Estimated reading time: 1 minute, 59 seconds

'Hacking Is About Humans': New Book Traces Cybercrime History   Featured

Sunday, Jun 04 2023
General
Written by  Security Tech Brief Staff

Fancy Bear Goes Phishing, a new book by Scott Shapiro, examines the history of hacking and suggests approaches for fighting it, according to multiple published reviews and reports.

Shapiro is a professor of law and philosophy at Yale Law School, and he also leads Yale’s Cybersecurity Lab, which does research into security and information technology. He previously co-authored the 2017 book The Internationalists, a history of the laws of war that looks ahead to whether the same rules will govern cyber conflicts.

As City AM’s reviewer writes, this is “an impressive range in expertise, and one that leaves Shapiro in a unique position to skillfully guide the reader through the history of hacking, with all the tech nitty gritty included.”

Shapiro concludes that the cybersecurity problem can’t be solved, only managed by considering human behavior. “Cybersecurity is not a primarily technological problem that requires a primarily engineering solution,” he writes, as quoted by Ars Technica. “It is a human problem that requires an understanding of human behavior.” His go-to adage in the text: “Hacking is about humans.”

hillary clinton 1724469 1280As The Economist and The Guardian explain, the book walks through five major hacks:

  • The Internet’s first worm, known as the Morris worm, created in 1988 in an experiment gone wrong by a Cornell University student
  • The Dark Avenger, a pseudonymous Bulgarian virus writer who wiped out computer data in the 1990s
  • The 2005 hack of celebrity Paris Hilton’s mobile phone data, which exposed nude photographs
  • The 2016 hack of Hillary Clinton’s presidential campaign, which led to the damaging release of emails
  • The 2016 “Mirai botnet,” in which three young men amassed an army of computers that could be used to take down websites

Shapiro distinguishes between what he calls “downcode,” the actual software used in cyberattacks, and “upcode,” the human cognition and norms that allow the attacks to occur.

The Guardian identifies four takeaways from Shapiro’s book. First, as he writes, “Hacking is not a dark art, and those who practice it are not 400lb wizards or idiot savants.” Second, hacking is a business, perpetrated by rational actors who want money. Third, to reduce the threat of cyberattacks, governments will have to criminalize the failure to safeguard information. And fourth, as the newspaper puts it: “Mass media plays a really malignant role by providing an endless loop of scare stories and zero understanding of the problem.”

 

Read 1765 times
Rate this item
(0 votes)
More in this category: « Hackers' Dwell Time Shrinks: Mandiant’s M-Trends 2023 Verizon Flags Social Engineering, Ransomware in 2023 Report   »

Visit other PMG Sites:
PMG360 is committed to protecting the privacy of the personal data we collect from our subscribers/agents/customers/exhibitors and sponsors. On May 25th, the European's GDPR policy will be enforced. Nothing is changing about your current settings or how your information is processed, however, we have made a few changes. We have updated our Privacy Policy and Cookie Policy to make it easier for you to understand what information we collect, how and why we collect it.
Ok Decline