The following is a book review of The Fifth Domain: Defending Our Country, Our Companies, and Ourselves in the Age of Cyber Threats by Richard A. Clarke and Robert Knake
After reading this book, I understand that cyber-attacks can shut down hospitals, electric grids, and create a trillion dollars in damage to the world economy. These things are happening all of the time. The equivalent of World War III is raging on the internet while people sit on the couch with a bowl of Fruit Loops streaming Netflix. So naturally, during internet World War III, I read this book to answer some important questions. The most important question isn’t where to dig a fighting position with my entrenching tool and hold the line with an M16. That is because the fifth domain is an ethereal, unseen place in the clouds. In fact, unlike the other four domains- land, air, sea, and space- this is World War III in the cloud! So the most important question of internet World War III…
Is a Russian agent watching me watch Netflix?
Serious question. I know that right now thousands of cyberattacks are taking place on my bank, and that it could mean all my life savings could be stolen. That would be bad for sure. But, if I really am being watched right now during Season 3 of Stranger Things, then we have a big problem. Oh, and I want to know if Mark Zuckerberg is listening to my conversations and then selling me ads on Facebook. If so, then I am totally deactivating my Facebook account in protest… for a day.
The Fifth Domain was a fun read. I like books that I can read and remember the material. Because when I remember the material, I sound smarter than I actually am. After all, that is the goal of reading. Some people read and then they say, “Check out such and such book, it was so great.” My response, “What is it about?” Cue the awkward pause. “Well, its about this thing… that um… ugh…” Yikes!
It’s embarrassing to read a “great” book and then not remember anything.
The Fifth Domain won’t be like that. The only thing that would be hard to remember is the weird names of the cyber attacks. But, guess what! I am going to put some of the major ones here, and some information about what happened. If you memorize a few of these, you’ll be set. I mean you will be the darling of cocktail party conversation. Also, if you talk about Petya and WannaCry on that first Tinder date, forget it! He or she will call you back immediately. You’re welcome!
Here are some prominent cyberattacks:
2010: Stuxnet- U.S. attacks Iran
Full disclosure: This one is my favorite because it came from the good ole U.S.A. We let freedom ring in the form of a piece of malware that infected and disrupted Iranian nuclear centrifuges at their Natanz facilities. Go America!
2012: Iran Strikes Back
This one isn’t as cool. In fact, if you were in the Navy and Marine Corps at that time using an NMCI computer, then some Iranian Revolutionary Guard Corps (IRGC) agent probably knows your “Pros and Cons.” They also know if you were on a meal plan or not. If you’re a 2nd Lieutenant, then the IRGC probably read all the crazy training plans, that your CO never approved. The IRGC probably stole ORMs to copy and paste for their own training plans… bastards!
2015: Chinese hackers and U.S. cheaters
This was the year that the Chinese stole 21.5 million records from the U.S. Office of Personnel Management (OPM). If you worked for the government around this time, someone in China probably has your social security number. Also, if you worked for the government and also had an Ashley Madison profile then 2015 was a double whammy. Not only did the Chinese take your social security number, but your spouse found out you were cheating. Ouch!
2016: The DNC gets hacked
The Russians are at it. This is the year the DNC e-mails were hacked and released by Julian Assange’s WikiLeaks for all the world to see. Sorry Bernie supporters, but the mainstream Democrats really weren’t feeling the Bern. The authors do spend a good portion of the book talking about hacking to meddle in U.S. elections. It is worth paying attention to as we come on another election year in 2020.
2017: WannaCry (no, but I will laugh at this funny hacker name)
This was a busy year for the cyber armies. Things kicked off with WannaCry, and people started hearing about Bitcoin. Why? The hackers exploited vulnerabilities in Microsoft software that allowed them to break in to people’s computers and encrypt them. They would then demand payment in Bitcoin to unlock them. This is also called a ransomware attack. This attack is important because the U.S. blamed North Korea. Therefore, this was a high-profile case of state sponsored cyber war.
June 2017: Petya attack
This was another attack in the same realm as WannaCry. However, this one involved the target being Ukraine. Also, the suspected perpetrators are Russian. In this case, Microsoft vulnerabilities were also exploited, and Bitcoin was demanded. This attack caused global ramifications as it affected many businesses and industries around the world. The attack cost the world economy many billions of dollars.
The Chinese. Every day. All the time. The Chinese are just typing away as we speak trying to hack anything and everything.
2020: New Decade, new strategy?
Finally, in 2020, we had some recent news that the NSA alerted Microsoft to a vulnerability in some of their software. The vulnerability made it possible for hackers to exploit. This was a newsworthy event. Instead of keeping the information secret to develop their own cyber capabilities, the NSA decided to work with Microsoft.
If there is one major thematic takeaway from the book, it is that the authors believe in a “strong defense” in the cyber realm. Also, it is important for corporations and the government to work together on cyber defense. Companies cannot look to the government for solutions. It is a problem that is beyond the reach of one entity. Perhaps that is why the recent news of the NSA working with Microsoft is so important. There is a shifting strategy in which the government and companies are recognizing the need to collaborate to solve problems in the fifth domain.
After reading the book, I looked at a cyber security company called CrowdStrike. The book mentions CrowdStrike many times. It is a company that went public on the NASDAQ in 2019. It sounds like an important company with a smart founder and CEO. Maybe I will buy some shares. If the companies stock price goes up, then my purchase of The Fifth Domain will have been worth it many times over. Not only will I have more money for the cyber criminals to steal, but I’ll also have two factor-authentication to protect it. Who said internet World War III couldn’t be profitable? And now I have extra money to comfortably renew that Netflix subscription. Just don’t ask me for my password!
Check out the book and make your own killing in cyber stocks… The Fifth Domain: Defending Our Country, Our Companies, and Ourselves in the Age of Cyber Threats