06/03/2019

Clarke and Knake, both cybersecurity consultants and former National Security Council staffers, follow up their 2010 Cyber War with this sobering but hopeful exploration of defenses against the weaponization of the internet. They discuss various hacking menaces to the computer networks that undergird modern life, from credit card fraud to Russian, Iranian, and North Korean military incursions threatening graver damage: ransomware attacks that can put hospitals, drug factories, and shipping firms out of commission; subversion of voting systems that could cause election-day chaos; and commandeering utility computer systems that could destroy electric grids and gas pipelines. The risks are dire but manageable, say the authors, who focus their account on cybersecurity measures at private firms that are waging a complex battle to prevent penetrations, slow and contain hacks, and recover quickly from breaches. (The authors also provide security tips for individuals, including the seldom-heeded “do not use the same password on more than one site.”) Clarke and Knake, drawing on interviews with experts, explain cybersecurity’s intricacies in a lucid, engaging manner that avoids the alarmism that often surrounds the subject. The result is a fine survey that will interest policy makers, executives, and ordinary readers alike. Agent: Andrew Wylie, the Wylie Group. (July)

A sobering but hopeful exploration of defenses against the weaponization of the internet . . . Clarke and Knake, drawing on interviews with experts, explain cybersecurity’s intricacies in a lucid, engaging manner that avoids the alarmism that often surrounds the subject. The result is a fine survey that will interest policy makers, executives, and ordinary readers alike.”—Publishers Weekly
 
“Clarke and Knake, both of whom logged time inside the cybersecurity arms of presidential administrations, have much to say about the ways in which governments and companies have tried to make themselves safe from the legions of hackers out there, from your ordinary black hats to agents of Russia, China, Iran, North Korea, and other entities. . . . The authors counsel reassuringly [that] as companies finally make the transition to more secure systems of transmission, encryption, and data storage, there is hope that the threats of old will one day be a footnote. . . . Largely of interest to policymakers and security experts, though with much for the Wired crowd as well.” —Kirkus Reviews

“In the battle raging between offense and defense in cyberspace, Clarke and Knake have some important ideas about how we can avoid cyberwar for our country, prevent cybercrime against our companies, and in doing so, reduce resentment, division, and instability at home and abroad.”—Bill Clinton
 
“Cyberspace is the battlefield of the future. Our national security is dependent on whether we wake up and recognize the nature of this threat. In The Fifth Domain, Richard Clarke and Robert Knake are issuing a strong wake-up call. As they conclude, ‘what is missing is national consensus, will, and priority setting.’ If we fail to take the necessary steps to defend ourselves, we may lose not just the battle but the war.” —Leon Panetta

“In The Fifth Domain, two of America’s top cybersecurity experts reach a surprising and encouraging conclusion: it is within our power to manage cyber threats. Clarke and Knake offer a wealth of practical and achievable ideas for how the U.S. government, American companies, and private citizens can deter and thwart attacks.”—Susan Rice

2019-05-07
Hacking, cracking, and stealing, whether elections or state secrets or cash—it's all in a day's work for the bad guys who populate the pages of this treatise on electronic security.

If you're an individual computer user, you can do things to keep yourself secure like using two-factor authentication and secret password phrases. But what if you're a nation-state? Cybersecurity experts Clarke and Knake (co-authors: Cyber War: The Next Threat to National Security and What To Do About It, 2010, etc.), both of whom logged time inside the cybersecurity arms of presidential administrations, have much to say about the ways in which governments and companies have tried to make themselves safe from the legions of hackers out there, from your ordinary black hats to agents of Russia, China, Iran, North Korea, and other entities. The militaries of those nations in particular are actively working to best our cyberdefenses—as the authors write, "the Russian military has not only used cyber weapons to collect intelligence, but has also employed cyber weapons to damage, disrupt, and destroy physical objects in the real world, beyond the realm of 1s and 0s." Does this mean we're at war? Regardless of the answer, the Russians are bad at covering their tracks—that's how we know. Clarke and Knake survey the landscape: As they note, most governments may be bad at hiding information, but Apple, Amazon, and Microsoft "have security budgets that dwarf the GDP of Palau," and the private sector is likely to be the driver behind any real reform in cybersecurity and subsequent hardening of the fortress. Meanwhile, the authors counsel reassuringly, as companies finally make the transition to more secure systems of transmission, encryption, and data storage, there is hope that the threats of old will one day be a footnote. For the moment, the cost of mounting an attack on a bank is vanishingly small compared to the amount the bank is spending on keeping secure, so those attacks will keep coming.

Largely of interest to policymakers and security experts, though with much for the Wired crowd as well.