When friends and colleagues ask me how they can learn about cybersecurity, I provide the following advice. Rather than read textbooks or something like Network Security for Dummies, I recommend that they read a few of the more popular and recent titles from Amazon. I’m talking about books like Richard Clarke’s Cyberwar, Joseph Menn’s Fatal System Error, or Mark Bowden’s Worm. All of these are entertaining and insightful. It is with this mindset that I recommend that anyone interested in cybersecurity read the book, Kingpin, by Kevin Poulsen. I don’t know Kevin but he is well qualified as an author. He himself is an ex-hacker, a security expert, and a regular writer for wired magazine. This book is a story about one particular hacker named Max Butler whose security career went from highly-skilled but junior white hat hacker to become a global cyber crime leader who commandeered most of the “carder” (i.e. theft and distribution of credit card numbers, counterfeit cards, and other related criminal services) marketplace worth tens of millions of dollars. The book follows this transformation over several years in a picaresque fashion. I won’t give away any more details but let me provide a few reasons why I liked this book and recommend it so strongly: 1. Poulsen does a great job of avoiding the technology nerd trap of burying the reader with complex concepts and a sea of acronyms. It helps if you understand TCP/IP, encryption, and buffer overflows but it is not a requirement at all. The author consistently provides everyday analogues for technology concepts that makes the book readable – even if you aren’t a CISSP. 2. The book really gets into the head of Max Butler, exploring his background, psychology, brushes with law enforcement, even his relationships. Poulsen seems to be addressing why Hackers become hackers which a human element that complements the bits and bytes. 3. Kingpin may read like a novel but it is a true story. As such, it does a good job of demonstrating how vulnerable most organizations are to a cyber attack with real examples rather than research and statistics. In fact, the book concludes by talking about the continuing vulnerabilities around credit card magnetic strips. 4. The author does a great job of mapping the cyber crime underworld and includes descriptions of geography, workflow, specialization, money, etc. For example, the book really describes the division of labor between the highly skilled hackers at one end of the spectrum and the common thieves and dirt bags on the other. 5. Like a few other cybersecurity stories (Fatal System Error comes to mind), Kingpin included a description of law enforcement strategies, tactics, processes, and limitations as they relate to cyber crime. In other words, you get to see cybersecurity from the perspective of cops and robbers. It’s hard to learn about any topic when reading is a boring slog. If you are interested in cybersecurity, I think you’ll find Kingpin an educational experience as well as a proverbial “page turner.”
A compelling and gripping story about a hacker’s background, mentality, skills, and criminal activities
Security Skills Shortage Is Impacting Incident DetectionNext Post
Random security predictions for 2013
The agency's higher speed definition allows it to take new actions to encouarge deployment
A site indexed 73,011 unsecured security cameras in 256 countries to illustrate the dangers of using...
Buyers of the earthly explanation for whatever fell from the sky in Roswell, N.M. back in 1947 are...
Sponsored by AT&T
Sponsored by Brocade
The FCC's sternly worded warning about illegal Wi-Fi blocking earlier this week got through to at least...
Part 1 of a two part series on how to get started with home automation
Part 2 of a two part series on how to get started with home automation
Jazz up your system's storage, memory, networking and display without breaking the bank with CIO.com’s...