Breach, Data Security, Network Security

Zero Day Review



Zero Day is a novel by Mark Russinovich, whose name is very well known to security professionals and system administrators that work with Microsoft systems alike. At some point, all of us have used the great set of utilities that he has written under his own company Winternals before being acquired by Microsoft and still available and updated as part of the Sysinternals suite of tools. Mark has used his experience in the Security field and community to write this novel in an action packed story “Tom Clancy style”.

The story starts via a series of events caused by computer systems failing and data and information being altered with catastrophic events; this opens the story to the introduction of the main character, Jeff Aiken, a security consultant that is called to look at an infection that destroyed the systems of a New York law firm. The character is a bright security consultant driven by events in his past, a passion for the thrill of the chase of hackers, and for solving the complex puzzle of digital forensics.  As he delves deeper into the origins of the virus and the work of a bright determined woman (named Daryl Hagen that manages a US CERT team and is part CISU/DHS looking at the other cases), they discover that the infections are all connected and just the tip of the iceberg of a bigger attack that will hit western governments. The story appears to be the typical terrorist plot of vengeance against the corrupted west that has been seen in so many novels after 9/11 except this one presents the twist that this threat is a cyber attack with very dark consequences.

As as security researcher and professional I can relate to what Mark exposes in the book, especially the reality that our capacity to defend against a coordinated cyber attack is just not existent.  All of us in the industry that have found holes in systems have been frustrated many times with the speed of the response of private companies to address these holes and the lack of cooperation between them. Mark mentions how antivirus vendors are flooded with more samples of malware code than what they can handle. He covers the reality how we are losing the battle against malware writers but in this case the malware writers have a more deadly agenda than feeding their egos or making money like many out there in the real world. I certainly related to all the problems faced by the heroes in the story making it more real in my imagination as I read the book. I could even sympathize to the pain of some of the victims, having myself gone to clients to assist in recovering from security breaches and malware infections. I even related to the addictive nature that we in the security field have when we are faced with the hunt of an adversary while doing incident response and how that thrill of the chase consumes us in the process.

Mark also covered the problems that some of the bright women that are in this industry face with prejudice and lack of respect by their peers. I found this part of the story very interesting knowing myself women in the industry and in general that have had to face this prejudice and fought to be measured and valued by the quality of their work and knowledge.

I really liked the book and the pace of the story. My tactical side related to the accuracy of the depiction of the action and the weapons and my info sec side related perfectly with main characters and their frustrations with government and industry and the drive that pushed them. I even related with the Russian character personas and the choices that many starting in the security field are faced with in term of the direction our research takes and the consequences of those decisions and what may drive many to make the wrong ones.

I recommend this book to any security professional in the industry and to any person who likes the action and intrigue found in Tom Clancy and Alex Berenson books. I do hope that Mark writes another one like this and gives further life to the characters behind this book.

Book on Amazon

Carlos Perez

Carlos is currently the Principal Consultant, Team Lead for Research at TrustedSec and well-known for his research on both Metasploit and Windows Powershell. His blog carries the tag line: “Shell Is Only The Beginning”.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.