Secrets of Computer Espionage is under 350 pages with very few illustrations. Instead of illustrations, the book uses case studies like that of Stefan Puffer. Most chapters start with asking the reader of the book to assume the role of someone acting to compromise a computer system. After showing how the spy tactics work, the countermeasures needed to defeat these tactic are examined.

The first two chapters, Chapter 7, and the last two chapter don’t follow this pattern. Chapter one, “Spies” has a major problem with the risk analysis section. Analyzing a fire a fireman will use the fire triangle: heat, fuel, and oxygen; as a locksmith, I use the security triangle: security, convenience, and safety. The author fails to account for safety. For example a protocol for EMS might make the system secure, but a glitch causing a reboot means that time is lost while performing the protocol. During this time EMS cannot be dispatched, so public safety is compromised. The rest of the chapter explains what spies are after and who is engaged in espionage.

The next chapter, “Spying and the Law” deals withs most of the major spying, fraud, and surveillance acts. Chapter 7, “Copying Data”, tells what media to target and copy. Chapter 12, “Spying on Electronic Devices” deals with faxes, telephones, PDAs, digital cameras and other things that have info on them. The last chapter “Advanced Computer Espionage”, deals with black projects ( projects whose budget lines are blacked out) and programs that are used by national surveillance agencies.

As I have stated before, the book follows a format of tactics used to attack a computer system; then countermeasures used to defend a computer system. “Black Bag Jobs” (Chapter 3) refers back to the days when the F.B.I. used black bags to carry tools for bugging a building. The chapter explains how a black job is carried out, the countermeasures are the security policies.

The next three chapters, “Breaching the System“, “Searching for Evidence”, and “Unprotecting Data” deal with getting the data out of the system. Again the countermeasures are how to keep the data safe. Since Chapter 7 has already been examined, Chapter 8 deals with key loggers. Key loggers are software programs or hardware devices that record key presses. Putting a key logger on a computer system is one of the first steps a spy uses as he can get passwords which makes espionage easy. The countermeasures taken to combat key loggers is the second longest set of methods.

“Spying with Trojan Horses” is the next chapter (9). This another chapter where the countermeasures take up more space than the tactics. “Network Eavesdropping” and “Wireless Networking Eavesdropping” are the IT mangers worst nightmares. These two chapters should be standard reading for all network administrators.

I read the book, published by Wiley, from cover to cover in under two days. Trying to use all the recommendations, and checking out all the different Websites for cited information would take months. The list price of the book is $35. As I write this review it is about the middle of September 2003 and, the book has some spy cases as late as March 2003. As the back cover of the book asks: “Is someone spying on you? You might be surprised.”