Breaking Badness Book Club #3
Welcome to the third installment of our Book Club! If this is your first encounter with our Book Club, we dive into books we’ve found helpful or interesting in our cybersecurity/infosecurity careers, and this week, we are thrilled that Allan Liska and Jon DiMaggio joined us. Not only do they share their top picks, but Jon gives us the full details on his book, The Art of Cyberwarfare: An Investigator’s Guide to Espionage, Ransomware, and Organized Cybercrime including why he wanted to write this book and the details of his writing process.
Listen to the episode for full details, but catch where to find our top picks if you’d like to read them yourself here:
Allan’s Top Cybersecurity Book Picks
When we initially shared our outline for recording, we hadn’t yet discussed Countdown to Zero Day by Kim Zetter, but Allan wanted to take the opportunity to plug it again. He believes it should be required reading for anyone in the cybersecurity industry, even though it is a little older at this point. What he loves about Zetter’s book is her storytelling and believes this book, along with Jon’s book, do an excellent job in the humanistic element and don’t get too caught up in the tactics, techniques, and procedures.
His next pick is Active Measures by Thomas Rid, which he details as a longer book, but it’s about the secret history of disinformation and political warfare. Ridd does a really great job of looking at all sorts of disinformation campaigns, and so much of what we do now includes disinformation and misinformation, and it’s something that you have to take into account when you’re doing any kind of security analysis at this point. Rid actually teaches a course at Johns Hopkins with Kim Zetter, and the group is all in agreement that it would be an interesting course to take.
Allan’s last pick isn’t necessarily a cybersecurity pick, but it is Thinking Fast and Slow by Daniel Kahneman. Allan chose it because he believes it’s a good book for understanding how to be an analyst. We all have our biases and prejudices, but figuring out how to step back and think before reacting. For example, when you’re doing analytical work on ransomware actors, they’re committing terrible crimes against people – how do you separate yourself from that to continue to do your work? Or if your assumption is that there’s no way a nation-state can carry out this kind of activity, but the bunch of evidence is showing that they really are, how do you overcome your biases so you can effectively report on that? It’s a good read for understanding how we think and make choices.
Allan’s Non-Cybersecurity Picks
Absolute Time by Emily Thomas is one Allan recently finished reading. It’s a book about rifts in early modern British metaphysics, like philosophical understanding of time, which he finds absolutely fascinating.
At the time of recording, Allan just started Women in Intelligence by Helen Fry and it’s the hidden history of the role women played in British American intelligence in World War I and World War II.
His final pick is a comic book, because of course it has to be a comic book! He finished Time Before Time, which is a time travel comic book. Think of the movie, Looper, but with some really cool storytelling.
Allan’s Local Bookstore Pick
Scrawl Books in Reston, VA is where he orders all of his mainstream books. If they don’t have something, they can get it to you in a few days.
In San Diego, he loves Mysterious Galaxy. It’s a mystery/Sci-Fi bookstore and they have some amazing signings there. Speaking of Sci-Fi, in Oakland, CA he likes Sista SciFi, which is all Sci-Fi, but it’s from a lot of African American authors, so it’s a lot of perspectives you might not normally see. They also do really fun events.
Finally, Allan wants to give a shoutout to Type Punch Matrix – Rare Books in Washington DC. They have a lot of incredibly rare finds (like a first edition Edgar Allan Poe that is about $28,000).
Jon’s Top Cybersecurity Book Picks
Hunting Cyber Criminals by Vinny Trola. Jon picked it up and could relate to a lot of the engagements that Troia had done with cyber criminals and really enjoyed the storytelling in addition to the technical aspects.
One of his favorite books is Inside Cyber Warfare by Jeffrey Caruso. When he first read it, it inspired him and made him want to do more in this field. He also gives credit to Caruso for inspiring the title of his own book.
A go-to that he uses for work purposes and which he buys every volume is OSINT Techniques by Michael Bazzell. The information included is phenomenal and he provides a lot of helpful resources.
Last but not least, Jon has to mention The Ransomware Hunting Team by Renee Dudley and Daniel Golden
Jon’s Non-Cybersecurity Picks
Jon recently finished Don’t Let Her Stay by Nicola Sanders. He loves reading industry books, but if he’s not reading something relating to cybersecurity, it’s going to be a mystery novel. He loves trying to figure out the mystery prior to finishing the book.
Jon’s Local Bookstore Pick
He believes his pick might not be popular, but he loves Barnes & Noble. It reminds him of going to Blockbuster as a kid – seeing all everything laid out in front of him and he could spend hours there. Plus, having the coffee shop there is a plus.
The Invisible Guest
Allan and Jon worked ahead of time to bring our listeners something special: they asked a ransomware actor for his picks on what he’s reading. They describe him as a very well-connected Russian-based cyber criminal – he has contacts with all the ransomware gangs and all the high-level players. Here are some of his picks:
Fatal System Era by Joseph Menn
Allan has read this one as well and agrees, it’s fantastic. Menn is now a reporter for the Washington Post, but he’s been in the cybersecurity space for a long time.
How To Steal a Million: The Memoirs of a Russian Hacker by Sergey Pavlovich
This one is easily accessible on Kindle and Amazon, but the next one isn’t so easy to find in English…
Froth of the Daydream by Boris Vian
It’s a 1947 sci-fi book and finding it online is a little easier than finding a physical copy (not surprising, an English translation of a French sci-fi book written in 1947 isn’t going to be at the top of everyone’s list)
The last recommendation is challenging to find and Allan could only find it in a bookstore in Latvia
It’s called Crypt: How Cyberpunk’s Programmers in Crooks Fettered Russia with Blockchain by Zakharov Andrey
Allan did order himself a copy, because it does sound fascinating
That’s about all we have for this week, you can find us on Twitter @domaintools, all of the articles mentioned in our podcast will always be included on our podcast recap. Catch us Wednesdays at 9 AM Pacific time when we publish our next podcast and blog.
*A special thanks to John Roderick for our incredible podcast music!