Today I'm pointing to an excellent book by Pulitzer Prize-winning journalist Byron Acohido and his USA Today colleague Jon Swartz called Zero Day Threat: The Shocking Truth of How Banks and Credit Bureaus Help Cyber Crooks Steal Your Money and Identity. 

The title page presents the authors’ definition of "zero day threat": "a hazard so new that no viable protection against it yet exists." Other experts would refer to a zero-day exploit. The theme of the book is that the largely unregulated credit card industry has put millions of people in financial difficulties through error, fraud and deliberate resistance to anti-fraud measures.

The last page of the text summarizes the situation: “Cybercrime has evolved into a full-fledged, thriving economy operating on a global scale. Two distinct markets have emerged: one revolves around the harvesting of sensitive data, the other around supplying the goods and services needed to convert stolen data into tangible profit. The use of the Internet as a global communications and transactions channel for criminal pursuits has become ingrained. Meanwhile, law enforcement outside of North America remains negligible; banks, merchants, and media companies continue to enable more types of online transactions, and consumers continue to be seduced by the convenience of our card-based payments system and the Internet.”

The authors write in a breezy, journalistic style that is tremendous fun – it reads almost like a novel in places:

“Bereft of any furniture to speak of, the apartment was thoroughly trashed. It looked to [Detective Bob] Gauthier, a lifelong hockey player who, at age forty-eight, still played goalie on the police league team, as if a rampaging winger had gone berserk in the place. Shattered glass from unknown knickknacks and dinnerware littered the floor. Elongated gashes marred the walls, as if someone had been doing drills with his hockey stick and the walls got in the way. The glass oven door was obliterated.”

Alternating through descriptions of real-life crime, interesting detective work, forensic investigations, and economic analysis, the book is packed with good reading and good information about today’s economic crimes. I have assigned it as required reading in my new senior special-topics seminar, “Politics of Cyberspace” (IS406), that I’ll be leading at the School of Business and Management at Norwich University in Spring 2009

The authors have a five-minute video about the book on their Web site, which has hundreds of useful links for in-depth news articles as well as current discussions. Reading their blog there is like seeing the next edition of the text in progress. There’s also an interesting interview about their work by Dean Takahashi at VentureBeat.

Good job, guys!

M. E. Kabay, PhD, CISSP-ISSMP, specializes in security and operations management consulting services. CV online.