Hacker Wars: Understanding Joseph Menn’s Scions of IRC

Financial Times technology reporter Joseph Menn has written a captivating account of “The Hunt for the New Crime Lords that are Bringing Down the Internet” in Fatal System Error (Public Affairs, 2010).  “Cybercrime” is something that for now rings as more terrifying to the imagination than it has yet to be in practice.  With some minimal consideration of what programs one installs or what emails one answers and making sure your anti-virus software is up to date, it’s pretty unlikely an individual is going to be a victim of it.  Identity theft, one of the more frequent and noxious strains possible from Cybercrime, still largely originates from stealing unshredded documents in the trash or (physical) mailbox.  When it does happen electronically, such as the four-million strong theft at Hannaford Supermarkets, only 1800 false charges were subsequently made on the stolen credit cards.

But the book’s publication in late January is aptly timed, coinciding with what appears to have been a possibly Chinese state-sponsored or state-condoned attack on Google.  The possibility of cyberwarfare is considerably more threatening and to date, an unknown unknown in possible scope.

Menn covers the first half of the book largely through the lens of Barrett Lyon, a Californian networking whiz kid and Andrew Crocker, a detective who was working for Britain’s National High Tech Crime Unit (NHTCU, now the Serious Organized Crime Agency SOCA.)  Lyon and Crocker unweave the Russian hacker networks who had lead an attack on a variety of online betting organizations.

The perils of playing to movie casting (Shia LeBouf as Lyon, Tom Hanks with an English accent as Crocker?) are mostly avoided while gossipy nuggets are served up.  It is claimed on p. 41 alone  “actor Bruce Willis, Barrett learned, had lost millions of dollars [in sports betting]” and

As Darren Rennick explained it to Barrett, sports starts often bet against themselves.  Then Mickey would adjust the line on the odds and secretly bet the same way as the athlete at other, unsuspecting sportsbooks.

Hearsay often gets exploited exhaustively in other quickly written narratives such as those by Ben Mezrich (“The Accidential Billionaires” or “Bringing Down the House.”)  Menn demands more of the reader here.  He spends the lion share of the remaining work painstakingly explicating the very opaque (including to themselves?) cybercrime networks.    Some prosecutions are successful, other identities (King Arthur, Bra1n) never even traced to real people.   This gets to be tough sledding with the plethora of rapidly introduced names and only cursory explications of technical tactics our protagonists are using.  It would have been enhanced by more graphical illustrations of the interconnections and leavened by a picture or two.   Still it is the most authoritative picture of the subject yet, even if the subject matter is necessarily makes the portrait pointillist.

The final thirty pages or so are a litany of global cyber crime issues and public policy recommendations.  Though building from the Lyon/Crocker narrative, this serves best as an armature for a future work detailing the escapades between nations.  Most interestingly, Russia’s relationship to Estonia, Georgia, Chenya, and Kyrgyzstan for example.  But it has a bit of a rushed feeling (Kyrgystan “stun[s] the U.S.” by withdrawing airbase rights arguably because of a cyberattack, but the endnote immediately amends it to say the decision was reversed.)  This section would have been best served as a separate book on public policy by someone with a Washington beat.

More tantalizing would have been a comparison between Barrett and Napster founder Shawn Fanning (his last company Rupture was  client of TriplePoint and I was an investor in it) whom Menn also devoted a 2003 book-length treatment in All the Rave.  All, including the villains of Fatal System Error, are IRC veterans.   Amidst the prescriptions for public policy changes in at the end of the book an obvious missing one would be greater economic development for the great young programming minds of Eastern Europe (or a more liberal immigration policy!)  At what point in economic development does the “nationalism” exhibited by the young Russians and Chinese give away to the more libertarian, company-forming mindset of a Lyon or Fanning?  What early influences in one’s IRC experience stir one to hacking for its own sake, profiteering, nationalism, or company-building?  When nations do clash will our hackers serve their country?

Malcolm Gladwell has recently written that entrepreneurship is nothing like the lauded Buccaneering, risk-embracing ethos celebrated in Silicon Valley.  He claims it is a carefully calculated approach to a sure thing.  The cyber frontier wars whether against ex-KGB agents or the Music industry waged by the prodigious talents covered in Menn’s works are the ultimate riposte to that.  Lyon is on his third company as of publication, Fanning swung and missed twice before Rupture’s success.   But channeling their energy into a written vessel of understanding will probably require a novel instead of the byzantine excavations that non-fiction requires.  Still, to get a proper grounding in this increasingly influential world, Fatal System Error is an essential start.