Countdown to Zero Day

Countdown to Zero Day

Synopsis

Countdown to Zero Day, by Kim Zetter, is an in depth accounting of how the Stuxnet malware package was developed, discovered, and what impact it had on the world. Kim Zetter gives a behind the scenes peak from the perspective of malware researchers from Symantec, as well as insight on the politics behind the attack. This accounting strikes an impressive balance between technical and narrative details that makes Countdown to Zero Day an amazing read for cyber security professionals.


My Reaction

Kim Zetter refrains from toning down many of the technical details behind the attack, as many other novelists do. Its a breath of fresh air to see actual filenames, algorithms, and specific mechanisms discussed as part of a larger narrative. That said, she still provides plenty of narrative to help the uninitiated glean valuable lessons from the tale of the first nation state cyber war attack. While sometimes the political insights tend to drag on, the overall story is succinct enough that I finished the whole novel in just two sittings.


Recommendation

I highly recommend any cyber security professional to pick up this book. Besides learning a lot about this specific attack, the novel exposes some aspects of bug bounty hunting, malware reverse engineering, and operational technology security. Many may thing OT/ICS security doesn’t affect them but with IoT, self driving vehicles, and automated factories – you may be faced with tough security questions faster than you think.

[dsm_block_reveal_text block_reveal_text=”Recommended Reading for:” block_reveal_delay=”0.5″ _builder_version=”4.8.1″ _module_preset=”default”][/dsm_block_reveal_text][dsm_star_rating title=”IT Curious Readers” stars_size=”22px” stars_gap=”-2px” stars_color=”#CC7700″ show_number=”on” _builder_version=”4.8.1″ _module_preset=”default” header_text_color=”#D6D6D6″ rating_number_text_color=”#CC7700″ rating_number_font_size=”13px” hover_enabled=”0″ header_font=”|800|||||||” sticky_enabled=”0″][/dsm_star_rating][dsm_star_rating rating=”4″ title=”All IT Professionals” stars_size=”22px” stars_gap=”-2px” stars_color=”#CC7700″ show_number=”on” _builder_version=”4.8.1″ _module_preset=”default” header_text_color=”#D6D6D6″ rating_number_text_color=”#CC7700″ rating_number_font_size=”13px” hover_enabled=”0″ sticky_enabled=”0″][/dsm_star_rating][dsm_star_rating rating=”4″ title=”Help Desk Technicians” stars_size=”22px” stars_gap=”-2px” stars_color=”#CC7700″ show_number=”on” _builder_version=”4.8.1″ _module_preset=”default” header_text_color=”#D6D6D6″ rating_number_text_color=”#CC7700″ rating_number_font_size=”13px” hover_enabled=”0″ sticky_enabled=”0″][/dsm_star_rating][dsm_star_rating title=”System Administrators” stars_size=”22px” stars_gap=”-2px” stars_color=”#CC7700″ show_number=”on” _builder_version=”4.8.1″ _module_preset=”default” header_text_color=”#D6D6D6″ rating_number_text_color=”#CC7700″ rating_number_font_size=”13px” hover_enabled=”0″ header_font=”|800|||||||” sticky_enabled=”0″][/dsm_star_rating][dsm_star_rating title=”Network Administrators” stars_size=”22px” stars_gap=”-2px” stars_color=”#CC7700″ show_number=”on” _builder_version=”4.8.1″ _module_preset=”default” header_text_color=”#D6D6D6″ rating_number_text_color=”#CC7700″ rating_number_font_size=”13px” hover_enabled=”0″ header_font=”|800|||||||” sticky_enabled=”0″][/dsm_star_rating][dsm_star_rating title=”Software Developers” stars_size=”22px” stars_gap=”-2px” stars_color=”#CC7700″ show_number=”on” _builder_version=”4.8.1″ _module_preset=”default” header_text_color=”#D6D6D6″ rating_number_text_color=”#CC7700″ rating_number_font_size=”13px” hover_enabled=”0″ header_font=”|800|||||||” sticky_enabled=”0″][/dsm_star_rating][dsm_star_rating title=”Security Analysts” stars_size=”22px” stars_gap=”-2px” stars_color=”#CC7700″ show_number=”on” _builder_version=”4.8.1″ _module_preset=”default” header_text_color=”#D6D6D6″ rating_number_text_color=”#CC7700″ rating_number_font_size=”13px” hover_enabled=”0″ header_font=”|800|||||||” sticky_enabled=”0″][/dsm_star_rating][dsm_star_rating title=”Security Engineers” stars_size=”22px” stars_gap=”-2px” stars_color=”#CC7700″ show_number=”on” _builder_version=”4.8.1″ _module_preset=”default” header_text_color=”#D6D6D6″ rating_number_text_color=”#CC7700″ rating_number_font_size=”13px” hover_enabled=”0″ header_font=”|800|||||||” sticky_enabled=”0″][/dsm_star_rating][dsm_star_rating title=”Penetration Testers” stars_size=”22px” stars_gap=”-2px” stars_color=”#CC7700″ show_number=”on” _builder_version=”4.8.1″ _module_preset=”default” header_text_color=”#D6D6D6″ rating_number_text_color=”#CC7700″ rating_number_font_size=”13px” hover_enabled=”0″ header_font=”|800|||||||” sticky_enabled=”0″][/dsm_star_rating][dsm_star_rating title=”CISOs” stars_size=”22px” stars_gap=”-2px” stars_color=”#CC7700″ show_number=”on” _builder_version=”4.8.1″ _module_preset=”default” header_text_color=”#D6D6D6″ rating_number_text_color=”#CC7700″ rating_number_font_size=”13px” hover_enabled=”0″ header_font=”|800|||||||” sticky_enabled=”0″][/dsm_star_rating][dsm_star_rating title=”CIOs” stars_size=”22px” stars_gap=”-2px” stars_color=”#CC7700″ show_number=”on” _builder_version=”4.8.1″ _module_preset=”default” header_text_color=”#D6D6D6″ rating_number_text_color=”#CC7700″ rating_number_font_size=”13px” hover_enabled=”0″ header_font=”|800|||||||” sticky_enabled=”0″][/dsm_star_rating][dsm_star_rating rating=”4″ title=”CTOs” stars_size=”22px” stars_gap=”-2px” stars_color=”#CC7700″ show_number=”on” _builder_version=”4.8.1″ _module_preset=”default” header_text_color=”#D6D6D6″ rating_number_text_color=”#CC7700″ rating_number_font_size=”13px” hover_enabled=”0″ header_font=”||||||||” sticky_enabled=”0″][/dsm_star_rating][dsm_star_rating rating=”4″ title=”CEOs” stars_size=”22px” stars_gap=”-2px” stars_color=”#CC7700″ show_number=”on” _builder_version=”4.8.1″ _module_preset=”default” header_text_color=”#D6D6D6″ rating_number_text_color=”#CC7700″ rating_number_font_size=”13px” hover_enabled=”0″ header_font=”||||||||” sticky_enabled=”0″][/dsm_star_rating]
[dsm_star_rating title=”My Rating” stars_display_type=”block” stars_size=”30px” stars_color=”#CC7700″ _builder_version=”4.8.1″ _module_preset=”default” header_text_color=”#FFFFFF” header_font_size=”26px” text_orientation=”center” hover_enabled=”0″ sticky_enabled=”0″][/dsm_star_rating]
[dsm_star_rating title=”Amazon Rating” stars_display_type=”block” stars_size=”30px” stars_color=”#CC7700″ _builder_version=”4.8.1″ _module_preset=”default” header_text_color=”#FFFFFF” header_font_size=”26px” text_orientation=”center”][/dsm_star_rating]
[dsm_star_rating rating=”4″ title=”GoodReads Rating” stars_display_type=”block” stars_size=”30px” stars_color=”#CC7700″ _builder_version=”4.8.1″ _module_preset=”default” header_text_color=”#FFFFFF” header_font_size=”26px” text_orientation=”center”][/dsm_star_rating]
CyberStorm: A Techno Thriller for the Masses

CyberStorm: A Techno Thriller for the Masses

My Reaction

For IT and cyber security professionals, CyberStorm is a decent read that is just techy enough to relate to, but not techy enough to remind you of your day job.

