Paul Baccas reviews Mark Russinovich's latest malware-themed thriller, Trojan Horse.
Copyright © 2012 Virus Bulletin
Title: Trojan Horse
Author: Mark Russinovich
Publisher: Thomas Dunne Books
This book is set throughout North America, Europe, the Near East and China over eight days in April (in the present). As in the author’s previous novel, Zero Day, each chapter starts with a memo or a news article setting the scene or laying a thread for later in the book. We begin with power outages in an operating room and a malfunction on a train line for unknown reasons which set the scene for the story to come.
Next, we find ourselves in a UN bureaucrat’s office in Geneva, where said bureaucrat is wondering how a document he emailed to a colleague in the UK government had arrived containing errors that didn’t exist before he sent it. The document contained information about Iran’s nuclear program, and the original had concluded that the Iranians were near completion in the program. However, the ‘new’ document suggested that this was not the case – and was full of other errors as well (shades of Wazzu). Meanwhile, the recipient, in the UK Foreign Office, remembers that when he opened the file, it crashed ‘OfficeWorks’ – and so begins a tale that drags Jeff Aiken (ex-CIA) and Daryl Haugen (formerly NSA) to London, Geneva, Prague and Turkey.
The book describes the fictional ‘OfficeWorks’ as ‘the most commonly used word-processing program in the world ... [and in its current version] as bug-free as anything anywhere’. If Russinovich’s day job wasn’t at Microsoft I wonder whether he would have bothered to invent such a program. Elsewhere he refers to ‘a special version of [a] debugger obtained from friends at Microsoft’. Having spent a significant part of the past year dealing with threats leveraging MS Office formats to exploit Windows I find it jarring that the author wasn’t honest in naming the program, but it’s likely that my disappointment will only be shared by others in the security industry.
The descriptions of the infection vectors are not wholly realistic, but not unrealistic either. The technical details in tech-thrillers are often quite implausible – but the author has worked hard to make his more accurate, or at least plausible.
The book’s heroes, who are analysts, make believable mistakes: putting themselves in the firing line, not checking in with colleagues, and so on – the sort of mistakes that people who bear the knowledge they do (of an Android exploit that is being weaponized by a US government agency) really ought not to make. Such things make the story more believable and draw the reader in.
The website http://www.trojanhorsethebook.com/ hosts a well executed video introduction to the book. When I reviewed Zero Day (see VB, May 2011, p.16) I indicated that the story was quite filmic and Trojan Horse certainly also has those qualities. Russinovich himself has talked about potential lead actors for a Hollywood version of the story and I wonder if he can be persuaded to allow those of us on the frontline of the fight against malware to be the extras!
My major complaint about what is a great thriller is the forward by the convicted hacker Kevin Mitnick – in my opinion, giving media oxygen to this self-promoted expert is a mistake. However, any other complaints I have are minor, and they did not detract from my enjoyment of the book.
Mark Russinovich is becoming increasingly accomplished at writing fiction and if you enjoyed Zero Day then you will enjoy Trojan Horse. The book is fast-paced and would even make a long haul flight seem like a short hop.