Kingdom of Lies: Unnerving Adventures in the World of Cybercrime
By Kate Fazzini
3/5
()
About this ebook
“Wow. Kate Fazzini is the rare top-level reporter who can make you see, smell and feel a hidden world, not just understand it. Cybercrime (and security) has found its Michael Lewis.” —Bret Witter, co-author of the #1 NYT bestseller The Monuments Men
One of BookRiot's "50 of the Best Books to Read This Summer"
In the tradition of Michael Lewis and Tom Wolfe, a fascinating and frightening behind-the-scenes look at the interconnected cultures of hackers, security specialists, and law enforcement
A 19-year-old Romanian student stumbles into a criminal ransomware ring in her village. Soon she is extorting Silicon Valley billionaires for millions--without knowing the first thing about computers.
A veteran cybersecurity specialist has built a deep network of top notch hackers in one of the world’s largest banks. But then the bank brings in a cadre of ex-military personnel to “help.”
A cynical Russian only leaves his tiny New Jersey apartment to hack sports cars at a high performance shop in Newark. But he opens his door to a consultant who needs his help.
A hotel doorman in China once served in the People’s Army, stealing intellectual property from American companies. Now he uses his skills to build up a private side-business selling the data he takes from travelers to Shanghai’s commercial center.
Kingdom of Lies follows the intertwined stories of cybercriminals and ethical hackers as they jump from criminal trend to criminal trend, crisis to crisis. A cybersecurity professional turned journalist, Kate Fazzini illuminates the many lies companies and governments tell us about our security, the lies criminals tell to get ahead, and the lies security leaders tell to make us think they are better at their jobs than they are.
Like Traffic set in the cybercrime world, Kingdom of Lies is as entertaining as it is eye opening.
Kate Fazzini
Kate Fazzini is Cybersecurity Reporter for CNBC. Before that she reported on cybersecurity for The Wall Street Journal. She previously served as a principal in the cybersecurity practice at Washington D.C.-based Promontory Financial Group, now a division of IBM. Prior to that, she served as a vice president in cybersecurity operations at JPMorgan Chase. Fazzini teaches in the applied intelligence program at Georgetown University. She lives in New York City.
Related to Kingdom of Lies
Related ebooks
Cyberphobia: Identity, Trust, Security and the Internet Rating: 3 out of 5 stars3/5Hacker, Hoaxer, Whistleblower, Spy: The Many Faces of Anonymous Rating: 4 out of 5 stars4/5Spam Nation: The Inside Story of Organized Cybercrime—from Global Epidemic to Your Front Door Rating: 4 out of 5 stars4/5Why Hackers Win: Power and Disruption in the Network Society Rating: 0 out of 5 stars0 ratingsThe Hacker Crackdown: Law and Disorder on the Electronic Frontier Rating: 4 out of 5 stars4/5Becoming an Ethical Hacker Rating: 4 out of 5 stars4/5Hack the Stack: Using Snort and Ethereal to Master The 8 Layers of An Insecure Network Rating: 0 out of 5 stars0 ratingsThe Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders and Deceivers Rating: 4 out of 5 stars4/5Hacking Multifactor Authentication Rating: 0 out of 5 stars0 ratingsA Vulnerable System: The History of Information Security in the Computer Age Rating: 0 out of 5 stars0 ratingsInfoSec Career Hacking: Sell Your Skillz, Not Your Soul Rating: 3 out of 5 stars3/5Blackhatonomics: An Inside Look at the Economics of Cybercrime Rating: 3 out of 5 stars3/5You CAN Stop Stupid: Stopping Losses from Accidental and Malicious Actions Rating: 0 out of 5 stars0 ratingsTribe of Hackers: Cybersecurity Advice from the Best Hackers in the World Rating: 5 out of 5 stars5/5Dark Territory: The Secret History of Cyber War Rating: 4 out of 5 stars4/5Cybersecurity Experts Rating: 0 out of 5 stars0 ratingsHardware Hacking: Have Fun while Voiding your Warranty Rating: 4 out of 5 stars4/5Breakpoint Rating: 4 out of 5 stars4/5Dissecting the Hack: The F0rb1dd3n