“When it comes to individuals connecting via e-mail, social media or other messaging, we are in the world of the Venetian masked ball.” Such is the half-anonymous, crime-ridden world of the Internet that Edward Lucas confronts and untangles in his new book, “Cyberphobia.” Lucas, who has covered the topics of espionage and security in Eastern Europe for The Economist since 1986, explores a global village where thrill-seeking hackers in basements and top-secret spies in offices run free, stealing anything from email addresses to the deepest government secrets with almost no trace left behind. His new book expertly details how these snoopers can gain access to classified information online, and he tries, with less success, to explore the possibility of barricading them from of precious networks. Both fascinating and terrifying, “Cyberphobia” will probably scare you off the web for around 10 minutes—or however long you can go without having to check your email.
Like many pop-science books, “Cyberphobia” begins with a promise of simplification. Similar to the preface of “A Short History of Nearly Everything,” where Bill Bryson vows to lift science out of the realm of esoteric biology and chemistry textbooks, Edward Lucas tries to make complicated technology accessible to a popular audience.
“This book is called ‘Cyberphobia’ because so many people are so put off by needlessly complicated technical language that they fail to realise the importance of the issues at stake,” he writes. “Many books about this subject explain in great technical detail how to build and defend a supposedly secure network of computers. These are rather like technical manuals for locksmiths: interesting to the specialist, but useless for the layman.” In writing a book that breaks away from this tradition, Lucas presents his knowledge perfectly for tech amateurs such as me and many people I know, who are all but clueless about the inner workings of the web, yet hopelessly reliant on them at the same time.
In the first chapter, readers meet the appropriately-named Pin and Chip Hakhett, an uninteresting and imaginary couple that serve as Lucas’s punching bags for all things malicious on the internet. The Hakhetts use their computers for everything from paying bills to watching porn. They have the same simple password for every website they subscribe to. They rarely pay attention to software updates, and would never think that a hacker would want to swindle them on email, phone, or the like, as they believe that they have nothing to offer.
All of these faults prove devastating to the Hakhetts. The Internet wasn’t built with security in mind, but rather convenience. Lucas argues that this ideology still holds true for many today.
“We want computers and software to be easy to use, cheap, and flexible,” he writes. “We want them to work with anything new that we like, but also to be ‘backwards compatible’—to work with much older programs and machines. We want our computers to be tailored to our needs, but we are unwilling to spend much time learning new tricks and ways of working.”
The Hakhetts fall victim to this kind of inflexibility and end up paying for it to the fullest. Hackers easily figure out Pin Hakhett’s passwords and lock her out of her own banking accounts. Chip Hakhett has connections to top officials in Forbes 500 companies, and a young Russian techie pretends to be a CEO on email and warns Chip that if he doesn’t click HERE right now, he’ll be weeks behind on work. The link ends up being malware, a nasty bit of software that can essentially take the reigns of your own computer and swallow up files and data so that you’ll never see them again. These are but two examples of the poor Hakhett couple’s misfortunes. Most of their digital misfortunes occur either through small holes in software that haven’t been patched through updates, or as a result of straight-up gullibility. The anonymity of the “Venetian masked ball,” Lucas argues, can often end up as the bane of our digital existence: “We have no easy, dependable way of proving who we are; conversely, it is hard for us to know who we are really dealing with.” Only bad things come from automatically believing that an online persona is always who they say they are. Lucas tosses away the Hakhett couple later on to have a more general discussion about internet identity and geopolitics, but the Hakhetts prove indispensable to this broader analysis.
Because the Internet is a tricky simulacrum of the real world, Lucas often provides various analogies to help his readers understand computer security: guarding your house with locks as a metaphor for using passwords, maintaining airplane security as a metaphor for the idea of having cyberguards on the internet. These analogies greatly ease readers understanding of hacking and spying on the web and, as a result, help readers become properly scared shitless of the online world.
Lucas’s expert understanding of various criminal activities on the web leads to an inevitable question: What are we going to do about it? His answer in the three-page “Conclusion” section seems alarmingly simplistic: “Complacent, careless, and amateurish behaviour on the internet is as out of place as it is in transport or health…we need to be more cautious about all our behaviour with services that purport to be ‘free’…strong digital identities are friends, not foes.” Lucas leads us to enlightenment through his diagnoses, but his prescriptions here are so plain as to seem bathetic: Of course we should be more careful on the Internet. But how much good is that going to do against such a widespread problem? Asking readers to be more careful when they plug into the web today would be like asking Gettysburg natives to be more careful when they went outside in 1863. Caution may not be enough.
Perhaps Lucas’s attempted quick fix comes from the fact that on a general level, he does not want to make technology an abstruse subject. If he believes that his readers want it the layman way, then that’s what they’ll get. But the repercussions of a simple solution may outweigh the repercussions of attempting to understand a complex, structurally transformative solution. I’m not saying that I have this complex solution, or that anybody does yet. But if Lucas thinks that readers can totally evade cybercrime just by exercising caution, then they’re in for what computer security analyst and guru Dan Geer puts best: “continuous, quiet theft.”
Being cautious is a start, though, and if done right, has the potential to solve the problem of cybercrime on an individual level. Just last week, I got an email from firstname.lastname@example.org, saying, “As part of our security measures, we regularly update all accounts on our database system. All users are required to reply to this email with their username and password to ensure that their account remains active in the school database system.” Yeah, right. Edward Lucas would be proud.
Lastly: if you don’t care to read a book on cybercrime but still want to guard yourself against national and international hackers, check out ITS’s security tutorials at secure.wesleyan.edu and learn how to stay safe on the Internet in no place other than the Internet itself. You can even win a free iPad Air—one can only hope that this one’s not a scam either.
“CYBERPHOBIA” AVAILABLE AT OLIN’S FIRST FLOOR DISPLAY SHELVES. 275 PAGES.