The Hacker and the State: Cyber Attacks and the New Normal of Geopolitics
- Downloads:1353
- Type:Epub+TxT+PDF+Mobi
- Create Date:2021-09-13 09:53:38
- Update Date:2025-09-06
- Status:finish
- Author:Ben Buchanan
- ISBN:0674987551
- Environment:PC/Android/iPhone/iPad/Kindle
- Download
Reviews
Firuza Karimova
,
Well researched and unbiased book on most notable cyber attacks in the past decade。 Good for people who would like to understand the cyber attacks from geopolitical perspective。 As a cyber security professional, unfortunately, I didnt find anything new in the book。
Syed Saqib Mumtaz Hashmi
,
Cyber Domain is the newest domain for competition among the states across the globe。 Developed nations especially USA has technological edge which no other country has been able to imitate。 This books shows that privacy in 21st century is only figment of imagination。 Internet is no more anonymous and in order to protect ones private information effort must be made。 Even developed nations with freedom of expression and right to privacy are involved in spying on own people。 Must read for all。
Andrew Carr
,
The Hacker and the State is an attempt to ask what cyber attacks mean for geopolitics。 The answer, according to Buchanan (who has a PhD from Kings War Studies, and now at Harvard) is that Cyber is best thought of as akin to Special Forces。 Able to undertake sabotage, theft, intelligence, basic retaliation etc, but not useful for signalling future intentions or capabilities as more conventional military forces allow。This book is an excellent overview of major cyber attacks and failures in recent The Hacker and the State is an attempt to ask what cyber attacks mean for geopolitics。 The answer, according to Buchanan (who has a PhD from Kings War Studies, and now at Harvard) is that Cyber is best thought of as akin to Special Forces。 Able to undertake sabotage, theft, intelligence, basic retaliation etc, but not useful for signalling future intentions or capabilities as more conventional military forces allow。This book is an excellent overview of major cyber attacks and failures in recent decades。 It clearly demonstrates why and how the US and Five-eyes network has a commanding position at the heart of the internet because of geography, history, wealth and ambition。 From there the story flows out through the NSA's dubious use of corporate ties and global standards, to the way others states such as Russia, China, Iran and North Korea have used cyber attacks to hurt or steal from each other。The strength of this book is that it is grounded in the study of strategic studies。 While it covers many events you'll have read about online, there's always a lurking 'so what does this mean' question driving the discussions。 The book argues that the cyber world matters immensely for international politics which it somewhat successfully demonstrates。 (Showing at least that the arena is viewed as incredibly significant by the states themselves, even if not clearly demonstrating that state relations or the global environment is that different because of it)。 In doing so, Buchanan reveals the investment, concern, and layer upon layer of ethical, political and security complexities that the cyber arena forces on states。 One amusing section is the description of how North Korea had hacked China, and South Korea had hacked North Korea, and the US had hacked South Korea, and this enabled the US to gain access to files which China had hacked from someone else。 Thomas Schelling, eat your heart out。 The book covers many of the well known cases of hacking, worms, ransomware, destruction and outright theft, (Stuxnet, Wannacry, Sony & North Korea) in strong detail, while also highlighting many which are far less well known, such as the loss of NSA tools via the still-unknown 'shadow brokers'。Overall, a very useful read for those looking to better understand this domain or who know a bit about the arena and want a refresher from a sharp analytical perspective。 Recommended。 Ohh, and before you go buy it, update your computer to get the latest security patches。 Like right now。 。。。more
Karla Kitalong
,
I probably wouldn't have read this book if my husband had not bought it。 Glad I read it, though; glad to have some insight into both the methods and rationales for cyber attacks。 I probably wouldn't have read this book if my husband had not bought it。 Glad I read it, though; glad to have some insight into both the methods and rationales for cyber attacks。 。。。more
Paul Grostad
,
While it didn't reveal much unknown information, I really liked the strategic and geo-political perspective of this book。 While it didn't reveal much unknown information, I really liked the strategic and geo-political perspective of this book。 。。。more
Georg Bryn
,
Interessant bok som gir innsikt i utfordringer, metoder og formål med cyberoperasjoner。 Dette er en bok mange burde lese, særlig om du har en lederjobb hvor du har et snev av ansvar for IKT。 Da tar du det på alvor etter å ha lest denne。
Amir Sarabadani
,
Quite eye-opening and extremely captivating。
Zachery Tyson
,
