Book review: Cyberdanger: Understanding and Guarding Against Cybercrime

Posted by    on   Sep 16, 2019

 Security researcher Paul Baccas reviews 'Cyberdanger: Understanding and Guarding Against Cybercrime' by Eddy Willems

 

cyberdanger-willems.jpg

Title: Cyberdanger: Understanding and Guarding Against Cybercrime
Author: Eddy Willems
Publisher: Springer
ISBN-10: 3030045307
ISBN-13: 978-3030045302

 

This was a difficult book to review for two reasons – first, because I know Eddy from the conference circuit, and second, because it was not without flaws. Many, if not all, of the flaws are probably due to the editing and translation (this is an English translation from the original Dutch), but I have a feeling that the book would have been better had it been either been longer (it struggles to cover everything), or else shorter and tighter.

The book has an introduction and a familiar three-part structure. There are no appendices or footnotes, making it different from other books I have reviewed here. We are introduced to the author in his inimitable, friendly and frenzied style before starting the 12 chapters of content.

The first part, consisting of the first two chapters, concerns itself with a short summary of the history of malware and a description of the people who write malware.

The second part – the next four chapters – is concerned with the current dangers on the Internet, the types of threat actors (nation-state actors, hacktivists, criminals, etc.), anti-virus companies and associations, and types of threats.

The third and final part provides some practical advice and recommendations, with a final thought on the future.

The book is rounded off in the 13th chapter with a short techno-thriller which, while entertaining, is not quite up to the standards of Mark Russinovich (1, 2, 3, 4) or Daniel Suarez.

The content of each chapter is self-contained and probably should be read piecemeal. Indeed, the book's structure is more like a set of articles with a structure imposed from above than a book built from the ground up. Eddy himself says:

"Many of the views I hold, and tactical tips as expressed in this book, were drawn from [...] blogs."

This means there is some repetition, for example between the first chapter, 'Thirty Years of Malware: A Short Outline', and the chapter on 'Today's Threats' in the definitions. Later, the importance of patching and backing up is repeated, and while I think we can all agree that they are important, the manner in which you repeat things is crucial.

That said, you can feel the author's love and knowledge of the subjects coming through the pages. He has obviously enjoyed his 30 years in the industry and is looking forward to the next 14.

This is the first security book on the subject of malware that I remember being written by an AV industry insider. The computer security field, is very broad and diverse, ranging from anti-virus to encryption, hardware to software, bug hunters to pen-testers. Everyone has an opinion on malware and the anti-virus companies, and most appear to denigrate AV and lionize others: malware authors or independents. This is probably because it is difficult to like the faceless multi-nationals. Eddy's opinions and insights are a refreshing change, working as he has in industry and with government, and he presents the softer face of the AV industry.

What really makes this book are the vignettes scattered through the pages like flowers in a meadow, whether his own ('the story of the Saudi airport') or others articles from industry stalwarts such as Righard Zwienenberg and even Graham Cluley. The book will find an audience in those entering the computer security field or those who wish to know slightly more about the inside of the AV industry and don't have 30 years to spend immersed in the day-to-day grind.

At VB2019, Eddy Willems will present a paper, co-written with ESET's Righard Zwienenberg, on how the same security events keep occurring, drawing on the experiences of 30-years of working in this field. VB2019 takes place in London 2-4 October - register now!

twitter.png
fb.png
linkedin.png
hackernews.png
reddit.png

 

Latest posts:

VB2019 paper: The push from fiction for increased surveillance, and its impact on privacy

In a paper presented at VB2019 in London, researchers Miriam Cihodariu (Heimdal Security) and Andrei Bogdan Brad (Code4Romania) looked at how surveillance is represented in fiction and how these representations are shaping people's attitudes to…

VB2019 paper: Oops! It happened again!

At VB2019 in London industry veterans Righard Zwienenberg and Eddy Willems took a detailed look at the relationship between past and current cyber threats. Today, we publish both their paper and the recording of their presentation.

Job vacancy at VB: Security Evangelist

Virus Bulletin is recruiting for a person to be the public face of the company

VB2019 video: Thwarting Emotet email conversation thread hijacking with clustering

At VB2019 in London, ZEROSPAM researchers Pierre-Luc Vaudry and Olivier Coutu discussed how email clustering could be used to detect malicious Emotet emails that hijacked existing email threads. Today we publish the recording of their presentation.

VB2019 paper: A vine climbing over the Great Firewall: a long-term attack against China

Today we publish a VB2019 paper from Lion Gu and Bowen Pan from the Qi An Xin Threat Intelligence Center in China in which they analysed an APT group dubbed 'Poison Vine', which targeted various government, military and research institutes in China.

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.