Threat Management, Malware

Trojan Horse by Mark Russinovich Review


Trojan Horse is Mark Russinovich’s second techno thriller. His first one being Zero Day. Mark is a Technical Fellow in the Platform and Services Division at Microsoft; he is very well known in the Information Technology arena as an expert in security, and operating systems. He is also the author of several Microsoft Press books in addition to being a regular contributor to TechNet Magazine and Windows IT Pro magazine.

In the first book Zero Day we meet Jeff Aiken a forensics specialist that runs his own company where he travels from client to client helping them analyze how they were compromised, he covers how Jeff works to determine how malware gets in to the systems and how he is driven by his drive to find the ‘where, what and who’ of the infections and security breaches he investigates, when he finds that there is more to the malware he is investigating and how it is related with several events around the world we see how Daryl Haugen from the US Computer Emergency Response Teams helps him to put the pieces together, we also see how when the terrorists find out what he is doing the dangers move from the digital to the physical world where now the attacks are no longer viruses and Trojans but a trained soldier-for-hire sent out to get them. We also learn about his past before the fateful attack on September 11 and how it affected his life. The story in that book centers around a plot from the terrorist group al-Qaeda to repeat their attack on the west but instead of planes and bombs, the use of computer malware. Mark covers as part of the story many of the areas that many in the security community know very well and those are:

1. How difficult is for Anti Virus companies to really protect us from all types of malware.

2. How do many criminal and political organizations that may lack the resources to write their own tools and develop new attacks are going out and outsourcing skills from the vast pool of security professionals and coders that are willing to find and sell Zero Day exploits to the highest bidder and are not driven by any political or Religious motives.

3. He covers how companies many times do not take the security of their products seriously enough and do not prioritize the patching of security holes.

4. The complexity and political motivations of the Federal government trying to control, regulate security and react to emerging threats.

He does all this with what I found to be a very good mix of technical information, plausible scenarios, drama, actions and a bit of romance. On this his second book is a continuation of the adventures of Jeff Aiken and Daryl Haugen as they run their own company and are called to help investigate an infection on government system changing information so as to influence the politics and events in the Middle East. We see how Jeff Aiken is driven again with his fascination to discover who is behind the infection and what they are doing. This brings Jeff to the attention of Governments that want to stop his work and silence him so their agenda is not affected and they can succeed in their goals. This book differs from the original in terms that instead of covering a Terrorist organization we are seeing how governments like China and Iran use the Internet as their new battle ground and are of operation for covert action. We also see how even the US government is moving in the advancement in the technologies to be able to address threat not in a kinetic manner but thru technological means to infiltrate and take proper actions in covert manners using the internet and even how to jump in to systems deemed secured and air gaped. Marks covers in addition several areas of interest for security professionals in our industry, these are:

* How private companies help the government by providing the appropriate skill set to develop exploits and security research that can be use offensively in covert actions.

* The shift of malware from collecting information to modifying so as to alter event and actions in the physical realm.

* How digital supremacy affects and influences the politics and actions of governments.

* How governments use their offensive technological resources in the aid of other governments for political gains.

* He also covers how many governments are willing to shift from a digital to a kinetic approach to protect such secrets and actions.

The story takes us thru Europe as Jeff moves from country to country trying to save the women he loves and stop the plans of the Iranian government and the Chinese government who are providing them with the technology means to carry out their plans for economic gain. The book keeps the reader engaged at all times and we see how the writing style of Mark has improved and morphed in this second book. The book has the right mix of action and technology making it one of my favorites books this year. Hope to see more books from Mark that continue with Jeff Aiken and his adventures in the digital and physical

Carlos Perez

Carlos is currently the Principal Consultant, Team Lead for Research at TrustedSec and well-known for his research on both Metasploit and Windows Powershell. His blog carries the tag line: “Shell Is Only The Beginning”.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.