Countdown to Zero Day
Synopsis
Countdown to Zero Day, by Kim Zetter, is an in depth accounting of how the Stuxnet malware package was developed, discovered, and what impact it had on the world. Kim Zetter gives a behind the scenes peak from the perspective of malware researchers from Symantec, as well as insight on the politics behind the attack. This accounting strikes an impressive balance between technical and narrative details that makes Countdown to Zero Day an amazing read for cyber security professionals.
My Reaction
Kim Zetter refrains from toning down many of the technical details behind the attack, as many other novelists do. Its a breath of fresh air to see actual filenames, algorithms, and specific mechanisms discussed as part of a larger narrative. That said, she still provides plenty of narrative to help the uninitiated glean valuable lessons from the tale of the first nation state cyber war attack. While sometimes the political insights tend to drag on, the overall story is succinct enough that I finished the whole novel in just two sittings.
Recommendation
I highly recommend any cyber security professional to pick up this book. Besides learning a lot about this specific attack, the novel exposes some aspects of bug bounty hunting, malware reverse engineering, and operational technology security. Many may thing OT/ICS security doesn’t affect them but with IoT, self driving vehicles, and automated factories – you may be faced with tough security questions faster than you think.