Cybersecurity Book Review: Sandworm
A New Era of Cyberwar and the Hunt for the Kremlin’s Most Dangerous Hackers
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
🔒 Related Stories: Data Breaches | Security Books.
💻 Free Content on Jobs in Cybersecurity | ✉️ Sign up for the Email List
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Recently I listened to a book on Audible called Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin’s Most Dangerous Hackers. This book is another excellent account of some cybersecurity history, with some important parallels to current events. It was fun to read about some fellow IANS faculty members like Jake Williams in this book and learn more about others in the industry I follow or know through various security organizations.
Cybersecurity and critical infrastructure
This book was a fascinating portrayal of what it’s like to have power outages due to cybersecurity attacks, something we should be aware of and trying to prevent worldwide. It seems that some countries are harder hit than others. Imagine what your day would be like if the power went out. What would you do?
A while back, I went to a neighborhood disaster planning meeting. It was very apparent at this meeting that my skill set would be pretty useless in the event of a disaster that knocks out the power and all Internet connections. We have someone on our street who used to work at the gas company and can turn off the gas lines if they break. We had some medical professionals who could help anyone who was hurt. Even the lady who arranged the meeting was more helpful than me as she had some training on the subject. Without any power or Internet to run computers, I was thinking, “Uhhhhh, sorry. I can pick up debris or something?”
Power and Internet connectivity are so vital to our way of lives in most parts of the world that it is imperative that we protect this critical infrastructure with the utmost care. If you want to know what it would be like and what could go wrong, this book will give you some idea. It’s not a pretty picture. You’ll learn about tests people have performed to demonstrate potential problems and actual events that caused significant disruptions to peoples’ daily lives.
Election security
Among other things, the book covers efforts to undermine elections with cybersecurity attacks in countries near the Russian border. The author delves into the strategies, tactics, and reasons for these efforts, citing numerous cybersecurity experts worldwide and their first-hand experiences. Often, the objective of the attacks is not to overthrow governments but to throw them into disarray with disruption and divisiveness.
We can learn a great deal by studying the outcomes of those types of targeted attacks. I could not help but think about parallels to our upcoming election in the United States at a time when people are debating the security of electronic voting methods and vote-by-mail vulnerabilities. To better understand potential outcomes, it’s good to look at what is occurring in other countries.
Competition and Trust
One other aspect of the book which interested me was the competition within the cybersecurity industry. Different companies and researchers try to be the first to market with the latest cybersecurity information, including data breaches, malware analysis, and new technology. In an industry like ours, trust is paramount. If you are trying to improve security, one would expect to hire someone you can trust. In a world where everyone is trying to be a security rockstar, sometimes that point gets lost.
In my blog post, Security Speed Dial, I explained how I operate and why I don’t have a shortlist of security people whom I call when I have a question. There’s another factor I didn’t mention in that blog post because I didn’t think it would do me any good to explain it. But since it came up in this book, I’ll mention it here. I, too, have experienced what appears to be other people taking my ideas and using them to make a buck or gain notoriety.
For the most part, I think people don’t do it intentionally. Maybe they read what I wrote or said in a presentation and then later think they came up with it themselves. Additionally, I’m fully aware that sometimes there’s a sort of industry mind-meld where great ideas emerge from many sources simultaneously. I’ve always liked the concept of assuming good intent.
But it happens. It’s frustrating to see people making money off your ideas when you’ve been excluded from participating in the success. For this reason, I’ve tend to keep my ideas to myself until I’m ready to publish them or am giving them to people who take my class. At least then, people know where the idea originated. I also try always to credit where I got my thoughts. That’s why my book has 40 pages of references.
Some people may try to take credit for your work or call out your every mistake to make you look bad because that’s just how they are. They may view you as competition or want to knock you down to build themselves up. Worrying about things like this is a waste of time, so, as I also wrote in another blog post, I try to focus on continuing to make progress on the important work we have to do in cybersecurity. Keep doing your thing! Learn who you can trust and who you can’t and just keep contributing to a safer cyber world, if that’s your objective. That certainly is mine.
Highly recommended for anyone interested in security
In chapter one of my book, Cybersecurity for Executives in the Age of Cloud, I explain why executives should care more about security. On the one hand, you will be amazed by stories in Sandworm recounting major companies watch their machines shutting down all around them as they scramble to cut their network and turn them all off before they get infected. But the problem is not just related to your own business.
A few years ago, people scoffed when I mentioned the term cyberwar. That is not the first time someone scoffed at my point of view. I direct people to the definition of war in the dictionary and explain what is happening in my book. Now people seem to accept that this terminology applies to what we are facing on Internet-connected systems. In my book, I explain that, due to the nature of how cybersecurity and attackers operate, we can’t just count on the government to defend us. Every business and citizen that takes measures to better protect and monitor all systems against cybersecurity attacks helps make the world a safer place.
If you listen to this book, you’ll not only learn about cyberattacks but also geography, politics, and history. If you work in security, you’ll learn more about some of the industry players and professionals and how they got to where they are now. I highly recommend this book for anyone interested in all these topics in addition to cybersecurity — especially as it relates to elections, ransomware, the power grid, and a safer world.
Follow for updates.
Teri Radichel | © 2nd Sight Lab 2020
About Teri Radichel:
~~~~~~~~~~~~~~~~~~~~
⭐️ Author: Cybersecurity Books
⭐️ Presentations: Presentations by Teri Radichel
⭐️ Recognition: SANS Award, AWS Security Hero, IANS Faculty
⭐️ Certifications: SANS ~ GSE 240
⭐️ Education: BA Business, Master of Software Engineering, Master of Infosec
⭐️ Company: Penetration Tests, Assessments, Phone Consulting ~ 2nd Sight LabNeed Help With Cybersecurity, Cloud, or Application Security?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
🔒 Request a penetration test or security assessment
🔒 Schedule a consulting call
🔒 Cybersecurity Speaker for PresentationFollow for more stories like this:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
❤️ Sign Up my Medium Email List
❤️ Twitter: @teriradichel
❤️ LinkedIn: https://www.linkedin.com/in/teriradichel
❤️ Mastodon: @teriradichel@infosec.exchange
❤️ Facebook: 2nd Sight Lab
❤️ YouTube: @2ndsightlab