Books and Articles

1/1/2015

 Non-Fiction, Interesting Reading

"The Cuckoo's Egg," by Cliff Stoll.   The story of how an astronomer, reassigned to computer administration at Berkley Lawrence Berkeley Lab (c.1988), investigated a few-cent discrepancy in accounts, and discovered hacking into national computers.  A possibility no one considered at the time.

"The Puzzle Palace," by James Bamford. Until this book was published in 1982, NSA stood for NO Such Agency. After trying to stop publication, NSA became very open about its existence and mission.  A good history of encryption, spying, and fowl-ups since the Roman Empire.  Follow up books are "Body of Secrets ..." (c.2002) and "The Shadow Factory ..." (c.2008), but do read Puzzle Palace.

"Fatal System Error," by Joseph Menn (2010).  How the Russian Mafia and other criminal organizations are making huge profits by using the Internet for extortion, fraud, and identity theft. (Oct. 2020).

"Cyberwar, the Next Threat to National Security, and What to Do About It" by Richard C. Clark. Descibes cyber war attacks by Israel on Syria, by the U.S. in both wars with Iraq, by Russia on Estonia and Georgia, and by North Korea on the U.S. and South Korea. (April 2012).

"Confront and Conceal: Obama's Secret Wars and Surprising Use of American Power," by David E. Sanger (June 2012). Tells how the Obama White House supported the Stuxnet attack on Iran, initiated by President Bush. Details of how the virus was developed and deployed, and how it escaped into the "wild" where it was eventually detected and investigated. The author is the chief Washington correspondent for the New York Times.

"Cyberwar: Countdown to Day Zero: Stuxnet and the Launch of the World's First Digital Weapon," Kim Zetter, (Nov. 2014). "Top cybersecurity journalist Kim Zetter tells the story behind the virus that sabotaged Iran’s nuclear efforts and shows how its existence has ushered in a new age of warfare—one in which a digital attack can have the same destructive capability as a megaton bomb."

Informative Fiction

"Cryptonomicon," by Neal Stephenson (2002). A good read with a lot of imbedded history of encryption and code breaking. I recommend all his books for pleasure reading. "Snow Crash" is a classic novel (Time Magazine's 100 best), helped move scifi from space to cyberspace. "The Baroque Cycle" (Vol.s 1,2,3) contains a lot about the development of commerce and use of coin in the 1600's.

"The Backdoor Man," by David Buschi (2011). What could happen if a crime syndicate took down the electronic payments system. Fast moving and suspenseful.

"Break Point," by Richard A. Clark. This fictional account of a cyber attack on the U.S. was written by someone who was the National Coordinator for Security and Counterterrorism for two presidents.

Government Reports (dull)

Technology, Policy, Law, and Ethics Regarding U.S. Acquisition and Use of Cyberattack Capabilities

This report from The National Academies reviews the implications of information warfare, including the utility of offensive cyberattack, the ethical and legal issues involved, and the United States’ ability to respond to cyberattack by another nation.

This briefing was for members of Congress and congressional staff only. The report was publicly released on April 29, 2009 and can be found, in its entirety, on the Website of the National Academies Press.  (1/13/11 - download problem)  MacArther Institute - Free PDF file.


Proceedings of a Workshop on Deterring CyberAttacks: Informing Strategies and Developing Options for U.S. Policy (Sept. 2010)

In a world of increasing dependence on information technology, the prevention of cyberattacks on a nation's important computer and communications systems and networks is a problem that looms large. Given the demonstrated limitations of passive cybersecurity defense measures, it is natural to consider the possibility that deterrence might play a useful role in preventing cyberattacks against the United States and its vital interests. At the request of the Office of the Director of National Intelligence, the National Research Council undertook a two-phase project aimed to foster a broad, multidisciplinary examination of strategies for deterring cyberattacks on the United States and of the possible utility of these strategies for the U.S. government. Although the authors were selected and the papers reviewed and discussed by the committee, the individually authored papers do not reflect consensus views of the committee, and the reader should view these papers as offering points of departure that can stimulate further work on the topics discussed. The papers presented in this volume are published essentially as received from the authors, with some proofreading corrections made as limited time allowed.    Free Online Read.     Buy a PDF.