Countdown to Zero Day

Starred review from September 8, 2014
Cyberwarfare catapulted from science fiction into reality in 2010, when a previously unknown military-grade computer virus attacked centrifuges in Iran that were allegedly being used to enrich uranium for nuclear bombs. Zetter (Simple Kabbalah), a senior writer for Wired magazine, details how a series of clues led a small but intrepid group of computer security specialists from around the world to discover Stuxnet, the world’s first “zero-day exploit,” a virus without a patch. The origins of the virus were eventually traced to the U.S. and Israel, and though the allies frustrated Iran’s efforts to acquire a nuclear weapon, unleashing the virus was “remarkably reckless,” Zetter argues. Stuxnet and its successors have compromised trusted components of the international computer world, like digital certificates and security updates, and have drawn unwelcome attention to vulnerable U.S. energy, water, and transportation infrastructures. Zetter suggests that the Stuxnet attack has opened up a digital Pandora’s box, “legitimizing” a new strain of warfare against which there is little defense and inciting an arms race carried on behind the scenes. Even readers who can’t tell a PLC from iPad will learn much from Zetter’s accessible, expertly crafted account, which unpacks this complex issue with the panache of a spy thriller. Agent: David Fugate, LaunchBooks Literary Agency.

October 15, 2014
Iran's nuclear program spills out into the world's computers in this true techno-whodunit by Wired senior reporter Zetter.In the weird world of atomic policing, international agencies have only limited access to information under the best of circumstances-and still more limited when the regime is secretive. When Iran began to replace components at an unusually fast pace a few years ago, inspectors noticed. They had no way of knowing why, and the Iranians weren't talking, but the cause was devilish: "Months earlier...someone had quietly unleashed a destructive digital warhead on computers in Iran...to sabotage Iran's uranium enrichment program and prevent President Mahmoud Ahmadinejad from building a nuclear bomb." That "someone" is the object of Zetter's quest, and it would spoil her fun to tell who it turned out to be. Suffice it to say that, as she notes, there's a whole Pandora's box effect to the business of digital warfare and that once the identity of the aggressor was established, it became difficult for that party to cry out in moral aggrievement when other parties began to unleash similar warheads. Zetter writes lucidly about mind-numbingly technical matters, reveling in the geekery of malware and espionage, and she takes the narrative down some dark electronic corridors, as when she describes the deployment of a hidden Trojan horse designed to harvest transactional information specifically from Lebanese banks suspected of being involved in laundering Iranian funds. Readers don't have to know steganography from a stegosaurus to follow the discussion, though some programming background is surely of help in following some of the more arcane details. Governments, hackers and parties unknown are launching ticking computer time bombs every day, all coming to a laptop near you. Zetter's well-paced study offers a sharp account of past mischief and a glimpse of things to come.

COPYRIGHT(2014) Kirkus Reviews, ALL RIGHTS RESERVED.

February 15, 2014

What's more powerful than an exploding megaton bomb? The virus that destroyed Iran's nuclear centrifuges in 2010. The tip-off: inspectors with the International Atomic Energy Agency noticed that the centrifuges were failing at a surprising rate. Then a security firm was asked to investigate a computer in Iran and noticed an unusually complex virus that could, in fact, physically destroy the devices the computers controlled. A whole new way of doing war; senior reporter Zetter originally broke the story.

Copyright 2014 Library Journal, LLC Used with permission.

November 1, 2014

"Zero Day" refers to a threat or attack upon a computer system during which programmers have no time to detect it or protect the system. Stuxnet is the virus that attacked the centrifuges at Iran's uranium enrichment facilities in 2009. Zetter, a reporter for Wired with wide interests in civil liberties, privacy, and security, describes how the digital warhead causes equipment to be physically--as opposed to technologically--damaged by manipulating its operating system. The author provides background information on how this virus was supposedly developed by the United States to disrupt Iran's nuclear weapons program. Lots of technical terms abound, but the book is written so that general readers can understand what is going on. It doesn't include a bibliography, photos, or charts, but the many footnotes reference personal interviews, news and research articles, official documents, and specialized news websites. VERDICT Read this not only for the purported history but also to understand the very real threat to the complicated yet vulnerable and delicate infrastructure that is the basis of interconnected modern society.--Daniel Blewett, Coll. of DuPage Lib., Glen Ellyn, IL

Copyright 2014 Library Journal, LLC Used with permission.