Microsoft uber-tech guru Mark Russinovich has recently turned his skills to tech fiction writing with his new book Zero Day (Thomas Dunne Books, March, 2011). The story centers initially on NYC law firm Fischerman, Platt & Cohen, but events rapidly take on a global scope. I was surprised to find myself eagerly flipping the pages on my iPad! Computer security expert Jeff Aiken is brought in to the firm to investigate a virus outbreak. No ordinary virus, this one employs rootkit technology and has brought down all of the firm’s servers and desktops. Russinovich has the technical chops to present all this; he was the discoverer in 2005 of the Sony rootkit technology that was installed on computers playing Sony CD’s. (Is this one reason why Sony has been in hackers’ crosshairs?). But the virus is not confined to just the law firm, it is rapidly appearing in power plants, hospitals and manufacturing firms. A virtual travelogue unfolds as Jeff works on stopping the crisis in Moscow, Rio, the East China Sea, Istanbul, Helsinki, Costa Rica, Paris, London, Milan, and the Middle East.
The most interesting aspect of the book is the virtual “supply chain” of bad actors involved in the story, from virus writers to delivery agents to the groups behind the initiative. While Russinovich’s story is fiction, it is based on fact. The malware “business” has gone global, much as the legitimate business world. The real black market underworld is chillingly and courageously described in a non-fiction book, McMafia (2009), by Misha Glenny. Journalist Glenny describes, in first person format, the black market web for everything from cars to cybercrime, encompassing failed states and corrupt governments worldwide.
My theory on Anonymous and LulzSec is that its members are polishing individual resumes for more serious cybercrime. Imagine the benefit to having “Member of LulzSec/Anonymous” on your hacker resume! The way the system works is that individual hackers become part of real cybercrime activities, often without knowing who they are working for or what they are doing. In this way it may become almost impossible to determine who is responsible for cyber theft or intrusions. My biggest security concern is not Anonymous or LulzSec, but with the unknown unknowns out there.