Matthew Mather does a good job creating a scenario that is believable. Although I do not think this scenario could play out in reality, the effects do seem realistic. The perspective of a mildly tech-saavy group of family and friends stuck in a cyber war makes for an interesting analysis of what people might do in such a situation.

Mather does not go into great detail on the actual cyber attacks or what people are doing to recover. However he does go into what real people might do if our precious internet fails us. A highlight was when one of the characters creates a metropolitan area network in order to share information. In the event of a cyber attack that takes our or severely degrades our access to the internet, creating our own smaller internet is very viable and this novel explores how that could be useful.

Another highlight is how information doesn’t quite flow without technology. The people in the story don’t know what is happening and end up filling in the blanks with some preconceptions and rumors. This ends up paying off quite well in the end.

Lights out in Manhattan (Credit: Jeremy Echols)

One thing that I found quite jarring was that around halfway through the novel, chapters started ending with suspense that promised action in the next chapter. However, the next chapter would fast forward a few hours and tell what happened rather than show it. This wasn’t a consistent theme throughout the book, but it happened quite a few times in a single act making that section feel unsatisfying.

Recommendation

Overall, I was a little let down by how little this book utilized technology and cyber war concepts. However, the story was captivating with the sprinkling of technology and cyber security “what ifs”. After reading many reviews I understand that this book would not be popular if it were more technically complicated. I still enjoyed the read and liked most of the characters. I would recommend this book to my fellow IT professionals, but I won’t oversell it.