Network, Revised Edition: The F0rb1dd3n Network Rating: 4 out of 5 stars4/5Find It Fast: Extracting Expert Information from Social Networks, Big Data, Tweets, and More Rating: 4 out of 5 stars4/5Hacked Again Rating: 5 out of 5 stars5/5Applied Network Security Monitoring: Collection, Detection, and Analysis Rating: 3 out of 5 stars3/5The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws Rating: 3 out of 5 stars3/5Carry On: Sound Advice from Schneier on Security Rating: 4 out of 5 stars4/5Applied Network Security Rating: 0 out of 5 stars0 ratingsWhere Wizards Stay Up Late: The Origins Of The Internet Rating: 4 out of 5 stars4/5I'm Feeling Lucky: The Confessions of Google Employee Number 59 Rating: 3 out of 5 stars3/5
Internet & Web For You
The Digital Marketing Handbook: A Step-By-Step Guide to Creating Websites That Sell Rating: 5 out of 5 stars5/5The $1,000,000 Web Designer Guide: A Practical Guide for Wealth and Freedom as an Online Freelancer Rating: 5 out of 5 stars5/5The Logo Brainstorm Book: A Comprehensive Guide for Exploring Design Directions Rating: 4 out of 5 stars4/5SEO For Dummies Rating: 4 out of 5 stars4/5Grokking Algorithms: An illustrated guide for programmers and other curious people Rating: 4 out of 5 stars4/5Cybersecurity For Dummies Rating: 4 out of 5 stars4/5Python QuickStart Guide: The Simplified Beginner's Guide to Python Programming Using Hands-On Projects and Real-World Applications Rating: 0 out of 5 stars0 ratingsCoding For Dummies Rating: 5 out of 5 stars5/5Coding All-in-One For Dummies Rating: 4 out of 5 stars4/5Wireless Hacking 101 Rating: 4 out of 5 stars4/5Six Figure Blogging In 3 Months Rating: 4 out of 5 stars4/5Hacking : The Ultimate Comprehensive Step-By-Step Guide to the Basics of Ethical Hacking Rating: 5 out of 5 stars5/5The Mega Box: The Ultimate Guide to the Best Free Resources on the Internet Rating: 4 out of 5 stars4/5How to Disappear and Live Off the Grid: A CIA Insider's Guide Rating: 0 out of 5 stars0 ratingsSix Figure Blogging Blueprint Rating: 5 out of 5 stars5/5Tube Ritual: Jumpstart Your Journey to 5000 YouTube Subscribers Rating: 0 out of 5 stars0 ratingsGet Rich or Lie Trying: Ambition and Deceit in the New Influencer Economy Rating: 0 out of 5 stars0 ratingsRemote/WebCam Notarization <<Extended>> Commonwealth of Virginia Rating: 0 out of 5 stars0 ratingsThe Beginner's Affiliate Marketing Blueprint Rating: 4 out of 5 stars4/5How To Make Money Blogging: How I Replaced My Day-Job With My Blog and How You Can Start A Blog Today Rating: 4 out of 5 stars4/5Everybody Lies: Big Data, New Data, and What the Internet Can Tell Us About Who We Really Are Rating: 4 out of 5 stars4/5Wordpress for Beginners: The Easy Step-by-Step Guide to Creating a Website with WordPress Rating: 5 out of 5 stars5/5How To Start A Podcast Rating: 4 out of 5 stars4/5
Reviews for Kingdom of Lies
7 ratings0 reviews
Book preview
Kingdom of Lies - Kate Fazzini
Preface
Kingdom of Lies
It didn’t take me long in my career as a cybersecurity executive to figure out everyone was lying to me.
The biggest lie of all came at the very beginning: that cybersecurity is hard. Too hard. Certainly too difficult for someone who lacks years and years of deep technical training. That it is no place for writers.
That thicket of incomprehensible jargon alone seemed meant to discourage outsiders like me from entering the field. They told me I could never hope to understand the terminology unless I’d worked around it for a very long time. Unless I had a special and complicated certification. Unless I knew how to take apart and reassemble a computer. Unless I knew how to code in Python and could read it, interpret it, and spot problems on sight.
And if I somehow managed to learn the lingo, the learning curve for the rest of it would prove insurmountable.
Lies, lies, lies.
It’s unfortunate, because there is a huge gap between the demand for cybersecurity workers and the people available to fill those jobs. I think one of the reasons for that is because people can’t imagine themselves doing this kind of work.
