THE MAGAZINE

Secrets of Computer Espionage: Tactics and Countermeasures

By Ben Rothke, CISSP

Secrets of Computer Espionage: Tactics and Countermeasures. By Joel McNamara; published by John Wiley and Sons, www.wiley.com (Web); 384 pages; $35. 

Judging from the title, Secrets of Computer Espionage: Tactics and Countermeasures would appear to be geared to governments, security agencies, or high-level corporations. In fact, as the author makes clear, anyone with an Internet connection is a potential target of online espionage—even by such “mundane” means as viruses, worms, and phishing attacks—and this book is addressed to that huge audience.

Just who is spying on whom? The author explains that the typical person might be a target of bosses, friends, family members, hackers, and many others. Even people with nothing confidential or of value on their computers risk getting caught up in espionage and other cyber capers. For instance, hackers can use their computers as vehicles for staging attacks or as a location for storing illicit files, such as child pornography. And as more cell phones and PDAs connect to the Internet, the risks multiply.

What may be disturbing to some readers is that every computer device and peripheral provides at least one avenue of attack. The author explains many of these schemes, such as keystroke loggers and cleartext file transfers via file transfer protocol (FTP). In addition, operating-system and application-level vulnerabilities constitute even more ways that systems can be compromised.

Despite the grim picture painted by the author, the book isn’t intended to make readers paranoid, but rather to acquaint them with the many risks posed by the Internet. This excellent book shows that someone quite possibly is out to get you, but it provides the tools to protect yourself.


Reviewer: Ben Rothke, CISSP (Certified Information Systems Security Professional), is a New York City-based senior security consultant with ThruPoint, Inc. He is a member of ASIS International.

Comments

 

The Magazine — Past Issues

 




Beyond Print

SM Online

See all the latest links and resources that supplement the current issue of Security Management magazine.