REVIEW: Secrets of Computer Espionage

secrets-computer-espionage-tactics-countermeasures-j-mcnamara-paperback-cover-art

by Joel McNamara.  John Wiley & Sons, Inc.  362 p.

________________________________________________________________________

I suppose one might be able to make a case that this book is about computer espionage, but the contents are hardly secret. The fact that the introduction is decidedly vague about the audience–anyone concerned that someone might want to spy on their data–would lead one to suspect that this is another attempt to jump on a hot bandwagon, without necessarily doing a lot of research first. And, in this case, one would be right. In addition, this is, once again, a book about defence that provides more help to the attacker. Not much more, mind, but more.

The countermeasures included after the attacks and penetration techniques are generally vague and not very useful. In quite a number of cases, the protections are irrelevant to the attacks described. Chapter one tells us about spies, and particularly that spies are purposeful. Never mind that the best data that researchers have been able to find points out that most network snooping and theft of computer equipment is random: the concentration on professional spies allows the author to present a much more sensational view.

The overview of US federal laws, in chapter two, is rather short on any examination of legal concepts. The penetration activities described in chapter three are mostly physical, and even the computer invasions suggested in chapter four require physical access to the machine. About all that chapter five tells you about searching for evidence, is that you stand a better chance of finding it if you know how the machine works. I suppose this material might impress those who know very little about computers, but most of it is pretty simplistic and doesn't have enough detail to help newcomers, either to extract information or protect themselves. Chapter six briefly describes some means of cracking weak encryption. A list of data storage devices is presented in chapter seven.

Keyloggers, both hardware and software, are outlined in chapter eight. Chapter nine primarily concentrates on remote access trojans, although it makes no distinctions in regard to other types. Network intrusion, in chapter ten, has countermeasures that are, unusually, *too* specific, dealing with particular exploits while not analyzing the concepts. Again, the countermeasures are not comprehensive in regard to the threats that are discussed. The overview..

Read more: http://seclists.org/isn/2003/Oct/96