Book review: Cyberdanger: Understanding and Guarding Against Cybercrime

Posted by    on   Sep 16, 2019

 Security researcher Paul Baccas reviews 'Cyberdanger: Understanding and Guarding Against Cybercrime' by Eddy Willems



Title: Cyberdanger: Understanding and Guarding Against Cybercrime
Author: Eddy Willems
Publisher: Springer
ISBN-10: 3030045307
ISBN-13: 978-3030045302


This was a difficult book to review for two reasons – first, because I know Eddy from the conference circuit, and second, because it was not without flaws. Many, if not all, of the flaws are probably due to the editing and translation (this is an English translation from the original Dutch), but I have a feeling that the book would have been better had it been either been longer (it struggles to cover everything), or else shorter and tighter.

The book has an introduction and a familiar three-part structure. There are no appendices or footnotes, making it different from other books I have reviewed here. We are introduced to the author in his inimitable, friendly and frenzied style before starting the 12 chapters of content.

The first part, consisting of the first two chapters, concerns itself with a short summary of the history of malware and a description of the people who write malware.

The second part – the next four chapters – is concerned with the current dangers on the Internet, the types of threat actors (nation-state actors, hacktivists, criminals, etc.), anti-virus companies and associations, and types of threats.

The third and final part provides some practical advice and recommendations, with a final thought on the future.

The book is rounded off in the 13th chapter with a short techno-thriller which, while entertaining, is not quite up to the standards of Mark Russinovich (1, 2, 3, 4) or Daniel Suarez.

The content of each chapter is self-contained and probably should be read piecemeal. Indeed, the book's structure is more like a set of articles with a structure imposed from above than a book built from the ground up. Eddy himself says:

"Many of the views I hold, and tactical tips as expressed in this book, were drawn from [...] blogs."

This means there is some repetition, for example between the first chapter, 'Thirty Years of Malware: A Short Outline', and the chapter on 'Today's Threats' in the definitions. Later, the importance of patching and backing up is repeated, and while I think we can all agree that they are important, the manner in which you repeat things is crucial.

That said, you can feel the author's love and knowledge of the subjects coming through the pages. He has obviously enjoyed his 30 years in the industry and is looking forward to the next 14.

This is the first security book on the subject of malware that I remember being written by an AV industry insider. The computer security field, is very broad and diverse, ranging from anti-virus to encryption, hardware to software, bug hunters to pen-testers. Everyone has an opinion on malware and the anti-virus companies, and most appear to denigrate AV and lionize others: malware authors or independents. This is probably because it is difficult to like the faceless multi-nationals. Eddy's opinions and insights are a refreshing change, working as he has in industry and with government, and he presents the softer face of the AV industry.

What really makes this book are the vignettes scattered through the pages like flowers in a meadow, whether his own ('the story of the Saudi airport') or others articles from industry stalwarts such as Righard Zwienenberg and even Graham Cluley. The book will find an audience in those entering the computer security field or those who wish to know slightly more about the inside of the AV industry and don't have 30 years to spend immersed in the day-to-day grind.

At VB2019, Eddy Willems will present a paper, co-written with ESET's Righard Zwienenberg, on how the same security events keep occurring, drawing on the experiences of 30-years of working in this field. VB2019 takes place in London 2-4 October - register now!



Latest posts:

In memoriam: Prof. Ross Anderson

We were very sorry to learn of the passing of Professor Ross Anderson a few days ago.

In memoriam: Dr Alan Solomon

We were very sorry to learn of the passing of industry pioneer Dr Alan Solomon earlier this week.

New paper: Nexus Android banking botnet – compromising C&C panels and dissecting mobile AppInjects

In a new paper, researchers Aditya K Sood and Rohit Bansal provide details of a security vulnerability in the Nexus Android botnet C&C panel that was exploited in order to gather threat intelligence, and present a model of mobile AppInjects.

New paper: Collector-stealer: a Russian origin credential and information extractor

In a new paper, F5 researchers Aditya K Sood and Rohit Chaturvedi present a 360 analysis of Collector-stealer, a Russian-origin credential and information extractor.

VB2021 localhost videos available on YouTube

VB has made all VB2021 localhost presentations available on the VB YouTube channel, so you can now watch - and share - any part of the conference freely and without registration.

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.