Trojan Horse — not malware but a techno-thriller — has gone on sale today at Amazon.com and other sites, and presumably hardback copies have appeared in shops. While novels are not usually of interest to IT professionals, this is an exception. Trojan Horse has been written by a Microsoft Technical Fellow and Azure expert Mark Russinovich, who is widely admired for utilities such as Process Explorer, which he developed as co-founder of SysInternals. Microsoft bought the company to get him.
Trojan Horse aims to be entertaining, of course. It's also trying to educate people about the risks of cyber-warfare, for which Russinovich knows corporate IT departments are not properly prepared. The book also might be considered compulsory reading for members of the US government. Last month, the senate killed the Cybersecurity Act of 2012 (CSA2012), which would have obliged companies to increase the protection of critical networks such as electricity grids and water supply systems from cyber-attacks.
CSA2012 co-author Joe Lieberman said: "This is one of those days when I fear for our country and I’m not proud of the United States Senate. We’ve got a crisis, and it's one that we all acknowledge. It's not just that there's a theoretical or speculative threat of cyber attack against our country — it's real."
The US has already experienced the reality. For example, the Pentagon was itself penetrated in 2008 after an infected USB drive was plugged into a US military laptop at a base in the Middle East. (Dropping USB sticks in car parks is now an obvious form of attack.)
The malware-based Stuxnet attack on Iran's nuclear capability is an even more obvious example, and it used one of Russinovich's favourite attack vectors: the supervisory control and data acquisition (SCADA) software running, in this case, on Microsoft Windows.
In fact, Russinovich wrote what looks much like the Stuxnet story in his first novel, Zero Day. (Stuxnet hadn't appeared at the time.) Rather than being sponsored by a Western government, however, the attack in Zero Day represents a terrorist organisation's attempt to destroy the west.
Trojan Horse is the follow up to Zero Day, and forms the middle part of what Russinovich calls "the Jeff Aiken trilogy".
Aiken, Russinovich's protagonist and alter ego, trained in the military before setting up a security consultancy. As in the real world, companies are only doing a fraction of what they need to protect themselves, while the US government agencies are crippled by bureaucracy. As a result, one man and one woman — Aiken's sexy and supersmart colleague Daryl Haugen — are obliged to save the world.
In Zero Day's case, the plot starts slowly with plenty of technical analysis and scene-setting before developing into a fast-paced thriller with some violent action sequences. Trojan Horse probably follows the same recipe. What makes these books different from most other techno-thrillers is that Russinovich knows his stuff.
The plug from Mikko Hypponen, technical guru at anti-virus company F-Secure, sums it up: "Russinovich scares us all in this techno thriller that gets the details right!"
Probably not many corporate executives are going to read, still less understand, technical papers about cyber-penetration risks. Nor will they attend RSA Conference sessions like the one Russinovich gave about Zero Day.
There's some chance they might read a novel about them.