Nicole Perlroth ’04 writes about cybersecurity and digital espionage for The New York Times and recently published her own book, This Is How They Tell Me The World Ends: The Cyber Weapons Arms Race (Bloomsbury). Perlroth has covered everything from large-scale hacks to cyberattacks, and in the book she offers terrifying insight into the global — yet invisible — cyberweapons market, and the role governments play within it. PAW asked her to recommend three additional books on cybersecurity, and she suggested these:
The Red Notice
By Bill Browder
This is not a cybersecurity book, per se, but it is an important primer on America’s savviest digital predator: Russia. We tend to view Russia’s hacks on our democracy, our discourse, our power grid, and more recently, our government networks, through a Western lens, instead of through Vladimir V. Putin’s. Here in the West we like to stereotype Putin as a chess master, but Browder (and later Gasparov) shook me of this theory and made me realize Putin is playing a wholly different game than the rest of us.
By Andy Greenberg
This book digs into the Russian military cyber intelligence unit that we now know to be GRU Unit 74455, but until very recently was known by the security industry’s moniker “Sandworm.” This is the Russian hacking unit credited with some of the most disturbing hacks of our time: Russia’s cyber-induced power outages in Ukraine in 2015 and 2016 and a subsequent cyberattack on Ukraine in 2017 that flew the coop and decimated data at Pfizer; Merck; and Maersk, the global shipping giant; and cost businesses $10 billion in damages. More recently, we have picked up attacks by Sandworm on the 2018 Olympics, and just last month (February) on the software supply chain. Every one of these attacks, my sources warn me, was a dry run for a future cyberattack on the United States. Know thy enemy.
We Are Bellingcat
By Elliot Higgins
The identities of the Russian suspects behind the Salisbury poisoning and the more recent poisoning of Alexei Navalny were not unearthed by spies, or investigative journalists, but by the private citizens behind Bellingcat, an investigative unit that scours the world’s open-source data for leads. This is the first-person story of the man behind Bellingcat, a dropout who created an entirely new category of investigation and is solving some of the biggest mysteries of our era.