Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon ペーパーバック – 2015/9/1
Kindle 端末は必要ありません。無料 Kindle アプリのいずれかをダウンロードすると、スマートフォン、タブレットPCで Kindle 本をお読みいただけます。
Top cybersecurity journalist Kim Zetter tells the story behind the virus that sabotaged Iran’s nuclear efforts and shows how its existence has ushered in a new age of warfare—one in which a digital attack can have the same destructive capability as a megaton bomb.
In January 2010, inspectors with the International Atomic Energy Agency noticed that centrifuges at an Iranian uranium enrichment plant were failing at an unprecedented rate. The cause was a complete mystery—apparently as much to the technicians replacing the centrifuges as to the inspectors observing them.
Then, five months later, a seemingly unrelated event occurred: A computer security firm in Belarus was called in to troubleshoot some computers in Iran that were crashing and rebooting repeatedly.
At first, the firm’s programmers believed the malicious code on the machines was a simple, routine piece of malware. But as they and other experts around the world investigated, they discovered a mysterious virus of unparalleled complexity.
They had, they soon learned, stumbled upon the world’s first digital weapon. For Stuxnet, as it came to be known, was unlike any other virus or worm built before: Rather than simply hijacking targeted computers or stealing information from them, it escaped the digital realm to wreak actual, physical destruction on a nuclear facility.
In these pages, Wired journalist Kim Zetter draws on her extensive sources and expertise to tell the story behind Stuxnet’s planning, execution, and discovery, covering its genesis in the corridors of Bush’s White House and its unleashing on systems in Iran—and telling the spectacular, unlikely tale of the security geeks who managed to unravel a sabotage campaign years in the making.
But Countdown to Zero Day ranges far beyond Stuxnet itself. Here, Zetter shows us how digital warfare developed in the US. She takes us inside today’s flourishing zero-day “grey markets,” in which intelligence agencies and militaries pay huge sums for the malicious code they need to carry out infiltrations and attacks. She reveals just how vulnerable many of our own critical systems are to Stuxnet-like strikes, from nation-state adversaries and anonymous hackers alike—and shows us just what might happen should our infrastructure be targeted by such an attack.
Propelled by Zetter’s unique knowledge and access, and filled with eye-opening explanations of the technologies involved, Countdown to Zero Day is a comprehensive and prescient portrait of a world at the edge of a new kind of war.
"Immensely enjoyable...Zetter turns a complicated and technical cyber- story into an engrossing whodunit...The age of digital warfare may well have begun."
"An authoritative account of Stuxnet’s spread and discovery...[delivers] a sobering message about the vulnerability of the systems—train lines, water-treatment plants, electricity grids—that make modern life possible."
"Exhaustively researched...Zetter gives a full account of this “hack of the century,” as the operation has been called, [but] the book goes well beyond its ostensible subject to offer a hair-raising introduction to the age of cyber warfare."
--Wall Street Journal
“Part detective story, part scary-brilliant treatise on the future of warfare…an ambitious, comprehensive, and engrossing book that should be required reading for anyone who cares about the threats that America—and the world—are sure to be facing over the coming years.”
—Kevin Mitnick, New York Times bestselling author of Ghost in the Wires and The Art of Intrusion
“Unpacks this complex issue with the panache of a spy thriller…even readers who can’t tell a PLC from an iPad will learn much from Zetter’s accessible, expertly crafted account.”
—Publishers Weekly (starred)
“A true techno-whodunit [that] offers a sharp account of past mischief and a glimpse of things to come…Zetter writes lucidly about mind-numbingly technical matters, reveling in the geekery of malware and espionage, and she takes the narrative down some dark electronic corridors… Governments, hackers and parties unknown are launching ticking computer time bombs every day, all coming to a laptop near you.”
"An exciting and readable story of the world's first cyberweapon. Zetter not only explains the weapon and chronicles its discovery, but explains the motives and mechanics behind the attack -- and makes a powerful argument why this story matters."
--Bruce Schneier, author of Secrets and Lies and Schneier on Security
From the Hardcover edition.
2件中1 - 2件目のレビューを表示
Stuxnet, et. al. presented the security industry with a huge problem - and the implications are still being sorted out to this day. Government use of malware, and how the industry should handle it when discovered are topics that are still being debated on a daily basis. Kim does a great job on explaining the issues, and giving readers plenty to think about.
From a technical perspective, the book goes into enough detail so that those of us familiar with the topic know exactly what is being discussed and it's implications, while not going overboard and overloading non-technical users with incomprehensible details. The book has a good narrative style, while covering technical detail and including details on the sources for information. Throughout the book are footnotes that list source information, additional notes that explain context, or provide additional details that don't fit in the narrative telling - I strongly suggest that you read the footnotes, as they offer very useful information.
All in all, I strongly recommend the book, well worth it.
But more than just Stuxnet, the book examines the intersection of infrastructure and malware, and the growing military-cyber complex. This area of focus leads to perhaps the most interesting sections of the book. The chapter on vulnerabilities in US infrastructure is a real eye-opener.
Either one of these topics would make the book a must-read for those interested or involved in security and cyber warfare. Having both of them together, marshaled by an excellent author, is a real treat.
Zetter leads with an exhaustively detailed technical description of exploits ("attack code that hackers use to install viruses") and "zero day" exploits ("hacking world's most prized possession because they attack holes that are still unknown to the software maker") and the inadvertent discovery by the anti virus tech community of Stuxnet and its infection into specific PLCs, or control mechanisms, which regulate the centrifuges at Iran's Natanz nuclear facility. While heavily technical in parts, the detail is a fascinating "who done it " even for the lay person.
The book's middle portion strongly infers that Stuxnet's complex creation came about through a secret collaboration of the United States and Israel, identifying its start under the Bush administration and endorsed and enthusiastically used by the present Obama administration. The concluding two chapters confront the moral and legal issues in unleashing this virus and how by opening this Pandora's Box the stage has been set for future cyber warfare. She notes prophetically in the end, "where the United States led, others will follow . . . [and how this country] lost the moral high ground from which to criticize other nations for doing the same. " How true !
Toward the end I found it a little less interesting, but that was o.k. I had learned so much more than I set out to learn.
The Kindle version is very well implemented. You can check a footnote or a definition and go back to the text.
I am going to repeat myself and say that this book is a model of both research and of technical writing.