This is a book that I would have never bought myself, but I got it for free through OReilly blogger review program. The title sounds interesting, and the table of contents looks attractive. The main purpose of this book is to investigate whether it is possible to launch a devastating attack without possessing any weapons, by only using an Internet-connected PC. The history is full of unexpected and surprising twists, and it happened many times in the past that country leaders mis-evaluated the possible danger of a certain technology. Quite often, military commanders went on horses to fight with tanks, in which case a large army can fall victim to a small regiment.
The first few chapters of the book are very though-provocative. They try to answer the question posed in the introduction by analyzing which groups are responsible for most attacks. The author makes it very clear that the main threat comes from non-state hacker groups who are indirectly supported by governments. The book never mentions it, but I think those groups are similar to pirates of the medieval ages. They rip off merchants sometimes, but they can be hired to protect trade routes from competing states. As usual, private organizations are much quicker at building up teams with necessary skills, whereas the official government policy is still in its infancy. Also, there is a clear division in what government and non-government organizations do: the informal hacker groups launch attacks, and government agencies try to defend against external threats. The book makes it very clear that this needs to change. The old saying goes that counter-attack is the best way of defending someone╩╝s property. Therefore, in order to successfully protect their infrastructure, the governments need to learn how to launch attacks. In other words, the governments need to start building their fleet immediately, rather than keep hiring the pirates.
Many governments realized that long time ago, so in the second half of the book the author presents a comprehensive overview of cyber-capabilities of top 20 or so most advanced countries. This is a bit boring to read, as the book provides way too many details on the internal structure of ministries and agencies. But maybe it is a good reference material for professional strategic decision makers. In addition, when analyzing Russia, I think the book attributes too much power to a bunch of oligarchs. Trust me, they are not responsible for cyber-attacks launched from Russia. There are indeed some covert hacker groups which the book fails to identify.
To summarize, the book is thought-provocative and clearly lays out the looming threats. But in my opinion it fails to identify the driving forces of the cyber war. It is not any particular government or that wealthy guy. Cyber war is still a black market, and the author fails to shed some light on this dark side. Or maybe he just does not want to mess up with them. Because of this elusiveness, I give 4 stars to this book.