REVIEW: Spies Among Us How to Stop the Spies, Terrorists, Hackers, and Criminals


by Ira Winkler 2005, 0-7645-8468-5, U$27.50/C$38.99/UK#16.99 Ira Winkler
5353 Dundas Street West, 4th Floor, Etobicoke, ON   M9B 6H8  2005 0-7645-8468-5
John Wiley & Sons, Inc.
416-236-4433 fax: 416-236-4448


Ira Winkler's "Spies Among Us" finally cleared my head on the subject of … oooh, so horrible … " cyberterrorism." Intuitively, when you read about "cyberterrorism" you instantly think "what a load of bull", but the amount of press and "research" that you see coming about it, makes one wonder. As a result, I was somewhat confused about the subject. Until now! Ira's book finally cleared it: at this stage, "cyberterrorism" is positively, absolutely, 100% "bull product." Here is why: computer failures are an accepted thing. "Everybody knows" that computers "are flaky", and might crash at any time, taking your work (or a billion-dollar Martian probe :-)) with them. Thus, computers do a pretty good job damaging themselves and things around them, and, thus, people will not be terrified if it happens due to malicious actions by whatever cyber-terrorists. Now, the above obviously doesn't cancel the use of computers and the Internet by the terrorists, but this is not what is commonly understood as "cyberterror."

So, the book is fun! The book starts from "espionage concepts" and continues on to case studies (the most fun part!) and countermeasures parts. "Spies among us" also highlight some commonly overlooked truths in the security arena, such as that users' errors are more damaging, in aggregate, than all the malevolence of all the spies in the world. Acts of God, not "hackers", run a close second. Also, the section on countermeasures really stresses the point that many a sophisticated attack was ruined by the simplest countermeasures, applied deliberately and consistently.

Among other things, I loved the insider profiling bit, where the profile of the hardest working employee matches that of a "typical industrial spy." I also liked his country by country espionage coverage, such as how are Russian spies different from Chinese spies :-) Overall, while the book clearly aims at a non-technical audience, even seasoned security professionals

Read more: