I was reading a book about network security monitoring and it mentioned The Cuckoo’s Egg by Cliff Stoll. Stoll’s book has been around for a long time, and it’s considered a classic book with regards to information security. If you’re not familiar with it, it’s the story of a gentleman who wasn’t an IT person who happened to uncover an international hacking attempt (a large one) during the Cold War era and helped track it to its source. The technology is dated – it covers incidents during the Cold War – but the basic techniques to detect, track, and catch are not.
If you have anything to do with information technology, this is one of those books you should try and read. It’s not a slow, academic tome. It’s a well-written tale based on events. You don’t have to be a security professional to appreciate it. After all, Mr. Stoll was not; he was an astronomer. Whatever your role in IT, I hope it’ll cause you to think deeper and longer about how best to implement security mechanisms and controls in what you do. It should also give you an appreciation for how the smallest detail can tip us off to something being wrong in our systems. After all, it was a tiny accounting error that led Cliff Stoll on his quest.