Cyber Warfare, Espionage, Metadata, Hacking – Want to Know More?
I don’t often recommend books but …
I realised recently that I had only a superficial understanding of what lay behind stories such as the Russian hacking of Western databases, and the Stuxnet attack on Iranian nuclear industry centrifuges.
In particular, I had no real feel for the importance of metadata such as call signs, traffic patterns, and ‘who talks to whom?’ – all of which are nowadays subject to amazingly sophisticated analysis by GCHQ and others.
Nor did I realise quite how much key infrastructure is remotely monitored by engineers using laptops which are otherwise open to the internet, and so susceptible to phishing.
And there is an interesting regulatory issue. Much infrastructure is nowadays in private hands, so whose responsibility is it to defend it? Government is understandably reluctant to take on such a massive task, but industry is understandably unwilling to foot the bill. The answer, in the UK at least, is that the owners of designated Critical National Infrastructure have a legal duty to safeguard it, advised and monitored by the Centre for the Protection of National Infrastructure or the National Cyber Security Centre.
If you feel similarly uneducated in this important area, I recommend Gordon Corera’s ‘Intercept – The Secret History of Computers and Spies’. It’s readable and – as far as I can tell – authoritative.