Sony Pictures was the last major story of the year, but 2014 saw stories of the personal pictures of celebrities leaked to the internet, as well as major companies such as Home Depot and Target were hacked. I recently received a letter from my bank along with a new debit card: a smaller grocery chain that I shop at had been breached, and as a result, my information was potentially compromised. This is the new reality of internet commerce and information security from now on. And there's no doubt that 2015 will see its share of hacks and problems.
As such, Singer and Friedman's book is an excellent resource for anyone who's generally interested, and who doesn't have a degree in information security or computer engineering. The pair break down the essentials of the field, and explain simply what you need to know. There's technical jargon, to be sure, but I found that this short book sped by pretty quickly, with up to date information on things that happened in 2013, such as the Edward Snowden leaks.
Throughout the book, Singer and Friedman pose a number of questions that I've heard and seen people ask: What is Stuxnet? How do Terrorists use the web? What is Hacktivism? What is Cyberwar? Each section is accompanied by a detailed explanation.
What I found particularly helpful about this book is the pair's ability to cut through the environment of political rhetoric that frequently accompanies hacks such as this: pundits and politicians decry the hacks on Sony as a form of cyberwar on the scale of 9/11, which led Singer to comment on Twitter: 0 vs. 2996 lives lost.
Singer is a particularly good person to talk about the future of warfare: his last book was Wired for War: The Robotics Revolution and Conflict in the 21st Century, an excellent examination of how robotics have found their way into warfare, while his books before that examined corporate warfare and child warfare. Cyberwarfare really hasn't happened just yet, with some exceptions. Stuxnet, Singer argues, is the first volley in what's likely to come: sophisticated worms that are specifically designed to target physical infrastructure, which is what happened to Iran's nuclear program.
The main takeaway from this book that I got here was that analogies of warfare are difficult to apply to that of what's to come. The battlefields of a cyberwar aren't going to be out in the field waged by goggled cyberpunk warriors, but more likely by Joe Smith's hijacked computer in Ohio. The conventional wisdom and approaches that need to be taken by individuals, businesses and governments needs to shift to better adapt to the realities of cyberwar and cybercrime (and the hybrids of both), and above all, people need to understand what the foundational principles are.
Cybersecurity and Cyberwar: What Everyone Needs To Know is a fantastic introductory resource that really should be picked up and read by every CEO who maintains an online presence and any politician who wishes to speak about the subject. Like any book about a fast-moving topic, the references will become dated in the next couple of years, but they're no less illustrative of the larger concepts. Hopefully, we'll see an updated version in the future that covers new and different threats and topics as they emerge. Singer and Friedman have taken a very large and complicated topic and distilled it down to its basics, throwing out the rhetoric for an easy-to-access book that covers just about everything.
And with that, here's your reminder to change your password. Believe me, it's probably one of the best things you can do.