Can you use a smartphone? Make a PowerPoint? Think on your feet? Ever organize a night out to the movies with your friends that went well and nobody crashed their car to or from the event? Welcome to the twenty-first century’s hottest career path. Are you able to charm the pants off women? Did you escape an abusive marriage? Have you ever hosted a toddler’s birthday party at your home? Honey, I want you on my cybersecurity team.
After reading the stories in this book, you will understand that what makes cybersecurity complicated is the complexity of human beings. So if you know how to deal with people, you can handle internet security. If you understand what makes people tick, not only will you be able to recognize a threat, you’ll be one step ahead of your adversary.
During my career as a cybersecurity executive at multinational corporations, a journalist for The Wall Street Journal and later CNBC, and a professor at Georgetown University, I’ve met a lot of fascinating people. From the hackers who perpetrate malicious attacks to the security professionals who try to prevent these incidents from happening, and the alphabet soup of government agencies that do damage control, at the end of the day they’re all fathers, sons, mothers, sisters, and spouses. In other words, people just like us. Yes, white hats cross paths with black hats and change alliances more frequently than you might expect, but they’re driven by the same desires as the rest of us—even if sometimes it feels as if everyone in cybersecurity is allergic to the truth.
As a professional, I was told a great many lies about the field I have grown to love so much. After becoming a journalist on the cybersecurity beat, I was told even more. Here are a few:
Let me introduce you to the hacker community.
This lie is usually delivered with a wink and a nod from someone who thinks they know every hacker on the planet. The truth of the matter is, there is no hacker community.
Sure, the guys who make a splash at the big annual conferences might say otherwise. But every country, every state, every faction, every identifying group has its own community of people who hack computers. Some of them are extremely conservative, others are massively liberal, most fall somewhere in between. Some wear suits and ties and work as lawyers during the day, while others look like everyday citizens and have great people skills as they pursue their idiosyncratic agendas.
Some are good guys who get fed up with the low pay and boring duties and become criminals. Some are criminals who end up becoming good guys. Many start and end their careers on either end of that spectrum.
Some, including many you’ll meet in this book, are extremely proficient hackers who have no time or inclination to identify with any community at all.
As a journalist, I was astonished at the number of people who came out of the woodwork to offer me exclusive access to the hacker community. I couldn’t help but notice that the members of the source’s hacker community
were often people just like him or her. My point is there are many different types of people working in this field, and I can guarantee you that a lot of them are exactly like you.
Here’s another lie: He’s a luminary in the cybersecurity field.
He’s probably not. Fame and luminescence don’t typically intersect in this field. The people I’ve met who are actual geniuses aren’t famous, and most of them don’t have social media profiles. They tend not to pontificate on areas outside their expertise.
The people who are constantly headlining conferences and who are so often offered up to me for interviews have less insight than those who stay underground. Anything a high-profile hacker is willing to share typically carries with it a massive and crystal-clear agenda that I’ve learned to spot from a mile away. Even if a conversation is off the record, the intel coming from top government officials or other marquee corporate cybersecurity names carries little novel information.
The only people who have illuminated the way for me in this world—and in this book—have been genuine practitioners who never held a C-level title. You’ve never heard of them and because I’ve changed their names to protect their privacy, you probably never will.
They are luminaries not because of the degrees they’ve collected or the events they’ve headlined but because they carry a lantern that guides the path for others. These types of people typically don’t have a public relations team.
One of my favorite lies: He doesn’t know what he’s talking about.
This one is usually delivered by someone who asserts that he or she knows the cybersecurity field better than anyone else. These people will brag that they know what it’s like to be a hacker and can do things that no one else in the room can.
I’m always wary of those who try to establish their bona fides by discrediting the expertise of other cybersecurity professionals. The depth and breadth of this field is so vast that everyone who works in it is an expert at some part of it, and I have yet to meet someone who is an expert at all of it. Not even close.
Every view of an incident is informed by the viewer—what he sees, what her level of expertise is—and that changes over time. It’s like asking someone who lives in the Plaza to describe Manhattan, then asking someone who lives in a halfway house in East Harlem to do the same thing. Different pictures emerge of the same subject depending on your point of reference.
Then there is the final lie, the one that is the hardest to dispute, the lie of the Machiavellian technological wonder. The Lisbeth Salanders and Mr. Robots. The media loves to portray hackers, security experts, and intelligence professionals through a two-dimensional lens: they’re either crusaders for good or practitioners of evil, and they all wear