This is a good book。 I didn't agree with all the points the author raised, but they did prompt more questions which is always good, and the central thesis - that cyber operations are used more to shape the strategic environment and are not at all suited to the language of warfare and deterrence, is spot on。 This is a good book。 I didn't agree with all the points the author raised, but they did prompt more questions which is always good, and the central thesis - that cyber operations are used more to shape the strategic environment and are not at all suited to the language of warfare and deterrence, is spot on。 。。。more
Dennis Murphy
,
The Hacker and the State: Cyber Attacks and the New Normal of Geopolitics by Ben Buchanan is a very good exploration of the use of hacking as it pertains to statecraft。 Most of the text is narrative and descriptive, with hints at the argument Ben is crafting。 Each of the three parts is very useful, as they attempt to bootstrap the reader's knowledge of the vulnerabilities, and later provides cases and consequences of their exploitation。 The most important part of the book is a comparatively slen The Hacker and the State: Cyber Attacks and the New Normal of Geopolitics by Ben Buchanan is a very good exploration of the use of hacking as it pertains to statecraft。 Most of the text is narrative and descriptive, with hints at the argument Ben is crafting。 Each of the three parts is very useful, as they attempt to bootstrap the reader's knowledge of the vulnerabilities, and later provides cases and consequences of their exploitation。 The most important part of the book is a comparatively slender conclusion, which might take fifteen to thirty minutes to get through。 That's the lessons learned section, and it highlights the difficulty of using cyber attacks as a mechanism of signaling。 Its more suited to espionage, as its destructive capabilities both depend on a lack of retribution and have the potential to spill over and hit innocent targets。 Its well worth your time, especially if you are in government or higher level corporate management。 91/100 。。。more
Joe Orenstein
,
An exceptionally well-written analysis of the impacts of cyber attacks and warfare, and the relative contributions these activities have on geopolitics。 The book is well-organized。 It contains a lot of detail while not going down unnecessary rabbit holes。 This book is great for helping to understand the impact of events that we hear about in the news, and those we don't。 Maintaining perspective while enabling proactive defenses and proportional responses is an essential characteristic for leader An exceptionally well-written analysis of the impacts of cyber attacks and warfare, and the relative contributions these activities have on geopolitics。 The book is well-organized。 It contains a lot of detail while not going down unnecessary rabbit holes。 This book is great for helping to understand the impact of events that we hear about in the news, and those we don't。 Maintaining perspective while enabling proactive defenses and proportional responses is an essential characteristic for leaders in this new era。 。。。more
Isaac Gill
,
Absolutely excellent! Very, very informative and well written。 The writing style and the content were just stellar, there were several stories covered that I didn't know had happened。 Thoroughly informative, I was worried the slant against Trump would mean author was biased, but he wasn't, very good author; wish he'd covered Qatar/Saudi/UAE hacking a bit more Reuters covered the UAE thing well and Saudi-MBS hacking of Bezos, happened or not - it is fascinating。 Hacking does seems like it will be Absolutely excellent! Very, very informative and well written。 The writing style and the content were just stellar, there were several stories covered that I didn't know had happened。 Thoroughly informative, I was worried the slant against Trump would mean author was biased, but he wasn't, very good author; wish he'd covered Qatar/Saudi/UAE hacking a bit more Reuters covered the UAE thing well and Saudi-MBS hacking of Bezos, happened or not - it is fascinating。 Hacking does seems like it will be a bigger and bigger part of state power。 。。。more
Alvin
,
A good discussion of the use of cyber attacks as part of the new world of geopolitics。 A bit wonky and deep on the technology at times, but puts the various techniques in perspective。
Kārlis Bergmanis
,
This review has been hidden because it contains spoilers。 To view it, click here。 Very concise summary of things ongoing。 It goes over all major campaigns that we are aware of - Stuxnet, Sandworm, NotPetya etc。 Even though detailed descriptions of a single attack (like Zero Hour, book about Stuxnet) are more interesting to read, I took some things from this as well:- In military terms cyberwarfare is poor tool for signalling, meaning that it can't be used to demonstrate force and prevent need to use it。 It's effective only when used without warning。- Even though this book and Very concise summary of things ongoing。 It goes over all major campaigns that we are aware of - Stuxnet, Sandworm, NotPetya etc。 Even though detailed descriptions of a single attack (like Zero Hour, book about Stuxnet) are more interesting to read, I took some things from this as well:- In military terms cyberwarfare is poor tool for signalling, meaning that it can't be used to demonstrate force and prevent need to use it。 It's effective only when used without warning。- Even though this book and other sources name multiple countries with cyber warfare capabilities, truth is that only three have it。- Something that shouldn't be surprising is that no matter how many of such operations are exposed and stopped, it's only tip of iceberg, compared to all that are ongoing and aren't or never will be discovered。 。。。more
Adam Doherty
,
This was a riveting read for those interested in cybersecurity。 I wasn't able to put it down。 The sheer volume of notes that accompany the book make for fascinating additional reads。 This was a riveting read for those interested in cybersecurity。 I wasn't able to put it down。 The sheer volume of notes that accompany the book make for fascinating additional reads。 。。。more
Chelsea
,
I found this book super interesting。 As a lay person, I do not know much or hear much about the cyber security。 This book talks about so many cyber attacks that I do not remember ever appearing in the news and I watch it nightly。
Ryan
,
This is an excellent overview of state-sponsored cyber attacks (NotPetya, Russian interference in US elections, Stuxnet, Iranian operations against Sheldon Adelson, 。。。), and makes the consistent and well supported argument that 1) cyber isn't like nuclear or other WMD which are primarily deterrents vs。 actually used 2) cyber isn't useful for deterrence because attacks can't be well calibrated or predicted, and can't demonstrate ability to escalate clearly if not complied with。A lot of the infor This is an excellent overview of state-sponsored cyber attacks (NotPetya, Russian interference in US elections, Stuxnet, Iranian operations against Sheldon Adelson, 。。。), and makes the consistent and well supported argument that 1) cyber isn't like nuclear or other WMD which are primarily deterrents vs。 actually used 2) cyber isn't useful for deterrence because attacks can't be well calibrated or predicted, and can't demonstrate ability to escalate clearly if not complied with。A lot of the information about these attacks is more thoroughly reported elsewhere, but it did include some interesting and new-to-me information about US vs。 USSR economic/espionage operations in the 1980s (where the US intentionally fed bad data and components to USSR to make suboptimal decisions and failed equipment -- most of this is still classified and not reported anywhere in detail that I've found。)Overall, I tend to agree with the author that cyber isn't particularly like nuclear in any way, and is much more like traditional intelligence/influence operations。 。。。more
Brian S
,
interesting read, seems well researched and apolitical。
John Calhoun
,
**Full disclosure Ben Buchanan is a friend of mine**Great read which takes you inside some underreported details about some of the major hacking attacks of the last few years。 Really helpful in consolidating one's understanding of this issue。 **Full disclosure Ben Buchanan is a friend of mine**Great read which takes you inside some underreported details about some of the major hacking attacks of the last few years。 Really helpful in consolidating one's understanding of this issue。 。。。more
Wej
,
The well-established theatres of war (land, sea, and air) have been changing through the years along with the development of new technologies。 However, one of these new technologies - Internet - created an entirely new arena - the cyberspace。 Information warfare, espionage, and destabilisation have also been conducted in the pre-Internet times but the Internet expanded the states' capacities to run their operation in all of these domains。 As Edward Snowden mentioned in his autobiography, espiona The well-established theatres of war (land, sea, and air) have been changing through the years along with the development of new technologies。 However, one of these new technologies - Internet - created an entirely new arena - the cyberspace。 Information warfare, espionage, and destabilisation have also been conducted in the pre-Internet times but the Internet expanded the states' capacities to run their operation in all of these domains。 As Edward Snowden mentioned in his autobiography, espionage is currently the most efficient when done online。 Propaganda can be augmented through the sockpuppets on social media。 Cyber weapons can ground down the physical infrastructure - NSA's Stuxnet, which attacked Iranian centrifuges, was the first known case。Ben Buchanan describes the world of state-sponsored cyber attacks and how they relate to geopolitical goals。 The cyber capabilities started existence in the most technologically developed nations (the US, and other member of Five Eyes alliance) which exploited their home-field advantage due to technological development and access to undersea cables。 Then the cyber capacities expanded to other major states (Russia and China), and eventually got picked up by other states (Iran or North Korea)。 Currently, private sector companies offer easy to use cyber tech to states with deep pockets (e。g。 Saudi Arabia)。The book is split into three main parts: 1。 Espionage - describes how the cyber capacities evolved from the original signal interception capabilities。 Encryption and decryption being some of the drivers of the current capacities of the states most advanced in the cyber area。 These capacities led the states to include backdoors in the encryption algorithms (e。g。 Dual_EC_DRBG)。 Strategic espionage is used by the states to understand the position of their adversaries before important negotiations or to steal technical secrets。 Buchanan gives examples of the NSA and PLA using network penetration for their advantage, e。g。 speeding up the development of the air fleet in the case of China。2。 Attack - offensive cyber capacities for a while were a realm of sci-fi but Stuxnet changed this perception。 Shamoon (2012) was Iran's operation aimed at scarring Saudi-owned Aramco。 Ababil (2012) was another Iranian operation of targeted sabotage (using DDoS), this time aimed at the BoA, NYSE, and Chase Bank。 Coercive cyber capacities were evidenced by North Korean attempts to suppress the release of the film The Interview and subsequent hacking of Sony's email and dumping them online。 Testing and signalling is exemplified by Russian exploits in Ukraine (CRASHOVERRIDE), resulting in blackouts in large parts of the country。3。 Destabilisation - election interference was probably the cyber action that gained the most coverage in the news due to the Russian influence campaign in 2016 US election。 However, the author describes the British campaign to drag the US into WW2 as much more influential。 In that campaign, a made up Market Analysts Inc。 stated that 60% of US representatives support backing Great Britain in the war against the Nazis。Buchanan goes into great detail in describing how the network of Democratic National Committee was compromised in 2015 and how the information was leaked。 The chapter on Exposure described how states use the cyber attacks to leak the tools or expose cyber operations of their adversaries。 The main point is the leak of NSA's hacking tools by the group calling themselves the Shadow Brokers (attributed to the Russians)。 The motivation for this attack remains unclear but the author provides suggestions that Russian services work closely with cyber criminals which might use these tools for their own purposes。 The leaked tools were later used in ransomware attacks (WannaCry or NotPetya)。 This usage of the cyber tools shed lights on the US capacities and dangers related to allowing the existence of bugs/backdoors in popular software。Theft is a way for the state-sponsored hackers to obtain funds。 North Korean operations aimed at financial institutions are given as examples。 They specialised in extracting funds from banks, with the attack on the central bank of Bangladesh being the best known。 However, the private banks are their most common target。 NK hackers seem to have a very good understanding of the SWIFT system which they used in the past to steal large sums。Buchanan concludes stating that hacking is a versatile tool for geopolitical shaping but it is not particularly useful for geopolitical signalling。 Cyber operations might have unintended consequences and often rely on secrecy so are less straightforward tools of signalling than deploying conventional weapons (e。g。 joint exercises or deploying warships)。 The cyber operations and their aggresiveness are likely to grow in capability。 Luckily, for the civilians, the cyber capabilities are far from the destructive powers of nuclear weapons。 。。。more
Ietrio
,
The first red flag was Harvard University Press。The second red flag is the qualifications of the bureaucrat。In fact, this is a rehash of the 1950s push that "In order to fight the Red, we have to become more Red" with some tech jargon thrown in。 The problem is more profound and flies way over the grasp of Buchanan。 Systems are designed to be usable。 Stuxnet was possible because Windows XP is made for grandma to see online pictures of her grandsons and not to secure critically important infrastru The first red flag was Harvard University Press。The second red flag is the qualifications of the bureaucrat。In fact, this is a rehash of the 1950s push that "In order to fight the Red, we have to become more Red" with some tech jargon thrown in。 The problem is more profound and flies way over the grasp of Buchanan。 Systems are designed to be usable。 Stuxnet was possible because Windows XP is made for grandma to see online pictures of her grandsons and not to secure critically important infrastructure。 Add to that some stories of how the spook industry deliberately weakened computer security because they wanted to get in, add $10 million of tax money used to break perfectly good cryptography (https://www。reuters。com/article/us-us。。。), or how they pay people who could be doing Humanity a favor by bringing better security just to backdoor the same security (https://en。wikipedia。org/wiki/Dual_EC。。。)。 The list can go on and on。 And the US tax payer is paying for this useful idiot (https://en。m。wikipedia。org/wiki/Usefu。。。) to tell them that they have to fear people that the government wants dead。 。。。more
Lynnette M
,
Very difficult when starting but then because of all the current hacking, which will only get worse as the 2020 elections come nearer, found it to be fascinating and extremely pertinent。
conte
,
Amazing breakdown of some of the most influential cyberattacks in history。 This is a must read!This book broke down the key points of the most significant cyber attacks in history。 Highly intellectual and easy to follow。 This read will force you to think and provoke a fire inside you that you haven’t felt in a long time。
Alex Telfar
,