bostonlink.github.io

A place for my projects, thoughts, and rants.

Spam Nation - Review

During this Thanksgiving holiday vacation I took it upon myself to do some fun and interesting reading. The book I chose to escape my vacation reality with and dive into the authors story was Spam Nation, by Brian Krebs. The book has gotten some publicity that I had seen over twitter and of course on Brian Kerbs’s own blog KrebsOnSecurity. Plus, I have thoroughly enjoyed reading Kerbs’s numerous articles on internet crime and information security and thought to myself this ought to be a good read.

Diving right into the book it is informative and easy to understand in my opinion from the technical audience and the less technical all around. For this I applaud, since I think it is very important to educate the less in-the-know people/audience of the problems and issues we face all around within the information security industry. I also enjoyed his (Kreb’s) story of how he wholeheartedly stumbled upon this research and since getting a virus on his own system, has been fascinated and burred himself in the field and learning about the information security and internet crime industries all around. I found all of the chapters to be informative and insightful journey into Kerb’s own research regarding the Pharma Wars and Pharma Affiliate programs promoting Spam as a way to earn money.

I personally find such research fascinating, so nonetheless, I was hooked on the book. Plus, I remember a lot of the botnets discussed in the book used for sending pharma spam out, because I saw a lot of it personally when I was a Sr. Security Analyst at a large healthcare institution. We used to investigate all of this and similar things on a daily basis, so I could personally relate to some of the discussions within the book. I did not put it down until I either fell asleep reading it each day or had to start re-reading pages I zoned out to while reading. The book was overall a good read in my opinion for both technical and non-technical readers out there who are fascinated by the information security industry or the internet crime industry as a whole.

I recommend this book for anyone in the information security industry and I honestly even recommended it to my parents. The latter I did for the simple fact that ever since I made my debut as a information security professional with a real information security job in the industry, I dunno give or take six years ago. They always call me and forward me emails. Sometimes even mail me clippings of articles they think I would be interested in. I politely tell them I could easily read the article online. I digressed, my point being they have become inundated with the media hype of our industry and I think they would simply enjoy this book from the knowledge they would acquire from reading it. It would help them identify suspicious emails and do not fall for such schemes, hopefully.

-bl

PS> I Hope you all had a Happy Thanksgiving!