Fancy Bear Goes Phishing
The Dark History of the Information Age, in Five Extraordinary Hacks
Scott J. Shapiro, Farrar, Straus, and Giroux, 2023, 432 pages
Book Review published on: May 20, 2025
Fancy Bear Goes Phishing: The Dark History of the Information Age, in Five Extraordinary Hacks is an in-depth look at computer and internet security. Why aren't computers more secure? Why are there so many cyber criminals? The author, Scott J. Shapiro, a professor at Yale Law School and director of Yale's Cybersecurity Lab, answers these and other questions through the lens of five hacks that occurred between 1988 and 2016. Shapiro weaves together computer and internet development history and computer coding to describe each hack as well as law enforcement techniques and shortcomings to find and prosecute the hackers.
The book uses a framing terminology of Upcode and Downcode to examine each hack. Upcode refers to influences and rules outside the computer. Upcode includes societal norms, user expectations, business ethics versus profits, current law, and everything influencing an individual before they touch the keyboard. Downcode refers to the computer code, what it can and cannot do, where it can reach, what other code can stop it—it is everything entered from the keyboard to the computer and through to the internet. He also looks at the hackers—ranging hackers working for countries for specific goals to teenage men looking for status—to be known as elite hackers (in hacker-speak leet or 1337).
The five hacks in the book are the rtm worm in 1988, those produced by the "Dark Avenger," the Paris Hilton cellphone hack, the Russian intelligence penetration of the Democratic National Committee, and the 2016 Mirai bot virus using the Internet of Things (IoT) that still creates problems today. Along the way he pulls in research on hackers. Who are they, why are they almost always male, why do they hack, and why do many of them stop?
The rtm worm (named for Robert T. Morris, its creator) was accidentally released on 2 November 1988. I was a graduate student at Naval Postgraduate School in California and remember the faculty and computer techs scrambling around trying to figure out what was attacking their network. They fixed it in a few hours and even distributed snippets of the code to interested students. Interestingly, Morris did not intend to crash the internet. He was a PhD student at Cornell University and was trying to see how many machines across the internet he could infect with his worm, which itself performed no dangerous acts. A design error in his code caused computers to lock up wherever it travelled.
The rtm worm was eradicated from the internet by 4 November and Morris was ultimately found guilty of causing over $475,000 dollars damage and given a $10,000 fine and community service. Interestingly, Shapiro points out if this had happened a year earlier, Morris might have received almost no sentence. Unfortunately for Morris, the Upcode laws for computer tampering had been stiffened the 1986 when Congress passed the Computer Fraud and Abuse Act, providing penalties for trespassing electronically or damaging some else's electronics or data.
Shapiro also explains the challenges of stopping malicious or criminal behavior. First, he shows how as the internet went from government project to the World Wide Web, it created a gold-rush mentality to figure out how to make money and be the dominant software on the web. He uses the example of Microsoft Word versus Word Perfect, and other examples to show how the rush to dominate gave short shrift to security. This prioritizes functionality over security and did nothing to make hacking difficult. As use of the web grew and losses incurred, businesses began to pay some attention to security. Shapiro points out several shortcomings in the law, making it difficult to hold Microsoft, Meta, Google, or any business fully accountable for losses incurred by a user due to a fault in their products.
The author sums up his book discussing why we must focus on changes to the Upcode to teach ethical computing, educate users, refine laws, etc. Four of the five hacking examples were done by young men under the age of twenty-five, who had no idea of the damage their hacks would do to people or the economy. In the epilogue he shows why it must be Upcode changes by proving that the Downcode (computer programs) can never be 100 percent secure, meaning there will always be flaws for hackers to exploit.
I found this book to be an excellent and current one-stop read on why vulnerabilities on the web are there and who is doing the hacking. In two of the major hacks, the administrators and even the government was convinced it was a nation-state attacking, but both were done by young men, or a group of three young men. Fancy Bear Goes Phishing adds excellent illustrations to explain examples and has thorough notes providing sources or additional information. I recommend it to those interesting in the functions of the internet, e-commerce, or a succinct history of hacking.
Book Review written by: Lt. Col. Mike Bizer, U.S. Army, Retired, Fort Belvoir, Virginia