In the last 30 years or so, cybersecurity has gone from being a niche specialty within the larger field of computer science, to an industry estimated to be worth more than $170 billion made of a globe-spanning community of hackers. In turn, the industry’s growth, and high-profile hacks such as the 2015 Sony breach, the 2016 U.S. election hack and leak operations, the Colonial Pipeline ransomware attack, and a seemingly endless list of Chinese government hacks, have made cybersecurity and hacking go mainstream.
Pop culture has embraced hackers with hit TV shows like Mr. Robot, and movies like Leave The World Behind. But perhaps the most prolific medium for cybersecurity stories — both fiction and based on reality — are books.
We have curated our own list of best cybersecurity books, based on the books we have read ourselves, and those that the community suggested on Mastodon and Bluesky.
This list of books (in no particular order) will be periodically updated.
Countdown to Zero Day, Kim Zetter
The cyberattack coordinated by Israeli and U.S. government hackers known as Stuxnet, which damaged the centrifuges at the Iranian nuclear facility in Natanz, is almost certainly the most well-known hack in history. Because of its impact, its sophistication, and its sheer boldness, the attack captured the imagination not only of the cybersecurity community, but the larger public as well.
Veteran journalist Kim Zetter tells the story of Stuxnet by treating the malware like a character to be profiled. To achieve that, Zetter interviews virtually all the main investigators who found the malicious code, analyzed how it worked, and figured out what it did. It’s a must read for anyone who works in the cyber field, but it also serves as a great introduction to the world of cybersecurity and cyberespionage for regular folks.
Dark Wire, Joseph Cox
There haven’t been any sting operations more daring and expansive than the FBI’s Operation Trojan Shield, in which the feds ran a startup called Anom that sold encrypted phones to some of the worst criminals in the world, from high-profile drug smugglers to elusive mobsters.
Those criminals thought they were using communication devices specifically designed to avoid surveillance. In reality, all their supposedly secure messages, pictures, and audio notes were being funneled to the FBI and its international law enforcement partners. 404 Media journalist Joseph Cox masterfully tells the story of Anom, with interviews with the sting operation’s masterminds in the FBI, the developers and workers who ran the startup, and the criminals using the devices.
The Cuckoo’s Egg, Cliff Stoll
In 1986, astronomer Cliff Stoll was tasked with figuring out a discrepancy of $0.75 in his lab’s computer network usage. At this point, the internet was mostly a network for government and academic institutions, and these organizations paid depending on how much time online they spent. Over the next year, Stoll meticulously pulled the threads of what seemed like a minor incident and ended up discovering one of the first-ever recorded cases of government cyberespionage, in this case carried out by Russia’s KGB.
Stoll not only solved the mystery, but he also chronicled it and turned it into a gripping spy thriller. It’s hard to understate how important this book was. When it came out in 1989, hackers were barely a blip in the public’s imagination. The …