Pages

Tuesday, October 17, 2023

Review: This Is How They Tell Me the World Ends: The Cyberweapons Arms Race

This Is How They Tell Me the World Ends: The Cyberweapons Arms RaceThis Is How They Tell Me the World Ends: The Cyberweapons Arms Race by Nicole Perlroth
My rating: 3 of 5 stars

The long-term cybersecurity journalist from the New York Times writes her account of how the area of cyberespionage and cyberwar has evolved in the recent decades.

It really sheds the lights on how state and state-affiliated actors exploit vulnerabilities (so-called zero-days) in software to spy and inflict damages on those they don't like. Something previously unknown to me was the detailed description of how the global market for vulnerabilities works - where hackers can sell their hacks to someone who wants to exploit them before anyone else gets to know (and is able to patch the problems). A software vulnerability can cost thousands dollars if it is a buggy and not very significant software - or tens of millions dollars if it is a closed and well-guarded environment such as Apple.

The story of NSA and revelations by Snowden are also well described. The main problem with NSA is arguably that it found and bought vulnerabilities in software used by millions across the globe - without saying anything to its vendors such as Microsoft, Oracle, Google and others (in order to preserve its advantage towards foes). However, not-so-nice state actors have eventually learnt about these vulnerabilities too - and have inflicted damages on many businesses and have stolen national secrets around many places.

The inner world of cybersecurity specialists and hackers is interestingly depicted - how has the industry come to be and how has it developed.

As for the disadvantages of the book, there are unfortunately several of them. For the first, I would have liked to read somewhat more technical accounts of how the things have worked (and have been broken) in cybersecurity domain - instead of the author's numerous personal stories of her mingling with hackers. The book is often bogged down in the U.S politics and administrative relations and is somewhat too long. Alarmist repetitions about the nuclear plants and hospitals being wired to the World Wide Web get annoying when reading them every 50th page or so.

Still, it is an eye-opening insight depicting the global cyberthreats and cyberbattles of 2000s-2020s.

No comments: