Feeds

Fatal System Error: Watching the miscreants

The net's heart of darkness

Providing a secure and efficient Helpdesk

Book review Fatal System Error - The Hunt for the New Crime Lords Who Are Bringing Down the Internet is an informative and entertaining look at the roots of the burgeoning cybercrime economy and its links to government, featuring a rogue's gallery of international wrong 'uns.

Joseph Menn peers down into the underground economy through the eyes of two hero protagonists who fought cybercrime: Barrett Lyon, technologist and founder of anti-DDoS tool firm Prolexic, and Andy Crocker, a cybercop and former officer in the UK's National High Tech Crime Unit (NHTCU).

The book has an unusual two-part structure. The first half of the book focuses on Lyon, and how his nascent security firm was set up from money from offshore gambling firm, BetCRIS. The Costa Rica-based firm is staffed by a colourful collection of US and Canadian ex-pats who Lyon comes to distrust.

Offshore gambling firms like BetCRIS, some of with ties to the US mafia, become the victims of cyber-extortionists from Russia and neighbouring countries who update old-school protection rackets for the internet age. Lyon uses all his considerable technical abilities to repel these threats.

The second and main part of the story tells how Crocker is sent on a mission to investigate cyber-extortion attacks against UK bookmakers. Early in the book we learn that Lyon posed as a hacker to gain an insight into how DDoS attacks are organised.

His feigned relationship with one of the hackers provides intelligence that helps kick start Crocker's investigation, a long and fraught process that eventually leads to conviction and tough prison sentences for three DDoS extortionists in Russia.

Crocker spent several years in Russia investigating the case. His arduous task highlights the difficulties future investigators will face. Menn, a business writer for the Financial Times USA and formerly of the Los Angeles Times, has a knack for boiling down complex technology into everyday language without distortion. He also does a neat line in pen portraits on his subjects.

The author formerly covered Hollywood, famously discovering that Disney Corp may not have the retained the image rights for the first version of Mickey Mouse while at the LA Times, and it's clear that his book has half an eye towards a screenplay. My own impression is that a documentary might suit this particular subject matter.

Menn, who travelled to Russia and Costa Rica in researching the book, is dogged in nailing down every strand of the investigation and his book benefits from this. Unlike other books on the subject, the book is neither a first person account nor a tale woven together from clippings but from an obviously extensive number of interviews.

A picture is presented of how cybercrooks in Russia and China operate with the blessing of corrupt government insiders. It's one of the best descriptions of the formation of the underground economy I've read. It deserves to be read by those in the IT security industry, policy formation and with any interest in a hype-free expose of the true face of cybercrime.

Highly recommended. ®

Fatal System Error - The Hunt for the New Crime Lords Who Are Bringing Down the Internet, by Joseph Menn

Hardback, 288 pages, £15.99, 978-1586487485

Choosing a cloud hosting partner with confidence

More from The Register

next story
SMASH the Bash bug! Apple and Red Hat scramble for patch batches
'Applying multiple security updates is extremely difficult'
Shellshock: 'Larger scale attack' on its way, warn securo-bods
Not just web servers under threat - though TENS of THOUSANDS have been hit
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
Hackers thrash Bash Shellshock bug: World races to cover hole
Update your gear now to avoid early attacks hitting the web
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Who.is does the Harlem Shake
Blame it on LOLing XSS terroristas
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
Stunned by Shellshock Bash bug? Patch all you can – or be punished
UK data watchdog rolls up its sleeves, polishes truncheon
prev story

Whitepapers

A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.