This review of Inside Cyber Warfare (affiliate link) is based on a review copy.

Jeffrey Carr, author of the book, dives into the dark corners of cyber security, and tries to make this complicated and confusing world accessible. Much of the book is based on Project Grey Goose, which is a collaboration between security experts, led by Jeffrey Carr.

Inside Cyber Warfare is a book of stories that are fascinating, sometimes troubling, and good to know for anyone concerned with security. The book showed me that what I knew of the security landscape only scratched the surface.

I found new depth to incidents I already knew about, and learned about hacks and breaches that probably made the news somewhere, but never crossed my stream. For example, I knew about Twitter having a lot of uptime problems in 2009, but I didn’t know it was under attack as part of a cyber warfare campaign.

One central theme to the book is the 2008 war between Georgia and Russia over the breakaway state of South Ossetia. You probably heard a lot about the physical war in the news, but little if any mention of the cyber war. Websites were defaced, services were rendered unavailable, and much was said between and within the different factions on blogs and forums.

And while the book gives a good overview of specific conflicts, it also explores independent hacking groups, state cyber warfare divisions, and the groups that exist somewhere in-between. I found out about the advanced state of cyber warfare in North Korea and China, and the ties between criminals and government in Russia.

My only complaint is that many things went unupdated in the second edition. For example, the first line of page 99 reads “Twitter may soon become the world’s largest SMS-based channel of communication.” This relic from the original 2009 edition will sound bizarre to anyone whose first encounter with Twitter was through a smartphone application.

This is probably more reflective of how fast technology is changing than anything else, but it’s the sort of thing I hope the editors at O’Reilly will address if they ever do a third edition.

That said, the book is a good overview of cyber warfare. Read it, and you’ll come into news reports, editorials, and discussions of security policy with a better understanding.

I came away from Inside Cyber Warfare more concerned about cyber security, but glad that there are people working to protect vital infrastructure. And a little worried, because the people doing the protecting aren’t always listened to by politicians and pundits.

I recommend Inside Cyber Warfare (affiliate link) for everyone, but especially for policy makers and people who talk about security.