Back
Scott J. Shapiro: Fancy Bear Goes Phishing (Hardcover, 2023, Farrar, Straus & Giroux) 4 stars

Fancy Bear Goes Phishing is an entertaining account of the philosophy and technology of hacking—and …

Great Education about Cybersecurity. A lot to digest.

3 stars

Don’t let the three stars fool you, this book is worth reading for anyone interested in computer/cybersecurity. And, it’s interesting. I’m not sure I would say I enjoyed reading this book though; it’s A LOT!

Shapiro does an excellent job taking us through the history of various hacks, the motivations as well as the methods. I found the analysis of upcode (personal morals, ethics, motivations and laws) more interesting than much of the technical analysis, but that could be the result of listening to the book instead of reading the page. (Narration of actual code is a bit silly.)

I think my favorite hack is the first one: “The Brilliant Project” by Robert Morris Jr, who in a frenzy to prove concepts accidentally broke the internet in 1988. Oops. It was definitely a wake up call but really didn’t move industry to improve security, which took a couple more decades. The history of how industry was forced to change its focus is touched on here but is really covered in Menn’s The Cult of the Dead Cow. Industry certainly didn’t make the shift by choice.

The story of how the movie War Games brought computer security into the White House discussion gave me a bit of a chuckle. Despite whoever is in office, I can’t see cybersecurity ever being a regular Cabinet level discussion until we have a few more cabinet members who grew up with the technology.

Shapiro does a nice job explaining what we know about criminal upcode and the maturity process for the majority of hackers. This alone makes the book worth the time and the read.

I learned a great deal regarding terminology: Viruses vs Worms vs Virms vs Trojans. Kill chain, mudge, heuristics… Plus understanding the duality of data and code gave me great insight into how many hacks start.