Does the World Really End This Way?
BOOK REVIEW: This is How They Tell Me the World Ends: The Cyberweapons Arms Race
By Nicole Perlroth / Bloomsbury Publishing
Reviewed by Christopher Gallup
(The Cipher Brief taps independent reviewers with experience in national security issues to review books for our undercover readers. The views expressed represent those of the reviewer and not The Cipher Brief.)
The Author: Nicole Perlroth is an award-winning staff writer at The New York Times, she covers digital espionage, and cybersecurity.
The Reviewer: Christopher Gallup is a Senior Cloud Security Architect, with a master’s in information assurance, & cybersecurity, and an active CISSP.
REVIEW – You may or may not know that zero-day exploits are used to take over, control, or destroy a target system. In her book, This is How They Tell Me the World Ends, journalist Nicole Perlroth explains how the zero-day exploits, (code vulnerabilities that are unknown to the vendor or software manufacturer, that allow the operator to gain access) are bought and sold by hackers. The author explains this secret market filled with hackers, spies, arm-dealers, and white-hats in clear, non-technical language.
From compromising iPhones to keeping track of a target’s movements, emails, messages, and all associated accounts, to compromising the centrifuges in nuclear facilities, zero-days offer technological supremacy and are auctioned off to the highest bidder.
The book chronicles the history of the zero-day exploits up to the present time with the author explaining how zero-days are weaponized in cyberweapon programs – and the arms race – by stockpiling and using the zero-day cyberweapons. In doing so, Perlroth analyzes the capabilities, market makers, buyers, brokers, and hackers, of the zero-day market.
The author covers many public and some non-public breaches, and joint operations between the National Security Agency (NSA), and Central Intelligence Agency (CIA). She documents top secret government groups working with zero-days, such as Tailored Access Operations (TAO) their Remote Operation Center (ROC), and how various groups were compromised for example, in the so-called “Vault 7” hack by a group calling itself the Shadow Brokers.
Perlroth, explains the transition of brokers from hacker technologist’s to arms dealers and how this affectively changed the market from vulnerabilities to zero-day exploits, into cyberweapons.
The Cipher Brief hosts private briefings with the world’s most experienced national and global security experts. Become a member today.
The author illustrates how the zero-day as a cyber weapon is being bought, used, and stockpiled by governments, and how these governments became the market makers driving up the value of the code and scripts from a couple hundred dollars, to duffle bags full of millions of dollars in cash.
From governments spying on each other with hacked typewriters, to the most sophisticated circuitry, software, and encryption of today, the author names the players and brings light into the zero-day marketplace. Perlroth also tells of the first cyber weapon – a joint activity known as “Olympic Games” aka Stuxnet – and describes how Iran’s Natanz nuclear plant three was targeted with incredible precision.
The Cyberweapons arms race is unlike a conventional arms race. The author does a stellar job in explaining this significance and the critical impact to all those that own and deploy the zero-days.
Perlroth also writes about the Russians accessing nuclear facilities in the US and documents the election interference, the groups, targets, and exploits used in attempts to disrupt US elections.
This is How They Tell Me the World Ends is a must read, for those in, out, and not of the Intelligence Community, for a better understanding of our national security critical infrastructure vulnerabilities, what’s at stake, and what it’s going to take to protect it.
This is How They Tell Me the World Ends earns an impressive 3.5 out of 4 trench coats.
Disclaimer: The Cipher Brief, like other Amazon Affiliate partners, gets paid a small commission based on purchases made via the links provided in this review
Read more Under/Cover book reviews in The Cipher Brief
Read Under/Cover interviews with authors and publishers in The Cipher Brief
Interested in submitting a book review? Check out our guidelines here
Sign up for our free Undercover newsletter to make sure you stay on top of all of the new releases and expert reviews
Read more expert national security perspectives and analysis in The Cipher Brief