From: ZDNet

Summary: This slim volume provides a good overview of the history and key issues in cyber-security for those wondering just how real the threats are.

By Mary Branscombe

Between the ongoing revelations about NSA surveillance and the usual drumbeat of security warnings about everything from Android smartphones to cars, it’s a good time for a primer on what’s actually going on. This slim volume — in an All That Matters series that usually covers religion, philosophy and Shakespeare — aims to cover both the history and the scale of cyber-crime, cyber-espionage, cyber-warfare and a handful of related online threats. Leaving aside the irony of newspaper journalists (Peter Warren and Michael Streeter) writing about hacking, this is a useful introduction to the state of play for anyone who hasn’t been paying attention.

From the very beginning of the book, the vagueness of the term ‘cyber-crime’ is clear. Are ‘hacktivism’, file sharing, using social media to organise protests against a government you consider oppressive, or against state surveillance, crimes? Generally, Cyber Crime & Warfare avoids the usual mainstream scaremongering, although there is the odd reference to online criminals scurrying around in Dickensian back alleys. And while it’s impossible to put an exact figure on the extent of cyber crime, the authors quote some statistics to put things in context: at $300 billion, the annual worth of the computer security industry is almost an order of magnitude bigger than the $485 million annual cost of reported computer crime in the US.

It all started with World War 2 codebreakers and MIT students exploring the phone system. Although Steven Levy’s Hackers is still the classic read on the original meaning of ‘hackers’, it’s nice to see mention here (including the amusing trivia that both Tim Berners-Lee and Bill Gates were banned from using school computers for hacking). Authors Warren and Streeter point out that it wasn’t until phone hacker John Draper was sent to prison that criminals got to see phone phreaking in action. However, it wasn’t until the 90s that there were juicy enough targets to get them really interested in computer hacking.

This section is a potted history of how hacks progressed from breaking into Prince Philip’s mailbox on the Prestel service, to Russian criminals recruiting local hackers who knew how to break into banks, to political and activist hacking in eastern Europe aimed at giving people free access to information, to the rise of viruses and malware as mass vandalism in the 90s, and the beginnings of large-scale criminal attacks.

Even if you’ve followed security issues for a while, there are interesting nuggets: the idea of a self-replicating program goes all the way back to computer pioneer John von Neumann, for example, while the first virus ‘in the wild’ was for the Apple II.

The history of cyber-espionage is also a good overview, majoring on reports from intelligence services covering the large-scale, organised attacks that are supposed to be taking over from small, targeted break-ins at specific companies. Are Russia and China hoovering up IP from Western countries in a concerted attempt to exploit our R&D work? One MI5 report mentions two (unnamed) companies that have lost money or business opportunities through intellectual property theft.

The authors make several useful points about how everyone needs to be aware of hacking. Security hardware company RSA got hacked because the attackers targeted their recruitment team with social engineering techniques, for example. Sharing your personal data online puts you at risk of identity theft (52 percent of us share details that show up as security questions, a recent Intel survey points out). And if you wonder why so many malicious Android apps in Google Play only turn out to hoovering up the contents of your address book, it might be to check email addresses scraped from websites to see if it’s worth sending them spam.

Read Complete Article