[dsm_block_reveal_text block_reveal_text=”Recommended Reading for:” block_reveal_delay=”0.5″ _builder_version=”4.8.1″ _module_preset=”default”][/dsm_block_reveal_text][dsm_star_rating rating=”3″ title=”IT Curious Readers” stars_size=”22px” stars_gap=”-2px” stars_color=”#CC7700″ show_number=”on” _builder_version=”4.8.1″ _module_preset=”default” header_text_color=”#D6D6D6″ rating_number_text_color=”#CC7700″ rating_number_font_size=”13px”][/dsm_star_rating][dsm_star_rating rating=”2″ title=”All IT Professionals” stars_size=”22px” stars_gap=”-2px” stars_color=”#CC7700″ show_number=”on” _builder_version=”4.8.1″ _module_preset=”default” header_text_color=”#D6D6D6″ rating_number_text_color=”#CC7700″ rating_number_font_size=”13px”][/dsm_star_rating][dsm_star_rating rating=”2″ title=”Help Desk Technicians” stars_size=”22px” stars_gap=”-2px” stars_color=”#CC7700″ show_number=”on” _builder_version=”4.8.1″ _module_preset=”default” header_text_color=”#D6D6D6″ rating_number_text_color=”#CC7700″ rating_number_font_size=”13px”][/dsm_star_rating][dsm_star_rating rating=”2″ title=”System Administrators” stars_size=”22px” stars_gap=”-2px” stars_color=”#CC7700″ show_number=”on” _builder_version=”4.8.1″ _module_preset=”default” header_text_color=”#D6D6D6″ rating_number_text_color=”#CC7700″ rating_number_font_size=”13px”][/dsm_star_rating][dsm_star_rating rating=”3″ title=”Network Administrators” stars_size=”22px” stars_gap=”-2px” stars_color=”#CC7700″ show_number=”on” _builder_version=”4.8.1″ _module_preset=”default” header_text_color=”#D6D6D6″ rating_number_text_color=”#CC7700″ rating_number_font_size=”13px” hover_enabled=”0″ sticky_enabled=”0″][/dsm_star_rating][dsm_star_rating rating=”2″ title=”Software Developers” stars_size=”22px” stars_gap=”-2px” stars_color=”#CC7700″ show_number=”on” _builder_version=”4.8.1″ _module_preset=”default” header_text_color=”#D6D6D6″ rating_number_text_color=”#CC7700″ rating_number_font_size=”13px”][/dsm_star_rating][dsm_star_rating rating=”3″ title=”Security Analysts” stars_size=”22px” stars_gap=”-2px” stars_color=”#CC7700″ show_number=”on” _builder_version=”4.8.1″ _module_preset=”default” header_text_color=”#D6D6D6″ rating_number_text_color=”#CC7700″ rating_number_font_size=”13px” hover_enabled=”0″ sticky_enabled=”0″][/dsm_star_rating][dsm_star_rating rating=”2″ title=”Security Engineers” stars_size=”22px” stars_gap=”-2px” stars_color=”#CC7700″ show_number=”on” _builder_version=”4.8.1″ _module_preset=”default” header_text_color=”#D6D6D6″ rating_number_text_color=”#CC7700″ rating_number_font_size=”13px”][/dsm_star_rating][dsm_star_rating rating=”3″ title=”Penetration Testers” stars_size=”22px” stars_gap=”-2px” stars_color=”#CC7700″ show_number=”on” _builder_version=”4.8.1″ _module_preset=”default” header_text_color=”#D6D6D6″ rating_number_text_color=”#CC7700″ rating_number_font_size=”13px” hover_enabled=”0″ sticky_enabled=”0″][/dsm_star_rating][dsm_star_rating rating=”3″ title=”CISOs” stars_size=”22px” stars_gap=”-2px” stars_color=”#CC7700″ show_number=”on” _builder_version=”4.8.1″ _module_preset=”default” header_text_color=”#D6D6D6″ rating_number_text_color=”#CC7700″ rating_number_font_size=”13px”][/dsm_star_rating][dsm_star_rating rating=”3″ title=”CIOs” stars_size=”22px” stars_gap=”-2px” stars_color=”#CC7700″ show_number=”on” _builder_version=”4.8.1″ _module_preset=”default” header_text_color=”#D6D6D6″ rating_number_text_color=”#CC7700″ rating_number_font_size=”13px”][/dsm_star_rating][dsm_star_rating rating=”2″ title=”CTOs” stars_size=”22px” stars_gap=”-2px” stars_color=”#CC7700″ show_number=”on” _builder_version=”4.8.1″ _module_preset=”default” header_text_color=”#D6D6D6″ rating_number_text_color=”#CC7700″ rating_number_font_size=”13px”][/dsm_star_rating][dsm_star_rating rating=”2″ title=”CEOs” stars_size=”22px” stars_gap=”-2px” stars_color=”#CC7700″ show_number=”on” _builder_version=”4.8.1″ _module_preset=”default” header_text_color=”#D6D6D6″ rating_number_text_color=”#CC7700″ rating_number_font_size=”13px”][/dsm_star_rating]
[dsm_star_rating rating=”3″ title=”My Rating” stars_display_type=”block” stars_size=”30px” stars_color=”#CC7700″ _builder_version=”4.8.1″ _module_preset=”default” header_text_color=”#FFFFFF” header_font_size=”26px” text_orientation=”center” hover_enabled=”0″ sticky_enabled=”0″][/dsm_star_rating]
[dsm_star_rating title=”Amazon Rating” stars_display_type=”block” stars_size=”30px” stars_color=”#CC7700″ _builder_version=”4.8.1″ _module_preset=”default” header_text_color=”#FFFFFF” header_font_size=”26px” text_orientation=”center” hover_enabled=”0″ rating=”4″ sticky_enabled=”0″][/dsm_star_rating]
[dsm_star_rating rating=”4″ title=”GoodReads Rating” stars_display_type=”block” stars_size=”30px” stars_color=”#CC7700″ _builder_version=”4.8.1″ _module_preset=”default” header_text_color=”#FFFFFF” header_font_size=”26px” text_orientation=”center”][/dsm_star_rating]