Fancy Bear Goes Phishing
The Dark History of the Information Age, in Five Extraordinary Hacks
Scott J. Shapiro, Farrar, Straus and Giroux, 2023, 432 pages
Book Review published on: August 07, 2025
Scott J. Schapiro's Fancy Bear Goes Phishing: The Dark History of the Information Age, in Five Extraordinary Hacks integrates philosophy, storytelling, history, and computer science to create a compelling argument. His writing is not only convincing, but it also imparts the reader with a deeper understanding of cybercrime and warfare. This book is a must read for anyone with the slightest interest in cybersecurity.
Shapiro's credentials as a professor of law and philosophy at Yale Law School are evident in his writing. He efficiently intertwines his understanding of law and philosophy throughout the narrative. His ability to accomplish this was not only possible due to his experience in these fields but also his interest and experience growing up tinkering with computers and coding. In the book's introduction, Shapiro discloses how he pursued a computer science degree at Columbia University and had a database construction company that bore his name. After he graduated college, he left behind his deep interest in computers. It wasn't until the last several years that he renewed his interest in computers. His renewed interest worked to his benefit. As he had to relearn and learn new aspects of computing, Shapiro explains computing in terms that a layperson could easily understand.
In the last two pages of the introduction, Shapiro lays out his goals for the book. He wishes to answer three questions: "Why is the internet so vulnerable? How do hackers exploit its vulnerabilities? What can companies, states, and the rest of us do in response?" He does answer all three of these questions in this book, and he does so without being an alarmist or boring.
Shapiro's writing is engaging, humorous, and enlightening. Albert Einstein stated, "If you can't explain it simply, you don't understand it well enough." Shapiro's writing displays a depth of understanding across multiple fields. He takes Einstein's maxim even further; Shapiro's comprehension enables him to take a serious and complex subject and make it understandable and appropriately humorous.
The organization of the book made it easy to follow. Occasionally, the author jumps back and forth in the book's timeline, but these occasions are minimal and purposeful. Shapiro largely structures his book around five vignettes. The first is the Morris Worm, which resulted in the first federal conviction for cybercrime. The last vignette is the Mirai botnet, which the author credits for the internet's most significant distributed denial of service (DDOS) attack on Dyn Incorporated domain name servers. This DDOS resulted in outages of multiple major websites, including social media giants.
Throughout the vignettes, Shapiro illustrates the mathematics and philosophy that underpins computer science, such as Alan Turing's principles of code and John von Neumann's theory of a universal constructor. Additionally, he introduces the concept of "up code" and "down code." Up code is the rules and norms established in society or an individual's life, and down code is the actual code in a computer or a program. By effortlessly incorporating these cerebral concepts into the stories, Shapiro brings greater significance to the ideas and the vignettes in the context of each other than be brought when analyzed in isolation.
Shapiro achieves his stated purpose of addressing his three questions, and he does so compellingly and entertainingly. This book is an excellent read for anyone wanting to understand what cybersecurity is and what it is not. This book develops a greater understanding of how to better secure our cyberattack surfaces for novices and experts alike.
Book Review written by: Lt. Col. Stephen G. Redmon, U.S. Army, Fort Leavenworth, Kansas