Book Reviews

Buchanan, Ben The hacker and the state. Cyber attacks the new normal of geopolitics. Cambridge, MA: Harvard University Press, 2020. [8], 412 pp. ISBN 978-0-674-98755-5

This is certainly a very timely book! In the recent past we have had claims of Russian involvement in both the US presidential election that brought Mr. Trump to power and the British referendum on leaving the European Union, and, more recently, there have been disputes over whether or not the Chinese telecomms giant, Huawei, should be a provider of equipment for the 5G mobile phone networks that are now being rolled out, and claims by the Australian intelligence services that China was behind the hacking of parliament and the three main political parties. It is not just politics and technology that are at risk; in 2018 50 million Facebook accounts were hacked and this year the company's Twitter and Instagram services were hacked. All of these hacking events take place because of failure of the defences put in place and, in the USA at least, companies campaign against legislation that would require more effective security systems.

It is generally the attacks from China and Russia that make the news in the Western press, but the author opens his introduction to this fascinating book with an account of 'the Shadow Brokers', a hacker group that

released documents that exposed how hackers working on behalf of the American government had penetrated networks around the world to delay, disrupt, and defang their targets. Their purloined files revealed that hacking was a fundamental, though mostly secret, tool of American statecraft, one deployed clandestinely against foe and friend alike. (p. 1)

I think we can assume, then, that hacking is a tool, not only the American government, but of any government that has access to the expertise and, as Buchanan notes, it is not an occasional practice but one that happens every day, 'a low-grade yet persistent part of geopolitical competition.'

The book is divided into three parts, which deal with different levels of geopolitical hacking: Part 1, Espionage, deals with the essence of espionage, the collection of information. Even before the Internet, telecommuncations were a source of information for government security services: it is no coincidence that the main information gatherer for the UK's security services is GCHQ, the Government Communications Headquarters whose Website notes 'governed by strict legislation, we use a range of methods to gather communications and data that we believe has intelligence value'. In other words, it is no secret what its secret activities involve. The author of this work points to the use by the UK government in 1917 of a German telegram, routed through the major hub of the time in Cornwall, to Mexico, which ultimately resulted in the US entering the First World War.

Nor is e-espionage only a single country phenomenon; there is an association of security services known as the Five Eyes, a partnership involving Australia, Canada, New Zealand, the UK, and the USA, and each of these may have partnerships with other countries, making the network extremely powerful in collecting intelligence. Beyond the collection of intelligence, however, is its analysis, and agencies such as the National Security Agency in the USA and GCHQ in the UK have what a Five Eyes staff member described as 'awesome capabilities for analysis.

This section of the book goes on to deal with the problems that encryption causes for the security agencies, and the work put into decryption, as well as hacking the hackers, which is the cyber variety of counterintelligence.

The second section of the book, Attack, starts with an account of Stuxnet, the US cyber attack on Iran's nuclear centrifuges, the machines essential for the enrichment of Uranium 235. Stuxnet was ultimately discovered by a Belarusian security specialist and eventually retired from operations, but the US developed another tool, Wiper (which has had much less publicity), which wiped files from the computers of Iranian oil companies and then, destoyed itself, making tracking difficult, if not impossible. As one might expect, Iran is not an innocent in the cyber-wars: it devised a cyber-tool, known as Shamoon, to disrupt the work of the Saudi Arabian oil company, Aramco. North Korea, too, has been identified as a participant in these wars, hacking into Sony Pictures Entertainment, and, in a second stage, demanding money to prevent further disruption. The reason for this attack was the planned release of a film, The Interview, the original title of which was Kill Kim Jong-un. This attempt to coerce Sony into withdrawing the film failed. This section of the book ends with an account of how Ukrainian hackers infiltrated the country's electricity supply system to shut down the supply on two occasions. This, and the attack on the Iranian centrifuges, illustrates that, as practically everything these days has computer controlled systems, hacking can result in damage not only to computers but also to major infrastructures.

Section 3 deals with various aspects of Destabilization, including Russian attacks on the British and American elections; the attacks by the Shadow Brokers on the US National Security Agency, which resulted in the world-wide distribution of information on the espionage tools used by the NSA; the North Korean attacks on banks and the development of ransomware; and the 'most destructive cyber attack in history', the Russian development of NotPetya, which used a popular piece of Ukrainian software, MeDoc, to penetrate MeDoc servers and users and, ultimately, spreading globally. The main purpose, however, was to attack the Ukraine and it is estimated that more than one million computers were affected in that country.

The concluding chapter is not optimistic, the final paragraph reads:

One thing is certain: in states' conflict of interests, wills, and worldviews, they will continue to hack one another. They will build and deploy computer code that spies, attacks, and destabilizes... All major powers seem unwilling or unable to stop it. To the contrary, they embrace it. Unfettered and undeterred, their hackers reshape the world. (p. 319)

In short, this is a fascinating book, which retells numerous hacking stories that have not always been fully explored by the media. Collectively, they paint a picture that should influence anyone using a computer to adopt the best protection they can afford to prevent their own machine being corrupted, or being used to transfer malware and viruses throughout the global network.

Professor T.D. Wilson

Editor in Chief
March 2020

How to cite this review

Information Research is published four times a year by the University of Borås, Allégatan 1, 501 90 Borås, Sweden.