Review by Choice Review
Few would dispute this author's thesis, that anarchy prevails in the ongoing respective cyber wars between countries, agencies, and corporations. In 2010, Perlroth was assigned to the cyber beat at the New York Times. Her conclusion after ten years' investigative reporting is that the apocalypse is near. Corporate chiefs, heads of state, and agency heads have stooped to the lowest common denominator: fighting cyber wars by recruiting hackers to harass and disrupt their opponents. The book's chief strength is that it takes the reader into the trenches alongside the corporate CEO who suddenly realizes that priceless organizational secrets have been stolen. The reader feels the pain of the Ukrainian utility administrator whose computer screens have gone dark from repeated Russian cyber attacks. The weakness of this approach, however, is that the author leaves the reader there in the trenches. The epilogue offers--aside from an entertaining account of the first internet message ever sent--several bromides to stave off disaster, including tax credits for supporting secure software development. Perlroth also appeals for new cyber norms that will prevent hackers from disrupting hospitals and nuclear installations. Beyond this, the reader can only watch while internecine hacker warfare continues to erode trust between nations, agencies, and corporations--thus ending "the world as we know it." Summing Up: Recommended. All readers. --James A. Stever, emeritus, University of Cincinnati
Copyright American Library Association, used with permission.
Review by Booklist Review
Cybersecurity journalist Perlroth's terrifying revelation of how vulnerable American institutions and individuals are to clandestine cyberattacks by malicious hackers is possibly the most important book of the year. Perlroth spent seven years researching, traveling the world, and conducting hundreds of interviews about the elusive market for zero-day software bugs that allow a hacker to break into devices undetected and either implant malware, extract data, or take control of entire systems. Much of this hidden arms race is shrouded in secrecy behind government classification or nondisclosure agreements, which made her quest for the truth about cyber vulnerability difficult, yet ultimately she is able to reveal how hackers found and acquired zero-day bugs, how the U.S. government first cornered, then lost the market for them, and how this insidious technology has invaded our lives. From holding sensitive information hostage, which can lead to the shutting down of hospitals or the electric grid and disastrous meddling in elections, this new level of cyberwar poses threats unknown to most Americans. That makes Perlroth's precise, lucid, and compelling presentation of mind-blowing disclosures about the underground arms race a must-read exposé.
From Booklist, Copyright (c) American Library Association. Used with permission.
Review by Publisher's Weekly Review
New York Times cybersecurity reporter Perlroth debuts with a colorful rundown of threats to the world's digital infrastructure. She pays particular attention to "zero-days," a term for "a software or hardware flaw for which there is no existing patch." Though she notes their rarity (98% of cyberattacks do not involve zero-days or malware), Perlroth argues that the destructive capacity of cyberweapons like Stuxnet, a code comprising seven zero-day exploits that was used by the U.S. and Israel to disable uranium centrifuges at an Iranian nuclear plant, makes them an existential threat. She details the underground market for cyberweapons, where hackers can earn millions of dollars by finding a flaw in commonly used technologies such as Microsoft Windows, and explains how the U.S. lost its global monopoly on zero-day exploits in 2016, when a group calling itself the Shadow Brokers released a trove of NSA hacking tools. Perlroth's searing account of the role American hubris played in creating the zero-day market hits the mark, but she leaves many technical details about cyberweapons unexplained, and stuffs the book with superfluous details about getting her sources to spill. This breathless account raises alarms but adds little of substance to the debate over cyberweapons. (Feb.)
(c) Copyright PWxyz, LLC. All rights reserved
Review by Kirkus Book Review
A New York Times cybersecurity writer delivers a sobering account of a thoroughly hacked and cyberattacked world. Perlroth opens with the 2017 attack of Ukraine's infrastructure on the part of Russian hackers who, employed directly by Vladimir Putin, had only two rules to follow: They couldn't attack inside Russia, and "when the Kremlin calls in a favor, you do whatever it asks." Apart from that, they were free to do as they pleased, and they detonated cyberbombs across the neighboring nation, bringing the power grid down, closing supply chains, and crashing computers, phones, and ATMs. As Perlroth writes, they attacked with poorly guarded tools developed by the American intelligence community. In the end, Russia could have done far worse "with the access it had and the American weapons at its disposal." But there are other players with the same tools, including Iran and China, who have the wherewithal to wreak greater havoc on the infrastructure of a thoroughly unprepared America. Some of Perlroth's interlocutors are rightfully paranoid while others are open in defying demands to make private information available to government agencies through back doors into those very tools--a recipe for a police state. One old-school hacker whom the author interviewed in Buenos Aires lamented a change of culture. "We were sharing exploits as a game," he tells her. "Now the next generation is hoarding them for a profit." Perlroth suggests that these latter-day hackers are capable of great evil against vulnerable nations--the U.S. foremost among the list of prime targets, not least because America is so addicted to technology. "There wasn't a single area of our lives that wasn't touched by the web," writes the author. "We could now control our entire lives, economy, and grid via a remote web control. And we had never paused to think that, along the way, we were creating the world's largest attack surface." A powerful case for strong cybersecurity policy that reduces vulnerabilities while respecting civil rights. Copyright (c) Kirkus Reviews, used with permission.
Copyright (c) Kirkus Reviews, used with permission.
